Edited by devasativa, 22 October 2014 - 06:21 PM.
multiple browser highjackers [Solved]
#31
Posted 22 October 2014 - 06:20 PM
#32
Posted 22 October 2014 - 06:24 PM
Ran by Owner-1 at 2014-10-17 20:52:11
Running from C:\Users\Owner-1\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.5.775.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.60928.0618 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 1.00.0000 - AMD) Hidden
AMD Steady Video Plug-In (Version: 2.07.0000 - AMD) Hidden
AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Any Video Converter 5.6.4 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Ares 2.2.7 (HKLM-x32\...\Ares) (Version: 2.2.7-Build#3051 - Seekar Ltd)
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.0.2.0 - Autodesk)
Autodesk Pixlr (x32 Version: 1.0.2.0 - Autodesk) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4040 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
AVG PC TuneUp 2014 (en-US) (x32 Version: 14.0.1001.519 - AVG) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.2.0.15 - AVG Technologies)
Bejeweled 3 (HKLM-x32\...\Bejeweled 3) (Version: - )
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.34312 - BitTorrent Inc.)
Blio (HKLM-x32\...\{0361F83A-9DFC-483F-BC9E-7A73170612EA}) (Version: 3.3.9721 - K-NFB Reading Technology, Inc.)
Boost (HKCU\...\Boost 1.0.2) (Version: 1.0.2 - Reason Software Company Inc.)
Boost (Version: 1.0.2 - Reason Software Company Inc.) Hidden
Broken Age (HKLM-x32\...\Broken Age_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5822 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5822 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dragonboard 0.9 (HKLM-x32\...\Dragonboard_is1) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
DVDFab 9.1.5.9 (25/07/2014) (HKLM-x32\...\DVDFab 9 US_is1) (Version: - Fengtao Software Inc.)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F7770F7F-0ABC-30CB-95BC-93761A05CAB6}) (Version: 5.38.4.0 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
grillaprice (HKLM-x32\...\grillaprice) (Version: - )
HP Application Assistant (HKLM\...\{0CE7EBAF-157D-4111-9146-057CB2A4023E}) (Version: 1.1.466.3970 - Hewlett-Packard)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{BC6CB499-9F29-4B41-8B8B-FA7248525256}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
HP MovieStore (x32 Version: 2.1.091 - Hewlett-Packard) Hidden
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6466.0 - IDT)
Jewel Quest Mysteries 4 – The Oracle of Ur Collector’s Edition (HKLM-x32\...\{4B61EB17-1D01-49CA-A802-7DDB8E8C2960}_is1) (Version: - FRGames)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kabloom (HKLM-x32\...\Kabloom_is1) (Version: - DigiPen (USA) Corp.)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.1.3000 - Maxthon International Limited)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Research Cliplets (HKLM\...\{A4DA1935-2F04-4AFF-BE48-085CCC7BD0CB}) (Version: 1.1.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.6 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.6 - MPC-HC Team)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystic Palace Slots HD (HKLM-x32\...\{0B8F985B-260F-465A-B4C7-2C68F1DED218}_is1) (Version: - FRGames)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Photosynth 2.0114.0807.1507 (HKLM-x32\...\{7799F944-C219-4F7B-8A41-8B8F38DA4D69}) (Version: 3.0114.0807.1507 - Microsoft)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picasa Web Albums Live Publisher (HKLM-x32\...\{5B7F33B3-C72C-4408-8AF9-B855775F51DB}) (Version: 2.4.0 - PicasaWebPublisher)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version: - Daum Communications Corp.)
Publish to Photo Frame (HKLM-x32\...\{AD30EBFD-3F8A-491F-8C42-90BD51D7A2B9}) (Version: 1.0.1.0 - Roger Lipscombe)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 17.0.11 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.10 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.85.423.2014 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Runeshift (HKLM-x32\...\Runeshift_is1) (Version: - DigiPen Institute of Technology)
Scanner Mouse (HKLM-x32\...\{5BFED7F5-6423-49AC-82C4-A4648347AC0B}) (Version: 1.7.1 - Dacuda)
Should I Remove It (HKCU\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
SlimComputer (HKLM-x32\...\{574BF026-4487-4051-BCE5-83C4E40AAF6D}) (Version: 1.3.30878 - SlimWare Utilities, Inc.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
Unfolding Tale 1.0 (HKLM-x32\...\{C6B7023C-2EE6-45A4-9670-4549D9829DD0}_is1) (Version: - DigiPen Institute of Technology)
Unity (HKLM-x32\...\Unity) (Version: - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Screensaver 1.0 (HKLM-x32\...\Video Screensaver) (Version: 1.0 - rodflash.com)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - %HP% (HKLM\...\D8A96622E135715AED5E5B6001904E8687BD9996) (Version: - %HP%)
Windows Driver Package - KEYLOK (usbkey) USB (06/10/2010 64.0.0.0) (HKLM\...\B048A6D4B0188E5A802ADFF30A7C78FA4AD99BE0) (Version: 06/10/2010 64.0.0.0 - KEYLOK)
Windows Driver Package - Microcomputer Applications, Inc. (usbkey) USB (06/10/2010 32.0.0.0) (HKLM\...\A3870D6BEDDC4A8FF6622FE720C457528EFAA4F3) (Version: 06/10/2010 32.0.0.0 - Microcomputer Applications, Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WMS Slots – Jungle Wild (HKLM-x32\...\{25F3B08A-F579-40E8-A8D8-42D7AFD93F18}_is1) (Version: - FRGames)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
15-09-2014 23:59:23 Installed SpyHunter
25-09-2014 10:00:36 Windows Update
29-09-2014 11:52:20 Removed SpyHunter
29-09-2014 14:36:33 Installed Photosynth 2.0114.0807.1507
01-10-2014 12:21:13 Windows Update
02-10-2014 10:00:24 Windows Update
18-10-2014 03:01:05 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-09-15 17:17 - 2014-09-15 17:17 - 00000000 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {00AA0A06-BAEF-463E-96F6-53B56CD3473A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005Core => C:\Users\Owner-1\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-06] (Facebook Inc.)
Task: {0965CFEF-3D79-4871-9955-98775C3AB2C5} - System32\Tasks\HPCeeScheduleForOwner-1 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {09D4AB3B-6963-4149-B965-807FB22C1E51} - System32\Tasks\SlimComputer Run => C:\Program Files (x86)\SlimComputer\SlimComputer.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {0F6E6DB3-74B7-45C6-A55D-73D6E9839AEC} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {20E8DD6B-05F3-4CA5-ABA5-11C9DB6595BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {2200C973-068D-4F04-9F56-9403C4A12F5C} - System32\Tasks\GPUP => C:\Program Files (x86)\GetPrivate\gpup.exe
Task: {29961242-5F94-483F-AF7E-22F0EB4E282B} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon3\Bin\mxup.exe [2014-05-13] (Maxthon International ltd.)
Task: {2D5BF65F-872E-4126-A8B9-29D5F9CAD744} - System32\Tasks\{7BAABC9C-7086-4FA4-BDE5-681BD8017B19} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {34EEF022-C248-430D-AA8C-A379F5839F30} - System32\Tasks\DSite => C:\Users\PHILLI~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {453CB1F1-50C5-45BE-90A6-0E281D18EA88} - System32\Tasks\{E6FA3439-D03E-474A-A864-54E7CEA93455} => C:\Users\Owner-1\Games\___ARESTRA___igt slots wolf run.exe [2014-07-30] ()
Task: {4AA3FA1F-DAAB-4BE0-8531-95ADCB8864B8} - System32\Tasks\{1609BA14-0FED-442D-9170-C04C15F981C5} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {4BE397D8-DE03-4ACA-AB32-0AA58EA4A8FB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005UA => C:\Users\Owner-1\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.)
Task: {4D4FC430-FBD7-4CB5-BA1A-C4207460695B} - System32\Tasks\Boost => C:\Users\Owner-1\AppData\Roaming\Reason\Boost\boost.exe [2013-11-22] (Reason Software Company Inc.)
Task: {5B5E5C6B-01D4-4474-B251-9095C6E5BADA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005UA => C:\Users\Owner-1\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-06] (Facebook Inc.)
Task: {611C38DE-97FF-49D4-A9B3-014C23B446FF} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1864448044-3865198937-871872176-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {67563A5F-B8E1-4EC0-9A11-4E06F45E2861} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-25] (CyberLink)
Task: {6967B603-BB21-4D09-A0C6-531FFF109B10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-13] (Google Inc.)
Task: {7347B9F7-96F7-47E2-B8CC-95E149C4AD06} - System32\Tasks\{0F7B7E08-1DD9-4AE5-9A9A-08CDDDCD1169} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {7757AC86-3751-4137-8B89-2C6AE04D6990} - System32\Tasks\{11C396B0-D4A0-46CB-A841-EFD6AD7715E4} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {776036F3-5981-44E5-90B4-F14BC339A538} - System32\Tasks\{F3CF654F-0598-47BA-88A3-91DE7AA6C1A3} => C:\Users\Owner-1\Games\___ARESTRA___igt slots wolf run.exe [2014-07-30] ()
Task: {7993C8AC-4D96-4B41-AA9B-9A93722F817C} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {86164C3A-3BEE-4319-8FF8-8BC1C871601E} - \DealPly No Task File <==== ATTENTION
Task: {8D901B83-99E7-445F-A4FC-AA4A363DCD00} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-25] (Adobe Systems Incorporated)
Task: {92A651FB-72ED-4AA0-A27E-201636D45098} - System32\Tasks\{97E5E8F8-2B69-462C-905E-D5975B48C1FB} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {98F36AF1-1521-4480-A1C8-029BE73373AD} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1864448044-3865198937-871872176-1005 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-06-10] (RealNetworks, Inc.)
Task: {A3FE437A-04E8-4EAC-BBD4-91412668C9A2} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1864448044-3865198937-871872176-1005 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {A9399806-F1EC-4110-9B25-B0C5E4E8C01A} - System32\Tasks\{3D9E1804-6740-4300-B671-3239C524921F} => C:\Users\Owner-1\Games\___ARESTRA___igt slots wolf run.exe [2014-07-30] ()
Task: {A9B162E8-7334-4507-889D-02A48EA70D6E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1864448044-3865198937-871872176-1005 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {AA56A0A1-1607-4C53-906B-EDF4C01202AC} - System32\Tasks\ShouldIRemoveIt => C:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exe [2013-12-09] (Reason Software Company Inc.)
Task: {B10A56D0-D5AF-453A-9F73-107707E63C56} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1864448044-3865198937-871872176-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {B4F67FF7-7B79-4AA4-B0B2-2D959B2FA535} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005Core => C:\Users\Owner-1\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.)
Task: {BB92E39A-CAED-48B3-AC51-1C462331E487} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-13] (Google Inc.)
Task: {C215F820-9A4A-4644-993C-720E18C22DB2} - System32\Tasks\{E0A18E8D-F885-4A82-9916-54CFB5E9046C} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {CA837510-E02D-4FCD-B12D-19E8501EC27D} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {DBEB3027-1751-482A-92B8-1444A515378C} - System32\Tasks\{1B7F23FC-C788-4D5A-AE59-92D5BA290952} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {E91AAA25-BB5E-4F0A-A79D-8DE59E869F03} - System32\Tasks\{42A1BE7E-6CCD-4E7E-8C4A-4EB2ABC124B8} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {E93F201D-E8A9-488C-BBCC-F6DBFC28F04B} - System32\Tasks\{82994078-CC11-4AC2-8DC3-2C19C579B5E9} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {EAE3F7D8-A662-4AB8-946C-C4B764C14EA8} - System32\Tasks\{1D7A61D8-B204-4C03-9D41-8731703E7E05} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {F3614D0C-CD89-471C-B6E0-230FA1BE8784} - System32\Tasks\{345E4FE0-B690-4458-BE6A-E2AC593605B9} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {F50E9488-DB86-48E3-9DB1-25D0A03675CD} - System32\Tasks\{F10006ED-B251-4972-840E-25EDFDDCD041} => C:\Users\Owner-1\Games\___ARESTRA___setup.exe [2014-07-30] ()
Task: {F88EF904-D938-4F00-A37C-1EC7A5247F44} - System32\Tasks\SlimCleaner Run => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005Core.job => C:\Users\Owner-1\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005UA.job => C:\Users\Owner-1\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005Core.job => C:\Users\Owner-1\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005UA.job => C:\Users\Owner-1\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForOwner-1.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\ShouldIRemoveIt.job => C:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
==================== Loaded Modules (whitelisted) =============
2014-09-16 01:00 - 2014-09-16 01:00 - 00427008 _____ () C:\Program Files (x86)\grillaprice\grillaprice.exe
2014-09-01 08:34 - 2014-09-05 23:14 - 02680344 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2014-09-01 08:34 - 2014-09-01 08:34 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\log4cplusU.dll
2014-05-21 07:55 - 2013-11-17 18:18 - 00258944 _____ () C:\Program Files (x86)\Maxthon3\bin\Maxzlib.dll
2014-05-21 07:55 - 2013-11-17 18:18 - 00258944 _____ () C:\Program Files (x86)\Maxthon3\Bin\maxzlib.dll
2014-07-29 00:13 - 2014-05-28 19:40 - 00247096 _____ () C:\Program Files (x86)\Maxthon3\Addons\Mobile\MxMobile.dll
2014-05-21 07:55 - 2013-11-20 23:37 - 00887064 _____ () C:\Program Files (x86)\Maxthon3\Core\Webkit\libglesv2.dll
2014-05-21 07:55 - 2013-11-20 23:37 - 00109336 _____ () C:\Program Files (x86)\Maxthon3\Core\Webkit\libegl.dll
2014-07-29 00:13 - 2013-11-20 23:37 - 02128152 _____ () C:\Program Files (x86)\Maxthon3\Core\Webkit\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: RealPlayerUpdateSvc => 3
========================= Accounts: ==========================
Administrator (S-1-5-21-1864448044-3865198937-871872176-500 - Administrator - Disabled)
Guest (S-1-5-21-1864448044-3865198937-871872176-501 - Limited - Enabled) => C:\Users\Guest
Owner-1 (S-1-5-21-1864448044-3865198937-871872176-1005 - Administrator - Enabled) => C:\Users\Owner-1
==================== Faulty Device Manager Devices =============
Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/17/2014 08:39:38 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:
Error: (10/17/2014 08:37:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/17/2014 08:29:06 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description:
Error: (10/17/2014 08:23:07 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description:
Error: (10/17/2014 08:20:54 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:
Error: (10/17/2014 07:36:46 PM) (Source: Google Update) (EventID: 20) (User: DPLACE)
Description: Network Request Error.
Error: 0x80072f78. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, named proxy=http=127.0.0.1:13081;, bypass=<-loopback>.
trying CUP:WinHTTP.
Send request returned 0x80072f78. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=http=127.0.0.1:13081;, bypa
Error: (10/16/2014 09:34:07 PM) (Source: Google Update) (EventID: 20) (User: DPLACE)
Description: Network Request Error.
Error: 0x80072f78. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, named proxy=http=127.0.0.1:13081;, bypass=<-loopback>.
trying CUP:WinHTTP.
Send request returned 0x80072efe. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=http=127.0.0.1:13081;, bypa
Error: (10/16/2014 00:35:20 PM) (Source: Google Update) (EventID: 20) (User: DPLACE)
Description: Network Request Error.
Error: 0x80072f78. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, named proxy=http=127.0.0.1:13081;, bypass=<-loopback>.
trying CUP:WinHTTP.
Send request returned 0x80072f78. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=http=127.0.0.1:13081;, bypa
Error: (10/15/2014 07:27:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/15/2014 07:27:30 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:
System errors:
=============
Error: (10/17/2014 08:53:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/17/2014 08:53:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/17/2014 08:53:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/17/2014 08:51:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/17/2014 08:51:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/17/2014 08:51:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/17/2014 08:46:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/17/2014 08:46:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/17/2014 08:46:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/17/2014 08:44:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Microsoft Office Sessions:
=========================
Error: (10/17/2014 08:39:38 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:
Error: (10/17/2014 08:37:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/17/2014 08:29:06 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description:
Error: (10/17/2014 08:23:07 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description:
Error: (10/17/2014 08:20:54 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:
Error: (10/17/2014 07:36:46 PM) (Source: Google Update) (EventID: 20) (User: DPLACE)
Description: Network Request Error.
Error: 0x80072f78. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, named proxy=http=127.0.0.1:13081;, bypass=<-loopback>.
trying CUP:WinHTTP.
Send request returned 0x80072f78. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=http=127.0.0.1:13081;, bypa
Error: (10/16/2014 09:34:07 PM) (Source: Google Update) (EventID: 20) (User: DPLACE)
Description: Network Request Error.
Error: 0x80072f78. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, named proxy=http=127.0.0.1:13081;, bypass=<-loopback>.
trying CUP:WinHTTP.
Send request returned 0x80072efe. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=http=127.0.0.1:13081;, bypa
Error: (10/16/2014 00:35:20 PM) (Source: Google Update) (EventID: 20) (User: DPLACE)
Description: Network Request Error.
Error: 0x80072f78. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, named proxy=http=127.0.0.1:13081;, bypass=<-loopback>.
trying CUP:WinHTTP.
Send request returned 0x80072f78. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=http=127.0.0.1:13081;, bypa
Error: (10/15/2014 07:27:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/15/2014 07:27:30 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:
==================== Memory info ===========================
Processor: AMD A6-3420M APU with Radeon HD Graphics
Percentage of memory in use: 62%
Total physical RAM: 3561.41 MB
Available physical RAM: 1324.1 MB
Total Pagefile: 7120.99 MB
Available Pagefile: 5068.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:441.65 GB) (Free:82.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.95 GB) (Free:15.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:3.96 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 895A24CC)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=441.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
==================== End Of Log ============================
#33
Posted 22 October 2014 - 06:26 PM
#34
Posted 22 October 2014 - 07:11 PM
#35
Posted 22 October 2014 - 07:19 PM
Ran by Owner-1 at 2014-10-22 18:17:27
Running from C:\Users\Owner-1\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.5.775.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.60928.0618 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 1.00.0000 - AMD) Hidden
AMD Steady Video Plug-In (Version: 2.07.0000 - AMD) Hidden
AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Any Video Converter 5.6.4 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Ares 2.2.7 (HKLM-x32\...\Ares) (Version: 2.2.7-Build#3051 - Seekar Ltd)
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.0.2.0 - Autodesk)
Autodesk Pixlr (x32 Version: 1.0.2.0 - Autodesk) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4040 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
AVG PC TuneUp 2014 (en-US) (x32 Version: 14.0.1001.519 - AVG) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.2.0.15 - AVG Technologies)
Bejeweled 3 (HKLM-x32\...\Bejeweled 3) (Version: - )
Blio (HKLM-x32\...\{0361F83A-9DFC-483F-BC9E-7A73170612EA}) (Version: 3.3.9721 - K-NFB Reading Technology, Inc.)
Boost (HKCU\...\Boost 1.0.2) (Version: 1.0.2 - Reason Software Company Inc.)
Boost (Version: 1.0.2 - Reason Software Company Inc.) Hidden
Broken Age (HKLM-x32\...\Broken Age_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5822 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5822 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dragonboard 0.9 (HKLM-x32\...\Dragonboard_is1) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
DVDFab 9.1.5.9 (25/07/2014) (HKLM-x32\...\DVDFab 9 US_is1) (Version: - Fengtao Software Inc.)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F7770F7F-0ABC-30CB-95BC-93761A05CAB6}) (Version: 5.38.4.0 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
grillaprice (HKLM-x32\...\grillaprice) (Version: - )
HP Application Assistant (HKLM\...\{0CE7EBAF-157D-4111-9146-057CB2A4023E}) (Version: 1.1.466.3970 - Hewlett-Packard)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{BC6CB499-9F29-4B41-8B8B-FA7248525256}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
HP MovieStore (x32 Version: 2.1.091 - Hewlett-Packard) Hidden
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6466.0 - IDT)
Jewel Quest Mysteries 4 – The Oracle of Ur Collector’s Edition (HKLM-x32\...\{4B61EB17-1D01-49CA-A802-7DDB8E8C2960}_is1) (Version: - FRGames)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kabloom (HKLM-x32\...\Kabloom_is1) (Version: - DigiPen (USA) Corp.)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.1.3000 - Maxthon International Limited)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Research Cliplets (HKLM\...\{A4DA1935-2F04-4AFF-BE48-085CCC7BD0CB}) (Version: 1.1.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.6 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.6 - MPC-HC Team)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystic Palace Slots HD (HKLM-x32\...\{0B8F985B-260F-465A-B4C7-2C68F1DED218}_is1) (Version: - FRGames)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Photosynth 2.0114.0807.1507 (HKLM-x32\...\{7799F944-C219-4F7B-8A41-8B8F38DA4D69}) (Version: 3.0114.0807.1507 - Microsoft)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picasa Web Albums Live Publisher (HKLM-x32\...\{5B7F33B3-C72C-4408-8AF9-B855775F51DB}) (Version: 2.4.0 - PicasaWebPublisher)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version: - Daum Communications Corp.)
Publish to Photo Frame (HKLM-x32\...\{AD30EBFD-3F8A-491F-8C42-90BD51D7A2B9}) (Version: 1.0.1.0 - Roger Lipscombe)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 17.0.11 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.10 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.85.423.2014 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Runeshift (HKLM-x32\...\Runeshift_is1) (Version: - DigiPen Institute of Technology)
Scanner Mouse (HKLM-x32\...\{5BFED7F5-6423-49AC-82C4-A4648347AC0B}) (Version: 1.7.1 - Dacuda)
Should I Remove It (HKCU\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
SlimComputer (HKLM-x32\...\{574BF026-4487-4051-BCE5-83C4E40AAF6D}) (Version: 1.3.30878 - SlimWare Utilities, Inc.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
Unfolding Tale 1.0 (HKLM-x32\...\{C6B7023C-2EE6-45A4-9670-4549D9829DD0}_is1) (Version: - DigiPen Institute of Technology)
Unity (HKLM-x32\...\Unity) (Version: - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Screensaver 1.0 (HKLM-x32\...\Video Screensaver) (Version: 1.0 - rodflash.com)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - %HP% (HKLM\...\D8A96622E135715AED5E5B6001904E8687BD9996) (Version: - %HP%)
Windows Driver Package - KEYLOK (usbkey) USB (06/10/2010 64.0.0.0) (HKLM\...\B048A6D4B0188E5A802ADFF30A7C78FA4AD99BE0) (Version: 06/10/2010 64.0.0.0 - KEYLOK)
Windows Driver Package - Microcomputer Applications, Inc. (usbkey) USB (06/10/2010 32.0.0.0) (HKLM\...\A3870D6BEDDC4A8FF6622FE720C457528EFAA4F3) (Version: 06/10/2010 32.0.0.0 - Microcomputer Applications, Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WMS Slots – Jungle Wild (HKLM-x32\...\{25F3B08A-F579-40E8-A8D8-42D7AFD93F18}_is1) (Version: - FRGames)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner-1\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1864448044-3865198937-871872176-1005_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Owner-1\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
25-09-2014 10:00:36 Windows Update
29-09-2014 11:52:20 Removed SpyHunter
29-09-2014 14:36:33 Installed Photosynth 2.0114.0807.1507
01-10-2014 12:21:13 Windows Update
02-10-2014 10:00:24 Windows Update
18-10-2014 03:01:05 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-09-15 17:17 - 2014-09-15 17:17 - 00000000 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {00AA0A06-BAEF-463E-96F6-53B56CD3473A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005Core => C:\Users\Owner-1\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-06] (Facebook Inc.)
Task: {0965CFEF-3D79-4871-9955-98775C3AB2C5} - System32\Tasks\HPCeeScheduleForOwner-1 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {09D4AB3B-6963-4149-B965-807FB22C1E51} - System32\Tasks\SlimComputer Run => C:\Program Files (x86)\SlimComputer\SlimComputer.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {0F6E6DB3-74B7-45C6-A55D-73D6E9839AEC} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {20E8DD6B-05F3-4CA5-ABA5-11C9DB6595BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {2200C973-068D-4F04-9F56-9403C4A12F5C} - System32\Tasks\GPUP => C:\Program Files (x86)\GetPrivate\gpup.exe
Task: {29961242-5F94-483F-AF7E-22F0EB4E282B} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon3\Bin\mxup.exe [2014-05-13] (Maxthon International ltd.)
Task: {4BE397D8-DE03-4ACA-AB32-0AA58EA4A8FB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005UA => C:\Users\Owner-1\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.)
Task: {4D4FC430-FBD7-4CB5-BA1A-C4207460695B} - System32\Tasks\Boost => C:\Users\Owner-1\AppData\Roaming\Reason\Boost\boost.exe [2013-11-22] (Reason Software Company Inc.)
Task: {5B5E5C6B-01D4-4474-B251-9095C6E5BADA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005UA => C:\Users\Owner-1\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-06] (Facebook Inc.)
Task: {611C38DE-97FF-49D4-A9B3-014C23B446FF} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1864448044-3865198937-871872176-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {67563A5F-B8E1-4EC0-9A11-4E06F45E2861} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-25] (CyberLink)
Task: {6967B603-BB21-4D09-A0C6-531FFF109B10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-13] (Google Inc.)
Task: {7993C8AC-4D96-4B41-AA9B-9A93722F817C} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {8D901B83-99E7-445F-A4FC-AA4A363DCD00} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-25] (Adobe Systems Incorporated)
Task: {98F36AF1-1521-4480-A1C8-029BE73373AD} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1864448044-3865198937-871872176-1005 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-06-10] (RealNetworks, Inc.)
Task: {A3FE437A-04E8-4EAC-BBD4-91412668C9A2} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1864448044-3865198937-871872176-1005 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {A9B162E8-7334-4507-889D-02A48EA70D6E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1864448044-3865198937-871872176-1005 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {AA56A0A1-1607-4C53-906B-EDF4C01202AC} - System32\Tasks\ShouldIRemoveIt => C:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exe [2013-12-09] (Reason Software Company Inc.)
Task: {B10A56D0-D5AF-453A-9F73-107707E63C56} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1864448044-3865198937-871872176-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {B4F67FF7-7B79-4AA4-B0B2-2D959B2FA535} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005Core => C:\Users\Owner-1\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.)
Task: {BB92E39A-CAED-48B3-AC51-1C462331E487} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-13] (Google Inc.)
Task: {F88EF904-D938-4F00-A37C-1EC7A5247F44} - System32\Tasks\SlimCleaner Run => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005Core.job => C:\Users\Owner-1\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005UA.job => C:\Users\Owner-1\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005Core.job => C:\Users\Owner-1\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1864448044-3865198937-871872176-1005UA.job => C:\Users\Owner-1\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForOwner-1.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\ShouldIRemoveIt.job => C:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
==================== Loaded Modules (whitelisted) =============
2014-09-01 08:34 - 2014-09-05 23:14 - 02680344 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2014-09-01 08:34 - 2014-09-01 08:34 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\log4cplusU.dll
2014-05-21 07:55 - 2013-11-17 18:18 - 00258944 _____ () C:\Program Files (x86)\Maxthon3\bin\Maxzlib.dll
2014-07-29 00:13 - 2014-05-28 19:40 - 00247096 _____ () C:\Program Files (x86)\Maxthon3\Addons\Mobile\MxMobile.dll
2014-05-21 07:55 - 2013-11-17 18:18 - 00258944 _____ () C:\Program Files (x86)\Maxthon3\Bin\maxzlib.dll
2014-05-21 07:55 - 2013-11-20 23:37 - 00887064 _____ () C:\Program Files (x86)\Maxthon3\Core\Webkit\libglesv2.dll
2014-05-21 07:55 - 2013-11-20 23:37 - 00109336 _____ () C:\Program Files (x86)\Maxthon3\Core\Webkit\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: RealPlayerUpdateSvc => 3
========================= Accounts: ==========================
Administrator (S-1-5-21-1864448044-3865198937-871872176-500 - Administrator - Disabled)
Guest (S-1-5-21-1864448044-3865198937-871872176-501 - Limited - Enabled) => C:\Users\Guest
Owner-1 (S-1-5-21-1864448044-3865198937-871872176-1005 - Administrator - Enabled) => C:\Users\Owner-1
==================== Faulty Device Manager Devices =============
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/22/2014 05:48:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (10/22/2014 04:34:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/22/2014 04:34:25 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:
Error: (10/22/2014 03:49:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FRST64.exe, version: 16.10.2014.0, time stamp: 0x54400379
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc00000fd
Fault offset: 0x000000000005626a
Faulting process id: 0xc84
Faulting application start time: 0xFRST64.exe0
Faulting application path: FRST64.exe1
Faulting module path: FRST64.exe2
Report Id: FRST64.exe3
Error: (10/22/2014 02:48:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/22/2014 02:48:38 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:
Error: (10/20/2014 04:10:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/20/2014 04:10:16 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:
Error: (10/20/2014 02:57:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/20/2014 02:57:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (10/22/2014 06:14:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/22/2014 06:14:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/22/2014 06:14:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/22/2014 06:12:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/22/2014 06:12:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/22/2014 06:12:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/22/2014 06:12:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/22/2014 06:12:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/22/2014 06:12:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Error: (10/22/2014 06:12:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1058
Microsoft Office Sessions:
=========================
Error: (10/22/2014 05:48:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{20C2051A-1ACA-48B4-9BA5-24625DCBD880}\recordingmanager.exe
Error: (10/22/2014 04:34:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/22/2014 04:34:25 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:
Error: (10/22/2014 03:49:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe16.10.2014.054400379ntdll.dll6.1.7601.18247521eaf24c00000fd000000000005626ac8401cfee49ec98e47cC:\Users\Owner-1\Desktop\FRST64.exeC:\Windows\SYSTEM32\ntdll.dllab06c2ed-5a3d-11e4-acc5-ec9a74573b2c
Error: (10/22/2014 02:48:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/22/2014 02:48:38 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:
Error: (10/20/2014 04:10:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/20/2014 04:10:16 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description:
Error: (10/20/2014 02:57:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/20/2014 02:57:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{20C2051A-1ACA-48B4-9BA5-24625DCBD880}\recordingmanager.exe
==================== Memory info ===========================
Processor: AMD A6-3420M APU with Radeon HD Graphics
Percentage of memory in use: 61%
Total physical RAM: 3561.41 MB
Available physical RAM: 1363.53 MB
Total Pagefile: 7120.99 MB
Available Pagefile: 5181.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:441.65 GB) (Free:87.13 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.95 GB) (Free:15.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:3.96 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 895A24CC)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=441.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
==================== End Of Log ============================
#36
Posted 23 October 2014 - 08:28 AM
Wow, hope that wasn't too hairy for you; it looks like a lot of the malware was removed and some more displayed. The rest should not be that complicated (although, you did fine! ).
First, a new Fixlist script >>>>
If the first Fixlist.txt file is still on your desktop, please delete it now.
Download attached fixlist.txt file and save it to the Desktop.
Fixlist.txt 1.59KB
267 downloads
NOTE. It's important that both files, FRST64 and Fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
Second, a scan with AdwCleaner >>>>
AdwCleaner by Xplode
Download AdwCleaner from here or from here. Save the file to the desktop.
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
Close all open windows and browsers.
- XP users: Double click the AdwCleaner icon to start the program.
- Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
You will see the following console: - Click the Scan button and wait for the scan to finish.
- After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove. Please Do Not delete anything at this time.
- Click the Report button to get the log.
- Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
- Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.
Optional:
NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.
Things to Reply with >>>>
- The Fixlog.txt log file.
- The AdwCleaner[R0].txt log file.
- How is the system running now? Has the fans and CPU settled down?
#37
Posted 23 October 2014 - 03:48 PM
#38
Posted 23 October 2014 - 04:02 PM
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-10-2014
Ran by Owner-1 at 2014-10-23 14:50:59 Run:2
Running from C:\Users\Owner-1\Desktop
Loaded Profile: Owner-1 (Available profiles: Owner-1 & Guest)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
CloseProcesses:
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istart123...0325AS_5VENN5AH
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istart123...q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL =
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {B4DB94BC-3512-4409-8E79-07D1ADC37C30} URL =
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
CHR HKLM-x32\...\Chrome\Extension: [iekjmlcgpmcjigljdiagaibfjfaideal] - C:\Users\Owner\AppData\Local\CRE\iekjmlcgpmcjigljdiagaibfjfaideal.crx [2014-06-10]
C:\Users\Owner\AppData\Local\CRE
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
File: C:\Program Files (x86)\AMD\System Monitor\atillk64.sys
File: C:\Users\Owner-1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys
C:\Program Files (x86)\grillaprice\grillaprice.exe
C:\Program Files (x86)\grillaprice
Task: {0F6E6DB3-74B7-45C6-A55D-73D6E9839AEC} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS
Task: {2200C973-068D-4F04-9F56-9403C4A12F5C} - System32\Tasks\GPUP => C:\Program Files (x86)\GetPrivate\gpup.exe
C:\Program Files (x86)\GetPrivate
EmptyTemp:
end
*****************
Processes closed successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key deleted successfully.
"HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
"HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B4DB94BC-3512-4409-8E79-07D1ADC37C30}" => Key deleted successfully.
"HKCR\CLSID\{B4DB94BC-3512-4409-8E79-07D1ADC37C30}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key deleted successfully.
"HKCR\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key deleted successfully.
"HKCR\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key deleted successfully.
"HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iekjmlcgpmcjigljdiagaibfjfaideal" => Key deleted successfully.
"C:\Users\Owner\AppData\Local\CRE\iekjmlcgpmcjigljdiagaibfjfaideal.crx" => File/Directory not found.
"C:\Users\Owner\AppData\Local\CRE" => File/Directory not found.
"HKCU\SOFTWARE\Policies\Google" => Key deleted successfully.
========================= File: C:\Program Files (x86)\AMD\System Monitor\atillk64.sys ========================
"C:\Program Files (x86)\AMD\System Monitor\atillk64.sys" not found.
====== End Of File: ======
========================= File: C:\Users\Owner-1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys ========================
"C:\Users\Owner-1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys" not found.
====== End Of File: ======
"C:\Program Files (x86)\grillaprice\grillaprice.exe" => File/Directory not found.
"C:\Program Files (x86)\grillaprice" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{0F6E6DB3-74B7-45C6-A55D-73D6E9839AEC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F6E6DB3-74B7-45C6-A55D-73D6E9839AEC}" => Key deleted successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
C:\Windows\AutoKMS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2200C973-068D-4F04-9F56-9403C4A12F5C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2200C973-068D-4F04-9F56-9403C4A12F5C}" => Key deleted successfully.
C:\Windows\System32\Tasks\GPUP => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GPUP" => Key deleted successfully.
C:\Program Files (x86)\GetPrivate => Moved successfully.
#39
Posted 23 October 2014 - 04:10 PM
#40
Posted 23 October 2014 - 04:21 PM
#41
Posted 23 October 2014 - 05:08 PM
Whow.... That's a lot going on there....
Can you post some screen shots showing what you are seeing, please? I want to make sure I understand what you are seeing before trying to fix this.
If you are not sure how to take and post screenshots the following will help:
when you have the screen up that you want to capture...click [press] on the ALT key + PRT SCR key..its on the top row..right hand side..now click on start...all programs...accessories...paint....left click in the white area ...press CTRL + V...click on file...click on save...save it to your desktop...name it something related to the screen your capturing... BE SURE TO SAVE IT AS A .JPG ...otherwise it may be to big to upload...
then after typing in any response you have... click on browse...desktop...find the screenshot..select it and click on the upload button...then on the lower left...after it says upload successful...click on add reply like you normally would...
#42
Posted 23 October 2014 - 07:12 PM
so here is the start what next?
Edited by devasativa, 23 October 2014 - 07:13 PM.
#43
Posted 23 October 2014 - 07:14 PM
#44
Posted 23 October 2014 - 07:15 PM
#45
Posted 23 October 2014 - 07:24 PM
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users