Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

OTL & Hijackthis Log


  • Please log in to reply

#1
owen57

owen57

    Member

  • Member
  • PipPip
  • 25 posts

Good morning lads!

 

 

here is my problem, everything was working fine, quite smoothly, then, yesterday my cpu usage dropped suddenly and drastically to 1-5%, my fan stopped working, i tough at first it was a hardware related issue, i launched fifa16, the fan started working, the usual cpu usage of this game is 1,2 ghz, it capped to 600 000 mhz, i shut down my pc, waited it to get cooler, then started it, same problem persisted, i used some tools such as ssdkiller, iexplore, hitmanpro and Roguekiller yet nothing was found, i used Advanced System care full scan, nothing.

I switched power plan to high performance, although the system run fine most of the time, something the same problem comeback, like something is trying to force a cpu usage of 1-5%, some malware perhaps? 

So i decided to use Hijackthis and OTL, post the logs here and hopefully help will come.

 

Thank you! 

Attached Files


Edited by owen57, 26 April 2016 - 08:54 AM.

  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Hello owen57,

Welcome to Geekstogo.

Nowadays we use FRST as our main diagnostic and fixing tool. I have included some instructions below for you to run FRST and post back the logs it creates.

 

Please copy and paste the logs in the thread, much easier to analyze. :)

The symptoms you describe are very like a hardware problem which the techs would be better placed to help you with but let's have a look and see what we can find.

One thing you might want to try, is uninstalling IObit Advanced SystemCare for a bit to see if that makes a difference. It has been known to cause problems on some computers.

Now
 
Important - We ask that the tools we use be downloaded to your computers desktop.

If you are unsure about how to do that, please press the Show button beside Spoiler below to see guides for the most popular browsers:

Spoiler

Next

Please download Farbar Recovery Scan Tool from here and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

 


  • 0

#3
owen57

owen57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello emeraldnzl,

 

Thank you for your replay!

 

I'm sorry i didn't check first which diagnostic and fixing tool you use.

 

I will uninstall IObit and see if it does change anything, and if possible, is their a similar software you can advice?

 

I did follow your instruction about FRST, i hope you might find something in the logs.

 

I really appreciate your help!

Attached Files


  • 0

#4
owen57

owen57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello again emeraldnzl,

 

I forgot to mention in the earlier post that i installed spybot, after a full scan i did find 2 Trojan horses and 1 Malware, now the computer seems to work fine, when i used Iobit to scan this morning it did crash during Disk Scan at 84%, since the beginning of my problem is crashed at that exact percentage, i uninstalled it right now and launched another scan with FRST, i hope you might find something in the logs.

 

Thank you!

Attached Files


  • 0

#5
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Hello owen57,

 

Open notepad.

Please copy the contents of the code box below.

To do this highlight (click in the box and press Ctrl + A) the contents of the box and right click on it. Paste this into the open notepad. Save it to the Desktop as fixlist.txt.

Alternatively type the contents of the box into notepad and save it to your desktop as fixlist.txt.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
 

HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {0148aeeb-7c25-11e1-936f-f0bf9719f0a3} - E:\_aomg.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {0f4cff36-2740-11e1-b64f-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {11aa336c-f9c4-11e0-8508-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {3065c13c-0233-11e1-a19d-001e101fb45e} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {3065c1bc-0233-11e1-a19d-001e101fb45e} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {36f6bd41-4940-11e1-b83a-f0bf9719f0a3} - F:\autorun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {5da0c64e-f6b2-11e0-806e-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {5da0c693-f6b2-11e0-806e-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {5da0c69e-f6b2-11e0-806e-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {5da0c6c4-f6b2-11e0-806e-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {6438c304-0231-11e1-97f1-001e101f7fb6} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {6438c335-0231-11e1-97f1-001e101f7fb6} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {64b1ffc1-e2d1-11e0-9e12-90004e9ab7d1} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {64b1ffd0-e2d1-11e0-9e12-90004e9ab7d1} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {64b2032f-e2d1-11e0-9e12-001e101f82a7} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {64b2033a-e2d1-11e0-9e12-001e101f82a7} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {64b20350-e2d1-11e0-9e12-001e101f82a7} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {6c290b1a-79ff-11e1-aef8-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {6c290b3a-79ff-11e1-aef8-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {77790e6b-7d16-11e1-8504-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {77790e86-7d16-11e1-8504-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {78cc8285-e312-11e0-8d19-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {78cc82a6-e312-11e0-8d19-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {7e3c765d-02fb-11e1-a305-f0bf9719f0a3} - E:\LGCMInstaller.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {8e0e1b74-b8ac-11e1-ada6-f0bf9719f0a3} - F:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {8e0e1b83-b8ac-11e1-ada6-f0bf9719f0a3} - F:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {9e172ae9-4a7c-11e1-b3e5-90004e9ab7d1} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {c22613bf-65fd-11e1-832e-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {cbf64455-adc2-11e1-be23-90004e9ab7d1} - F:\ICM_Manager.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {cbf6447a-adc2-11e1-be23-90004e9ab7d1} - F:\ICM_Manager.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {cfd28f22-6552-11e1-a8c0-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {df8df4f3-6328-11e2-bdc6-90004e9ab7d1} - F:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {df8df4f8-6328-11e2-bdc6-90004e9ab7d1} - F:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {e3bdaf74-33ac-11e1-93d3-f0bf9719f0a3} - E:\ICM_ML.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {e533173c-f73c-11e0-8409-f0bf9719f0a3} - E:\ICM_ML.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {e533176e-f73c-11e0-8409-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {eb59064b-1e81-11e1-b0bc-f0bf9719f0a3} - E:\VTP_Manager.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {f431cca5-6554-11e1-8476-001e101fb681} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {f431ccb3-6554-11e1-8476-001e101fb681} - F:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {f58fdf9d-2406-11e1-b5eb-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {f58fdfeb-2406-11e1-b5eb-001e101f8ed0} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
C:\Program Files (x86)\IObit
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys
C:\Windows\system32\drivers\hitmanpro37.sys
C:\Windows\SysWOW64\SIntf16.dll
C:\Windows\SysWOW64\SIntf32.dll
C:\Windows\SysWOW64\SIntfNT.dll
Task: {2C54D587-AE36-41AF-97AD-7E5FB38D1BDD} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Pas de fichier <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Pas de fichier <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Pas de fichier <==== ATTENTION
Task: {ADAD3858-E259-4689-B6F9-85FC2324DE6F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Pas de fichier <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Pas de fichier <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Pas de fichier <==== ATTENTION
2016-04-26 13:43 - 2015-05-25 00:28 - 11441168 _____ (SurfRight B.V.) C:\Users\pc\Downloads\HitmanPro_x64.exe
CMD: ipconfig /flushdns
EmptyTemp:

This script is specifically written for the infection on this person's computer. It should NOT to be used on another machine. It may cause serious damage even to the point of rendering the computer unusable.

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply. It would be helpful if you copy and paste the log back here in this thread rather than attaching it. See my request at post #2. :)

 


  • 0

#6
owen57

owen57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello emeraldnzl!

 

Sorry for attaching files instead of copying, my bad.

Résultats de correction de Farbar Recovery Scan Tool (x64) Version:27-04-2016
Exécuté par pc (2016-04-30 06:07:17) Run:1
Exécuté depuis C:\Users\pc\Desktop
Profils chargés: pc (Profils disponibles: pc)
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {0148aeeb-7c25-11e1-936f-f0bf9719f0a3} - E:\_aomg.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {0f4cff36-2740-11e1-b64f-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {11aa336c-f9c4-11e0-8508-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {3065c13c-0233-11e1-a19d-001e101fb45e} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {3065c1bc-0233-11e1-a19d-001e101fb45e} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {36f6bd41-4940-11e1-b83a-f0bf9719f0a3} - F:\autorun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {5da0c64e-f6b2-11e0-806e-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {5da0c693-f6b2-11e0-806e-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {5da0c69e-f6b2-11e0-806e-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {5da0c6c4-f6b2-11e0-806e-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {6438c304-0231-11e1-97f1-001e101f7fb6} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {6438c335-0231-11e1-97f1-001e101f7fb6} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {64b1ffc1-e2d1-11e0-9e12-90004e9ab7d1} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {64b1ffd0-e2d1-11e0-9e12-90004e9ab7d1} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {64b2032f-e2d1-11e0-9e12-001e101f82a7} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {64b2033a-e2d1-11e0-9e12-001e101f82a7} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {64b20350-e2d1-11e0-9e12-001e101f82a7} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {6c290b1a-79ff-11e1-aef8-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {6c290b3a-79ff-11e1-aef8-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {77790e6b-7d16-11e1-8504-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {77790e86-7d16-11e1-8504-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {78cc8285-e312-11e0-8d19-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {78cc82a6-e312-11e0-8d19-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {7e3c765d-02fb-11e1-a305-f0bf9719f0a3} - E:\LGCMInstaller.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {8e0e1b74-b8ac-11e1-ada6-f0bf9719f0a3} - F:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {8e0e1b83-b8ac-11e1-ada6-f0bf9719f0a3} - F:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {9e172ae9-4a7c-11e1-b3e5-90004e9ab7d1} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {c22613bf-65fd-11e1-832e-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {cbf64455-adc2-11e1-be23-90004e9ab7d1} - F:\ICM_Manager.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {cbf6447a-adc2-11e1-be23-90004e9ab7d1} - F:\ICM_Manager.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {cfd28f22-6552-11e1-a8c0-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {df8df4f3-6328-11e2-bdc6-90004e9ab7d1} - F:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {df8df4f8-6328-11e2-bdc6-90004e9ab7d1} - F:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {e3bdaf74-33ac-11e1-93d3-f0bf9719f0a3} - E:\ICM_ML.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {e533173c-f73c-11e0-8409-f0bf9719f0a3} - E:\ICM_ML.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {e533176e-f73c-11e0-8409-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {eb59064b-1e81-11e1-b0bc-f0bf9719f0a3} - E:\VTP_Manager.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {f431cca5-6554-11e1-8476-001e101fb681} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {f431ccb3-6554-11e1-8476-001e101fb681} - F:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {f58fdf9d-2406-11e1-b5eb-f0bf9719f0a3} - E:\AutoRun.exe
HKU\S-1-5-21-2015435904-305203728-580906098-1000\...\MountPoints2: {f58fdfeb-2406-11e1-b5eb-001e101f8ed0} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
C:\Program Files (x86)\IObit
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys
C:\Windows\system32\drivers\hitmanpro37.sys
C:\Windows\SysWOW64\SIntf16.dll
C:\Windows\SysWOW64\SIntf32.dll
C:\Windows\SysWOW64\SIntfNT.dll
Task: {2C54D587-AE36-41AF-97AD-7E5FB38D1BDD} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Pas de fichier <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Pas de fichier <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Pas de fichier <==== ATTENTION
Task: {ADAD3858-E259-4689-B6F9-85FC2324DE6F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Pas de fichier <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Pas de fichier <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Pas de fichier <==== ATTENTION
2016-04-26 13:43 - 2015-05-25 00:28 - 11441168 _____ (SurfRight B.V.) C:\Users\pc\Downloads\HitmanPro_x64.exe
CMD: ipconfig /flushdns
EmptyTemp:
*****************

"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0148aeeb-7c25-11e1-936f-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{0148aeeb-7c25-11e1-936f-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f4cff36-2740-11e1-b64f-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{0f4cff36-2740-11e1-b64f-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11aa336c-f9c4-11e0-8508-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{11aa336c-f9c4-11e0-8508-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3065c13c-0233-11e1-a19d-001e101fb45e}" => clé supprimé(es) avec succès
HKCR\CLSID\{3065c13c-0233-11e1-a19d-001e101fb45e} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3065c1bc-0233-11e1-a19d-001e101fb45e}" => clé supprimé(es) avec succès
HKCR\CLSID\{3065c1bc-0233-11e1-a19d-001e101fb45e} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36f6bd41-4940-11e1-b83a-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{36f6bd41-4940-11e1-b83a-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5da0c64e-f6b2-11e0-806e-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{5da0c64e-f6b2-11e0-806e-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5da0c693-f6b2-11e0-806e-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{5da0c693-f6b2-11e0-806e-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5da0c69e-f6b2-11e0-806e-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{5da0c69e-f6b2-11e0-806e-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5da0c6c4-f6b2-11e0-806e-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{5da0c6c4-f6b2-11e0-806e-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6438c304-0231-11e1-97f1-001e101f7fb6}" => clé supprimé(es) avec succès
HKCR\CLSID\{6438c304-0231-11e1-97f1-001e101f7fb6} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6438c335-0231-11e1-97f1-001e101f7fb6}" => clé supprimé(es) avec succès
HKCR\CLSID\{6438c335-0231-11e1-97f1-001e101f7fb6} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64b1ffc1-e2d1-11e0-9e12-90004e9ab7d1}" => clé supprimé(es) avec succès
HKCR\CLSID\{64b1ffc1-e2d1-11e0-9e12-90004e9ab7d1} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64b1ffd0-e2d1-11e0-9e12-90004e9ab7d1}" => clé supprimé(es) avec succès
HKCR\CLSID\{64b1ffd0-e2d1-11e0-9e12-90004e9ab7d1} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64b2032f-e2d1-11e0-9e12-001e101f82a7}" => clé supprimé(es) avec succès
HKCR\CLSID\{64b2032f-e2d1-11e0-9e12-001e101f82a7} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64b2033a-e2d1-11e0-9e12-001e101f82a7}" => clé supprimé(es) avec succès
HKCR\CLSID\{64b2033a-e2d1-11e0-9e12-001e101f82a7} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64b20350-e2d1-11e0-9e12-001e101f82a7}" => clé supprimé(es) avec succès
HKCR\CLSID\{64b20350-e2d1-11e0-9e12-001e101f82a7} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c290b1a-79ff-11e1-aef8-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{6c290b1a-79ff-11e1-aef8-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c290b3a-79ff-11e1-aef8-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{6c290b3a-79ff-11e1-aef8-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{77790e6b-7d16-11e1-8504-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{77790e6b-7d16-11e1-8504-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{77790e86-7d16-11e1-8504-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{77790e86-7d16-11e1-8504-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{78cc8285-e312-11e0-8d19-806e6f6e6963}" => clé supprimé(es) avec succès
HKCR\CLSID\{78cc8285-e312-11e0-8d19-806e6f6e6963} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{78cc82a6-e312-11e0-8d19-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{78cc82a6-e312-11e0-8d19-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e3c765d-02fb-11e1-a305-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{7e3c765d-02fb-11e1-a305-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e0e1b74-b8ac-11e1-ada6-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{8e0e1b74-b8ac-11e1-ada6-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e0e1b83-b8ac-11e1-ada6-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{8e0e1b83-b8ac-11e1-ada6-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e172ae9-4a7c-11e1-b3e5-90004e9ab7d1}" => clé supprimé(es) avec succès
HKCR\CLSID\{9e172ae9-4a7c-11e1-b3e5-90004e9ab7d1} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c22613bf-65fd-11e1-832e-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{c22613bf-65fd-11e1-832e-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cbf64455-adc2-11e1-be23-90004e9ab7d1}" => clé supprimé(es) avec succès
HKCR\CLSID\{cbf64455-adc2-11e1-be23-90004e9ab7d1} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cbf6447a-adc2-11e1-be23-90004e9ab7d1}" => clé supprimé(es) avec succès
HKCR\CLSID\{cbf6447a-adc2-11e1-be23-90004e9ab7d1} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfd28f22-6552-11e1-a8c0-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{cfd28f22-6552-11e1-a8c0-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df8df4f3-6328-11e2-bdc6-90004e9ab7d1}" => clé supprimé(es) avec succès
HKCR\CLSID\{df8df4f3-6328-11e2-bdc6-90004e9ab7d1} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df8df4f8-6328-11e2-bdc6-90004e9ab7d1}" => clé supprimé(es) avec succès
HKCR\CLSID\{df8df4f8-6328-11e2-bdc6-90004e9ab7d1} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e3bdaf74-33ac-11e1-93d3-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{e3bdaf74-33ac-11e1-93d3-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e533173c-f73c-11e0-8409-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{e533173c-f73c-11e0-8409-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e533176e-f73c-11e0-8409-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{e533176e-f73c-11e0-8409-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb59064b-1e81-11e1-b0bc-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{eb59064b-1e81-11e1-b0bc-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f431cca5-6554-11e1-8476-001e101fb681}" => clé supprimé(es) avec succès
HKCR\CLSID\{f431cca5-6554-11e1-8476-001e101fb681} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f431ccb3-6554-11e1-8476-001e101fb681}" => clé supprimé(es) avec succès
HKCR\CLSID\{f431ccb3-6554-11e1-8476-001e101fb681} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f58fdf9d-2406-11e1-b5eb-f0bf9719f0a3}" => clé supprimé(es) avec succès
HKCR\CLSID\{f58fdf9d-2406-11e1-b5eb-f0bf9719f0a3} => clé non trouvé(e). 
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f58fdfeb-2406-11e1-b5eb-001e101f8ed0}" => clé supprimé(es) avec succès
HKCR\CLSID\{f58fdfeb-2406-11e1-b5eb-001e101f8ed0} => clé non trouvé(e). 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => clé supprimé(es) avec succès
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => clé non trouvé(e). 
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => clé supprimé(es) avec succès
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => clé supprimé(es) avec succès
"HKU\S-1-5-21-2015435904-305203728-580906098-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => clé supprimé(es) avec succès
LiveUpdateSvc => service supprimé(es) avec succès
C:\Program Files (x86)\IObit => déplacé(es) avec succès
hitmanpro37 => service supprimé(es) avec succès
C:\Windows\system32\drivers\hitmanpro37.sys => déplacé(es) avec succès
C:\Windows\SysWOW64\SIntf16.dll => déplacé(es) avec succès
C:\Windows\SysWOW64\SIntf32.dll => déplacé(es) avec succès
C:\Windows\SysWOW64\SIntfNT.dll => déplacé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C54D587-AE36-41AF-97AD-7E5FB38D1BDD}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C54D587-AE36-41AF-97AD-7E5FB38D1BDD}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ADAD3858-E259-4689-B6F9-85FC2324DE6F}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADAD3858-E259-4689-B6F9-85FC2324DE6F}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => clé supprimé(es) avec succès
C:\Users\pc\Downloads\HitmanPro_x64.exe => déplacé(es) avec succès

=========  ipconfig /flushdns =========


Configuration IP de Windows

Cache de resolution DNS vide.

========= Fin de CMD: =========

EmptyTemp: => 486 MB données temporaires supprimées.


Le système a dû redémarrer.

==== Fin de Fixlog 06:07:59 ====

Thank you for your help!


Edited by owen57, 29 April 2016 - 11:23 PM.

  • 0

#7
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Hello owen57,

 

Thank you for pasting in the thread. Much easier to analyze. No need to color the text or include in tags. :)

 

Now

 

Please download Junkware Removal Tool to your desktop.
 

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

After that

 

Please download : ADWCleaner to your desktop  (use the Download Now @ BleepingComputer button)..

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon. AdwCleaner will update itself and then open.

AdwCleaner.jpg

Click on Scan  and follow the prompts. It may appear not to be doing anything, please be patient and let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

 

So when you return please post

  • JRT.txt
  • AdwCleaner log

  • 0

#8
owen57

owen57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello emeraldnzl!

 

Here is the JRT Log.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Home Premium x64 
Ran by pc (Administrator) on 30/04/2016 at 14:46:49,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 15 

Successfully deleted: C:\ai_recyclebin (Folder) 
Successfully deleted: C:\ProgramData\1367782664.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\1370214095.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\innovative solutions (Folder) 
Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) 
Successfully deleted: C:\ProgramData\mntemp (File) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\pc\AppData\Local\innovative solutions (Folder) 
Successfully deleted: C:\Users\pc\AppData\Roaming\getrighttogo (Folder) 
Successfully deleted: C:\Users\pc\AppData\Roaming\iobit\driver booster (Folder) 
Successfully deleted: C:\Users\pc\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (pc) (Task)
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Program Files (x86)\Common Files\innovative solutions (Folder) 
Successfully deleted: C:\Program Files (x86)\myfree codec (Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/04/2016 at 14:51:57,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

And the AdwCleaner log.

# AdwCleaner v5.114 - Rapport créé le 30/04/2016 à 15:24:07
# Mis à jour le 27/04/2016 par Xplode
# Base de données : 2016-04-27.1 [Serveur]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (X64)
# Nom d'utilisateur : pc - PC-VAIO
# Exécuté depuis : C:\Users\pc\Desktop\AdwCleaner.exe
# Option : Nettoyer
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Dossiers ] *****

[-] Dossier supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec

***** [ Fichiers ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Raccourcis ] *****


***** [ Tâches planifiées ] *****


***** [ Registre ] *****

[-] Clé supprimée : HKLM\SOFTWARE\Classes\Prod.cap
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Clé supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Clé supprimée : HKCU\Software\TeleCharger
[-] Clé supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Clé supprimée : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2015435904-305203728-580906098-1000\Software\qualitink
[-] Clé supprimée : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2015435904-305203728-580906098-1000\Software\SweetIM

***** [ Navigateurs ] *****


*************************

:: Clés "Tracing" supprimées
:: Winsock2 - supprimée C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
:: Paramètres Winsock réinitialisés

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1793 octets] - [30/04/2016 15:24:07]
C:\AdwCleaner\AdwCleaner[R0].txt - [3369 octets] - [25/05/2015 00:34:38]
C:\AdwCleaner\AdwCleaner[R1].txt - [928 octets] - [25/05/2015 01:06:55]
C:\AdwCleaner\AdwCleaner[R2].txt - [337 octets] - [26/05/2015 11:20:07]
C:\AdwCleaner\AdwCleaner[R3].txt - [1047 octets] - [22/07/2015 20:56:53]
C:\AdwCleaner\AdwCleaner[R4].txt - [337 octets] - [16/10/2015 19:07:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [3197 octets] - [25/05/2015 00:37:59]
C:\AdwCleaner\AdwCleaner[S1].txt - [2342 octets] - [30/04/2016 14:52:47]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2382 octets] ##########


  • 0

#9
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Hello again owen57,

 

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Windows 8 & 8.1 users may face another warning from the Windows SmartScreen Protection - please click More information and Run.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you may need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

Disable your security programs.

  • Click the blue Run ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
     then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow/install to install. If your firewall asks whether you want to allow installation, say yes. If asked, click yes to allow the program to run on your computer.
  • Check "Enable detection of potentially unwanted applications"
  • Click on Start and say yes to allow the program to proceed.
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed click "List of found threats" and click again on Copy to clipboard. Open notepad and past in the clipboard list. Save it as ESET log somewhere that you can find .
  • After that click the button "Back"
  • Select and check Uninstall application on close and Delete quarantined files.
  • Then click on: Finish
  • Copy and paste the ESET log back here and tell me how your machine is now.

 

 


  • 0

#10
owen57

owen57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello again emeraldnzl!

 
I did follow your previous steps, however ESET stopped responding after reaching 60% and he did found an adware at the beginning of the scan, i noticed one thing however, ESET stopped responding when he started scanning C:\Program Files\MATLAB , Iobit stopped responding while scanning this folder too, so i reboot the computer, and tried to uninstall MATLAB via control pannel, it failed due to an unknown error,i tried to scan with spybot it stops responding,i tried to delete it manually, it caused explorer to stop responding.
Frustrated i went to cmd and tried to force delete via the command panel, DEL \F \S \Q \A "C:\Program Files\MATLAB\R2014b\*" .
It took a lot of time, it did delete most of the files, but a lot of files refused to delete due to "Erreur de périphérique E/S".
When i try to access/delete the folder/files manually explorer stop responding.
 
Thank you.
 
Update : I tried Iobit unlocker and it failed to delete the remaining files too.

Edited by owen57, 30 April 2016 - 10:37 PM.

  • 0

Advertisements


#11
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

 

however ESET stopped responding after reaching 60%

I doubt that MATLAB was the problem. It's a legitimate program see here. I suppose it's possible it was corrupt in some way.

 

ESET online scan can sometimes stop for a period and then resume. That is quite normal. Also another Anti-Virus program can effect it's performance. Maybe Spybot Search and Destroy got in it's way.
 

he did found a malware at the beginning of the scan,


Can you remember what it found?
 

so i reboot the computer, and tried to uninstall MATLAB via control pannel, it failed due to an unknown error,

 
I am not quite sure what you are saying here. Are you saying that because ESET stopped scanning at that point that you think there was something wrong with MATLAB?
 

Update : I tried Iobit unlocker and it failed to delete the remaining files too.

 
I take it you have reinstalled Iobit. If so has there been any change in your machine?


  • 0

#12
owen57

owen57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello emeraldnzl.

 

I know that MATLAB is a legit program, I've been using it almost daily for most of last year due to studies, however it been 5 months since the last time i used it.

 

When ESET got stuck while scanning him like Iobit used to do i tough that the program might have been corrupted in some way, when my attempt to uninstall/delete him all failed, i think it means that it was corrupted doesn't it?

I'll try to explain as good as i can, English isn't my mother tongue so sorry about that.

I've been running ESET for most of yesterday,i did close Spybot & Windows related security software before, it took him 20 minutes to reach 60% in the third step(50 000 files), by that time it started scanning MATLAB files, from 10 pm to 10 am it advanced very slowly and reach 260 000 files scanned while still stuck in 60% and it was still scanning MATLAB, then not only ESET stopped responding but explorer too, not even alt+del triggered any response, it was at this point that i decided to shut down the machine and try to uninstall MATLAB before launching another scan.

I did reinstall Iobit i only installed the Unlocker module (not the full software), when it failed to delete MATLAB i uninstalled it.

Before ESET got stuck in MATLAB the adware it found was Mobogenie.

Thank you.


Edited by owen57, 30 April 2016 - 10:36 PM.

  • 0

#13
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

 

I'll try to explain as good as i can, English isn't my mother tongue so sorry about that.

 

You are doing very well. No need to apologize. :)
 

adware it found was Mobogenie.

 
I believe that is an Adroid app from Google play. I guess it would be classed as a PUP by ESET.
 

it failed to delete MATLAB i uninstalled it

 
Let's see if we can find any remnants.

 

Please run (FRST) Farbar Recovery Scan Tool

Type or copy and paste the following in the edit box after "Search:".

Matlab; Matlab R2014b

Click Search Registry button and post the log (Search.txt) it makes to your reply.


  • 0

#14
owen57

owen57

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts

Hello emeraldnzl.

I was talking about Iobit unlocker, you asked me previously if i reinstalled Iobit, i said i only installed one module in order to help with MatLab deletion,Iobit unlocker failed to delete MATLAB, so i uninstalled Iobit unlocker.
I understood from your message that you tough i uninstalled MATLAB,while in fact i uninstalled Iobit unlocker.
As for MATLAB i was able to easly delete most of the files thanks to the command i wrote earlier,however a lot of folder and files refuse to get deleted with the command, with Iobit unlocker and of course with the traditional way which is the button delete, and any process that try to read/scan those remaining files stops responding,in other words i'm unable to finish ESET scan as long as those files remain.

 

Anyway here is the search.txt

Farbar Recovery Scan Tool (x64) Version:27-04-2016
Exécuté par pc (2016-05-01 07:16:47)
Exécuté depuis C:\Users\pc\Desktop
Mode d'amorçage: Normal

================== Chercher Registre: "Matlab; Matlab R2014b" ===========


===================== Résultats de recherche pour "Matlab" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.fig]
""="MATLAB.fig.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.fig\Versions\MATLAB.fig.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.m\OpenWithProgids]
"MATLAB.m.8.4.0"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mat\OpenWithProgids]
"MATLAB.mat.8.4.0"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mdl]
""="MATLAB.mdl.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mdl\Versions\MATLAB.mdl.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mdlp\Versions\MATLAB.mdlp.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mexw64\Versions\MATLAB.mexw64.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mlapp\OpenWithProgids]
"MATLAB.mlapp.8.4.0"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mlappinstall]
""="MATLAB.mlappinstall.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mlappinstall\Versions\MATLAB.mlappinstall.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mldatx\OpenWithProgids]
"MATLAB.mldatx.8.4.0"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mlpkginstall]
""="MATLAB.mlpkginstall.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mlpkginstall\Versions\MATLAB.mlpkginstall.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mltbx\OpenWithProgids]
"MATLAB.mltbx.8.4.0"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mn]
""="MATLAB.mn.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mn\Versions\MATLAB.mn.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mu\OpenWithProgids]
"MATLAB.mu.8.4.0"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.muphlp]
""="MATLAB.muphlp.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.muphlp\Versions\MATLAB.muphlp.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.p\Versions\MATLAB.p.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.req\Versions\MATLAB.req.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.sldd\OpenWithProgids]
"MATLAB.sldd.8.4.0"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.slddc]
""="MATLAB.slddc.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.sltx]
""="MATLAB.sltx.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.sltx\Versions\MATLAB.sltx.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.slx\OpenWithProgids]
"MATLAB.slx.8.4.0"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.slxp]
""="MATLAB.slxp.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ssc]
""="MATLAB.ssc.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ssc\Versions\MATLAB.ssc.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xvc\OpenWithProgids]
"MATLAB.xvc.8.4.0"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xvz]
""="MATLAB.xvz.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xvz\Versions\MATLAB.xvz.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5771A80A-2294-4CAC-A75B-157DCDDD3653}\InprocServer32]
""="C:\Program Files\MATLAB\R2014b\toolbox\matlab\winfun\win64\mwsamp2.ocx"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9999DD47-4D4D-11D1-A663-00A0249C4B9F}\InprocServer32]
""="C:\Program Files\MATLAB\R2014b\toolbox\matlab\winfun\win64\mwsamp.ocx"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9999DD48-4D4D-11D1-A663-00A0249C4B9F}\InprocServer32]
""="C:\Program Files\MATLAB\R2014b\toolbox\matlab\winfun\win64\mwsamp.ocx"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.fig.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.fig.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-62"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.m.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.m.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-58"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mat.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mat.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-59"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mdl.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mdl.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-61"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mdlp.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-72"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mexw64.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-63"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mlapp.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mlapp.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-79"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mlappinstall.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mlappinstall.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-74"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mldatx.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mldatx.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-83"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mlpkginstall.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mlpkginstall.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-76"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mltbx.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mltbx.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-80"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mn.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mn.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-66"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.mu.8.4.0]
"AppUserModelId"="Mathworks.MATLAB.MATLAB.R2014b"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.muphlp.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.muphlp.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-68"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.p.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-60"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.req.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.req.8.4.0]
""="MATLAB Traceability File"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.sldd.8.4.0]
"AppUserModelId"="Mathworks.MATLAB.MATLAB.R2014b"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.slddc.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.sltx.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.sltx.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-81"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.slx.8.4.0]
"AppUserModelId"="Mathworks.MATLAB.MATLAB.R2014b"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.slxp.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.ssc.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.ssc.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-65"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.xvc.8.4.0]
"AppUserModelId"="Mathworks.MATLAB.MATLAB.R2014b"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.xvz.8.4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MATLAB.xvz.8.4.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\bin\win64\matlab.exe,-70"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Polyspace Bug Finder.pscp.1.2.0]
"FriendlyTypeName"="@C:\Program Files\MATLAB\R2014b\polyspace\bin\polyspace-bug-finder.exe,-3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\mwopc]
"PreviewDetails"="prop:System.Author;System.Comment;System.Category;System.Document.Version;System.Document.RevisionNumber;System.Document.LastAuthor;System.Keywords;MathWorks.Core.MATLABRelease;System.Document.DateCreated;System.Document.DateSaved"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1646F41D-5CF3-41A6-B24D-CC59F022C573}\8.4\0\win64]
""="C:\Program Files\MATLAB\R2014b\bin\win64\mwcomutil.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{280D96EA-474C-486E-88BE-5EB39FC4ACCB}\1.0\0\win32]
""="C:\Program Files\MATLAB\R2014b\polyspace\plugin\msvc\VSUserControlHost.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4D02E050-24D8-4D35-A1C6-FB9304568135}\1.0\0\win64]
""="C:\Program Files\MATLAB\R2014b\toolbox\matlab\winfun\win64\mwsamp2.ocx"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B3AF3D55-CDB2-4527-BA76-78FBE8F9924B}\1.0\0\win32]
""="C:\Program Files\MATLAB\R2014b\toolbox\slvnv\reqmgt\private\mwSimulink1.ocx"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B3AF3D55-CDB2-4527-BA76-78FBE8F9924B}\2.0\0\win32]
""="C:\Program Files\MATLAB\R2014b\toolbox\slvnv\reqmgt\private\mwSimulink2.ocx"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C36E46AB-6A81-457B-9F91-A7719A06287F}]
""="Matlab Application Type Library"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C36E46AB-6A81-457B-9F91-A7719A06287F}\1.0\0\win32]
""="C:\Program Files\MATLAB\R2014b\bin\win64\mlapp.tlb"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CDB3D8C2-8453-42BD-BC5D-12280B57ABDD}\e.0\HELPDIR]
""="C:\Program Files\MATLAB\R2014b\toolbox\slvnv\reqmgt\private"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D2A27F0D-55C2-4075-80D0-6395875B3F78}\8.4\HELPDIR]
""="C:\Program Files\MATLAB\R2014b\bin\win64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1646F41D-5CF3-41A6-B24D-CC59F022C573}\8.4\0\win64]
""="C:\Program Files\MATLAB\R2014b\bin\win64\mwcomutil.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{280D96EA-474C-486E-88BE-5EB39FC4ACCB}\1.0\0\win32]
""="C:\Program Files\MATLAB\R2014b\polyspace\plugin\msvc\VSUserControlHost.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{4D02E050-24D8-4D35-A1C6-FB9304568135}\1.0\0\win64]
""="C:\Program Files\MATLAB\R2014b\toolbox\matlab\winfun\win64\mwsamp2.ocx"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{B3AF3D55-CDB2-4527-BA76-78FBE8F9924B}\1.0\0\win32]
""="C:\Program Files\MATLAB\R2014b\toolbox\slvnv\reqmgt\private\mwSimulink1.ocx"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{B3AF3D55-CDB2-4527-BA76-78FBE8F9924B}\2.0\0\win32]
""="C:\Program Files\MATLAB\R2014b\toolbox\slvnv\reqmgt\private\mwSimulink2.ocx"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{C36E46AB-6A81-457B-9F91-A7719A06287F}]
""="Matlab Application Type Library"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{C36E46AB-6A81-457B-9F91-A7719A06287F}\1.0\0\win32]
""="C:\Program Files\MATLAB\R2014b\bin\win64\mlapp.tlb"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{CDB3D8C2-8453-42BD-BC5D-12280B57ABDD}\e.0\HELPDIR]
""="C:\Program Files\MATLAB\R2014b\toolbox\slvnv\reqmgt\private"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D2A27F0D-55C2-4075-80D0-6395875B3F78}\8.4\HELPDIR]
""="C:\Program Files\MATLAB\R2014b\bin\win64"

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB]

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities]
"ApplicationDescription"="MATLAB® is a high-level language and interactive environment for numerical computation, visualization, and programming. Using MATLAB, you can analyze data, develop algorithms, and create models and applications."

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities\FileAssociations]
".m"="MATLAB.m.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities\FileAssociations]
".fig"="MATLAB.fig.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities\FileAssociations]
".mexw64"="MATLAB.mexw64.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities\FileAssociations]
".mltbx"="MATLAB.mltbx.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities\FileAssociations]
".req"="MATLAB.req.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities\FileAssociations]
".mlpkginstall"="MATLAB.mlpkginstall.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities\FileAssociations]
".slxp"="MATLAB.slxp.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities\FileAssociations]
".slx"="MATLAB.slx.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities\FileAssociations]
".ssc"="MATLAB.ssc.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities\FileAssociations]
".mu"="MATLAB.mu.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities\FileAssociations]
".xvc"="MATLAB.xvc.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities\FileAssociations]
".sldd"="MATLAB.sldd.8.4.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\MathWorks\R2014b\Polyspace Bug Finder]
""="C:\Program Files\MATLAB\R2014b\polyspace\bin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\AssemblyFolders\DotNetBuilder]
""="C:\Program Files\MATLAB\R2014b\toolbox\dotnetbuilder\bin\win64\v2.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
"MATLAB R2014b Startup Accelerator.job"="0x09BFDD55868D683AB9238883AEB525608A192D0630082C893BCF36EFA011BBAC699BBD360F8874257E2E5A5B095ED5EECFD10BDECEAF9C93FA565289A402CC19"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BF90F25-DA6A-4547-BE9D-4A07EC93127B}]
"Path"="\MATLAB R2014b Startup Accelerator"

[HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications]
"MATLAB (R2014b)"="SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{D309A656-4B0B-47F2-9A27-0C4E9D8735C4}]
""="Matlab.Application (Version 8.4)"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1646F41D-5CF3-41A6-B24D-CC59F022C573}\8.4\HELPDIR]
""="C:\Program Files\MATLAB\R2014b\bin\win64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{280D96EA-474C-486E-88BE-5EB39FC4ACCB}\1.0\HELPDIR]
""="C:\Program Files\MATLAB\R2014b\polyspace\plugin\msvc"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{9999DD44-4D4D-11D1-A663-00A0249C4B9F}\1.0\0\win64]
""="C:\Program Files\MATLAB\R2014b\toolbox\matlab\winfun\win64\mwsamp.ocx"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{B3AF3D55-CDB2-4527-BA76-78FBE8F9924B}\1.0\HELPDIR]
""="C:\Program Files\MATLAB\R2014b\toolbox\slvnv\reqmgt\private"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{B3AF3D55-CDB2-4527-BA76-78FBE8F9924B}\2.0\HELPDIR]
""="C:\Program Files\MATLAB\R2014b\toolbox\slvnv\reqmgt\private"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{C36E46AB-6A81-457B-9F91-A7719A06287F}\1.0]
""="Matlab Application (Version 8.4) Type Library"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{CDB3D8C2-8453-42BD-BC5D-12280B57ABDD}\e.0\0\win32]
""="C:\Program Files\MATLAB\R2014b\toolbox\slvnv\reqmgt\private\mwSimulink.ocx"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{D2A27F0D-55C2-4075-80D0-6395875B3F78}\8.4\0\win64]
""="C:\Program Files\MATLAB\R2014b\bin\win64\mwcommgr.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RegisteredApplications]
"MATLAB (R2014b)"="SOFTWARE\MathWorks\R2014b\MATLAB\Capabilities"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Environment]
"Path"="C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\WIDCOMM\Bluetooth Software;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files (x86)\Sony\VAIO Startup Setting Tool;C:\Program Files\MiKTeX 2.9\miktex\bin\x64;C:\Program Files\MATLAB\R2014b\polyspace\bin;C:\Program Files\Microsoft SQL Server\110\Tools\Binn"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment]
"Path"="C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\WIDCOMM\Bluetooth Software;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files (x86)\Sony\VAIO Startup Setting Tool;C:\Program Files\MiKTeX 2.9\miktex\bin\x64;C:\Program Files\MATLAB\R2014b\polyspace\bin;C:\Program Files\Microsoft SQL Server\110\Tools\Binn"

[HKEY_USERS\S-1-5-21-2015435904-305203728-580906098-1000\Software\Mathworks\MATLAB]

[HKEY_USERS\S-1-5-21-2015435904-305203728-580906098-1000\Software\Mathworks\MATLAB\8.4\Command\Matlab\MatlabCommandState-Summary]

[HKEY_USERS\S-1-5-21-2015435904-305203728-580906098-1000\Software\Microsoft\Office\15.0\Word\Security\Trusted Documents\TrustRecords]
"%USERPROFILE%/Downloads/implémentation%20des%20éléments%20finis%20en%20Matlab%20v5.docx"="0xD084336CAC69D0010000000000000000EE0D6B0101000000"

[HKEY_USERS\S-1-5-21-2015435904-305203728-580906098-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mat\OpenWithProgids]
"MATLAB.mat.8.4.0"=""

[HKEY_USERS\S-1-5-21-2015435904-305203728-580906098-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mlappinstall\OpenWithProgids]
"MATLAB.mlappinstall.8.4.0"=""

[HKEY_USERS\S-1-5-21-2015435904-305203728-580906098-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mltbx\OpenWithProgids]
"MATLAB.mltbx.8.4.0"=""

[HKEY_USERS\S-1-5-21-2015435904-305203728-580906098-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.slx\OpenWithProgids]
"MATLAB.slx.8.4.0"=""

[HKEY_USERS\S-1-5-21-2015435904-305203728-580906098-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QIconEngineFactoryInterface:\C:\Program Files\MATLAB]

[HKEY_USERS\S-1-5-21-2015435904-305203728-580906098-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files\MATLAB]

====== Fin de Chercher ======

Edited by owen57, 01 May 2016 - 12:19 AM.

  • 0

#15
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Thank you for that information. :)

 

No I don't mind that you endeavored to remove MATLAB. I am thinking though that because you had difficulty with some files that we should look for leftovers.

 

Can you run the search I asked for at post #13?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP