Jump to content

Bad Image Errors after running Malwarebytes

olace88

By olace88
in Resolved Malware Removal Logs

 Share

Recommended Posts

olace88

olace88

Posted
Posted

HI,

 

I need help on my Gateway desktop PC with Intel Quad Core2 (Windows 7 Home premium). All kinds of bad image errors popped up after running Malwarebytes. Below are my FRST and Addition logs. Will appreciate very much your help as I'm having problems performing my job on my PC.

 

Thanks in advance and more power to Malwarebytes.

 

olace88

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02
Ran by mel adriano (administrator) on MELADRIANO-PC on 29-09-2014 09:31:36
Running from C:\Users\mel adriano\Desktop
Loaded Profile: mel adriano (Available profiles: mel adriano & NANCY BINAY for Sena)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\ouc.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
() C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Windows\SysWOW64\PSIService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\SMART BRO\AssistantServices.exe
(Acer) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Program Files (x86)\USB Video Camera\Monitor.exe
(TP-LINK TECHNOLOGIES CO., LTD. ) C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe
(IOI) C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\aol\1274189300\ee\aolsoftware.exe
() C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
() C:\Program Files (x86)\SMART BRO\UIExec.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\realplayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\genie_tray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\mel adriano\Desktop\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [intelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [Gateway Photo Frame] => C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe [124416 2009-07-21] (IOI)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1274189300\ee\AOLSoftware.exe [41800 2010-02-10] (AOL Inc.)
HKLM-x32\...\Run: [Corel File Shell Monitor] => C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe [37888 2008-07-09] ()
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [sSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [indexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [brMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [uIExec] => C:\Program Files (x86)\SMART BRO\UIExec.exe [156448 2012-05-11] ()
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2013-12-05] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [1087264 2011-10-24] ()
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-15] (Google Inc.)
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [backgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\mel adriano\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [iLivid] => C:\Users\mel adriano\AppData\Local\iLivid\iLivid.exe [7913472 2014-05-25] (Bandoo Media Inc.)
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {1b6ca7a9-861c-11e2-8928-0280370b0300} - H:\Autorun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {22a6acdd-83e8-11e2-b402-00038a000015} - E:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {2db1d22b-f02f-11e3-9d73-00038a000015} - E:\iLinker.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {2e14f340-81b6-11e2-b4df-acc0aabb3fe2} - H:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {2e14f34a-81b6-11e2-b4df-acc0aabb3fe2} - H:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {2e14f36b-81b6-11e2-b4df-acc0aabb3fe2} - E:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {36bfbfd3-a7ed-11e2-b178-00038a000015} - E:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {36bfbfdd-a7ed-11e2-b178-00038a000015} - E:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {36bfbfe7-a7ed-11e2-b178-00038a000015} - E:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {36bfbff1-a7ed-11e2-b178-00038a000015} - E:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {36bfc001-a7ed-11e2-b178-00038a000015} - E:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {4366daa6-8467-11e2-888d-8d1cf0fbbceb} - E:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {4c6db05f-a72d-11e2-b4bb-00038a000015} - H:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {56fe42d7-b067-11e2-8889-00038a000015} - H:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {6dd93de1-8406-11e2-8544-00038a000015} - E:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {6dd93ded-8406-11e2-8544-00038a000015} - E:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {807e41cb-aed1-11e2-896a-00038a000015} - E:\AutoRun.exe
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {96eb6279-308b-11df-805c-00262d143345} - E:\LaunchU3.exe -a
HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {e4badad0-d13f-11df-9219-806e6f6e6963} - E:\start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor.lnk
ShortcutTarget: Monitor.lnk -> C:\Program Files (x86)\USB Video Camera\Monitor.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Utility.lnk
ShortcutTarget: TP-LINK Wireless Utility.lnk -> C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe (TP-LINK TECHNOLOGIES CO., LTD. )
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=sx2802&r=173602107807p0338v1h5k4891r286
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1721&v=a13350-400&t=4
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ph.msn.com/?rd=1&ucc=PH&dcc=PH&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x45634B90CE7ACF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
URLSearchHook: HKLM-x32 - AOL Toolbar Search Class - {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc)
URLSearchHook: HKCU - AOL Toolbar Search Class - {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc)
URLSearchHook: HKCU - (No Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No File
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552
SearchScopes: HKCU - DefaultScope {8A195F58-D67E-4FFA-A4AC-59617E6182E2} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072254
SearchScopes: HKCU - {8A195F58-D67E-4FFA-A4AC-59617E6182E2} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072254
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={F8AAA2BE-2131-48E3-AA86-03DF63D5B733}&mid=dfe7d6a1a61247d0a2b9d14acce4e9e6-64fcfabea6792deb68870cce2bc0482561f35811〈=en&ds=AVG&pr=pr&d=2012-03-17 21:37:41&v=10.0.0.7&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552
SearchScopes: HKCU - {c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} URL = http://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: AOL Toolbar Loader -> {3ef64538-8b54-4573-b48f-4d34b0238ab2} -> C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} -  No File
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://support.gateway.com/support/profiler/PCPitStop.CAB
DPF: HKLM-x32 {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/66.12/uploader2.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15112/CTPID.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-05]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
 
Chrome: 
=======
CHR HomePage: Default -> D720DDF6A6A11BC98D723113FF347189A05FB44D7F37B9A9E9FE292ED2CA665D
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> ask.com
CHR DefaultSearchProvider: Default -> Ask.com
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (GoSAAveo) - C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic [2014-09-22]
CHR Extension: (RealDownloader) - C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-09-22]
CHR Extension: (Flash Save) - C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdonfjaemnemdnnpebbcelibeocdmkai [2014-09-22]
CHR Extension: (Google Wallet) - C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-26]
CHR Extension: (GoSAAveo) - C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic\3.0 [2014-09-22]
CHR HKLM-x32\...\Chrome\Extension: [fooihgffjknjfdidhkpgeibbipkjlhpn] - C:\Users\MELADR~1\AppData\Local\Temp\ccex.crx []
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 D-Link Wireless N DWA-130; C:\Program Files (x86)\D-Link\DWA-130 revC\ANIWZCSdS.exe [126976 2010-04-21] (Wireless Service) [File not signed]
S2 D-Link Wireless N DWA-130_WPS; C:\Program Files (x86)\D-Link\DWA-130 revC\ANIWConnService.exe [53248 2010-03-03] () [File not signed]
S2 DatamngrCoordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3573248 2014-07-10] () [File not signed]
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2010-05-20] (Macrovision Europe Ltd.) [File not signed]
S2 Globe Tattoo Broadband. RunOuc; C:\Program Files (x86)\Globe Tattoo Broadband\UpdateDog\ouc.exe [246112 2013-05-11] ()
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-17] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14258 2013-03-05] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [1370400 2011-10-24] (NETGEAR)
R2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RealtekCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [652800 2010-01-26] (Nokia) [File not signed]
R2 UI Assistant Service; C:\Program Files (x86)\SMART BRO\AssistantServices.exe [274760 2012-10-24] ()
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2008-05-06] (Alpha Networks Inc.)
S3 Ca2001v; C:\Windows\System32\Drivers\Ca2001v.sys [2475648 2008-02-19] (Digital Camera)
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc2.cfg [41848 2014-07-10] () [File not signed]
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [218624 2013-05-11] (Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-25] (Malwarebytes Corporation)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-12-30] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2010-01-21] (Nokia)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2012-03-22] (CACE Technologies, Inc.)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [986728 2012-02-10] (Realtek Semiconductor Corporation                           )
R3 RTL8192U; C:\Windows\System32\DRIVERS\rtl8192U.sys [1631264 2010-04-13] (Realtek Semiconductor Corporation                           )
S3 rtlss; C:\Windows\System32\Drivers\rtlss.sys [27240 2010-06-21] (Realtek Semiconductor Corporation)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [108296 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [19720 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [144648 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [126216 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [31496 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [123656 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [130824 2007-04-03] (MCCI Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8704 2009-12-30] (Nokia)
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-29 09:31 - 2014-09-29 09:32 - 00032566 _____ () C:\Users\mel adriano\Desktop\FRST.txt
2014-09-29 09:31 - 2014-09-29 09:31 - 00000000 ____D () C:\FRST
2014-09-29 09:30 - 2014-09-29 09:29 - 02108928 _____ (Farbar) C:\Users\mel adriano\Desktop\FRST64 (1).exe
2014-09-29 09:29 - 2014-09-29 09:29 - 02108928 _____ (Farbar) C:\Users\mel adriano\Downloads\FRST64 (1).exe
2014-09-29 08:50 - 2014-09-29 08:50 - 00027648 _____ () C:\Users\mel adriano\Downloads\015015000726W (20).xls
2014-09-29 08:50 - 2014-09-29 08:50 - 00027136 _____ () C:\Users\mel adriano\Downloads\015060001426W (16).xls
2014-09-29 08:47 - 2014-09-29 09:20 - 00003362 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-11511148-282223610-3023385546-1000
2014-09-29 08:47 - 2014-09-29 09:20 - 00003240 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-11511148-282223610-3023385546-1000
2014-09-29 08:45 - 2014-09-29 09:17 - 00000112 _____ () C:\Windows\setupact.log
2014-09-29 08:45 - 2014-09-29 08:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-26 16:53 - 2014-09-26 16:53 - 07086592 _____ () C:\Users\mel adriano\Downloads\PESSA GMM PRESIDENTS REPORT (3).ppt
2014-09-26 09:24 - 2014-09-26 09:24 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-26 09:24 - 2014-09-26 09:24 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-26 09:24 - 2014-09-26 09:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-26 09:24 - 2014-09-26 09:24 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-26 09:23 - 2014-09-26 09:22 - 04964488 _____ (Piriform Ltd) C:\Users\mel adriano\Desktop\ccsetup418.exe
2014-09-26 09:03 - 2014-09-26 09:03 - 02108928 _____ (Farbar) C:\Users\mel adriano\Downloads\FRST64.exe
2014-09-25 15:33 - 2014-09-25 15:33 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-25 15:31 - 2014-09-25 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-25 15:31 - 2014-09-25 15:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-25 15:31 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-25 15:31 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-24 07:08 - 2014-09-10 06:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 07:08 - 2014-09-10 05:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-22 21:58 - 2014-09-22 21:58 - 00028672 _____ () C:\Users\mel adriano\Downloads\015015000726W (19).xls
2014-09-22 15:47 - 2014-09-25 16:22 - 00000000 ____D () C:\ProgramData\YaoUttuebeeAdBlocke
2014-09-22 15:47 - 2014-09-25 16:22 - 00000000 ____D () C:\ProgramData\GoSaavei
2014-09-22 15:47 - 2014-09-25 16:22 - 00000000 ____D () C:\Program Files (x86)\YaoUttuebeeAdBlocke
2014-09-22 15:47 - 2014-09-25 16:22 - 00000000 ____D () C:\Program Files (x86)\GoSaavei
2014-09-22 15:47 - 2014-09-22 15:47 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\NANCY BINAY for Sena\AppData\Local\Torch
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\NANCY BINAY for Sena\AppData\Local\Comodo
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\NANCY BINAY for Sena\AppData\Local\Chromatic Browser
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\Torch
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\Comodo
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\Chromatic Browser
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Guest
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Administrator
2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\ProgramData\a0770de5fae6af9
2014-09-22 15:44 - 2014-09-22 15:44 - 00860160 _____ (Kansas Great) C:\Users\mel adriano\Downloads\Plants vs. Zombies.exe
2014-09-21 12:37 - 2014-09-29 09:19 - 00000400 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_mel adriano.job
2014-09-21 12:37 - 2014-09-27 12:43 - 00003002 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_mel adriano
2014-09-21 12:37 - 2014-09-27 12:43 - 00000390 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_mel adriano.job
2014-09-21 12:37 - 2014-09-27 09:40 - 00003006 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_mel adriano
2014-09-21 12:37 - 2014-09-27 09:40 - 00000394 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_mel adriano.job
2014-09-21 12:37 - 2014-09-21 12:37 - 00003646 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_mel adriano
2014-09-21 12:37 - 2014-09-21 12:37 - 00002710 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_mel adriano
2014-09-15 18:34 - 2014-09-15 18:40 - 07084032 _____ () C:\Users\mel adriano\Downloads\PESSA GMM PRESIDENTS REPORT (2).ppt
2014-09-15 18:26 - 2014-09-15 18:31 - 07086592 _____ () C:\Users\mel adriano\Downloads\PESSA GMM PRESIDENTS REPORT (1).ppt
2014-09-15 17:00 - 2014-09-15 17:00 - 00095907 _____ () C:\Users\mel adriano\Downloads\KES 2014 Buyer Information (SEIPI).xlsx
2014-09-15 15:09 - 2014-09-15 15:09 - 07087104 _____ () C:\Users\mel adriano\Downloads\PESSA GMM PRESIDENTS REPORT.ppt
2014-09-15 12:55 - 2014-09-15 13:00 - 11135488 _____ () C:\Users\mel adriano\Downloads\PESSA GMM 2014_PRESENTATION (2).PPT
2014-09-15 11:04 - 2014-09-15 11:09 - 11138560 _____ () C:\Users\mel adriano\Downloads\PESSA GMM 2014_PRESENTATION.PPT
2014-09-15 10:24 - 2014-09-15 10:24 - 00507904 _____ () C:\Users\mel adriano\Downloads\Revised Dispute Form.xls
2014-09-15 10:24 - 2014-09-15 10:24 - 00507904 _____ () C:\Users\mel adriano\Downloads\Revised Dispute Form (1).xls
2014-09-15 06:48 - 2014-09-15 06:48 - 00013088 _____ () C:\Users\mel adriano\Downloads\APO Speakers.xlsx
2014-09-15 03:00 - 2010-02-23 16:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-09-13 03:10 - 2014-08-20 02:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-13 03:10 - 2014-08-20 01:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-13 03:10 - 2014-08-19 07:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 03:10 - 2014-08-19 06:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 03:10 - 2014-08-19 06:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-13 03:10 - 2014-08-19 06:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-13 03:10 - 2014-08-19 06:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 03:10 - 2014-08-19 06:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 03:10 - 2014-08-19 06:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 03:10 - 2014-08-19 06:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-13 03:10 - 2014-08-19 06:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-13 03:10 - 2014-08-19 06:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-13 03:10 - 2014-08-19 06:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-13 03:10 - 2014-08-19 06:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 03:10 - 2014-08-19 06:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-13 03:10 - 2014-08-19 06:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 03:10 - 2014-08-19 06:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-13 03:10 - 2014-08-19 06:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 03:10 - 2014-08-19 06:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-13 03:10 - 2014-08-19 05:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-13 03:10 - 2014-08-19 05:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-13 03:10 - 2014-08-19 05:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 03:10 - 2014-08-19 05:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-13 03:10 - 2014-08-19 05:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-13 03:10 - 2014-08-19 05:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-13 03:10 - 2014-08-19 05:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-13 03:10 - 2014-08-19 05:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-13 03:10 - 2014-08-19 05:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-13 03:10 - 2014-08-19 05:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-13 03:10 - 2014-08-19 05:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 03:10 - 2014-08-19 05:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-13 03:10 - 2014-08-19 05:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-13 03:10 - 2014-08-19 05:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 03:10 - 2014-08-19 05:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-13 03:10 - 2014-08-19 05:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-13 03:10 - 2014-08-19 05:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-13 03:10 - 2014-08-19 05:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-13 03:10 - 2014-08-19 05:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 03:10 - 2014-08-19 05:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-13 03:10 - 2014-08-19 05:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 03:10 - 2014-08-19 05:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-13 03:10 - 2014-08-19 05:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-13 03:10 - 2014-08-19 05:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-13 03:10 - 2014-08-19 05:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-13 03:10 - 2014-08-19 05:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-13 03:10 - 2014-08-19 05:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 03:10 - 2014-08-19 05:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-13 03:10 - 2014-08-19 05:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 03:10 - 2014-08-19 05:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-13 03:10 - 2014-08-19 05:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-13 03:10 - 2014-08-19 05:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-13 03:10 - 2014-08-19 04:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 03:10 - 2014-08-19 04:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-13 03:10 - 2014-08-19 04:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-13 03:10 - 2014-08-19 04:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-13 03:10 - 2014-08-19 04:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-13 03:00 - 2014-06-27 10:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-13 03:00 - 2014-06-27 09:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 13:08 - 2014-05-17 10:35 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2014-09-12 13:07 - 2014-09-21 09:30 - 00000000 ____D () C:\ProgramData\Hotspot Shield
2014-09-12 13:07 - 2014-09-12 13:08 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield
2014-09-12 13:07 - 2014-09-12 13:07 - 00000000 ____D () C:\Users\mel adriano\AppData\Roaming\Hotspot Shield
2014-09-12 13:07 - 2014-09-12 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2014-09-12 12:51 - 2014-09-12 13:02 - 07787136 _____ () C:\Users\mel adriano\Downloads\HSS-3.42-install-e-550-plain.exe
2014-09-12 10:23 - 2014-09-12 10:23 - 00027136 _____ () C:\Users\mel adriano\Downloads\g iwanan.npp
2014-09-12 10:21 - 2014-09-12 10:21 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\mel adriano\Downloads\CG_5.0.13.17.exe
2014-09-12 08:15 - 2014-08-01 19:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 08:15 - 2014-08-01 19:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 08:12 - 2014-06-24 11:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 08:12 - 2014-06-24 10:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-12 08:10 - 2014-07-07 10:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 08:10 - 2014-07-07 10:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 08:10 - 2014-07-07 09:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 08:10 - 2014-07-07 09:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 08:10 - 2014-07-07 09:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-12 08:09 - 2014-09-05 10:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 08:09 - 2014-09-05 10:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 09:25 - 2014-09-11 09:25 - 00014859 _____ () C:\Users\mel adriano\Downloads\BRODSS 2016 Meeting - Sept10.xlsx
2014-09-11 09:16 - 2014-09-11 09:16 - 00023309 _____ () C:\Users\mel adriano\Downloads\INCUMBENT OFFICERS.Sept. 10, 2014 (1).xlsx
2014-09-11 09:16 - 2014-09-11 09:16 - 00016215 _____ () C:\Users\mel adriano\Downloads\PROMINENT MEMBER.SEPT. 10, 2014 (1).xlsx
2014-09-11 09:12 - 2014-09-11 09:12 - 00023309 _____ () C:\Users\mel adriano\Downloads\INCUMBENT OFFICERS.Sept. 10, 2014.xlsx
2014-09-11 09:12 - 2014-09-11 09:12 - 00016215 _____ () C:\Users\mel adriano\Downloads\PROMINENT MEMBER.SEPT. 10, 2014.xlsx
2014-09-09 15:10 - 2014-09-15 13:08 - 11103232 _____ () C:\Users\mel adriano\Downloads\PESSA GMM 2014_PRESENTATION (1).PPT
2014-09-09 15:07 - 2014-09-09 15:07 - 00137728 _____ () C:\Users\mel adriano\Downloads\PESSA GMM 2014_PROGRAM.ppt
2014-09-08 09:37 - 2014-09-08 09:37 - 00027136 _____ () C:\Users\mel adriano\Downloads\015015000726W (18).xls
2014-09-04 09:22 - 2014-09-04 09:22 - 00864256 _____ () C:\Users\mel adriano\Downloads\RE Gel Pak VR-76 COVERS- NEW SHIP DATES- Heads up.msg
2014-09-03 10:44 - 2014-09-03 10:44 - 00964172 _____ () C:\Users\mel adriano\Downloads\noname (3).eml
2014-09-01 13:32 - 2014-09-01 13:33 - 00028672 _____ () C:\Users\mel adriano\Downloads\015015000726W (17).xls
2014-09-01 08:46 - 2014-08-23 10:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-01 08:46 - 2014-08-23 09:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-01 08:46 - 2014-08-23 08:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-01 08:44 - 2014-09-01 08:44 - 00004578 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-01 08:44 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-01 08:44 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-01 08:44 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-01 08:44 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-29 09:26 - 2009-07-14 12:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-29 09:26 - 2009-07-14 12:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-29 09:26 - 2007-10-10 16:16 - 01701045 _____ () C:\Windows\WindowsUpdate.log
2014-09-29 09:25 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-29 09:24 - 2013-12-06 05:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-29 09:23 - 2009-07-14 13:13 - 00871046 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-29 09:19 - 2010-03-18 13:05 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-29 09:17 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-29 08:54 - 2010-03-18 13:05 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-29 08:49 - 2014-01-24 12:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-26 14:49 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache
2014-09-26 09:29 - 2012-03-17 12:52 - 00000000 ____D () C:\Users\mel adriano\AppData\Roaming\uTorrent
2014-09-26 09:29 - 2010-06-01 08:18 - 00000000 ____D () C:\Users\mel adriano\AppData\Roaming\Skype
2014-09-26 09:29 - 2010-05-26 21:16 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\CrashDumps
2014-09-26 09:29 - 2010-03-18 05:25 - 00000000 ____D () C:\Users\mel adriano\Tracing
2014-09-26 09:29 - 2010-03-16 07:31 - 00000000 ____D () C:\Windows\Minidump
2014-09-26 09:29 - 2007-07-12 09:49 - 00000000 ____D () C:\Windows\Panther
2014-09-25 19:07 - 2014-07-11 08:00 - 00000000 ____D () C:\ProgramData\Datamngr
2014-09-25 16:22 - 2012-03-17 12:53 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\Conduit
2014-09-25 15:31 - 2013-11-26 16:02 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-25 15:31 - 2013-11-26 16:02 - 00000000 ____D () C:\Users\mel adriano\AppData\Roaming\Malwarebytes
2014-09-25 15:31 - 2013-11-26 16:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-25 15:31 - 2013-11-26 16:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-09-24 13:24 - 2013-12-06 05:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 13:24 - 2013-12-06 05:54 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 13:24 - 2012-01-01 12:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-22 15:47 - 2013-02-27 17:38 - 00000000 ____D () C:\Users\NANCY BINAY for Sena\AppData\Local\Google
2014-09-22 15:47 - 2010-03-16 06:47 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\Google
2014-09-22 15:47 - 2009-08-15 15:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-22 15:47 - 2009-07-14 11:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-22 13:39 - 2010-12-17 13:20 - 00002534 ____H () C:\Users\mel adriano\Downloads\.picasa.ini
2014-09-22 13:04 - 2014-01-29 05:13 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\B7883261-4EC6-4108-9E22-538451164341.aplzod
2014-09-15 12:56 - 2010-04-20 23:48 - 00484352 ___SH () C:\Users\mel adriano\Documents\Thumbs.db
2014-09-15 09:06 - 2010-05-16 07:01 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-13 03:14 - 2009-08-15 15:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-13 03:09 - 2010-05-20 12:52 - 00863168 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 03:08 - 2013-11-26 17:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 03:01 - 2010-05-05 10:23 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 03:00 - 2014-05-06 19:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-12 17:59 - 2010-06-01 08:19 - 00002069 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 10:37 - 2010-02-22 13:57 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\VirtualStore
2014-09-02 03:18 - 2009-07-14 12:45 - 01002512 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-01 08:45 - 2013-11-26 15:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-01 08:44 - 2012-03-17 23:11 - 00000000 ____D () C:\Program Files (x86)\Java
 
Files to move or delete:
====================
C:\ProgramData\hpe5272.dll
 
 
Some content of TEMP:
====================
C:\Users\mel adriano\AppData\Local\Temp\g8ju7sn7.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-26 10:30
 
==================== End Of Log ============================
 
 
Link to post
Share on other sites
olace88

olace88

Posted
  • Author
Posted

Here's my additional log.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 02
Ran by mel adriano at 2014-09-29 09:32:54
Running from C:\Users\mel adriano\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3 - )
1ClickDownload (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - 1ClickDownload) <==== ATTENTION
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 2.61 - Adobe Systems Incorporated)
Adobe Premiere Elements 7.0 (HKLM-x32\...\PremElem70) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 7.0 (x32 Version: 7.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 7.0 Templates (HKLM-x32\...\PremElem70Templates) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 7.0 Templates (x32 Version: 7.0.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
AOL Toolbar (HKLM-x32\...\AOL Toolbar) (Version:  - )
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL LLC)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Art Explosion Publisher Pro (HKLM-x32\...\{C62D7344-8709-4443-9C95-F90659CBC27F}) (Version: 1.00.0014 - Nova Development)
ASPCA Reminder by We-Care.com v4.0.16.1 (HKLM-x32\...\{94358C28-335B-4E43-BC4E-C59576BAB653}) (Version: 4.0.16.1 - We-Care.com)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.23 - Avanquest Software)
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-490CW (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (x32 Version: 3.0.8619.1 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CopyTrans Suite Remove Only (HKCU\...\CopyTrans Suite) (Version: 2.08 - WindSolutions)
Corel MediaOne (HKLM-x32\...\{3C569633-C8DE-46E2-BB8F-F65198681C2F}) (Version: 2.100.0000 - Corel Corporation)
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0000 - Corel Corporation)
Corel Painter Photo Essentials 4 (HKLM-x32\...\_{707EB912-C597-49D8-9460-46CC9AB03EBE}) (Version:  - Corel Corporation)
Corel Painter Photo Essentials 4 (x32 Version: 4.0 - Corel Corporation) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
D-Link Wireless N DWA-130 (HKLM-x32\...\{F25B14A1-3863-41B6-9F8A-931DECA6D384}) (Version: 1.00.0000 - D-Link)
D-Link Wireless N DWA-130 (x32 Version: 1.00.0000 - D-Link) Hidden
Download Updater (AOL LLC) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - ) <==== ATTENTION
eBay Worldwide (HKLM-x32\...\{AAF89271-2594-468D-B578-96B2E30C41C4}) (Version: 2.1.0703 - OEM)
Firebird SQL Server - MAGIX Edition (US) (HKLM-x32\...\Firebird SQL Server US) (Version: 2.0.0.1 - MAGIX AG)
Free WMV to AVI MPEG Converter v1.2 (HKLM-x32\...\Free WMV to AVI MPEG Converter_is1) (Version: 1.2 - www.appfree.net)
Gateway Games (HKLM-x32\...\WildTangent gateway Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Gateway InfoCentre (HKLM-x32\...\Gateway InfoCentre) (Version: 3.02.3000 - Gateway Incorporated)
Gateway MyBackup (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Gateway Photo Frame 4.2.3.10 (HKLM-x32\...\Gateway Photo Frame) (Version: 4.2.3.10 - I/O Interconnect)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.02.3004 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0812 - Gateway Incorporated)
Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Gateway Incorporated)
Globe Broadband (HKLM-x32\...\Globe Broadband) (Version: 11.300.05.18.158 - Huawei Technologies Co.,Ltd)
Globe Tattoo Broadband (HKLM-x32\...\Globe Tattoo Broadband) (Version: 21.005.20.02.158 - Huawei Technologies Co.,Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM-x32\...\{4286E640-B5FB-11DF-AC4B-005056C00008}) (Version: 5.2.1.1588 - Google)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Gateway Incorporated)
iLivid (HKCU\...\iLivid) (Version: 5.0.0.4612 - Bandoo Media Inc) <==== ATTENTION
ImageSkill Background Remover 3 (HKLM-x32\...\ImageSkill Background Remover 3) (Version: 3.0 - ImageSkill)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Network Connections 18.7.28.0 (HKLM\...\PROSetDX) (Version: 18.7.28.0 - Intel)
Intel® Network Connections 18.7.28.0 (Version: 18.7.28.0 - Intel) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 15 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170150}) (Version: 1.7.0.150 - Oracle)
Java 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Knoll Light Factory EZ Studio (HKLM-x32\...\Knoll Light Factory EZ Studio) (Version:  - )
Magic Bullet Looks Studio (HKLM-x32\...\Magic Bullet Looks Studio) (Version:  - )
MAGIX Music Manager 2006 (US) (HKLM-x32\...\MAGIX Music Manager 2006 US) (Version: 7.2.2.526 - MAGIX AG)
MAGIX Photo Manager 2006 (US) (HKLM-x32\...\MAGIX Photo Manager 2006 US) (Version: 3.3.2.525 - MAGIX AG)
MAGIX PhotoStory on CD & DVD 5 (US) (HKLM-x32\...\MAGIX PhotoStory on CD & DVD 5 US) (Version: 5.5.2.0 - MAGIX AG)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Accounting 2008 (HKLM-x32\...\Microsoft Office Accounting 2008) (Version: 3.0.8627.1 - Microsoft Corporation)
Microsoft Office Accounting 2008 (x32 Version: 3.0.8627.1 - Microsoft Corporation) Hidden
Microsoft Office Accounting 2008 Equifax Addin (HKLM-x32\...\{0C2AF762-0565-4C91-9F55-B8B53BB82A38}) (Version: 3.0.8231.0 - Microsoft Corporation)
Microsoft Office Accounting 2008 Fixed Asset Manager (HKLM-x32\...\{E3DF6916-2472-43D9-8B3C-9F2F0AAB01B5}) (Version: 3.0.8231.0 - Microsoft Corporation)
Microsoft Office Accounting 2008 PayPal Addin (HKLM-x32\...\{B391EECE-DFEA-4FC5-9D40-47FA43E2DBE6}) (Version: 3.0.8231.0 - Microsoft Corporation)
Microsoft Office Accounting ADP Payroll Addin (HKLM-x32\...\{5FA793A6-0071-42C1-9355-8F69A428C44F}) (Version: 0.0.0.0 - ADP)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Tools Express Edition (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 1.0.0 - AOL LLC) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) Hidden
MobileMe Control Panel (HKLM\...\{AF5020D9-116A-46AC-A922-087592F37EC9}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Thunderbird (3.1.7) (HKLM-x32\...\Mozilla Thunderbird (3.1.7)) (Version: 3.1.7 (en-US) - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyLogoMaker 2.0 (HKLM-x32\...\MyLogoMaker_is1) (Version:  - Avanquest USA, Inc.)
MyProfessionalBusinessCards (HKLM-x32\...\{CC263FFC-23D9-4C78-BBA2-61A41DD947C7}) (Version: 5.5.0.0 - Avanquest Publishing USA, Inc.)
MySoftware Fonts (HKLM-x32\...\{6C6F0968-2B86-42B4-AF34-46A5F06E8FA4}) (Version:  - )
MySQL Connector C++ 1.1.2 (HKLM\...\{168EA59E-6139-4096-920A-BEE2BB5FC8A2}) (Version: 1.1.2 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{03B442FC-5A92-490B-8A13-4EBAEA08D857}) (Version: 5.1.23 - Oracle Corporation)
MySQL Connector Net 6.6.5 (HKLM-x32\...\{1AAD0C51-CE9E-4ECD-BB2D-6981472569B1}) (Version: 6.6.5 - Oracle)
MySQL Connector/ODBC 5.2(w) (HKLM\...\{4441EC17-3E4A-4FA0-8818-83537B549A54}) (Version: 5.2.4 - Oracle Corporation)
MySQL Documents 5.6 (HKLM-x32\...\{132E7CFD-3508-4605-90C9-1C9631C56229}) (Version: 5.6.10 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{5E905BCD-6D18-4DA2-B0F9-66DC159DDAB2}) (Version: 5.6.10 - Oracle Corporation)
MySQL Installer (HKLM-x32\...\{3E39024D-9F83-4BF2-B87F-0768608FE0B5}) (Version: 1.1.7.0 - Oracle Corporation)
MySQL Server 5.6 (HKLM\...\{56DA0CB5-ABD2-4318-BEAB-62FDBC9B12CC}) (Version: 5.6.10 - Oracle Corporation)
Nero 9 Essentials (HKLM-x32\...\{8f9954c6-bde3-4032-b547-cfbbdbbe49ab}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version:  - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}) (Version: 7.1.27.0 - Nokia)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - )
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM-x32\...\{7397EDED-F38A-4654-B669-BF61065803D0}) (Version: 10.6.2.0 - Nokia)
Phone Software Update - Windows Mobile (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
PHOTORECOVERY LE (HKLM-x32\...\{8D03A164-B586-4318-AFE6-870A5E2739C1}) (Version: 1.0.0 - LC Technology International)
PhotoshopdotcomInspirationBrowser (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
Pinnacle Studio Ultimate Collection Plugins (HKLM-x32\...\{F5C372A1-40F3-49DA-A049-F75CDE9177DC}) (Version: 14.0.0.7255 - Pinnacle Systems)
Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.19.0 - Ralink)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4A0C-A916-1D12314F45EB}) (Version: 1.00.0187 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Red Giant ToonIt Studio (HKLM-x32\...\Red Giant ToonIt Studio) (Version:  - )
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Serif WebPlus X2 (HKLM-x32\...\{8829E394-87E1-41C0-BCED-9B47F7C6DCDD}) (Version: 11.0.6.030 - Serif (Europe) Ltd)
Serif WebPlus X2 Resources (HKLM-x32\...\{05BC428A-F2A5-4E11-8130-10C3237FD67B}) (Version: 11.0.1.013 - Serif (Europe) Ltd)
Serif WebPlus X2 Template Pack: Business & Commerce (HKLM-x32\...\{E17EF5E4-5B2E-4E1D-AF84-707D9A91A383}) (Version: 11.0.0.010 - Serif (Europe) Ltd)
Serif WebPlus X2 Template Pack: Home & Hobby (HKLM-x32\...\{B2929372-A37F-4C06-AC55-7CD8FEF5727C}) (Version: 11.0.0.010 - Serif (Europe) Ltd)
Skype Toolbars (HKLM-x32\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4126 - Skype Technologies S.A.)
Skype™ 5.0 (HKLM-x32\...\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}) (Version: 5.0.152 - Skype Technologies S.A.)
SMART BRO (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
SmartSound Quicktracks for Premiere Elements (HKLM-x32\...\InstallShield_{F6234880-85BE-4DCB-8A45-1FF85A1A8552}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
SMSCaster E-Marketer GSM Enterprise v3.7 (HKLM-x32\...\SMSCaster E-Marketer GSM Enterprise_is1) (Version: v3.7 (build 1397) - SDJ Software Limited)
Sony Ericsson PC Suite 6.011.00 (HKLM-x32\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 6.011.00 - Sony Ericsson)
Sun Broadband Wireless (HKLM-x32\...\Sun Broadband Wireless) (Version: 11.300.05.03.256 - Huawei Technologies Co.,Ltd)
SureThing Express Labeler (HKLM-x32\...\stax-Pinnacle_is1) (Version:  - MicroVision Development, Inc.)
Tera Term 4.77 (HKLM-x32\...\Tera Term_is1) (Version:  - )
TP-LINK Wireless Utility (HKLM-x32\...\{6FFEF5E1-F7B0-40DD-838D-557BD7EE4301}) (Version: 1.5.6.0 - TP-LINK)
Trapcode 3DStroke Studio (HKLM-x32\...\Trapcode 3DStroke Studio) (Version:  - )
Trapcode Particular Studio (HKLM-x32\...\Trapcode Particular Studio) (Version:  - )
Trapcode Shine Studio (HKLM-x32\...\Trapcode Shine Studio) (Version:  - )
Tweet Adder 2010 (HKLM-x32\...\{C6BB6935-5F1E-4A89-8F08-C71A5E18D914}) (Version: 1.1.2 - TweetAdder.com)
Uninstall AOL Emergency Connect Utility 1.0 (HKLM-x32\...\AOL Emergency Connect Utility 1.0) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
USB Video Camera (HKLM-x32\...\InstallShield_{F11D6791-FBE8-4817-B5D4-D3191DDDCDC8}) (Version: 3.1.3.3 - SunPlus)
USB Video Camera (x32 Version: 3.1.3.3 - SunPlus) Hidden
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version:  - )
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 1.1.4 (HKLM-x32\...\VLC media player) (Version: 1.1.4 - VideoLAN)
Web Easy Professional (x32 Version: 7.0.0 - Avanquest) Hidden
Web Easy Professional 7 (HKLM-x32\...\{D16AA51D-2BE9-421A-84A7-759578E64A74}) (Version: 7.12 - Avanquest)
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.00.3005 - Gateway Incorporated)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
14-09-2014 19:00:13 Windows Update
15-09-2014 11:13:45 Windows Update
21-09-2014 01:51:18 Windows Update
21-09-2014 12:11:52 Windows Update
22-09-2014 07:49:52 Windows Update
22-09-2014 19:00:13 Windows Update
23-09-2014 12:05:40 Windows Update
24-09-2014 19:00:15 Windows Update
25-09-2014 11:07:39 Windows Update
26-09-2014 01:12:20 Windows Update
26-09-2014 19:00:13 Windows Update
27-09-2014 06:47:52 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02676106-471A-4FB6-B8D2-36828FF9D521} - System32\Tasks\{12300D15-4FAD-4D9D-9CE6-5C1B55520720} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {08DE0851-498C-44A5-97D1-73C86E46AB04} - System32\Tasks\{597CAFE5-4BFC-4C5F-9980-2EE090D52637} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {1641C532-DF22-4C42-AEEE-788C61B7D4CF} - System32\Tasks\{24AA3104-0235-48B0-939B-9C5DC29A6317} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {172EF529-D75E-4A94-86F3-88687CE40680} - System32\Tasks\{9B0C01BB-8197-4799-8955-6BF5CF6A293E} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {18280490-6529-4296-B900-1BC468BBCA75} - System32\Tasks\{D89A2E7A-01B1-4541-A8F6-E0D1122F35F6} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {1C1ADE5B-558E-4F21-9810-5D76EB1A2676} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {1F4E4EA8-5375-4BED-92FD-8B2FDB6FD1C2} - System32\Tasks\{5ACD9813-F2C5-428C-B21A-EB4DC0BBBFD1} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {23178769-34B6-4CFF-87A2-9F7EE241070A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {23C55B0E-4242-4012-A552-ABA4A337B82D} - System32\Tasks\RNUpgradeHelperLogonPrompt_mel adriano => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-21] (RealNetworks, Inc.)
Task: {24A28431-6B89-47B8-B0E8-5D631F3ACC9A} - System32\Tasks\{DC017BDA-DDE5-4FAC-97B5-439C13BA5894} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {26F80897-C555-4C8C-AA6A-3A7CD9F0F067} - System32\Tasks\{FECB384A-0161-45DB-8FA1-219FF3B1D47E} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {29F0BB67-BF99-4302-B3AA-9DC5888ABE76} - System32\Tasks\{DD86535F-DB3A-4FC0-8AC2-3972315139BA} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {2B75F265-2B81-48E0-8F62-3C92F71E3393} - System32\Tasks\{8B920990-30CA-45C2-BCE7-422D138FD740} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {2CFA7B38-8F89-49AD-B336-3A7D80ACE1F3} - System32\Tasks\{3A687180-CACC-45AA-B64F-22CD9729E7C4} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {30D4EDDF-91D0-43BF-90BE-FED32FEDC0BD} - System32\Tasks\{DF297AE8-57EC-4A66-90BD-5DF6D4744D15} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {34BF9750-0D32-4DAE-931D-BCC94D667E24} - System32\Tasks\{CE126841-AFB1-40E3-BDE5-3F73BCC2B802} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {39A48019-D905-415B-9D7C-47E5810C1A68} - System32\Tasks\{6DB367B9-A5B2-483F-AF8C-6366F102CA2F} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {3CD86970-2122-491E-84B2-7CFF33FD83C5} - System32\Tasks\{0E5E2BB3-8404-4978-B31C-F27EADF3E7F7} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {401747E1-36BF-4139-9EF9-3518D9D5D754} - System32\Tasks\{A1F1429D-9785-4338-AFFB-0402AE7F4FDF} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {432843AA-75AF-4996-92D3-699FBF766EFD} - System32\Tasks\{415FDC43-20A4-4E11-BA5D-6525DB5FD8DA} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {46231A30-6DDD-4AEF-AE87-1CD622585282} - System32\Tasks\{C2195687-A620-4F47-BDBB-0ABCE510F027} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {4818C33B-C62F-4FE4-AEB7-D0D004A256F4} - System32\Tasks\{D6EDD2B1-A143-4AB5-AC54-9A69B3CB78C9} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {4C9B6841-F5C9-40F5-BA20-FA2D98FB4E29} - System32\Tasks\{5CF4FABE-BCE1-4A59-89CA-5DD038FDE633} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {50FE53CE-68EF-4B37-992F-1443A3B8891A} - System32\Tasks\{0F9E474E-ED81-4E17-9D60-702CF01529F5} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {510685ED-D592-4BE4-A0E5-BBC55B7CFF4E} - System32\Tasks\ReclaimerUpdateFiles_mel adriano => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-21] (RealNetworks, Inc.)
Task: {52A95055-A810-48BA-82D0-83115A5A3DA0} - System32\Tasks\{51BEA6D2-8ACB-4F18-A67C-6C8A7B23F11B} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {52E74CE0-B007-463F-9C3C-54666C07A9FD} - System32\Tasks\{E627CC30-6AEA-42B8-BA96-9163599CA655} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {55075D11-9106-454D-B63F-44234F95ED40} - System32\Tasks\{E9AFB0AB-6910-4E4E-84CC-5764227C7C37} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {5AF2D52B-417C-438E-BD4D-CA9894140217} - System32\Tasks\{59E7C26C-01ED-4767-A13E-810891959107} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {5D8BC01C-C86A-48E3-A314-2CFA71C7D215} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Gateway\Gateway Recovery Management\NotificationCenter\Notification.exe [2009-07-10] (Acer)
Task: {5DDDEB4B-358A-4B60-9F67-E95C0136AD7F} - System32\Tasks\{61E10820-8D2A-4C02-BC29-E8F585780FC7} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {5E63FE08-5893-405C-BB0C-0566B75EB78F} - System32\Tasks\{E8F7DCF4-2F7E-4816-8DE1-DFCB0B76D1DC} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {64B261CF-B6EB-4D64-9DA5-A9928F3E799C} - System32\Tasks\{C34EB564-743F-404C-858B-542999769FFC} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {65021534-C8E3-4D5D-8EEB-F864787D2B6B} - System32\Tasks\{0271F905-5685-483F-BBEA-D214CA8F361F} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {65A5176B-17EB-41E8-B266-B9732435C1EA} - System32\Tasks\{6026519D-C664-4714-BA39-065F0A92C8DB} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {67DA105E-F817-4860-A12A-177ABDF704B1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {69590BEE-D5BF-4D05-9EFD-D3C96CFC4F6E} - System32\Tasks\{45E82A8D-FA81-401C-BAE4-2E168C166C78} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {6BDE2D6D-4C0D-414E-AA81-8A40C31C60A9} - System32\Tasks\{D61118EB-9EBF-4F75-AE48-020D436A1E20} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {6CDE25EE-3CD2-454E-B21F-EF4610A3501A} - System32\Tasks\{A30E390F-1DCA-4404-B2CA-A8CF7CE95833} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {6DBC39F6-EF38-4D25-AE59-A0991974CC67} - System32\Tasks\{A15AEB9E-35F9-4DE8-AE7F-F82F87148499} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {6F0C0B2B-3F02-48D4-9DE5-992ED5F72227} - System32\Tasks\Express Files Updater => C:\Program Files (x86)\ExpressFiles\EFupdater.exe <==== ATTENTION
Task: {6F4C7948-39BB-44AE-BF64-5B476E4A09F3} - System32\Tasks\{5B5676FE-99A0-48A0-AFA0-3A705BA005FC} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {6F8C1392-A9DB-4DF3-8854-4326C8F9FC10} - System32\Tasks\{C6A9A708-BEC0-4F7A-A1F9-E51AC30D2058} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {70783A95-9BC4-4781-9E9B-0007A97D21E4} - System32\Tasks\{58B602FA-248B-4633-931A-F2D0A5D4B4CD} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {71E4138C-C943-489E-9BAF-0A74B69A5555} - System32\Tasks\{9BC41C88-589C-43CD-959B-6FA7EFCE0563} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {72F2A552-4F6C-407F-8AEB-53AE0E6DDAE7} - System32\Tasks\{CF026562-B212-468A-B562-5D12C905782D} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {75E5C61E-4BCC-4F16-ADD2-CF3D717C3687} - System32\Tasks\{58D4F190-D46F-4155-83F1-8A7B069A1F37} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {77B6ACF8-EE9F-4EDC-ACC6-8428386AEAC1} - System32\Tasks\{C4A55C47-EEE9-4D48-899F-4D018F117222} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {7AA4785B-4B14-47F1-A375-16C8F9A8CFC8} - System32\Tasks\{0812495C-4264-4062-B6D3-95B46A8C29F7} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {7AB84678-5E17-464B-A834-168BA7849FE3} - System32\Tasks\{2D7A91C4-DDE9-4C1B-B677-53B5BF97A5AA} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {7DEBB3F8-7B40-4EEE-98B9-81195B5BB5D4} - System32\Tasks\{BA107645-E7E0-4E37-B18C-1E68AC7395C9} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {7E230671-DE54-437A-BC35-C3D05F5B224C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-11511148-282223610-3023385546-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {821DA4B4-838A-4860-9867-81F2645813B4} - System32\Tasks\{E6E08C1F-8CDC-4264-A906-B604BEFA95D2} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {85AC390F-69B1-42EA-AB02-1AB97F82652B} - System32\Tasks\{18896AC6-D5F0-409C-A487-FFC8D76A3077} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {8C5E9BF4-3136-4DE2-8303-1BFDE6B8FD02} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-11511148-282223610-3023385546-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {8CA79CBD-4A82-468A-AC32-44DA6A6233C9} - System32\Tasks\{5E7ABA0B-C2FE-49E0-86A0-2D5971330404} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {91D8D82A-5997-4B2B-8D08-7E0C4BE4E5EB} - System32\Tasks\{0107E124-740C-4638-A527-485E22FED135} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {9300B5B9-3B19-4D7B-9B2C-AB7D89DBA874} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {95215841-F5C5-4A12-B6FD-4F10E71560EE} - System32\Tasks\{51626AE6-92DB-457F-8CF6-EB7CE7F443EF} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {A29D2443-8444-4572-9E8B-953BDA83E403} - System32\Tasks\{5487B3C6-0CA7-4E75-A564-F7E8EF038A0C} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {A2A8F62D-470F-4ED3-9C4E-F5D48063183B} - System32\Tasks\{5BCE8632-D33C-4B47-AF78-A7AE12749417} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {A3187BA5-B981-4131-BF71-69DC0BB33BFD} - System32\Tasks\{16DE4488-2F8C-4473-BDCE-328989674BE2} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {A67AEB13-1BCE-4B29-91AC-DD9CB64F381E} - System32\Tasks\{48C514A9-392A-44E8-BCA1-0BAE8DF5AEC4} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {A82C0E5B-72E9-400F-9CA1-F00E7286EB52} - System32\Tasks\{1F42DF89-4242-406C-846F-98FA24C0954B} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {AD7BA58F-3C88-4E2B-A99D-A57973F029FA} - System32\Tasks\{1CDC2F9A-CBF1-4E07-B4D6-014E474F7685} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {AD859A77-B571-4A61-8A1A-89716E1934C2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-11511148-282223610-3023385546-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {AEAE8B5D-5220-44DF-916A-AF8CFFE2ED73} - System32\Tasks\{DA719BAB-A659-42C9-8B55-E91F28F72320} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {B24F0EA9-F394-49E8-95D5-E00427AC85FC} - System32\Tasks\{E76D5089-730A-4853-9304-F423D8301379} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {B3CAA823-A8E6-4DBB-892E-370A40076FFE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B3E7B160-1A06-4ED2-B05A-4F8E5C1751A4} - System32\Tasks\{05857251-9A75-4893-86E7-13F9DB91D329} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {B4EEF347-C5CA-488C-A2BE-EA26D27F5A46} - System32\Tasks\{19598C18-8C2E-4C62-BD3D-BE96BBE0A7C1} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {BEF31B0C-A139-461C-9E80-B39059FF7206} - System32\Tasks\{7707A27F-BB0D-41A3-BB99-474050A2A305} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {BF67FB31-D4BC-4339-9171-A2EBDDD31B1E} - System32\Tasks\{68D6CB5B-0A04-49DA-873F-0E4A1F0703B3} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {BF75C591-6246-4AE9-97F0-AC6840EB218A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)
Task: {C0D667A3-2C68-46C5-ACE9-5002C0A7CE97} - System32\Tasks\{F252F3B9-EA0C-42E0-95FF-3C767F1E09E7} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {C2C8E07B-6621-4567-8920-78030A331CDC} - System32\Tasks\{F0E50C1E-3CA5-4D50-9C97-F773934577A3} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-10-11] (Skype Technologies S.A.)
Task: {C478076E-F9EE-446B-9422-FB4EBD7FEE94} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {C6EE840A-7A95-4AB5-A8E9-DFC3531A3456} - System32\Tasks\ReclaimerUpdateXML_mel adriano => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-21] (RealNetworks, Inc.)
Task: {C93737ED-BCE9-4550-95E0-DB5ED6C8E2DD} - System32\Tasks\{2FCD3043-0B07-4CF2-9715-F5365C625E89} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {CACFCCB8-A4A3-49D9-BFA7-BC213C428C11} - System32\Tasks\{C38F44E5-0C96-4971-8318-AD8F3E1C0B33} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {CC0CE9C5-C86F-4BCD-9ECE-03B744958698} - System32\Tasks\{105B69C5-A392-4C01-A422-664D8A45CA15} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {CCED4148-9877-40F7-B77D-D2E5AB4B3A31} - System32\Tasks\{44F09C7F-16D2-44E0-AB48-DB23297300EF} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {CCFF1D68-E76C-4531-B2AB-426E31083258} - System32\Tasks\{A7BFCACC-ABDD-4D75-AA94-FCB01880889F} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {CE7C6DE4-0992-47F1-B86C-F2C39752F74E} - System32\Tasks\{47FFBDDD-3805-41E3-8809-C9D0BBB75571} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {CFCFB91F-D604-4601-83EB-779D5B7D2F50} - System32\Tasks\{46D230E5-8360-462C-97A0-A196AA287378} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {D08B60C0-C001-44F0-903A-355D02DA5EFE} - System32\Tasks\{61E539E0-2611-4363-A241-1ED26808E94B} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {D13C8488-C98E-4A0A-A161-79C9DAFB7B7F} - System32\Tasks\{1D5D693B-7697-4B48-9AA6-50327AC9180E} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {D2B64443-EDAF-45E7-B366-DF9FCE6587AE} - System32\Tasks\{69BFBE7F-7CBF-455A-9EDC-1248077F6441} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {D3292B09-0ED0-4DD3-AE63-943579FD541E} - System32\Tasks\{36CEE9C1-0A6A-4D1F-A51E-6FE2A40C28D5} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {D49C9843-539D-40E6-AC59-E09D37E46289} - System32\Tasks\{1A1D68F3-1A19-4BBF-9EF9-C62567EA5C35} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {D5012AFC-C36A-4646-9B0F-D04DD01CACE6} - System32\Tasks\{23096405-293E-4584-87FB-10BD106F6C8A} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {D5AA7031-B9EE-414D-9B50-3A31B74D2FD0} - System32\Tasks\RNUpgradeHelperResumePrompt_mel adriano => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-21] (RealNetworks, Inc.)
Task: {D5C73278-84ED-4EDE-970A-A2890A018184} - System32\Tasks\{52C7F324-D335-4F57-9C0B-B295CFA0A7B7} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {DDAEBF56-F3FF-4DB8-A0FF-81AFF20CEDFA} - System32\Tasks\{4D41739F-A6AF-448C-B9DD-DEBC75E8AB60} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {EB061064-AD01-45E5-AB52-F59307277C89} - System32\Tasks\{A797FB41-008A-4EDD-83F7-47E1808AC5B5} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {ED5E2D8D-CF37-494F-8F41-C504175A6366} - System32\Tasks\{EDADE223-D18A-4FB6-BCF5-D4FCA6A809D8} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {F08D557D-C303-4C3C-8BA8-7609EE4CE487} - System32\Tasks\{C10C407B-F999-4AD7-A534-17200620A78F} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: {F5FFAA9F-44A6-4757-ABD5-B4390E308034} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-11511148-282223610-3023385546-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {F90E6C7E-DD85-4FA5-A62C-7071D2D9F9A9} - System32\Tasks\{DA89BE94-0AA9-4C87-B70B-B39D4B81CE9D} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_mel adriano.job => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_mel adriano.job => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_mel adriano.job => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-05-11 13:14 - 2013-05-11 13:13 - 00246112 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\ouc.exe
2014-05-17 06:34 - 2014-05-17 06:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2011-03-14 23:27 - 2011-03-14 23:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-02-01 15:09 - 2013-02-01 15:09 - 12907520 _____ () C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
2010-05-13 21:08 - 2009-04-30 11:23 - 00090112 _____ () C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 ____N () C:\Windows\SysWOW64\PSIService.exe
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2010-10-06 20:35 - 2005-04-22 13:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2013-03-06 13:14 - 2012-10-24 14:38 - 00274760 _____ () C:\Program Files (x86)\SMART BRO\AssistantServices.exe
2010-07-03 10:29 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2012-06-18 23:24 - 2012-06-18 23:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2007-10-16 18:32 - 2007-10-16 18:32 - 00363520 _____ () C:\Program Files (x86)\USB Video Camera\Monitor.exe
2008-07-09 19:42 - 2008-07-09 19:42 - 00037888 ____R () C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
2013-03-06 13:14 - 2012-05-11 09:41 - 00156448 _____ () C:\Program Files (x86)\SMART BRO\UIExec.exe
2011-10-24 10:12 - 2011-10-24 10:12 - 01087264 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
2011-10-24 10:12 - 2011-10-24 10:12 - 00546080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\genie_tray.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-11 13:14 - 2013-05-11 13:13 - 00011362 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\mingwm10.dll
2013-05-11 13:14 - 2013-05-11 13:13 - 00043008 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\libgcc_s_dw2-1.dll
2013-05-11 13:14 - 2013-05-11 13:13 - 02415104 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QtCore4.dll
2013-05-11 13:14 - 2013-05-11 13:13 - 01148416 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QtNetwork4.dll
2013-05-11 13:14 - 2013-05-11 13:13 - 00384512 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QueryStrategy.dll
2013-05-11 13:14 - 2013-05-11 13:13 - 00398336 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QtXml4.dll
2014-05-17 08:11 - 2014-05-17 08:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-17 08:37 - 2014-05-17 08:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2009-02-03 08:33 - 2009-02-03 08:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\sqlite3.dll
2008-09-29 08:55 - 2008-09-29 08:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\ACE.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-05-10 19:48 - 2010-06-25 15:57 - 00909312 _____ () C:\Program Files (x86)\TP-LINK\COMMON\RaWLAPI.dll
2009-06-13 07:37 - 2009-06-13 07:37 - 00032768 _____ () C:\Program Files (x86)\Gateway Photo Frame\IOIUSBLib.dll
2009-06-13 07:37 - 2009-06-13 07:37 - 00025088 _____ () C:\Program Files (x86)\Gateway Photo Frame\IOIHIDLib.dll
2010-10-06 20:34 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2011-10-14 14:26 - 2011-10-14 14:26 - 02537472 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtCore4.dll
2011-10-14 14:26 - 2011-10-14 14:26 - 00011362 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\mingwm10.dll
2011-10-14 14:26 - 2011-10-14 14:26 - 00043008 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2011-10-14 14:26 - 2011-10-14 14:26 - 09814016 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtGui4.dll
2011-10-14 14:26 - 2011-10-14 14:26 - 01140224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtNetwork4.dll
2011-12-19 14:41 - 2011-12-19 14:41 - 01327616 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2011-10-14 14:26 - 2011-10-14 14:26 - 00399360 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtXml4.dll
2011-10-14 14:26 - 2011-10-14 14:26 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif4.dll
2011-10-14 14:26 - 2011-10-14 14:26 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico4.dll
2011-10-14 14:26 - 2011-10-14 14:26 - 00287232 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg4.dll
2011-11-21 17:23 - 2011-11-21 17:23 - 00123904 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_FeedBack.dll
2011-12-15 15:11 - 2011-12-15 15:11 - 01133056 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2011-12-19 16:01 - 2011-12-19 16:01 - 02537472 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2011-11-11 10:43 - 2011-11-11 10:43 - 00467456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2011-11-11 10:43 - 2011-11-11 10:43 - 00186368 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2011-12-19 15:24 - 2011-12-19 15:24 - 01065984 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2011-12-19 16:51 - 2011-12-19 16:51 - 06403584 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2011-12-19 17:41 - 2011-12-19 17:41 - 00887808 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2011-11-15 16:02 - 2011-11-15 16:02 - 00613888 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2011-11-11 11:03 - 2011-11-11 11:03 - 00643072 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2011-11-11 10:33 - 2011-11-11 10:33 - 00136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2011-11-11 10:33 - 2011-11-11 10:33 - 00150528 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2011-10-14 14:07 - 2011-10-14 14:07 - 00489472 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2011-10-14 14:07 - 2011-10-14 14:07 - 00116224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2011-10-14 14:07 - 2011-10-14 14:07 - 00076288 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2011-12-15 13:53 - 2011-12-15 13:53 - 00394240 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_TrafficMeter.dll
2011-12-02 17:08 - 2011-12-02 17:08 - 00266752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_FirmwareUpdate.dll
2011-12-19 16:01 - 2011-12-19 16:01 - 00082432 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.DLL
2011-12-19 16:01 - 2011-12-19 16:01 - 00083968 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2011-11-21 17:23 - 2011-11-21 17:23 - 00669696 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SslMailSend.DLL
2013-05-03 20:41 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
2014-09-12 17:59 - 2014-09-04 11:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-12 17:59 - 2014-09-04 11:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-12 17:59 - 2014-09-04 11:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-12 17:59 - 2014-09-04 11:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-12 17:59 - 2014-09-04 11:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\Users\mel adriano\Downloads\noname (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\mel adriano\Downloads\noname (2).eml:OECustomProperty
AlternateDataStreams: C:\Users\mel adriano\Downloads\noname (3).eml:OECustomProperty
AlternateDataStreams: C:\Users\mel adriano\Downloads\noname.eml:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-11511148-282223610-3023385546-500 - Administrator - Disabled)
Guest (S-1-5-21-11511148-282223610-3023385546-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-11511148-282223610-3023385546-1002 - Limited - Enabled)
mel adriano (S-1-5-21-11511148-282223610-3023385546-1000 - Administrator - Enabled) => C:\Users\mel adriano
NANCY BINAY for Sena (S-1-5-21-11511148-282223610-3023385546-1006 - Limited - Enabled) => C:\Users\NANCY BINAY for Sena
 
==================== Faulty Device Manager Devices =============
 
Name: F06DEFF2-5B9C-490D-910F-35D3A91196222
Description: F06DEFF2-5B9C-490D-910F-35D3A91196222
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: F06DEFF2-5B9C-490D-910F-35D3A91196222
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/29/2014 08:48:22 AM) (Source: MsiInstaller) (EventID: 1024) (User: meladriano-PC)
Description: Product: Adobe Reader XI (11.0.08) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error: (09/27/2014 02:48:44 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\.
 
Error: (09/27/2014 02:48:44 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\.
 
Error: (09/27/2014 03:01:29 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\.
 
Error: (09/27/2014 03:01:29 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\.
 
Error: (09/26/2014 09:22:01 AM) (Source: MsiInstaller) (EventID: 1024) (User: meladriano-PC)
Description: Product: Adobe Reader XI (11.0.08) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error: (09/26/2014 09:13:20 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\.
 
Error: (09/26/2014 09:13:20 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\.
 
Error: (09/26/2014 08:46:17 AM) (Source: MsiInstaller) (EventID: 1024) (User: meladriano-PC)
Description: Product: Adobe Reader XI (11.0.08) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error: (09/25/2014 07:08:41 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\.
 
 
System errors:
=============
Error: (09/29/2014 09:21:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (09/29/2014 09:19:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
F06DEFF2-5B9C-490D-910F-35D3A91196222
 
Error: (09/29/2014 09:19:06 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The NETGEARGenieDaemon service hung on starting.
 
Error: (09/29/2014 09:19:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RealtekCU service.
 
Error: (09/29/2014 09:17:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Globe Tattoo Broadband. OUC service failed to start due to the following error: 
%%1053
 
Error: (09/29/2014 09:17:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Globe Tattoo Broadband. OUC service to connect.
 
Error: (09/29/2014 09:17:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Datamngr Coordinator service failed to start due to the following error: 
%%216
 
Error: (09/29/2014 08:47:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (09/29/2014 08:45:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
F06DEFF2-5B9C-490D-910F-35D3A91196222
 
Error: (09/29/2014 08:45:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Globe Tattoo Broadband. OUC service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Core2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 57%
Total physical RAM: 4061.18 MB
Available physical RAM: 1731.94 MB
Total Pagefile: 8120.53 MB
Available Pagefile: 5391.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: (Gateway) (Fixed) (Total:684.86 GB) (Free:512.14 GB) NTFS
Drive d: (Dir Adriano) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 46BC7DF2)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=684.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please go into Control Panel, Add/Remove and uninstall ALL versions of Java and then run the following.
 
Please download JavaRa-1.16 and save it to your computer.

  • Double click to open the zip file and then select all and choose Copy.
  • Create a new folder on your Desktop named RemoveJava and paste the files into this new folder.
  • Quit all browsers and other running applications.
  • Right-click on JavaRa.exe in RemoveJava folder and choose Run as administrator to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.

Next:
 
Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

Restart the computer.

 

Next,
 
Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

fixlist.txt

Link to post
Share on other sites
olace88

olace88

Posted
  • Author
Posted

Hi Ron,

 

Thanks for your reply. Here are the logs.JavaRa.log

 

JavaRa 1.16 Removal Log.Report follows after line.------------------------------------The JavaRa removal process was started on Wed Oct 01 14:39:21 2014
 
There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124.Found and removed: JavaPlugin.FamilyVersionSupportFound and removed: SOFTWARE\Classes\JavaPluginFound and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.6.0.0Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}Found and removed: SOFTWARE\Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284}Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284}Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkitFound and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/x-java-appletFound and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/x-java-jnlp-fileFound and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284}Found and removed: SOFTWARE\Classes\.jnlpFound and removed: SOFTWARE\Classes\JavaWebStart.isInstalledFound and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0Found and removed: SOFTWARE\Classes\JNLPFileFound and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper ObjectsFound and removed: SOFTWARE\JavaSoftFound and removed: SOFTWARE\JreMetricsFound and removed: SOFTWARE\Classes\JavaPlugin.10512------------------------------------Finished reporting.
 
 
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Great, Please go ahead and run through the following steps and post back the logs when ready.
 
STEP 04
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus


STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


STEP 06
Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkits, Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button. Remove any threats found
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.


STEP 07
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology


    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.


STEP 08
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Link to post
Share on other sites
olace88

olace88

Posted
  • Author
Posted

Hi Ron,

 

Here are my logs. I do not have the ESET online scan results. I could not get it to run on my PC. It was asking for a proxy server. My LAN is configured to automatic so I do not want to messed it up. Anyway, I skipped this and went on to step 8.

 

FRST.txt

 

JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.4 (10.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by mel adriano on Wed 10/01/2014 at 16:04:17.47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully stopped: [service] datamngrcoordinator 
Successfully deleted: [service] datamngrcoordinator 
Failed to stop: [service] hshld 
Successfully stopped: [service] hsstrayservice 
Successfully deleted: [service] hsstrayservice 
Failed to stop: [service] hsswd 
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar.CT1561552
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT1561552
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ConduitInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ConduitInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Users\mel adriano\AppData\Roaming\microsoft\windows\start menu\programs\ilivid.lnk"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\aol toolbar"
Successfully deleted: [Folder] "C:\ProgramData\datamngr"
Successfully deleted: [Folder] "C:\ProgramData\hotspot shield"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\viewpoint"
Successfully deleted: [Folder] "C:\ProgramData\wecarereminder"
Successfully deleted: [Folder] "C:\Users\mel adriano\AppData\Roaming\hotspot shield"
Successfully deleted: [Folder] "C:\Users\mel adriano\appdata\local\aol toolbar"
Successfully deleted: [Folder] "C:\Users\mel adriano\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\mel adriano\appdata\local\ilivid"
Successfully deleted: [Folder] "C:\Users\mel adriano\appdata\local\torch"
Successfully deleted: [Folder] "C:\Users\mel adriano\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\aol toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\hotspot shield"
Successfully deleted: [Folder] "C:\Program Files (x86)\movies toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\viewpoint"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\software update utility"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 10/01/2014 at 16:07:19.28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
AdwCleaner:
 
# AdwCleaner v3.311 - Report created 01/10/2014 at 16:12:48
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : mel adriano - MELADRIANO-PC
# Running from : C:\Users\mel adriano\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : hshld
[#] Service Deleted : hsswd
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\GoSaavei
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\ExpressFiles
Folder Deleted : C:\Program Files (x86)\GoSaavei
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\mel adriano\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\mel adriano\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\AOL Toolbar
Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\torch
Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\LocalLow\Hotspot_Shield
Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
[!] Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
[!] Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
[!] Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic
File Deleted : C:\Users\Public\Desktop\eBay.lnk
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\APNDTX
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\ExpressFiles
Key Deleted : HKLM\SOFTWARE\hotspotshield
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17280
 
 
-\\ Google Chrome v37.0.2062.120
 
[ File : C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [search Provider] : hxxp://isearch.avg.com/search?cid={F8AAA2BE-2131-48E3-AA86-03DF63D5B733}&mid=dfe7d6a1a61247d0a2b9d14acce4e9e6-64fcfabea6792deb68870cce2bc0482561f35811〈=en&ds=AVG&pr=pr&d=2012-03-17 21:37:41&v=10.2.0.3&sap=dsp&q={searchTerms}
Deleted [search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072254
Deleted [search Provider] : hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-aolTB50CL-chromesbox-en-us
Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=1721&systemid=406&v=a13350-400&apn_uid=4334061505004623&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
Deleted [search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=1721&systemid=406&v=a13350-400&apn_uid=4334061505004623&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
Deleted [search Provider] : hxxp://movies.netflix.com/WiSearch?oq=cashback&ac_posn=-1&ac_rec=true&ac_count=%5B1%2C0%2C0%5D&ac_match=false&v1={searchTerms}&search_submit=
 
[ File : C:\Users\NANCY BINAY for Sena\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Extension] : ippkomaaonokjnfjoikaemidanojkfmm
Deleted [Extension] : jmfkcklnlgedgbglfkkgedjfmejoahla
Deleted [Extension] : fpelbholhcgccadaggfgmfemdnhjaoic
 
*************************
 
AdwCleaner[R0].txt - [13283 octets] - [01/10/2014 16:08:58]
AdwCleaner[s0].txt - [12973 octets] - [01/10/2014 16:12:48]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [13034 octets] ##########
 

Malwarebytes Scan Log:

 

Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 10/1/2014
Scan Time: 4:25:24 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.10.01.03
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: mel adriano
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 408144
Time Elapsed: 12 min, 41 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 2
PUP.Optional.Installmate, C:\ProgramData\InstallMate\{C1E28B35-42CA-43F0-8B8B-85F6E7255916}, Quarantined, [a1e4e708c2b945f13caba65d07fc817f], 
PUP.Optional.Installmate, C:\ProgramData\InstallMate\{C1E28B35-42CA-43F0-8B8B-85F6E7255916}\18C45FC73EF40D0C, Quarantined, [a1e4e708c2b945f13caba65d07fc817f], 
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
FRST:
 
 
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please run the following for me.
 
 
panda-av.jpg Scan with Panda Cloud Cleaner

This type of scan often produces false positives. In any case do not remove on your own any of its findings! Removal will be made after the careful analysis of the scan results.

Please download Panda Cloud Cleaner and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Install the scanner by right-click on panda-av.jpg icon and select RunAsAdmin.jpg Run as Administrator.
  • It should start itself automaticaly after the installation.
  • In the main console click Accept and Scan.
  • This scan won't take long, about several minutes (depending on your system specs). Let it run uninterrupted.
  • At the last stage you will see a couple of messages about veryfying & analyzing results. Wait patiently.
  • Upon completion you will see detections window. Enter one of them and click there View Report at the bottom right side.
  • A notepad window named PCloudCleaner.log will open. Save it to your desktop.

Please include the contents of that file in your next reply.
Don't forget to re-enable your switched-off protection software!
After that you may uninstall Panda Cloud Cleaner from your machine, if you wish to.
 
 
 
 
Next,
Please download the correct version of SystemLook for your computer and save it to your desktop.
You can check here if you're not sure if your computer is 32-bit or 64-bit

SystemLook 32-bit x86 | or | SystemLook 64-bit x64

  • If using Windows XP just double click on SystemLook.exe to run it.
  • For all other versions of Windows, right click over SystemLook.exe or SystemLook_x64.exe and choose Run as administrator to run it
  • Copy the contents of the following code box into the main text field - including the colon characters.
    :filefind*µTorrent**bittorrent*:folderfind*µTorrent**bittorrent*:regfinduTorrentBitTorrent
  • Click the Look button to start the scan
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  • Note: The log can also be found on your Desktop named SystemLook.txt

 

 

 

Next,
 
Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

fixlist.txt

Link to post
Share on other sites
olace88

olace88

Posted
  • Author
Posted

Hi Ron,

 

Here are my logs.

 

PCLOUDCLEANER:

 

. FILE: C:\USERS\MEL ADRIANO\APPDATA\ROAMING\MOZILLA\FIREFOX\EXTENSIONS\{E9DF9360-97F8-4690-AFE6-996C80790DA4}\COMPONENTS\RADIOWMPCOREGECKO11.DLL to be deleted.. FILE: C:\Users\mel adriano\Desktop\CopyTrans Control Center.lnk to be deleted.. FILE: C:\Users\mel adriano\Desktop\PHOTORECOVERY LE.lnk to be deleted.. FILE: C:\Users\mel adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\CopyTrans Control Center.lnk to be deleted.. FILE: C:\Users\mel adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\Uninstall.lnk to be deleted.. FILE: C:\Users\mel adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup\Google+ Auto Backup.lnk to be deleted.. FILE: C:\Users\mel adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PHOTORECOVERY\PHOTORECOVERY LE.lnk to be deleted.. TASK: Task\[ReclaimerUpdateFiles_mel adriano]. Task to be deleted.. TASK: Task\[ReclaimerUpdateXML_mel adriano]. Task to be deleted.. TASK: Task\[RNUpgradeHelperLogonPrompt_mel adriano]. Task to be deleted.. TASK: Task\[RNUpgradeHelperResumePrompt_mel adriano]. Task to be deleted.. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\COPYTRANS SUITE. Key to be deleted.. REGKEY: HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}. Key to be deleted.. REGKEY: HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}. Key to be deleted.. REGKEY: HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}. Key to be deleted.. REGKEY: HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}. Key to be deleted.Malware. FILE: E:\LHQV.PIF to be deleted.Malware. FILE: E:\autorun.inf to be deleted.Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0Malware. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLEREGISTRYTOOLS]. Value: DISABLEREGISTRYTOOLS To be deleted.Malware. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLETASKMGR]. Value: DISABLETASKMGR To be deleted.. FILE: C:\PROGRAM FILES (X86)\YAOUTTUEBEEADBLOCKE\PDFHKNYIUDKQ2T.DAT to be deleted.. FILE: C:\PROGRAM FILES (X86)\YAOUTTUEBEEADBLOCKE\PDFHKNYIUDKQ2T.TLB to be deleted.. FOLDER: C:\PROGRAM FILES (X86)\YAOUTTUEBEEADBLOCKE to be deleted.. FILE: C:\PROGRAMDATA\YAOUTTUEBEEADBLOCKE\YTQAYEH10GEBVGD.DAT to be deleted.. FOLDER: C:\PROGRAMDATA\YAOUTTUEBEEADBLOCKE to be deleted.

 

SystemLook:

 

SystemLook 30.07.11 by jpshortstuff
Log created at 15:44 on 02/10/2014 by mel adriano
Administrator - Elevation successful
 
========== filefind ==========
 
Searching for "*µTorrent*"
C:\Users\Public\Desktop\µTorrent.lnk --a---- 946 bytes [04:53 17/03/2012] [04:53 17/03/2012] E1FC0F87CDF35168E257567BF64C21CC
 
Searching for "*bittorrent*"
No files found.
 
========== folderfind ==========
 
Searching for "*µTorrent*"
No folders found.
 
Searching for "*bittorrent*"
No folders found.
 
========== regfind ==========
 
Searching for "uTorrent"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar]
"DisplayName"="uTorrentControl"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\https___toolbar_utorrent_com_single_html_tbv=14&tbn=1&v=0_6]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\http___bar_utorrent_com_conduit_html_v=1_03]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\http___bar_utorrent_com_conduit_html_v=1_04]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\http___toolbar_utorrent_com_single_html_tbv=14&tbn=1&v=0_6]
[HKEY_CURRENT_USER\Software\BitTorrent\uTorrent]
[HKEY_CURRENT_USER\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe]
[HKEY_CURRENT_USER\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe]
"Path"="C:\Users\mel adriano\Downloads\uTorrent (1).exe"
[HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\uTorrent (1).exe]
[HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\uTorrent (1).exe]
"Path"="C:\Users\mel adriano\Downloads\uTorrent (1).exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-11511148-282223610-3023385546-1000\Software\uTorrentControl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}]
"AppName"="uTorrentControlAutoUpdateHelper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}]
"AppName"="uTorrentControlToolbarHelper.exe"
[HKEY_CURRENT_USER\Software\Classes\.btapp]
@="uTorrent"
[HKEY_CURRENT_USER\Software\Classes\.btinstall]
@="uTorrent"
[HKEY_CURRENT_USER\Software\Classes\.btkey]
@="uTorrent"
[HKEY_CURRENT_USER\Software\Classes\.btsearch]
@="uTorrent"
[HKEY_CURRENT_USER\Software\Classes\.btsearch\OpenWithProgids]
"uTorrent"=""
[HKEY_CURRENT_USER\Software\Classes\.btskin]
@="uTorrent"
[HKEY_CURRENT_USER\Software\Classes\.torrent]
@="uTorrent"
[HKEY_CURRENT_USER\Software\Classes\.torrent\OpenWithProgids]
"uTorrent"=""
[HKEY_CURRENT_USER\Software\Classes\Applications\uTorrent.exe]
[HKEY_CURRENT_USER\Software\Classes\Applications\uTorrent.exe\shell\open\command]
@=""C:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""
[HKEY_CURRENT_USER\Software\Classes\btdna\DefaultIcon]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" ",0"
[HKEY_CURRENT_USER\Software\Classes\btdna\shell\open\command]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "/DNA""
[HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe",0"
[HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "%1""
[HKEY_CURRENT_USER\Software\Classes\uTorrent]
[HKEY_CURRENT_USER\Software\Classes\uTorrent\DefaultIcon]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe",0"
[HKEY_CURRENT_USER\Software\Classes\uTorrent\shell\open\command]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "%1""
[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}]
@="uTorrentControl API Server"
[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}\InprocServer32]
@="C:\Users\mel adriano\AppData\LocalLow\uTorrentControl\prxtbuTo2.dll"
[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}]
@="uTorrentControl Toolbar"
[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}\InprocServer32]
@="C:\Users\mel adriano\AppData\LocalLow\uTorrentControl\prxtbuTo2.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent (1)_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent (1)_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentControlAutoUpdateHelper_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentControlAutoUpdateHelper_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentControlToolbarHelper_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentControlToolbarHelper_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]
"DisplayIcon"="C:\Program Files (x86)\uTorrent\uTorrent.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]
"UninstallString"=""C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]
"InstallLocation"="C:\Program Files (x86)\uTorrent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]
"URLInfoAbout"="http://www.utorrent.com"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7F884848-3D0C-4943-9FE0-9EC6C40BA6BF}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5210A0FC-CF43-40D5-8394-71530615920F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7F884848-3D0C-4943-9FE0-9EC6C40BA6BF}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5210A0FC-CF43-40D5-8394-71530615920F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7F884848-3D0C-4943-9FE0-9EC6C40BA6BF}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5210A0FC-CF43-40D5-8394-71530615920F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar]
"DisplayName"="uTorrentControl"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\https___toolbar_utorrent_com_single_html_tbv=14&tbn=1&v=0_6]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\http___bar_utorrent_com_conduit_html_v=1_03]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\http___bar_utorrent_com_conduit_html_v=1_04]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\http___toolbar_utorrent_com_single_html_tbv=14&tbn=1&v=0_6]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\BitTorrent\uTorrent]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe]
"Path"="C:\Users\mel adriano\Downloads\uTorrent (1).exe"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\IntelliType Pro\AppSpecific\uTorrent (1).exe]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\IntelliType Pro\AppSpecific\uTorrent (1).exe]
"Path"="C:\Users\mel adriano\Downloads\uTorrent (1).exe"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-11511148-282223610-3023385546-1000\Software\uTorrentControl]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}]
"AppName"="uTorrentControlAutoUpdateHelper.exe"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}]
"AppName"="uTorrentControlToolbarHelper.exe"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btapp]
@="uTorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btinstall]
@="uTorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btkey]
@="uTorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch]
@="uTorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch\OpenWithProgids]
"uTorrent"=""
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btskin]
@="uTorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.torrent]
@="uTorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.torrent\OpenWithProgids]
"uTorrent"=""
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Applications\uTorrent.exe]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Applications\uTorrent.exe\shell\open\command]
@=""C:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\btdna\DefaultIcon]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" ",0"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\btdna\shell\open\command]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "/DNA""
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Magnet\DefaultIcon]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe",0"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Magnet\shell\open\command]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "%1""
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\uTorrent]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\uTorrent\DefaultIcon]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe",0"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\uTorrent\shell\open\command]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "%1""
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}]
@="uTorrentControl API Server"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}\InprocServer32]
@="C:\Users\mel adriano\AppData\LocalLow\uTorrentControl\prxtbuTo2.dll"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}]
@="uTorrentControl Toolbar"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}\InprocServer32]
@="C:\Users\mel adriano\AppData\LocalLow\uTorrentControl\prxtbuTo2.dll"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btapp]
@="uTorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btinstall]
@="uTorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btkey]
@="uTorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btsearch]
@="uTorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btsearch\OpenWithProgids]
"uTorrent"=""
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btskin]
@="uTorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.torrent]
@="uTorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.torrent\OpenWithProgids]
"uTorrent"=""
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Applications\uTorrent.exe]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Applications\uTorrent.exe\shell\open\command]
@=""C:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\btdna\DefaultIcon]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" ",0"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\btdna\shell\open\command]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "/DNA""
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Magnet\DefaultIcon]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe",0"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Magnet\shell\open\command]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "%1""
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\uTorrent]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\uTorrent\DefaultIcon]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe",0"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\uTorrent\shell\open\command]
@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "%1""
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}]
@="uTorrentControl API Server"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}\InprocServer32]
@="C:\Users\mel adriano\AppData\LocalLow\uTorrentControl\prxtbuTo2.dll"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}]
@="uTorrentControl Toolbar"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}\InprocServer32]
@="C:\Users\mel adriano\AppData\LocalLow\uTorrentControl\prxtbuTo2.dll"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1006\Software\AppDataLow\Software\uTorrentControl]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1006\Software\AppDataLow\Software\uTorrentControl\toolbar]
"DisplayName"="uTorrentControl"
 
Searching for "BitTorrent"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar]
"Write us link"="jaehee@bittorrent.com"
[HKEY_CURRENT_USER\Software\BitTorrent]
[HKEY_CURRENT_USER\Software\Classes\.btapp]
"Content Type"="application/x-bittorrent-app"
[HKEY_CURRENT_USER\Software\Classes\.btinstall]
"Content Type"="application/x-bittorrent-appinst"
[HKEY_CURRENT_USER\Software\Classes\.btkey]
"Content Type"="application/x-bittorrent-key"
[HKEY_CURRENT_USER\Software\Classes\.btsearch]
"Content Type"="application/x-bittorrentsearchdescription+xml"
[HKEY_CURRENT_USER\Software\Classes\.btskin]
"Content Type"="application/x-bittorrent-skin"
[HKEY_CURRENT_USER\Software\Classes\.torrent]
"Content Type"="application/x-bittorrent"
[HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent]
[HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-app]
[HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-appinst]
[HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-key]
[HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-skin]
[HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrentsearchdescription+xml]
[HKEY_CURRENT_USER\Software\Classes\uTorrent\Content Type]
@="application/x-bittorrent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar]
"Write us link"="jaehee@bittorrent.com"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\BitTorrent]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btapp]
"Content Type"="application/x-bittorrent-app"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btinstall]
"Content Type"="application/x-bittorrent-appinst"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btkey]
"Content Type"="application/x-bittorrent-key"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch]
"Content Type"="application/x-bittorrentsearchdescription+xml"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btskin]
"Content Type"="application/x-bittorrent-skin"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.torrent]
"Content Type"="application/x-bittorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-app]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-appinst]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-key]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-skin]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrentsearchdescription+xml]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\uTorrent\Content Type]
@="application/x-bittorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btapp]
"Content Type"="application/x-bittorrent-app"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btinstall]
"Content Type"="application/x-bittorrent-appinst"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btkey]
"Content Type"="application/x-bittorrent-key"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btsearch]
"Content Type"="application/x-bittorrentsearchdescription+xml"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btskin]
"Content Type"="application/x-bittorrent-skin"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.torrent]
"Content Type"="application/x-bittorrent"
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\MIME\DataBase\Content Type\application/x-bittorrent]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\MIME\DataBase\Content Type\application/x-bittorrent-app]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\MIME\DataBase\Content Type\application/x-bittorrent-appinst]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\MIME\DataBase\Content Type\application/x-bittorrent-key]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\MIME\DataBase\Content Type\application/x-bittorrent-skin]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\MIME\DataBase\Content Type\application/x-bittorrentsearchdescription+xml]
[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\uTorrent\Content Type]
@="application/x-bittorrent"
 
-= EOF =-
 
FIXLOG:
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-09-2014 02
Ran by mel adriano at 2014-10-02 15:49:32 Run:2
Running from C:\Users\mel adriano\Desktop
Loaded Profiles: mel adriano & NANCY BINAY for Sena (Available profiles: mel adriano & NANCY BINAY for Sena)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Task: {1F4E4EA8-5375-4BED-92FD-8B2FDB6FD1C2} - System32\Tasks\{5ACD9813-F2C5-428C-B21A-EB4DC0BBBFD1} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603
AlternateDataStreams: C:\Users\mel adriano\Downloads\noname (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\mel adriano\Downloads\noname (2).eml:OECustomProperty
AlternateDataStreams: C:\Users\mel adriano\Downloads\noname (3).eml:OECustomProperty
AlternateDataStreams: C:\Users\mel adriano\Downloads\noname.eml:OECustomProperty
EmptyTemp:
Reboot:
 
*****************
 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F4E4EA8-5375-4BED-92FD-8B2FDB6FD1C2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F4E4EA8-5375-4BED-92FD-8B2FDB6FD1C2}" => Key deleted successfully.
C:\Windows\System32\Tasks\{5ACD9813-F2C5-428C-B21A-EB4DC0BBBFD1} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5ACD9813-F2C5-428C-B21A-EB4DC0BBBFD1}" => Key deleted successfully.
C:\Users\mel adriano\Downloads\noname (1).eml => ":OECustomProperty" ADS removed successfully.
C:\Users\mel adriano\Downloads\noname (2).eml => ":OECustomProperty" ADS removed successfully.
C:\Users\mel adriano\Downloads\noname (3).eml => ":OECustomProperty" ADS removed successfully.
C:\Users\mel adriano\Downloads\noname.eml => ":OECustomProperty" ADS removed successfully.
EmptyTemp: => Removed 152.7 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

I'll look at the SystemLook log tomorrow. Getting late here so I'm heading out.

 

Please review the following as found by Panda and let me know if there is anything there you want to keep. You should uninstall the YAOUTTUEBEEADBLOCKE app

 

 

 

C:\USERS\MEL ADRIANO\APPDATA\ROAMING\MOZILLA\FIREFOX\EXTENSIONS\{E9DF9360-97F8-4690-AFE6-996C80790DA4}\COMPONENTS\RADIOWMPCOREGECKO11.DLL
C:\Users\mel adriano\Desktop\CopyTrans Control Center.lnk
C:\Users\mel adriano\Desktop\PHOTORECOVERY LE.lnk
C:\Users\mel adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\CopyTrans Control Center.lnk
C:\Users\mel adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\Uninstall.lnk
C:\Users\mel adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup\Google+ Auto Backup.lnk
C:\Users\mel adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PHOTORECOVERY\PHOTORECOVERY LE.lnk
TASK: Task\[ReclaimerUpdateFiles_mel adriano]
TASK: Task\[ReclaimerUpdateXML_mel adriano]
TASK: Task\[RNUpgradeHelperLogonPrompt_mel adriano]
TASK: Task\[RNUpgradeHelperResumePrompt_mel adriano]
REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\COPYTRANS SUITE
REGKEY: HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}
REGKEY: HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}
REGKEY: HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}
REGKEY: HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}
E:\LHQV.PIF
E:\autorun.inf
POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0
POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0
REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLEREGISTRYTOOLS]
Value: DISABLEREGISTRYTOOLS To be deleted
REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLETASKMGR]
Value: DISABLETASKMGR To be deleted
C:\PROGRAM FILES (X86)\YAOUTTUEBEEADBLOCKE\PDFHKNYIUDKQ2T.DAT
C:\PROGRAM FILES (X86)\YAOUTTUEBEEADBLOCKE\PDFHKNYIUDKQ2T.TLB
C:\PROGRAM FILES (X86)\YAOUTTUEBEEADBLOCKE
C:\PROGRAMDATA\YAOUTTUEBEEADBLOCKE\YTQAYEH10GEBVGD.DAT
C:\PROGRAMDATA\YAOUTTUEBEEADBLOCKE
 

Link to post
Share on other sites
olace88

olace88

Posted
  • Author
Posted

Hi Ron,

 

I just want to let you know I appreciate your time looking into my problem. I am very much satisfied with your support. I can see my PC has improved greatly with no more bad images popping up. I understand we need a few more steps to get my PC into perfect health. Please take your time and if you need to rest, please do so. No pressure. :) Meanwhile, I'm trying to review the Panda results and will get back to you asap.

 

Thank you very much,

 

olace88

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.
 

fixlist.txt

Link to post
Share on other sites
olace88

olace88

Posted
  • Author
Posted

Hi Ron,

 

Sorry for the delay. Anyway, I could not find the YAOUTUEBEEADBLOCKE app so I could not unis\nstall them as you have intructed previously.

 

Here's my latest Fixlog.txt

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014 01
Ran by mel adriano at 2014-10-07 09:01:44 Run:3
Running from C:\Users\mel adriano\Desktop
Loaded Profile: mel adriano (Available profiles: mel adriano & NANCY BINAY for Sena)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
"C:\Users\mel adriano\AppData\LocalLow\uTorrentControl"
"C:\Users\mel adriano\Downloads\uTorrent (1).exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
Reg: reg delete "HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\BitTorrent\uTorrent" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\uTorrent (1).exe" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-11511148-282223610-3023385546-1000\Software\uTorrentControl" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btapp" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btinstall" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btkey" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btsearch" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btsearch\OpenWithProgids" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btskin" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.torrent" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.torrent\OpenWithProgids" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\Applications\uTorrent.exe" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\btdna\DefaultIcon" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\btdna\shell\open\command" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\uTorrent" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}\InprocServer32" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}\InprocServer32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent (1)_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-11511148-282223610-3023385546-1000\Software\uTorrentControl" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btapp" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btkey" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch\OpenWithProgids" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btskin" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.torrent" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Applications\uTorrent.exe" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Applications\uTorrent.exe\shell\open\command" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\btdna\DefaultIcon" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Magnet\DefaultIcon" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Magnet\shell\open\command" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\uTorrent" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\uTorrent" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\BitTorrent" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btapp" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btinstall" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btkey" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btsearch" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btskin" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\.torrent" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-app" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-appinst" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-key" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-skin" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrentsearchdescription+xml" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Classes\uTorrent" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\BitTorrent" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btapp" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btinstall" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btkey" /f
Reg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch" /f
 
 
*****************
 
"C:\Users\mel adriano\AppData\LocalLow\uTorrentControl" => File/Directory not found.
C:\Users\mel adriano\Downloads\uTorrent (1).exe => Moved successfully.
C:\Program Files (x86)\uTorrent\uTorrent.exe => Moved successfully.
 
========= reg delete "HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\BitTorrent\uTorrent" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\uTorrent (1).exe" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-11511148-282223610-3023385546-1000\Software\uTorrentControl" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btapp" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btinstall" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btkey" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btsearch" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btsearch\OpenWithProgids" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btskin" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.torrent" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.torrent\OpenWithProgids" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\Applications\uTorrent.exe" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\btdna\DefaultIcon" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\btdna\shell\open\command" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\uTorrent" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}\InprocServer32" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}\InprocServer32" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent (1)_RASAPI32" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-11511148-282223610-3023385546-1000\Software\uTorrentControl" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btapp" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btkey" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch\OpenWithProgids" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btskin" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.torrent" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Applications\uTorrent.exe" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Applications\uTorrent.exe\shell\open\command" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\btdna\DefaultIcon" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Magnet\DefaultIcon" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Magnet\shell\open\command" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\uTorrent" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\uTorrent" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\BitTorrent" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btapp" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btinstall" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btkey" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btsearch" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btskin" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\.torrent" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-app" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-appinst" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-key" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-skin" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrentsearchdescription+xml" /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_CURRENT_USER\Software\Classes\uTorrent" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\BitTorrent" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btapp" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btinstall" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btkey" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch" /f =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
==== End of Fixlog ====
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Great, okay please run the following.

Please download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
Link to post
Share on other sites
olace88

olace88

Posted
  • Author
Posted

Hi Ron,

 

Here it is

 

 Results of screen317's Security Check version 0.99.88  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Panda Cloud Cleaner   
 Adobe Reader XI  
 Mozilla Thunderbird (3.1.7) Thunderbird out of Date!  
 Google Chrome 37.0.2062.103  
 Google Chrome 37.0.2062.120  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe  
 Globe Tattoo Broadband OnlineUpdate ouc.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 2% 
````````````````````End of Log`````````````````````` 
Link to post
Share on other sites
olace88

olace88

Posted
  • Author
Posted

Hi Ron,

 

It's been running perfect. The browsing is faster and no signs of infections. I think we can close this thread and declare it's solved. But let me thank you for your unfailing support and patience. I really appreciate all your efforts. 

 

Thank you very much Ron!

 

I'm very happy!

 

More power to you and malwarebytes!

 

olace88

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Hi olace88

I'm sorry my fault. I didn't notice that it was another user (I've moved his topic and deleted my reply). I thought it was strange that those things would be showing in your computer at this point, glad you alerted me to the other user.

You should be all clear now.

At this time there are no more signs of an infection on your system.

However if you are still seeing any signs of an infection please let me know.

Let's go ahead and remove the tools and logs we've used during this process.

Most of the tools used are potentially dangerous to use unsupervised or if ran at the wrong time.

They are often updated daily so if you went to use them again in the future they would be outdated anyways.

The following procedures will implement some cleanup procedures to remove these tools.

bwebb7v.jpgDownload Delfix from here and save it to your desktop. (you may already have this)

  • Ensure Remove disinfection tools is checked.
  • Click the Run button.
  • Reboot
Any other programs or logs that are still remaining, you can manually delete. (right click.....Delete)

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST folder, FRST-OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall.

Note:

If you used FRST and can't delete the quarantine folder:

Download the fixlist.txt to the same folder as FRST.exe.

Run FRST.exe and click Fix only once and wait

That will delete the quarantine folder created by FRST.

The rest you can manually delete.

If there are any other left over Folders, Files, Logs then you can delete them on your own.

Please visit the following link to see how to delete old System Restore Points. Please delete all of them and create a new one at this time.

How to Delete System Protection Restore Points in Windows 7 and Windows 8

Remove all but the most recent Restore Point on Windows XP

As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers

How do I disable Java in my web browser? - Disable Java

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.

Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.

If you're not currently using Malwarebytes Premium then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.