Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-05-2015 01
Ran by Administrator at 2015-05-08 23:02:02
Running from H:\Software utility 2015
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-839522115-1788223648-1606980848-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-839522115-1788223648-1606980848-1004 - Limited - Enabled)
cs01 (S-1-5-21-839522115-1788223648-1606980848-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\cs01
Guest (S-1-5-21-839522115-1788223648-1606980848-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-839522115-1788223648-1606980848-1000 - Limited - Disabled)
IUSR_CS1 (S-1-5-21-839522115-1788223648-1606980848-1007 - Limited - Enabled)
IWAM_CS1 (S-1-5-21-839522115-1788223648-1606980848-1008 - Limited - Enabled)
SUPPORT_388945a0 (S-1-5-21-839522115-1788223648-1606980848-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 8.0 Professional Edition (HKLM\...\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 8.00.706.4601 - ABBYY Software House)
Actify 3D Studio Importer (HKLM\...\{069E3FC0-7B8B-4D91-A930-5BE69FF85565}) (Version: 10.0.1014.1014 - Actify Inc.)
Actify AutoCAD(TM) Importer (HKLM\...\{7516DA6E-7C32-465F-8267-5E03B89B6891}) (Version: 10.0.1131.1131 - Actify Inc.)
Actify Catia V4 3D/2D Importer (HKLM\...\{BF0356CB-2E17-4948-ADE7-FF0B0EF2CFDE}) (Version: 10.0.1132.1132 - Actify Inc.)
Actify Catia V5 3D/2D Importer (HKLM\...\{D523AA9D-A881-4EBA-B5D7-2F14BA7A71A3}) (Version: 10.0.1138.1138 - Actify Inc.)
Actify HPGL Importer (HKLM\...\Actify HPGL Importer) (Version:  - )
Actify Iges & VDA Importer (HKLM\...\{B7E50732-ED0F-4B9D-AF64-9BFDF7135EF0}) (Version: 10.0.1110.1110 - Actify Inc.)
Actify SpinFire Professional 8.3 (HKLM\...\{4CCA5CC4-2E59-4782-865B-886C0D248E6F}) (Version: 10.3.1212.1212 - Actify Inc.)
Adobe Acrobat 7.0.1 and Reader 7.0.1 Update (HKLM\...\{AC76BA86-0000-7EC8-7489-000000000702}) (Version: 7.0.2 - Adobe Systems)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Advanced Fix 2014 version 2.1.3.85 (HKLM\...\{0094D07C-1FFB-4450-8D10-AD7E05A318DF}_is1) (Version: 2.1.3.85 - Advanced Fix, Inc.)
Arles Image Web Page Creator 8.3.1 (HKLM\...\Arles Image Web Page Creator_is1) (Version:  - )
Atheros Wireless LAN MiniPCI card Driver (HKLM\...\{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}) (Version:  - )
aTube Catcher version 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVIcodec (remove only) (HKLM\...\AVIcodec) (Version:  - )
BitTorrent (HKU\S-1-5-21-839522115-1788223648-1606980848-1003\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
Bluetooth Monitor 2 (HKLM\...\{61539202-097E-487E-9237-B291AB56D54C}) (Version: 4.02.000 - TOSHIBA)
Brother MFL-Pro Suite (HKLM\...\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}) (Version: 1.00 - Brother Industries, Ltd.)
BurnAware Professional 3.4 (HKLM\...\BurnAware Professional_is1) (Version:  - Burnaware Technologies)
CatiaV4 (HKLM\...\{3B21B5BC-0CBF-4AFC-B6B1-08CA54BDD8A1}) (Version: 11.0.1641.3 - Actify, Inc.)
CatiaV5 (HKLM\...\{E3D76F6E-C645-46EC-A0A2-DDDCE0A0F915}) (Version: 11.0.1642.4 - Actify, Inc.)
ClearProg 1.6.1 Beta 8 (HKLM\...\ClearProg) (Version: 1.6.1 Beta 8 - Sven Hoffman)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
DAEMON Tools Toolbar (HKLM\...\DAEMON Tools Toolbar) (Version: 1.0.0.2 - DT Soft Ltd) <==== ATTENTION
Directory Printer 4.1 (HKLM\...\Directory Printer_is1) (Version:  - )
Dolphin Futures XPS Viewer version 1.1.0 (HKLM\...\{75480068-162F-4D6B-B38E-76606A4E5320}_is1) (Version: 1.1.0 - Dolphin Futures Limited)
EasyRecovery Professional (HKLM\...\InstallShield_{A8BB9906-E618-406A-B161-7383AFF46C39}) (Version: 6.03.04 - Ontrack Data International, Inc.)
EasyRecovery Professional (Version: 6.03.04 - Ontrack Data International, Inc.) Hidden
eMule Shell Extension (HKLM\...\{F32652D2-7A93-4769-B88F-504DA9AE50C5}) (Version: 1.0.3 - http://emule-project.net)
EncSpot Pro 2.1 beta 1 (HKLM\...\EncSpot Professional_is1) (Version:  - GuerillaSoft)
Epson Connect Printer Setup (HKLM\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-2630 Series Printer Uninstall (HKLM\...\EPSON WF-2630 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Config V4 (HKLM\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.5.0 - SEIKO EPSON CORPORATION)
ExifCleaner 1.8 (HKLM\...\ExifCleaner) (Version: 1.8 - SuperUtils.com Software)
Faxalo v2.3 (HKLM\...\Faxalo) (Version: v2.3 - Faxalo)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-839522115-1788223648-1606980848-1003\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM\...\{CC016F21-3970-11DE-B878-005056806466}) (Version: 5.0.11733.9347 - Google)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.238 - SurfRight B.V.)
Hugin 2013.0.0 (HKLM\...\Hugin) (Version: 2013.0.0 hg_0d404a7088e6 - The Hugin Development Team)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
IsoBuster 3.5 (HKLM\...\IsoBuster_is1) (Version: 3.5 - Smart Projects)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kolev RAW R14 (HKLM\...\Kolev RAW_is1) (Version:  - )
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
mCore (Version: 7.05.0000 - Intel Corporation) Hidden
mDrWiFi (Version: 7.05.0000 - Intel Corporation) Hidden
mHelp (Version: 7.05.0000 - Intel) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2003 - Componenti Web (HKLM\...\{90A40410-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2003 Proofing Tools (HKLM\...\{901F0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110410-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
mIWA (Version: 7.05.0000 - Intel Corporation) Hidden
mLogView (Version: 7.05.0000 - Intel Corporation) Hidden
mMHouse (Version: 7.05.0000 - Intel Corporation) Hidden
mobile PhoneTools (HKLM\...\{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}) (Version: 3.25b 4/8/2005 - BVRP Software)
Motorola Device Manager (HKLM\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (Version: 13.09.3001 - Motorola Mobility) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MP3-Check (v1.0.41.0) (HKLM\...\MP3-Check_is1) (Version: 1.0.41.0 - AudioMoves)
MP3Test (HKLM\...\{BE802A6E-7F0D-4333-B45E-80F06C4DC59C}}_is1) (Version: 1.6.0.161 - Markus Stein)
mPfMgr (Version: 7.05.0000 - Intel Corporation) Hidden
mPfWiz (Version: 7.05.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
mWlsSafe (Version: 7.05.0000 - Intel) Hidden
mXML (Version: 7.05.0000 - Intel Corporation) Hidden
MyEpson Portal (HKLM\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
mZConfig (Version: 7.05.0000 - Intel Corporation) Hidden
Nero 6 Ultra Edition (HKLM\...\Nero - Burning Rom!UninstallKey) (Version:  - )
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (Version: 3.8.48.0 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
ODT Viewer version 1.0 (HKLM\...\{CAA1B43B-7CDA-4D58-B9A3-1050C358CB2D}_is1) (Version: 1.0 - odtviewer.com)
OLYMPUS Digital Camera Updater (HKLM\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
OLYMPUS Raw Codec (HKLM\...\{5EA05D7F-5645-4068-A60F-0DCF8FBFD267}) (Version: 1.3.0 - OLYMPUS IMAGING CORP.)
OLYMPUS Studio 2 (HKLM\...\{A4671483-7CAF-4375-A9C9-9A68A640ED75}) (Version: 1.0.7 - OLYMPUS IMAGING CORP.)
Opanda IExif 2.3 (HKLM\...\Opanda IExif_is1) (Version: 2.3 - Opanda Studio)
Opanda PowerExif 1.2 Professional Trial (HKLM\...\Opanda PowerExif Professional Trial_is1) (Version: 1.2 - Opanda Studio)
ophcrack 3.6.0 (HKLM\...\ophcrack) (Version: 3.6.0 - OS Objectif Sécurité SA)
Pacchetto di compatibilità per Office System 2007 (HKLM\...\{90120000-0020-0410-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
PaperPort (HKLM\...\{71C97545-E547-4A8B-B0C8-61FF853270AC}) (Version: 9.02.0827 - ScanSoft, Inc.)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Photodex Presenter (HKLM\...\Photodex Presenter) (Version:  - Photodex Corporation)
ProShow Gold (HKLM\...\ProShow Gold) (Version:  - Photodex Corporation)
ProShow Producer (HKLM\...\ProShow Producer) (Version:  - Photodex Corporation)
RangeMax Wireless-N USB Adapter WN111v2 (HKLM\...\InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}) (Version: 3.0.0.5 - NETGEAR)
RAR Password Recovery Magic v6.1.1.393 (HKLM\...\RAR Password Recovery Magic_is1) (Version:  - Password Recovery Magic Studio Ltd.)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version:  - )
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.23.0000 - Realtek)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Software Intel(R) PROSet/Wireless (HKLM\...\ProInst) (Version: 10.50.0000 - Intel Corporation)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Step (HKLM\...\{B3AF3EF1-065E-4420-B385-A5CA530D6A9A}) (Version: 11.0.1641.3 - Actify, Inc.)
Texas Instruments PCIxx21/x515 drivers. (HKLM\...\InstallShield_{73B2BC65-F997-4208-AEE5-CF8B809A3A71}) (Version: 1.15.0000 - Texas Instruments Inc.)
TIxx21/x515 (Version: 1.15.0000 - Texas Instruments Inc.) Hidden
TOSHIBA Fn-esse (HKLM\...\Fn-esse) (Version: 1.0.18.1227C - )
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.28.0.19C - TOSHIBA)
TweakNow RegCleaner Professional (HKLM\...\TweakNow RegCleaner Professional_is1) (Version: v3.8 - TweakNow.com)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WaveLab 6 (HKLM\...\WaveLabPro) (Version: 6.1.0.340 - Steinberg)
Wavpack4Wavelab6 (HKLM\...\{AB5668B8-1428-460F-AE02-999A598D6883}) (Version: 1.0.1 - RIL)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Driver Package - OLYMPUS IMAGING CORP. (OlyFirCam) OlyFirCam  (06/28/2007 2.2.0.0) (HKLM\...\2CFDDBA03CBE225A1FA2032FE06674F0AF0549D0) (Version: 06/28/2007 2.2.0.0 - OLYMPUS IMAGING CORP.)
Windows Driver Package - OLYMPUS IMAGING CORP. (OlyUsbCam) OlyUsbCam  (12/28/2006 1.0.0.0) (HKLM\...\1A6754C019F3AE544C346226BB63AC9BC7DACCDE) (Version: 12/28/2006 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\E77704EF5E71F4F18CADFBFA68595AFE036D5D97) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows PowerShell(TM) 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows Support Tools (HKLM\...\{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}) (Version: 5.1.2600.5512 - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WN111v2 (Version: 3.0.0.5 - NETGEAR) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-839522115-1788223648-1606980848-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> "F:\Documents and Settings\cs01\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" No F (the data entry has 3 more characters).
CustomCLSID: HKU\S-1-5-21-839522115-1788223648-1606980848-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "F:\Documents and Settings\cs01\Local Settings\Application Data\Google\Update\1.3.26.7\GoogleUpdateO (the data entry has 20 more characters).
CustomCLSID: HKU\S-1-5-21-839522115-1788223648-1606980848-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "F:\Documents and Settings\cs01\Local Settings\Application Data\Google\Update\1.3.26.7\GoogleUpdateO (the data entry has 20 more characters).
CustomCLSID: HKU\S-1-5-21-839522115-1788223648-1606980848-1003_Classes\CLSID\{38216570-5DB1-45F8-A344-B0C4E252B14B}\InprocServer32 -> F:\Documents and Settings\cs01\Local Settings\Application Data\Google\Update\1.3.26.7\psuser.dll No  (the data entry has 4 more characters).
CustomCLSID: HKU\S-1-5-21-839522115-1788223648-1606980848-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "F:\Documents and Settings\cs01\Local Settings\Application Data\Google\Update\1.3.26.7\GoogleUpdateO (the data entry has 20 more characters).
CustomCLSID: HKU\S-1-5-21-839522115-1788223648-1606980848-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "F:\Documents and Settings\cs01\Local Settings\Application Data\Google\Chrome\Application\36.0.1985. (the data entry has 33 more characters).
CustomCLSID: HKU\S-1-5-21-839522115-1788223648-1606980848-1003_Classes\CLSID\{5F081689-CE7D-43E7-8B11-DAD99A4A96D6}\InprocServer32 -> F:\Program Files\eMule\eMuleShellExt.dll (http://emule-project.net)
CustomCLSID: HKU\S-1-5-21-839522115-1788223648-1606980848-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> F:\Documents and Settings\cs01\Local Settings\Application Data\Google\Update\1.3.26.7\npGoogleUpdate (the data entry has 13 more characters).
CustomCLSID: HKU\S-1-5-21-839522115-1788223648-1606980848-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> F:\Documents and Settings\cs01\Local Settings\Application Data\Google\Update\1.3.26.7\npGoogleUpdate (the data entry has 13 more characters).
CustomCLSID: HKU\S-1-5-21-839522115-1788223648-1606980848-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "F:\Documents and Settings\cs01\Local Settings\Application Data\Google\Update\1.3.26.7\GoogleUpdateO (the data entry has 20 more characters).
CustomCLSID: HKU\S-1-5-21-839522115-1788223648-1606980848-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> F:\Documents and Settings\cs01\Local Settings\Application Data\Google\Update\1.3.26.7\psuser.dll No  (the data entry has 4 more characters).
CustomCLSID: HKU\S-1-5-21-839522115-1788223648-1606980848-1003_Classes\CLSID\{F7091C74-EBB1-49D7-94C7-FE4886CCC18D}\InprocServer32 -> F:\Program Files\ABBYY FineReader 8.0 Professional Edition\FECMenu.dll (ABBYY Software)

==================== Restore Points  =========================

25-04-2015 12:37:38 System Checkpoint
26-04-2015 13:38:02 System Checkpoint
27-04-2015 14:42:54 System Checkpoint
28-04-2015 16:35:31 System Checkpoint
29-04-2015 18:41:03 System Checkpoint
01-05-2015 12:03:42 System Checkpoint
02-05-2015 13:26:06 System Checkpoint
03-05-2015 13:35:53 System Checkpoint
08-05-2015 20:25:27 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 13:00 - 2015-04-10 17:18 - 00000768 ____A F:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: F:\WINDOWS\Tasks\EPSON WF-2630 Series Update {444695D3-F9DF-4246-84FF-64E6048E24CB}.job => F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TTSMDE.EXE:/EXE:{444695D3-F9DF-4246-84FF-64E6048E24CB} /F:UpdateSYSTEM
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Loaded Modules (whitelisted) ==============

2006-08-02 00:24 - 2006-08-02 00:24 - 00348160 _____ () F:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2014-07-27 03:52 - 2002-11-26 14:43 - 00106496 _____ () F:\WINDOWS\system32\BrMuSNMP.dll
2006-08-02 00:24 - 2006-08-02 00:24 - 00348160 _____ () F:\Program Files\Intel\Wireless\bin\IntStngs.dll
2014-07-26 09:06 - 2014-07-26 09:07 - 03800688 _____ () F:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: F:\.DS_Store:AFP_AfpInfo
AlternateDataStreams: F:\Documents and Settings\All Users\Application Data\TEMP:24C8262A
AlternateDataStreams: F:\Documents and Settings\not Utente Toshiba bye bye\Application Data\TEMP:24C8262A

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7841 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-839522115-1788223648-1606980848-1003\Control Panel\Desktop\\Wallpaper -> F:\Documents and Settings\cs01\Local Settings\Application Data\Microsoft\Wallpaper2.bmp
DNS Servers: 8.8.8.8 - 8.8.84.4

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: BrMfcWnd => F:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter3 => F:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: HWSetup => F:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
MSCONFIG\startupreg: IntelWireless => "F:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
MSCONFIG\startupreg: MSConfig => F:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

StandardProfile\AuthorizedApplications: [F:\Program Files\eMule\emule.exe] => Enabled:eMule
StandardProfile\AuthorizedApplications: [F:\DOCUME~1\cs01\LOCALS~1\Temp\svchost.exe] => Enabled:736201524A4FAB70
StandardProfile\AuthorizedApplications: [F:\Program Files\BitTorrent\bittorrent.exe] => Enabled:BitTorrent
StandardProfile\AuthorizedApplications: [F:\Program Files\VideoLAN\VLC\vlc.exe] => Disabled:VLC media player 2.1.5
StandardProfile\AuthorizedApplications: [F:\Documents and Settings\cs01\Local Settings\Application Data\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [F:\WINDOWS\system32\sessmgr.exe] => Disabled:@xpsp2res.dll,-22019
StandardProfile\AuthorizedApplications: [F:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE] => Enabled:OUTLOOK.EXE
StandardProfile\AuthorizedApplications: [F:\Program Files\Epson Software\ECPrinterSetup\ENPApp.exe] => Enabled:Epson Connect Printer Setup
StandardProfile\AuthorizedApplications: [F:\Program Files\EpsonNet\EpsonNet Config V4\ENConfig.exe] => Enabled:EpsonNet Config
StandardProfile\AuthorizedApplications: [C:\SkypePortable\App\Skype\Phone\Skype.exe] => Enabled:Skype 
StandardProfile\AuthorizedApplications: [F:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [F:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe] => Enabled:aTube Catcher
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
DomainProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
DomainProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [3389:TCP] => Disabled:@xpsp2res.dll,-22009
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [4662:TCP] => Enabled:emule 1
StandardProfile\GloballyOpenPorts: [4672:UDP] => Enabled:emule 0

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Nokia N95
Description: Nokia N95
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/08/2015 10:56:12 PM) (Source: Userenv) (EventID: 1505) (User: CS1)
Description: Windows cannot load the user's profile but has logged you on with the default profile for the system. 


DETAIL - Access is denied.

Error: (05/02/2015 08:59:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 31.0.0.5310, faulting module mozalloc.dll, version 31.0.0.5310, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (05/02/2015 08:59:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application firefox.exe, version 31.0.0.5310, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/01/2015 10:47:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 31.0.0.5310, faulting module mozalloc.dll, version 31.0.0.5310, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (05/01/2015 10:47:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application firefox.exe, version 31.0.0.5310, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/01/2015 06:39:11 PM) (Source: Userenv) (EventID: 1505) (User: CS1)
Description: Windows cannot load the user's profile but has logged you on with the default profile for the system. 


DETAIL - Access is denied.

Error: (05/01/2015 05:31:22 PM) (Source: Userenv) (EventID: 1505) (User: CS1)
Description: Windows cannot load the user's profile but has logged you on with the default profile for the system. 


DETAIL - Access is denied.

Error: (04/30/2015 00:44:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 31.0.0.5310, faulting module mozalloc.dll, version 31.0.0.5310, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]

Error: (04/30/2015 00:44:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application firefox.exe, version 31.0.0.5310, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/29/2015 09:17:43 PM) (Source: Userenv) (EventID: 1505) (User: CS1)
Description: Windows cannot load the user's profile but has logged you on with the default profile for the system. 


DETAIL - Access is denied.


System errors:
=============
Error: (05/08/2015 08:07:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Machine Debug Manager service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/08/2015 08:06:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) PROSet/Wireless Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/08/2015 08:06:35 PM) (Source: DCOM) (EventID: 10005) (User: CS1)
Description: DCOM got error "%%1058" attempting to start the service ServiceLayer with arguments ""
in order to run the server:
{ACF50018-41F8-476D-85FD-CD953DAE4A49}

Error: (05/08/2015 08:06:30 PM) (Source: DCOM) (EventID: 10005) (User: CS1)
Description: DCOM got error "%%1058" attempting to start the service ServiceLayer with arguments ""
in order to run the server:
{ACF50018-41F8-476D-85FD-CD953DAE4A49}

Error: (05/08/2015 08:06:12 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation Context failed for F:\WINDOWS\system32\alsndmgr.cpl.
Reference error message: The operation completed successfully.
.

Error: (05/08/2015 08:06:12 PM) (Source: SideBySide) (EventID: 58) (User: )
Description: Syntax error in manifest or policy file "Manifest Parse Error : An Invalid character was found in text content.
1" on line Manifest Parse Error : An Invalid character was found in text content.
2.

Error: (05/08/2015 08:06:09 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation Context failed for F:\WINDOWS\system32\alsndmgr.cpl.
Reference error message: The operation completed successfully.
.

Error: (05/08/2015 08:06:09 PM) (Source: SideBySide) (EventID: 58) (User: )
Description: Syntax error in manifest or policy file "Manifest Parse Error : An Invalid character was found in text content.
1" on line Manifest Parse Error : An Invalid character was found in text content.
2.

Error: (05/08/2015 08:05:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Simple Mail Transfer Protocol (SMTP) service terminated with the following error: 
%%3

Error: (05/08/2015 08:05:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The FTP Publishing service terminated with the following error: 
%%3


Microsoft Office Sessions:
=========================
Error: (05/08/2015 10:56:12 PM) (Source: Userenv) (EventID: 1505) (User: CS1)
Description: Access is denied.

Error: (05/02/2015 08:59:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.5310mozalloc.dll31.0.0.53100000141b

Error: (05/02/2015 08:59:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe31.0.0.5310hungapp0.0.0.000000000

Error: (05/01/2015 10:47:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.5310mozalloc.dll31.0.0.53100000141b

Error: (05/01/2015 10:47:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe31.0.0.5310hungapp0.0.0.000000000

Error: (05/01/2015 06:39:11 PM) (Source: Userenv) (EventID: 1505) (User: CS1)
Description: Access is denied.

Error: (05/01/2015 05:31:22 PM) (Source: Userenv) (EventID: 1505) (User: CS1)
Description: Access is denied.

Error: (04/30/2015 00:44:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.5310mozalloc.dll31.0.0.53100000141b

Error: (04/30/2015 00:44:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe31.0.0.5310hungapp0.0.0.000000000

Error: (04/29/2015 09:17:43 PM) (Source: Userenv) (EventID: 1505) (User: CS1)
Description: Access is denied.


==================== Memory info =========================== 

Processor:  Intel(R) Pentium(R) M processor 1.73GHz
Percentage of memory in use: 75%
Total physical RAM: 1022.42 MB
Available physical RAM: 254.58 MB
Total Pagefile: 2462.05 MB
Available Pagefile: 1915.07 MB
Total Virtual: 2047.88 MB
Available Virtual: 1925.06 MB

==================== Drives ================================

Drive d: (copy 5-2013) (CDROM) (Total:3.19 GB) (Free:0 GB) CDFS
Drive f: () (Fixed) (Total:124.33 GB) (Free:43.7 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive h: (sancld@yahoo.com) (Fixed) (Total:24.72 GB) (Free:4.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: CE86A13E)
Partition 1: (Active) - (Size=124.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=24.7 GB) - (Type=05)

==================== End Of Log ============================