Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-04-2015 04 Ran by Ginette at 2015-04-17 22:58:01 Run:1 Running from C:\Users\Ginette\Desktop Loaded Profiles: Ginette (Available profiles: Ginette) Boot Mode: Normal ============================================== Content of fixlist: ***************** start CreateRestorePoint: (iS3, Inc.) C:\Program Files (x86)\STOPzilla!\SZServer.exe (iS3, Inc.) C:\Program Files (x86)\STOPzilla!\STOPzilla.exe HKLM\...\Run: [SBRegRebootCleaner] => C:\Program Files (x86)\STOPzilla!\sbrc.exe [201608 2014-10-20] (GFI Software) HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\...\Run: [Hide.me] => [X] HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\...\Run: [Google Update] => C:\Users\Ginette\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-03] (Google Inc.) HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\...\RunOnce: [Application Restart #2] => C:\Users\Ginette\AppData\Local\Google\Chrome\Application\chrome.exe [809288 2015-03-30] (Google Inc.) HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\...\Policies\Explorer: [DriveConfiguration] 0xC33625336CC710DB7CC2E646B4ED22910B7DFCAB08E4E9C270EA61FB21FFE4663ED03F318C180C1C1CB9782C2B0B48A446741E31B139F9650A93FC662A0670E84CEE0B58715A735A021EFE76E224BC0EB903B79404D379F90E3FCF69ADDBCD3536B81211E2364D7F771A008B24E184B9AC534E3CC65B7068C415636A742903374458DBC2A954A372C1D507D336E9AA8B668B6B91C278E79974AF3FD245961BD4BDF3EFD48C5B7C1B28769AB6B8E5366E31D497FABFD3E57466E1EB0AE9CA1CF6EBB4D4B054F4E162F626429C707C2E49535658E2841372E1E227F079286E0E8414C014BCC9C6EF2F710C86ED28579C04153839AEDAE196C82F38D586C92AFA6681423762B27A6C6AE351EE11A61D8787BFA3BFC789E55A11963B229B96A5E7837A60C309D8B7A2FB921C0270B377F8B999BE74D359C6C5A45F59601F5588DDC546424219042684CAC7964B73160DF684EBB2DF80122DE06AD2B91679CF7AE4132F113BF9FC6E19BFC9E65080998689CFFCA688F17BC1B2493684CC13CC240555C9F5371388396AC3E2359900028AB98315C3F84E5D2B432AD5E10A54142E47747315BDCE722C7DBC58ABAF5C1AC38F867E31B60180129BF6F5F959A46E3FB3565F9A559281F15C94746F19FAA9EF12C17F174A70AC1FC393DFF3406BA3FF4FE487AB87C77C300F317EAA5F44776E4B1C609D3D05A9F9C2EBDBF848117C1725063271DCD62C909C7DBE830AA14B31408068EC16263E4AA0E43030FCFFBE2F3DA5AA14DB2559BA0D5E7B23A178EEC7FBD3E02C5D3D35B7656828C2D89B34EE9DA735BB0D1DCA566ABEFFB1AC3329D984FE10859BB154EA1A5E09D7704EA5FD4FF61C8EF826490BB9CC9056B439C20FE1EA401D56EA648BC7AE1C964981D8045B78A7B726A99C810498773A40F281101C7EB81F19502C41723FA928EA9A96AAC7171D5B1F0C8C6152E2FC84D8C630853DA1BFB1694BC6B525FBF8B4DB03A7979DBAC8A569B9E153AC4A665D041D95154A3D9FFBD043088FE7C95063A522D374E548EEBA8E1663FE19B8FFEC4D5F7A694D399E26D5A0AB76C191FB5DCF61E2E9A5ABD8E7168DDA0BA1140D5A3AF4A5284D7D055A01CA2712B93C3FC9E1269B9DE7CACEEC87850D214C46D9CE5444DEFB53F11CBEDA29440CDAB065CF63DBC739B28D17576B65C5E92336AB7121B8EF8AC07D2A7BEA26CA0C29D6B498DEE72E640FDCFD2F4997CA0B2DCCCB6B2BB69F7C8E0979B9B92780B9B096764CDAB298C7049FC69CAA82E42E72F180E3FAA7B57AD37D4F9FCD952FBC76D9F113DDDACD099CBEBBC5158EDBFAFB8B130114F4FA2B3EC1F555B0D99FBD83856F13712594D4DC2124D312237618CF84CCEE03033638D6BDB304EA599863E08436771D9DB7CDCEB149ED29A97E30F6C2FAD24F3E3048A459D0D4017FE25694BC8E656A74FC9E7954713CE388BCE9792FD0D47E0CB204AE7E96EC7FB2443FA717C105DE122CEFE5F3E6E8C728F5EC5FB1AB1D1AD48214FE124B75EC5988E8227B168103DF0F671B77EE185EF2F4E1B032CBD5AB00691F9CFF3896CEDE74920CD2D4FE61446CAF22C6D2F42E4C806F75997923B7F72FCD8E2BA578AFA8D14C6D0344A77EA70C6E02CADAA6E69F603EB5CEFD2FC8219CC7DE80D942161F669B4DF6AEA1E472B84DC46A4D539F545DF778B99F2265E678B594E41E1D8CABFD28B5935A171B0B36F46F8D75264ED13F42C642A72417AE8A3FB6B1BA3198B45C9AACC28F2FA9DC4E0A0B1D98445880CEC6A8515C5C64E19B0B4E7EF6A5C2A24C9A3B6B9611184BCA38A101FFD845C8D12C25CE07F3D7E773C463831AA292DD95D06976B7E6F0C2C4253721F2089B10121B46A1F010F528DA10FE386E4F91CEFFE33ECB3AD6B7A80A7AD865B8FCE4C2573C12B25FDC480D989726853AD546DB527CC2526708F7645EDE89B59BDDA745693791E99CCA57FC7402E352C55B396D5542FEF486A5376035FA54F9E1D36D0110B3CB2FEE20AA5E38F93D87580AF3EDD1DEF997DED4000356754019D305BD5E1358C96A9FE7CA9CAA233D0C3B0AFBC18FF7E325B8BED9B58BF855FDB99C1FC43CCF9284F5FE3E1C9329EAC9B682D95354364D845C8B4ADE9A2B9C8DDBBF1B9B51C02E63398A8E48BAB34DA7119A1609EB43B69E1262DBE74CB51CB280973AB51BD3A6F1B2B64387E9686C8C937B394D1BC5FE59226B1536693FDE52F24C033C62AE0114AAA7E440E6F05161854DCA86AB642E9FD3CF7F34B970E8577705FFD7EEFC47B66788F9DD7AF4040FA937521C64CA4D576FB6A24903F144A758EAB482866380BE327F0AC56D1C8B7CD96258760E9C63683C4704DE1169FA2CDD24ACA6F48BB51453B4A060870FF092CBF664FE718579BC83AB2F59A9CB10CC4DDB6FACFE1DEEA01251421690763B384C1AFE1B542B953A8B0AAB2494E19071F23683FA6DC13149B77B794F4FF87255A6F6AF358036C2CA9E8AFEA59A308102125E72FA081E88FA895CEA738D3E9FD31FB3FEB5BE4F05540256B2468217EC67F67BC41299DDFA98D11CC3EA12EFC99900797401D41E68C000944F6D163DD887E6B4FFACE6A58F0CD8E3E61CA6B4F98F916F97828A4AF2FCE06D5B841C4B4D4C2931AD2FB91F503EE3D8BE721135369D19BEF2A0AA7BABDFEA0860F25DE8549D091B5503D8F344163D23D2521A1988ABE28E0AC4FA5B9C61668EE51FA1BDF362CC9A80909AC8747D2DEDAA258B09F7A132066954448FCC669B267373B0713484BBD5B53E1C46E659FA5ECF542AAC8C67524E96BA4EC243D4D2F9915651AD1FE91EF57C75D117A493ED9DC846C0AB4EE58A948F195CE19A0A94532EC7304E19BB7A3D215D9DF4E0B6144ED31D6214AD460421F17BA4C4BF288F66EE9D696D5C101F5F82E11E4B4C22C365275712F05B7AAA619B43F8C1DAA5AC53619C6977A226C1CE408F609F00F28779C2FDBC1A5CF4C090B6F9C29E938AD261AE4B9833090646D082F0CBB7A72E4AD3CB97CA5B59BC2FF76925692491DEEBD9FE325F6BC3B798AE708AC85DE7DCF3BC6BDEA37BFAD8DEDEDD50551B7DA9DE0378DA24E5F4419DB033E8BD5768066A7ACAC9AF42E652B48C3901EE4BFEF4932745CA516A45AD3F1DF38F146ED3B396550F705678C6329B4BA6C19C7BBDC6FA8D8C8A4CC25E02653FD709336AD0EC6197622B00E4417E7A614C17C7756227E37D76A37FB5E648F65C08DC841306B8B286ED83154F00403817528BD7FF941F4E3E2B9C500B8587DCBDAE936DAA1E1F726CD5FFFD81AB7FBFB5E1A534E2FBB71B19D2FD298BE5C8FEAAF0B3588BC029878F45282142E944F68320EE46E640F63256934F71FFAB12446AF6C6ACEA92DFDA386384E75A6296C5C9ADED76D20BE57B3D9819902D826E9647E954D1163F4853AE579DB890BF7D14CE502A2A70038ADF1506E3EDDD10E3DC87F1E32ED76D6CDA3B4AFBFDADA801CBDB912ECB86D1EF44280836F2D9FDC8FE7335FD2DF5C554582564241C7AC42BD2382280C2DD1C1C93BCC49806E8F238E453DE293537EE07B3B5CCA27FBCBC02122D2DA9753D8D17B51A629491D19729776F13F0AF66908DD533ABFDD03E378E7102D72F4E6DCCEA908A0BAFFC5D93539D0EFDD8014A55EFA4E728BBADC7DED8D8FE4A9CB437809D0E53E773AD548FBF3F7AC46B94ABE3340A186C66491E59E7306AAE770E61523616E51D670D7E327346F98F31D051E264EE109E85C70C4FC45F8E2A49C6B4E9BF8F14D61384A2257998D486B11D04FB883815E7A1915968754FB2E79943F8EE3F639B39007B8A0FD91F53D273E48BEEA7CF706F410ECD4E04E61E0DEFEDF508BF799C6FB558FC9999C2BD9BFF8BAF1AC99D695DEDA62FA6780E19C3D32C72E046B95F9FBA85C16AC3685C08DE7C386FF68947DA2EC1491BDAAEED31EB68391DDC0B2BF29868A12C5EFB7642971DEE7E377B540D8AC7E15231ADE0806709106889574A8FD66B638473625471B2D898EF935BD61F8B20C0F685F53BD82777C069568502A0FCF5D11C09CD3EBCB714006A13121637B935AEADDF6D4660951B11C74A7D9C4A936DB19C284C7B4B2F39EC96BE865C7E9B6C731F46FD4841395BCA2B6E285FB7223DCCACD89F5547A2AE251B9CA0F01BB92EEEF6C28D8BA39BA0B53CC86C950F31CCEAF2226612D896DD73A2B54819379BE4A0D75B0555AC445398A3633284794882D3190D89FB25952D9DD3126720FACAF4996C1A4EEF87BBDA3C07446376A2F0C74EC7A2F0585726066D55BAE34D8BCDC8895D064EA15A889F691175E5B126B00324A5E8837195D2D0A9D1B5A6E8132CC6385227EEB24E3408E668FDA27EB8119E1D5AE72B8D081FF31AEE9B9639B970586EF286166C8A467F7DB6E48024FC9A00018EA7CEF6D897D88855C69D88A620E5F2E52AAF1537466BF4A03269ED1CD39298EB3156F22CC2E5BBADEBA21C02C4D48DD41C9FF67CBCAB14D0F0441F3D44BAAA168CA9CA2C27837A9F848D3EF4E48F076762D057823141A5EE26F9038A76E1FEBAC0B1C6014E1B8ED3974536A4097D2845062880702DFC6FA1DA70E128F0705D7DD654A8D3BF13C0F02FB44C3BBA06B7170F91B86F36CC3992169001423ACD8F07D57C49C903D5D69E51C1C8E180927E8486F248A7D619CD69E143AAFEDD625C01C510600CA1C798870754F1BDE28943AC7233783F944BF1CD4471258460958C13AEF8BBC42153D050585510F86853CFD1DB3B9060F8CB6E664500BBFD4BD0E6E4991BA2180CE044A44DAC6DB99A59EA01CAF4D8318BFF0CDDEFD9B191A67A331D8D635C30E8D5BD29EC42502901015B6D454598DBD45092DA47E452677AFB3B6593B73335409C03873FFD017024B4ECBC571617855C26CA045709E5A8CFBBC665B2FF6D4F999CDE674EE8C7B58BDB639705509E58A9EA7A042631B17BAB219CC5F22453A57D3D16711F86EC20BFDC89A559D9757B45026B82BC42FF099897842C5B0C2D6073E7724CBD23B6DA4721268F5A9AE417B8D8BF252226177A1D854842F6A043A70402BCA12D876E0BAB1002FC107B335488D330955FC341F5C351AEB1CAC8DCA3B6F6BA1778985BDB7413E4958465A9593F5A937B7B03C5A210647F1EDF6D42C9142B3557A740C77029919601BD3E8F4F64D7577F7FCDEAAA8E2682333E75BB59A30AF408C266F8F552F1DEE9C3EF2D5D80B144487208FA35C5FF8198EECA9062EDF9C1D3CFF13790789D85F5D861CBAC1A50227F5C9E3B6A3C5842F5F75209C079616260D8CBCC6922FC53CC587BB164BA1CB9CB4576F6727B978FF162F76D9BCFABA056E4DBFFA9D8760F17F62427ACE97DD1D5367872740AA52E3436A0061A783D435DFC0918782273837D824674AC2DDB3144368CF999726BE7677B341A66FB81131F273D5EFD895B75A703C8E18D119EA2C14E9AD1093AD084323A9DF2A7E0DED8416D5FA1619496AE3D8192B6771A2EECF4858A43EBEABCCB3C7AC2D604B0BB596ED65795CBCC8DF6E6058C3B91D2F3D784E34497680A96862E438B0DA5F2825F4C6B0E1464B7A6144A959EB704C0552BA070B015A723C87BAF9DE0E1B32E9AB283336AE254DF4AD2123CB074F76CBDAF5D35B705D1BCB9736891A99856EC6B1ABC365446C2CCE2F6E6FFAAB8935F912CF6393FAE0D5ED1350126CE7BB5E15D5F9F7DB587D704D4496DE874CC00203B6A8C8432598490788B216537D2F910D848D30F73EEBA118A9350FEF6F865372131C81F764E5DDA163B7054CDE54986449E01F578C3937B6A9C3649A083EB2DAD495211F5D5C1C4130E97FE76FBCE9E0929D035AA4E8CC8DE2BC8D2C3B7B9894579D1629536D8D7D7CC3E681B5EB0E08FB1E9D9F3D6CB824D0AAEA0DDDAF8D3538AED1B40B8C99ACBAF0C9CA55416D43FFEF3E83AA578301EFF8FBB5035CF943E455043DDA4BD965528AAA1FA2628037FD7976B6601BC5BBBD3132C021067526E6F9FE25442DB51DE57C07F041C0FF4B8067D696133E58A8B4EE4FADDB3E7984BD385018CDA4C55CF90F53EAA7DF32F53514CEA1282A845F637A72DC76578EB3D38A8A66FB4372A8E9CF1E7D393FB3DB681ADF761389F15645807CEAA6F42D5AC65B0F1E418C55685435D8269A450A54B5E4796369CCE803D77AAE46D196CDD002346A8D34D1E631A4CE11553F91AEF78AFC3D279F55A10E95D3877F8AB1F8CA13A1214249C69D9B78124AA79DA80A4DB3EC8B0128C6E4DD1D25A90336D8268F772BB27C04DCE3EC3A8CF48C38EAA4B3FD1FF3AEAA930BE5B9DB73506A7BEFB6B93E9E98DA8771CA68A89F8195FC16CA8310F77E793C8EBF088F97159D8FACD6364466374F489FAC8EFFBC16393ED8F4A26A16FF2945F5CF959C54914A15F6448AE779C5E7B2F61919FCCAB8973553D8D775D2BF4F21D9ADCD9C6C71FF2144A8339279C31838FD86961DABE734722FDD9EEEAB2D3F6292C03D0A1F262DB42077ACDFC6CD755D1E7B8FE2E0309577B589651F10C79E8AC9AD40601D2C6A4112197329E1336391E16E63F0E8134EA89D52C691942CC10CDC3B9428C703194A822412FB69938769EEE5BE9EE40DA4A74FC03FE0B5BB6B5B52C194EEAD38CF43092E08EEC07C35678F67FC77549E5BD635583D86E5F1D218B5F5BF0C403C00CD0F7DB15E764E61FD4B6BAA04CA33B8C7E6915BEEB57EB9A788EE9F1C209B324B1DB9C8D50B8191ADCB7753B1A56C6FFEEBF1F792A4A0769A4422A188BEC4F84FBC58ABDCE0CB38FB6801661886B6C5DDBDF0AECD24059D63602862FC8B47B74D53E0D6F0A6777C68A9A07DA3EE917F06C523F8E8C41C928575765FC206A1E3B67CD8D69ACD14D06818BAE6EE3D8AEFECA9F2578FF563FA92EC82F493C152222F0FA72745B521D99C2DD75E5204119D01D4E2357D486A39FE4DD4CDCC3BD6E71564D2458BFF3CFC57617C3069C2B3FAE8CE8A3F2B2DADD53A01E257D5E6AEA70024F0CDD81BB4BD3C5C2FF9A00D70ADF3FF40C124258D50D8B1420F6B5257E66078790CB49B3790BD6659369F3A261AD5FFAC67F2B0A7415CC46A60E6FF5129D8C7D19E9BEE142B4D288E63B1E402C5E1482380116F8A0B28C3CA38C35E38E5BBABA1000894F8C17E0B460D8287F543B8515CC60AB29422DF37FF439AEF6DAE9B9C5DBD85105407D296F6908BA68BF8CDB3AE96391A543CE28968CDD8336DE8FB026E439BF0947A8D54469927C0156993D7AF7D4717489DD54094E405BAB8394C86691EB7B65876D0BB8C83F155401A9D45C5F79F29FFEA29E61A429DF5EAF42280C4CB52C21EA87F355EED72E69A906C868871AE42C89652F25F561B6564BDFF8A07C617B4357C4B6A244226E4634F64026D8817926116D2EDDA8B18A9B40B462AB89B50FD5B66A7C2730E77EF58CC2641FBA75CF928003C41227DF003675098CE0DA7A91DEEEC26C6D1BF0057E97B25DDA96BD677ABD6F194AD9B3C22ED1269E43D977A867E914AFFB6E03ACE73F0D53DFD222E8E5B0F9541026F7788B3E52C1E0ED76FD778EA86D598FE91B3AC21D6DB7D86CFBDC41E99EE97671C956A3D61D147E3D3716C5C5CD10E86AF97F0228D4E90E63476658861E5F31EA5E96E7FAD966F596FF4C76B4F7A7E04DEEBCEE77B0FDDECE758BDD19FDF9C0A7DF53F4061D5FB847FD2289BE14A6DE5CA4FB1652287CAF772C53B8EA624089F9F395B14213853018D89FE6294C964C5DC043620064EDE82415C7D14176BAF51F426506F6E163C5D339CC763DE8FE9119ED9DBACB8DD8F39ED8EE116661F16C6375CADB69AF7EE03EC7AF1F44AB661558D10F06F9CBC537AD1CD15EA04A6D578F34CD18E4A660E7232B53CA84225640E114A42ED3453D1C1889C7A13959B41C692675A5AFED9044480CBD604654577A7E5F611AA124C70AA9C8E7C377B75025BAF4CA6B12AD965D7513F7C7D268F02BF55A50B3AB8FEC6926812CAAA38CC9D84945D450550EFBD674E708E97087AABB0FAC78DF38AF33A1585B4B4004FFA59FE0C29C3DBF3746670C32F8AD68D90C9294FEE18792AC241B07FF4E6CE4396EE14513291B9951FF280499CFFA01859E184CF79494FFAD473DFB153C158962AB0641DF83D02B83AE4625C696BA85B4E8B6FF4098ECC8DA2570FB441E253CA1E5759CCEB346BDF6DC29376155D43A8D73D27480F579355C451DD134FB83451EA3981ECFC06397D21039021112306939C6D57460B4228D5B2FAA438EDB17EC026DD68FB8B211013ED3DE4D7FD7B659DF6928C788DCCE1AFE6C811AFAC7C97975CB97B60392374262AC80E253AB4E54A8F431359F7567226E83081D1FC581339E46435C1167BCA3672387873497E0A0BCC15A864D88D4EED3FCA916A6E02764A66543498A398A6C75C05B05CAA1548642850A813C1BFDC65460CACB361DD952B4B1FD45171088E5B30C6423BED4924E63BAA9EF1139CAF11936D5067886DD45F1B1DA1860F59E554A8E0BABB835824046E79E9877E723B94B06318D1422BE8785ED42890CEFB40661CEB6BF5FCE0CA414945344142FF06412594628B1F92C5F97ED9E62C307B23E2155CE155CA619C1F4492FBB9018193B95B57CA1F71410144F3A54692F448146B2AABC8757C58FE00F8F9AC494AA8686FEA53BBF8F7A53EFD75BCE67F5AE07663B56E682F73458498CEDFC29C8EE1F8D71AEEB492133DB3854D87223C04D2DE5E5DFB6CDE4FA5A4494ECBDB0D3EBCD971A5AF40854489237F13AAA6736A7DB0DD7CF9332C71F7F194F1246225DAA76EE1F30BEC4D1C05F33D407DDF9FF4CFA2439ADE47748ACAE0FE4EAFD46103104D8AAB8B24440A3297625CA73A2C4BB7073350213650EA8CE6F7CF9B5E6928A5D9EE07B365248FADA460D08D32A2D802742F15587C4C21BC9813EC998C88BBD6B88EB00B3B491CC59ECB34B6759E1A205D9952EA85C0B0D868D53E14DB5A4D014DDF3CF9233C4218EDE411A96F78929F47F4A15DEF49287EDDBE2C9D07584CD42E71F713997890161D9DCFEC8CBCC1EDB7D38939156FE90E6B3140A8BD0D5BBDCEC986D12A88775BAB1AE7E659E5388A21B862F2948FD31595C112BE58E3CA3CA35864B842E6784817EDF22D638C56F30A15C720E9328712E1F00B44576638CF30A0F94F6F0D0379E8997728161CBDB6F57E4E3A9FF35584D44092D1552F27E41B25EEBD2B76B95F91AFDF7CFE10DD54685430A6053C8EE9F13551FBCE891829B7799847F4BE0A67A783938287F32649D72A46F9C59883C0AD30C12A200E69EE99FE93C6574D6720AED74BDF504E391BC672D9BC6D71E4977CE568C2F649CDC1473757DECFAF5028FBFD60F9C39C7636CAC06154496311DCF4A5917CBDB5944023B66D27CA4E75DF33786B587E387E2B3895865805E6AC1F890403ADEA8C5DD9C3FE3C07D3B518B1C9DAD371CCDCA161A464B14E0F6713CDCE8317ED0208AAFCAC615D15788DE95F439721EC5BE39088A2A06A9CE28ED9661995469097F4DC2751A238C725033826152FFF1E97D7CBFE97EB2ACB1BA86D871EDD385F111B91F83813679365EFB5A4D327838F0D33A43208A76A5F075E609F32AD35AF19D73CDDE4476210C79DC259F1F097C41881B9D18967B1DF521B2AACF997F6E6FED26D46CAB0A0B5A687EEC3F62D9434664C8D4B8EAE99C27869558EC82FC4CD4C7783D17FD1BBF8AF48AB715430F18662FE9F0E7CEE7A8EE6B3587342D757989F4110FC684D0C697E5A88C0909D38009B025FA8F899DCBB29A3AC68EE1107EF53C9A52608652A72C037F7503FE4F0597B025F99764348CDBD94D1BE2E8F5E47F66BB0ECF4CC8EA6E15B879EB68A82E79F791F5E7DBD473D2F1169019884D33913C1B4CFA1E5B1832E5FAA0A9900983154D10F6679AA409FDAA3C2C190A40F192846314C94333B8DF39EEF325BE988DD47A4A05FF84CDD5C5CB67F7CBB6F5A8E907AE6C24057752DDDA3C79473A7DD31E45E82997AF7660921E41FA17D395DF008D495EF3AA506F94908B3BF84BE1DE5C77926B1761C830CD696F3CE6AB471F3EDE38F11E7BE5966C22833F1E3AECABF4D8EFD167E3EBCFDC759CC51E8434EF0BC1AE2D8DC05F4FCD5ACE8FA350C55F5030A8666F7D06C5290A6E9EA9A784D7CFFF531B29C1E5221FFE11336DD295E7D647642F177641981BEF8DCEC35C5E5FF260D0C2D8C5A098CAD7F731660B8352F0E5CC364818C6D219EEA25D54EAEA10DDACCD2B8316B73836AD25937442B82A05D18882E8A9BAFA8DCD5554449B5171F6ABF15C13FA538ACBB3466181BE5BF67DD43F1BE1724899DE554DBA27B5BB0BA625E55F6EBA9C17F26F00A174C8953FC0B69A0A19BB9636744E3397E4814F6456E1513C7E9EB96611ECFB5D35A88E8C353F40567ACCEA59B780AEF4634736066CA8DCF92AEDD3009185E09CACA66D654636D907EAEC138B0FB367D88C4F987952422EA059F1116BDB035767C10A5B525A650F2653649352E4AE064B47E09B436E77F0ADF5F09C31562D07C55C1B7FDCDA9288B99C7D73399E3A32557C436AEE2A0FCACAE5339BD969CD99BE6522028A2C86ECCBAD7CDBC5A51F93FF13C12B02ECD1635D110237EC7EA9B55AC4670BE5E209E4616EACF5806125D250F4A007051E8664F961A598F1FC8B01A26132C374E9E31885C754E6F13A1397510728258127F674A6BD63E5704A39289D24CB51BF25DB2F3EA0BBD9A099B3890835D9AEFD6FE93C6D0D8547F2D27BD053F679DF4ED3BAD195E12AF416E4CB517F6457C9025E2764553953E5FEFB1BA2CDBD8692AA5C48A89072E95FDA852496BE7D8D9F175C7793672915E81C2DDFB2126238945A294D593A3B404374E28601CB698D57C4D1A371AAC51377D4D091612ACED80DE6A1918F982577C86D65B93AB00F9F1A912571A726F695BBAF4DF7A01EE8AD24D72BDBF0B416D515B57584E875560B1007C0AADDE3A2E2DB340ADAA8F5970102B331F52495F7A3539979B0B420281860AD0A16BAEA00 HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\...\MountPoints2: {08ee05ea-f56c-11e0-bbae-2c27d7337176} - L:\LaunchU3.exe -a ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:64654;https=127.0.0.1:64654 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3037352765-1606511786-2657095333-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKU\S-1-5-21-3037352765-1606511786-2657095333-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File FF NetworkProxy: "user_pref("browser.keywordURLPromptDeclined", 1);type", 0 FF NetworkProxy: "type", 0 FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Extension: No Name - C:\Users\Ginette\AppData\Roaming\Mozilla\Firefox\Profiles\07ifvjb6.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com [Not Found] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] CHR dev: Chrome dev build detected! <======= ATTENTION CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3329907&octid=EB_ORIGINAL_CTID&ISID=M0319D3C2-8A14-4A32-8456-F8B4A47B44A6&SearchSource=55&CUI=&UM=2&UP=SP71F36860-7E55-42A6-A6A2-38832B6D22B9&SSPV= CHR StartupUrls: Default -> "hxxp://www.google.ca/", "hxxp://astromenda.com/?f=7&a=ast_wnzp01_14_45_ch&cd=2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0AtAtA0B0AyEyD0F0DtA0CtN0D0Tzu0StCtDyEtCtN1L2XzutAtFyCtFtDtFtAtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0F0F0C0C0D0EzytGyD0A0EtCtGzzyC0C0AtGtDyCzzyBtGtCyEyDzy0E0D0DtDyC0D0Czy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtByDtAzz0EyCyDtGtDyCzyzytGyE0DyCtBtG0BtDyByBtG0AzzyE0C0FtAtDtB0A0C0A0D2Q&cr=1040977718&ir=" CHR Plugin: (Shockwave Flash) - C:\Users\Ginette\AppData\Local\Google\Chrome\Application\41.0.2272.118\gcswf32.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File CHR Plugin: (Java™ Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File CHR Plugin: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll No File CHR Plugin: (Google Update) - C:\Users\Ginette\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File CHR Plugin: (Default Plug-in) - default_plugin No File S3 EFS; C:\Windows\SysWOW64\lsass.exe [0 2013-09-11] () <==== ATTENTION (zero size file/folder) R3 KeyIso; C:\Windows\SysWOW64\lsass.exe [0 2013-09-11] () <==== ATTENTION (zero size file/folder) S3 Netlogon; C:\Windows\SysWOW64\lsass.exe [0 2013-09-11] () <==== ATTENTION (zero size file/folder) S3 ProtectedStorage; C:\Windows\SysWOW64\lsass.exe [0 2013-09-11] () <==== ATTENTION (zero size file/folder) R2 SamSs; C:\Windows\SysWOW64\lsass.exe [0 2013-09-11] () <==== ATTENTION (zero size file/folder) R2 Spooler; C:\Windows\SysWOW64\spoolsv.exe [0 2013-09-11] () <==== ATTENTION (zero size file/folder) R2 szserver; C:\Program Files (x86)\STOPzilla!\SZServer.exe [57136 2014-10-20] (iS3, Inc.) R2 Updater.exe; C:\Program Files (x86)\WinZip Updater\Updater.exe [38400 2014-11-04] (InstallShield) [File not signed] <==== ATTENTION S3 VaultSvc; C:\Windows\SysWOW64\lsass.exe [0 2013-09-11] () <==== ATTENTION (zero size file/folder) S2 CGIDriverOffice.exe; C:\Users\Ginette\AppData\Local\CGIDriverOffice\CGIDriverOffice.exe [X] S2 CompilerRegisterUtility; C:\Windows\SysWOW64\CompilerRegisterUtility\CompilerRegisterUtility.exe [X] S2 d89b0e0a; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\StatProc\StatProc.dll",serv S2 DesktopNativeScrolling.exe; C:\Users\Ginette\AppData\Local\DesktopNativeScrolling\DesktopNativeScrolling.exe [X] S2 GNUODBCRaw; C:\Windows\SysWOW64\GNUODBCRaw\GNUODBCRaw.exe [X] S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] S2 IconKeyboardWYSIWYG.exe; C:\Users\Ginette\AppData\Local\IconKeyboardWYSIWYG\IconKeyboardWYSIWYG.exe [X] 2015-04-16 08:29 - 2015-04-16 20:42 - 00007256 _____ () C:\Windows\system32\Drivers\kgpcpy.cfg 2015-04-12 14:34 - 2015-04-12 14:34 - 00003102 _____ () C:\Windows\System32\Tasks\{2D945EC9-D406-4CE0-9DD5-795A8A34991D} 2015-04-09 12:31 - 2015-04-09 12:31 - 00408776 _____ (TweakBit) C:\Users\Ginette\Downloads\pc-speed-up-setup.exe 2015-04-16 10:29 - 2015-01-05 14:36 - 00000000 ____D () C:\ProgramData\STOPzilla! 2015-04-16 08:38 - 2015-01-06 08:47 - 00032592 _____ () C:\Windows\SysWOW64\Drivers\kgpcpy.cfg 2015-04-15 23:07 - 2015-02-04 15:37 - 00000020 _____ () C:\Users\Ginette\AppData\Roaming\appdataFr3.bin 2015-04-11 20:38 - 2015-01-06 10:41 - 00000464 _____ () C:\Windows\Tasks\WinZip Updater.job Task: {8595E920-AAF9-4562-AA0B-88A763435865} - System32\Tasks\{88B9E3A6-E53C-4E9D-B715-60182244AFC0} => pcalua.exe -a "C:\Users\Ginette\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVX6T48Z\btguard-2-30.exe" -d C:\Users\Ginette\Desktop Task: {87F38092-B159-458D-9654-F2E75320B7CB} - System32\Tasks\WinZip Updater => Wscript.exe //nologo //B "C:\Program Files (x86)\WinZip Updater\updater.ini" Task: {9231A114-1911-4092-B3A7-1D07C3CB6326} - System32\Tasks\4901 => Wscript.exe C:\Users\Ginette\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION Task: {9B4234FE-515C-4037-8D88-B6ECC79D0844} - System32\Tasks\{335E62EB-8F3C-46EF-8999-88A7877B26F0} => pcalua.exe -a "C:\Users\Ginette\Downloads\WinZip PRO FINAL v15.0 + Serials [ChattChitto RG]\WinZip PRO FINAL v15.0 + Serials [ChattChitto RG].exe" -d "C:\Users\Ginette\Downloads\WinZip PRO FINAL v15.0 + Serials [ChattChitto RG]" Task: {E8D20976-7F0D-4F3A-8808-4E907BEEA66F} - System32\Tasks\{2C31BECC-C3EE-46AA-ABBC-A4FF3E57F136} => pcalua.exe -a "C:\Users\Ginette\Desktop\Big Fish Games - Bubble Town + Adnan_Boy 2008 + Precracked\Bubble Town.exe" -d "C:\Users\Ginette\Desktop\Big Fish Games - Bubble Town + Adnan_Boy 2008 + Precracked" Task: {F05633B2-AACB-427F-8812-EF2978831E6C} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION Task: {F8FE96B2-A91E-46B2-A836-EAA17129A491} - System32\Tasks\{ED5D06FD-CD93-49C7-9C4D-C421FAB000E8} => pcalua.exe -a C:\BTGUARD\Uninstal.exe -d C:\BTGUARD Task: C:\Windows\Tasks\WinZip Updater.job => Wscript.exe A/nologo /B C:\Program Files (x86)\WinZip Updater\updater.ini 2015-01-05 14:42 - 2015-03-19 15:59 - 00192376 _____ () C:\ProgramData\STOPzilla!\VIPRE\libBase64.dll 2015-01-05 14:42 - 2015-03-19 15:59 - 00180088 _____ () C:\ProgramData\STOPzilla!\VIPRE\libMachoUniv.dll AlternateDataStreams: C:\ProgramData\Temp:09446E68 AlternateDataStreams: C:\ProgramData\Temp:2CB9631F AlternateDataStreams: C:\ProgramData\Temp:639F0420 AlternateDataStreams: C:\ProgramData\Temp:8B1667C1 AlternateDataStreams: C:\ProgramData\Temp:A3E39C6A AlternateDataStreams: C:\ProgramData\Temp:A6E01F67 AlternateDataStreams: C:\ProgramData\Temp:B3606FCC AlternateDataStreams: C:\ProgramData\Temp:BD13A410 AlternateDataStreams: C:\ProgramData\Temp:D1BCFD4A HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\Software\Classes\.exe: => <===== ATTENTION! HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\Software\Classes\exefile: <===== ATTENTION! C:\Windows\SysWOW64\lsass.exe C:\Windows\SysWOW64\spoolsv.exe C:\Program Files (x86)\STOPzilla! C:\Program Files (x86)\WinZip Updater C:\Users\Ginette\AppData\Local\CGIDriverOffice\CGIDriverOffice.exe C:\Windows\SysWOW64\CompilerRegisterUtility\CompilerRegisterUtility.exe File: C:\Windows\system32\rundll32.exe C:\Users\Ginette\AppData\Local\DesktopNativeScrolling\DesktopNativeScrolling.exe C:\Windows\SysWOW64\GNUODBCRaw C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Users\Ginette\AppData\Local\IconKeyboardWYSIWYG Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F RemoveProxy: CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: ipconfig /flushdns CMD: netsh winsock reset catalog CMD: netsh int ip reset c:\resetlog.txt CMD: ipconfig /release CMD: ipconfig /renew CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset Hosts: EmptyTemp: CMD: bitsadmin /reset /allusers Reboot: ***************** Restore point was successfully created. C:\Program Files (x86)\STOPzilla!\SZServer.exe => No running process found C:\Program Files (x86)\STOPzilla!\STOPzilla.exe => No running process found HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SBRegRebootCleaner => value deleted successfully. HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Hide.me => Value not found. HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value not found. HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #2 => value deleted successfully. HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DriveConfiguration => value deleted successfully. "HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08ee05ea-f56c-11e0-bbae-2c27d7337176}" => Key deleted successfully. HKCR\CLSID\{08ee05ea-f56c-11e0-bbae-2c27d7337176} => Key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully. HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. C:\Windows\SysWOW64\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully. HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully. HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found. HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully. HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found. Firefox Proxy settings were reset. Firefox Proxy settings were reset. "HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully. "HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully. C:\Users\Ginette\AppData\Roaming\Mozilla\Firefox\Profiles\07ifvjb6.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com not found. C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} => Moved successfully. CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry. Chrome HomePage deleted successfully. Chrome StartupUrls deleted successfully. C:\Users\Ginette\AppData\Local\Google\Chrome\Application\41.0.2272.118\gcswf32.dll not found. C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll not found. C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll not found. c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll not found. C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll not found. C:\Users\Ginette\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll not found. EFS => Service deleted successfully. KeyIso => Unable to stop service KeyIso => Service deleted successfully. Netlogon => Service deleted successfully. ProtectedStorage => Service deleted successfully. SamSs => Unable to stop service SamSs => Service deleted successfully. Spooler => Service stopped successfully. Spooler => Service deleted successfully. szserver => Service not found. Updater.exe => Service stopped successfully. Updater.exe => Service deleted successfully. VaultSvc => Service deleted successfully. CGIDriverOffice.exe => Service deleted successfully. CompilerRegisterUtility => Service deleted successfully. d89b0e0a => Service deleted successfully. DesktopNativeScrolling.exe => Service deleted successfully. GNUODBCRaw => Service deleted successfully. gupdate => Service deleted successfully. gupdatem => Service deleted successfully. IconKeyboardWYSIWYG.exe => Service deleted successfully. C:\Windows\system32\Drivers\kgpcpy.cfg => Moved successfully. C:\Windows\System32\Tasks\{2D945EC9-D406-4CE0-9DD5-795A8A34991D} => Moved successfully. C:\Users\Ginette\Downloads\pc-speed-up-setup.exe => Moved successfully. "C:\ProgramData\STOPzilla!" => File/Directory not found. C:\Windows\SysWOW64\Drivers\kgpcpy.cfg => Moved successfully. C:\Users\Ginette\AppData\Roaming\appdataFr3.bin => Moved successfully. C:\Windows\Tasks\WinZip Updater.job => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8595E920-AAF9-4562-AA0B-88A763435865}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8595E920-AAF9-4562-AA0B-88A763435865}" => Key deleted successfully. C:\Windows\System32\Tasks\{88B9E3A6-E53C-4E9D-B715-60182244AFC0} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{88B9E3A6-E53C-4E9D-B715-60182244AFC0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87F38092-B159-458D-9654-F2E75320B7CB}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87F38092-B159-458D-9654-F2E75320B7CB}" => Key deleted successfully. C:\Windows\System32\Tasks\WinZip Updater => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinZip Updater" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9231A114-1911-4092-B3A7-1D07C3CB6326}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9231A114-1911-4092-B3A7-1D07C3CB6326}" => Key deleted successfully. C:\Windows\System32\Tasks\4901 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4901" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B4234FE-515C-4037-8D88-B6ECC79D0844}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B4234FE-515C-4037-8D88-B6ECC79D0844}" => Key deleted successfully. C:\Windows\System32\Tasks\{335E62EB-8F3C-46EF-8999-88A7877B26F0} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{335E62EB-8F3C-46EF-8999-88A7877B26F0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8D20976-7F0D-4F3A-8808-4E907BEEA66F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8D20976-7F0D-4F3A-8808-4E907BEEA66F}" => Key deleted successfully. C:\Windows\System32\Tasks\{2C31BECC-C3EE-46AA-ABBC-A4FF3E57F136} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2C31BECC-C3EE-46AA-ABBC-A4FF3E57F136}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F05633B2-AACB-427F-8812-EF2978831E6C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F05633B2-AACB-427F-8812-EF2978831E6C}" => Key deleted successfully. C:\Windows\System32\Tasks\0 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8FE96B2-A91E-46B2-A836-EAA17129A491}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8FE96B2-A91E-46B2-A836-EAA17129A491}" => Key deleted successfully. C:\Windows\System32\Tasks\{ED5D06FD-CD93-49C7-9C4D-C421FAB000E8} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ED5D06FD-CD93-49C7-9C4D-C421FAB000E8}" => Key deleted successfully. C:\Windows\Tasks\WinZip Updater.job not found. "C:\ProgramData\STOPzilla!\VIPRE\libBase64.dll" => File/Directory not found. "C:\ProgramData\STOPzilla!\VIPRE\libMachoUniv.dll" => File/Directory not found. C:\ProgramData\Temp => ":09446E68" ADS removed successfully. C:\ProgramData\Temp => ":2CB9631F" ADS removed successfully. C:\ProgramData\Temp => ":639F0420" ADS removed successfully. C:\ProgramData\Temp => ":8B1667C1" ADS removed successfully. C:\ProgramData\Temp => ":A3E39C6A" ADS removed successfully. C:\ProgramData\Temp => ":A6E01F67" ADS removed successfully. C:\ProgramData\Temp => ":B3606FCC" ADS removed successfully. C:\ProgramData\Temp => ":BD13A410" ADS removed successfully. C:\ProgramData\Temp => ":D1BCFD4A" ADS removed successfully. "HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\Software\Classes\.exe" => Key deleted successfully. "HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\Software\Classes\exefile" => Key deleted successfully. C:\Windows\SysWOW64\lsass.exe => Moved successfully. C:\Windows\SysWOW64\spoolsv.exe => Moved successfully. "C:\Program Files (x86)\STOPzilla!" => File/Directory not found. C:\Program Files (x86)\WinZip Updater => Moved successfully. "C:\Users\Ginette\AppData\Local\CGIDriverOffice\CGIDriverOffice.exe" => File/Directory not found. "C:\Windows\SysWOW64\CompilerRegisterUtility\CompilerRegisterUtility.exe" => File/Directory not found. ========================= File: C:\Windows\system32\rundll32.exe ======================== MD5: DD81D91FF3B0763C392422865C9AC12E Creation and modification date: 2009-07-13 19:57 - 2009-07-13 21:39 Size: 0045568 Attributes: ----A Company Name: Microsoft Corporation Internal Name: rundll Original Name: RUNDLL32.EXE.MUI Product Name: Microsoft® Windows® Operating System Description: Windows host process (Rundll32) File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Version: 6.1.7600.16385 Copyright: © Microsoft Corporation. All rights reserved. ====== End Of File: ====== "C:\Users\Ginette\AppData\Local\DesktopNativeScrolling\DesktopNativeScrolling.exe" => File/Directory not found. C:\Windows\SysWOW64\GNUODBCRaw => Moved successfully. "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" => File/Directory not found. "C:\Users\Ginette\AppData\Local\IconKeyboardWYSIWYG" => File/Directory not found. ========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f ========= The operation completed successfully. ========= End of Reg: ========= ========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F ========= The operation completed successfully. ========= End of Reg: ========= ========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F ========= The operation completed successfully. ========= End of Reg: ========= ========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F ========= The operation completed successfully. ========= End of Reg: ========= ========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F ========= The operation completed successfully. ========= End of Reg: ========= ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully. HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully. HKU\S-1-5-21-3037352765-1606511786-2657095333-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully. ========= End of RemoveProxy: ========= ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Ok. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= netsh int ip reset c:\resetlog.txt ========= Reseting Global, OK! Reseting Interface, OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= ipconfig /release ========= Windows IP Configuration No operation can be performed on Local Area Connection while it has its media disconnected. Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::2d16:73ca:eb0c:9249%13 Default Gateway . . . . . . . . . : Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : cgocable.net ========= End of CMD: ========= ========= ipconfig /renew ========= Windows IP Configuration No operation can be performed on Local Area Connection while it has its media disconnected. Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : cgocable.net Link-local IPv6 Address . . . . . : fe80::2d16:73ca:eb0c:9249%13 IPv4 Address. . . . . . . . . . . : 192.168.0.105 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : cgocable.net ========= End of CMD: ========= ========= netsh int ipv4 reset ========= Reseting Interface, OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= netsh int ipv6 reset ========= Reseting Interface, OK! Restart the computer to complete this action. ========= End of CMD: ========= "C:\Windows\System32\Drivers\etc\hosts" => Could not move. Hosts was reset successfully. ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. {10811719-4D35-4BF8-AF27-6864A69B2B6C} canceled. {21B5B308-0011-4E8C-BA32-A59964AD59F1} canceled. {DBB68AAB-B7AF-4A58-91B7-8A52171F98EE} canceled. {81E213A9-923D-4B76-946C-047CB494838C} canceled. 4 out of 4 jobs canceled. ========= End of CMD: ========= EmptyTemp: => Removed 1.4 GB temporary data. The system needed a reboot. ==== End of Fixlog 22:59:59 ====