pc crashes image upload

Discussion in 'Windows - Virus and spyware problems' started by tali1, Sep 10, 2014.

  1. tali1

    tali1 Regular member

    Joined:
    Apr 12, 2008
    Messages:
    137
    Likes Received:
    2
    Trophy Points:
    28
    My desktop pc , when I try to upload pix it crashes .It happens every other day at most .The only thing I can do is to restart the pc as it totally crashes- even task manager will not work or another browser
    I regularly run virus/malware scans(all the stuff from beepingcomputer) which to clean up but the problem keeps returning
    Using win xp prof using Mozff
     
  2. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Hi tali1,
    Been awhile, guess you been doing ok, except for the crashes.:(

    That XP will take a little more care to fix but will try to get it going for you.


    First thing is I need some scan logs.
    Go here and make the FRST Logs to attach to your next reply:
    SVChost.exe


    2oG :)
     
  3. tali1

    tali1 Regular member

    Joined:
    Apr 12, 2008
    Messages:
    137
    Likes Received:
    2
    Trophy Points:
    28
    HI -thx - sorry for delayed reply -was trying to see if probs would go away -they do - BUT then when i think it is okay -they return ! I also keep losing connection -dunnow hether this is rubbish ISP or rubbish on my pc ? I have 5 devices and one will lose it whilst the other will be fine
    here i scan -tbh i think i'm running out of software to help me ! I fear you may a a customer for life! ;)


    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
    Ran by Any Authorised User (administrator) on ANYAUTHORISEDUS on 18-09-2014 20:34:20
    Running from C:\Users\Any Authorised User\Downloads
    Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (LITE-ON TECHNOLOGY CORP.) C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    (Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    (Google) C:\Program Files\Google\Drive\googledrivesync.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    (Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAware.exe
    (Google) C:\Program Files\Google\Drive\googledrivesync.exe
    (Google Inc.) C:\Users\Any Authorised User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Any Authorised User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Olivetti) C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
    (PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
    () C:\Windows\System32\PnkBstrA.exe
    (Lenovo) C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
    () C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
    (LITEON) C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\skdh8821.exe
    (Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    (Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    (GFI Software) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
    (Google Inc.) C:\Users\Any Authorised User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Any Authorised User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
    (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [PWMTRV] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
    HKLM\...\Run: [Skd8821] => C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\SKD8821.exe [286208 2010-06-02] (LITE-ON TECHNOLOGY CORP.)
    HKLM\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [540056 2012-08-08] (Lavasoft)
    HKLM\...\Run: [Ad-Aware Antivirus] => "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-15] (Microsoft Corporation)
    HKU\S-1-5-21-2098016922-1146624395-3197941800-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-04-05] (Google Inc.)
    HKU\S-1-5-21-2098016922-1146624395-3197941800-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
    HKU\S-1-5-21-2098016922-1146624395-3197941800-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
    HKU\S-1-5-21-2098016922-1146624395-3197941800-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe -update plugin
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    BootExecute: autocheck autochk * SBBD.exe /d \Device\HarddiskVolume2\Program Files\Ad-Aware Antivirus\Definitions

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkcentre
    HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKLM - DefaultScope value is missing.
    SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search
    SearchScopes: HKCU - {E7838DDB-2925-40A3-BDE3-3AEEE4D65663} URL =
    BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll No File
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll No File
    Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} file:///E:/SuperCD/IntraLaunch.CAB
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100

    FireFox:
    ========
    FF ProfilePath: C:\Users\Any Authorised User\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default
    FF NetworkProxy: "type", 0
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files\Virtual Earth 3D\ ()
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\Any Authorised User\AppData\Local\Roblox\Versions\version-de8b84f90efc4ca5\\NPRobloxProxy.dll ( ROBLOX Corporation)
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Any Authorised User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
    FF Extension: Lavasoft Search Plugin - C:\Users\Any Authorised User\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2012-10-11]
    FF Extension: Adblock Plus Pop-up Addon - C:\Users\Any Authorised User\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default\Extensions\adblockpopups@jessehakanen.net.xpi [2012-12-26]
    FF Extension: Troll Faces - C:\Users\Any Authorised User\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default\Extensions\jid0-OJczISDnLvcSqtzcbF8q5kQrP5o@jetpack.xpi [2012-12-26]
    FF Extension: Silvermel - C:\Users\Any Authorised User\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default\Extensions\silvermel@pardal.de.xpi [2012-12-26]
    FF Extension: Silvermel and Charamel XT - C:\Users\Any Authorised User\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default\Extensions\silvermelxt@pardal.de.xpi [2012-12-26]
    FF Extension: Adblock Plus - C:\Users\Any Authorised User\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-26]
    FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
    FF Extension: Google Toolbar for Firefox - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-04-05]
    FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

    Chrome:
    =======
    CHR CustomProfile: C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-30]
    CHR Extension: (Google Drive) - C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-22]
    CHR Extension: (YouTube) - C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-30]
    CHR Extension: (McAfee Security Scan+) - C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-24]
    CHR Extension: (Google Search) - C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-30]
    CHR Extension: (Gmail) - C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-30]
    CHR HKLM\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Any Authorised User\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx []
    CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\ANYAUT~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-03-22]
    CHR HKCU\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Any Authorised User\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2014-03-22]
    CHR StartMenuInternet: Google Chrome - C:\Users\Any Authorised User\AppData\Local\Google\Chrome\Application\chrome.exe

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1236368 2012-09-20] (Lavasoft Limited)
    S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
    S3 npggsvc; C:\Windows\system32\GameMon.des [3953632 2012-03-05] (INCA Internet Co., Ltd.) [File not signed]
    R2 olMntrService; C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe [126976 2007-06-08] (Olivetti) [File not signed]
    R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2011-01-28] (PC Tools)
    R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-07-11] ()
    S2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [1124184 2013-04-02] (Trusteer Ltd.) [File not signed]
    R2 SBAMSvc; C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe [3289032 2011-12-19] (GFI Software)
    R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    R2 Sks8821; C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [125952 2010-05-04] () [File not signed]
    R2 SUService; c:\Program Files\Lenovo\System Update\SUService.exe [28672 2010-03-15] (Lenovo Group Limited) [File not signed]
    R2 ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1019904 2009-08-28] (Lenovo Group Limited) [File not signed]
    S3 TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [1474560 2009-09-04] (Lenovo Group Limited) [File not signed]
    R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
    S2 BBSvc; "C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe" [X]
    S3 BBUpdate; "C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe" [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-09-26] (DT Soft Ltd)
    S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [40736 2013-11-27] (Visicom Media Inc.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
    S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [29728 2013-12-06] (Visicom Media Inc.)
    S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
    S1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [79488 2004-05-13] (Protection Technology) [File not signed]
    S0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [111808 2004-05-13] (Protection Technology) [File not signed]
    S0 prosync1; C:\Windows\System32\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
    R1 RapportCerberus_51755; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_51755.sys [317112 2013-03-29] ()
    S3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys [55448 2013-03-18] (Trusteer Ltd.)
    R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [77816 2011-11-29] (GFI Software)
    S3 sbhips; C:\Windows\System32\drivers\sbhips.sys [93816 2011-12-19] (GFI Software)
    R1 SBRE; C:\Windows\system32\drivers\SBREdrv.sys [101112 2011-10-26] (GFI Software)
    R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114376 2013-10-23] (Power Software Ltd)
    S0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
    S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [34016 2012-09-16] (The OpenVPN Project)
    S3 catchme; \??\C:\Users\ANYAUT~1\AppData\Local\Temp\catchme.sys [X]
    S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
    S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
    S3 PCDSRVC{3037D694-FD904ACA-06020101}_0; \??\c:\program files\pc-doctor\pcdsrvc.pkms [X]
    S3 vtany; \??\C:\Windows\vtany.sys [X]
    U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
    S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-18 20:34 - 2014-09-18 20:35 - 00021046 _____ () C:\Users\Any Authorised User\Downloads\FRST.txt
    2014-09-18 20:34 - 2014-09-18 20:34 - 00000000 ____D () C:\FRST
    2014-09-18 20:33 - 2014-09-18 20:33 - 01097728 _____ (Farbar) C:\Users\Any Authorised User\Downloads\FRST.exe
    2014-09-17 19:04 - 2014-09-17 19:06 - 00000000 ____D () C:\Users\Any Authorised User\AppData\Local\adawarebp
    2014-09-16 16:23 - 2014-09-16 16:23 - 00001287 _____ () C:\Users\Any Authorised User\Desktop\JRT.txt
    2014-09-12 21:57 - 2014-09-12 21:57 - 00029977 _____ () C:\ComboFix.txt
    2014-09-12 19:12 - 2014-09-12 19:12 - 00013463 _____ () C:\Users\Any Authorised User\Desktop\AdwCleaner - Shortcut.lnk
    2014-09-12 19:11 - 2014-09-12 19:11 - 00013502 _____ () C:\Users\Any Authorised User\Desktop\RogueKiller - Shortcut.lnk
    2014-09-12 19:11 - 2014-09-12 19:11 - 00013465 _____ () C:\Users\Any Authorised User\Desktop\ComboFix - Shortcut.lnk
    2014-09-12 19:11 - 2014-09-12 19:11 - 00013448 _____ () C:\Users\Any Authorised User\Desktop\JRT_6.0.7 - Shortcut.lnk
    2014-09-12 19:10 - 2014-09-12 19:10 - 00002077 _____ () C:\Users\Any Authorised User\Desktop\RKreport[0]_D_09122014_191058.txt
    2014-09-12 19:10 - 2014-09-12 19:10 - 00002035 _____ () C:\Users\Any Authorised User\Desktop\RKreport[0]_S_09122014_191045.txt
    2014-09-12 18:29 - 2014-09-12 18:29 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2014-09-11 19:17 - 2014-09-11 19:17 - 00000218 _____ () C:\Users\Any Authorised User\Desktop\Team Fortress 2.url
    2014-09-11 17:50 - 2014-08-19 18:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-09-11 17:50 - 2014-08-18 23:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-09-11 17:50 - 2014-08-18 23:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-09-11 17:50 - 2014-08-18 22:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-09-11 17:50 - 2014-08-18 22:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-09-11 17:50 - 2014-08-18 22:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-09-11 17:50 - 2014-08-18 22:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-09-11 17:50 - 2014-08-18 22:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-09-11 17:50 - 2014-08-18 22:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-09-11 17:50 - 2014-08-18 22:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-09-11 17:50 - 2014-08-18 22:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-09-11 17:50 - 2014-08-18 22:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-09-11 17:50 - 2014-08-18 22:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-09-11 17:50 - 2014-08-18 22:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-09-11 17:50 - 2014-08-18 22:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-09-11 17:50 - 2014-08-18 22:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-09-11 17:50 - 2014-08-18 22:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-09-11 17:50 - 2014-08-18 22:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-09-11 17:50 - 2014-08-18 22:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-09-11 17:50 - 2014-08-18 22:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-09-11 17:50 - 2014-08-18 22:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-09-11 17:50 - 2014-08-18 22:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-09-11 17:50 - 2014-08-18 22:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-09-11 17:50 - 2014-08-18 22:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-09-11 17:50 - 2014-08-18 22:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-09-11 17:50 - 2014-08-18 22:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-09-11 17:50 - 2014-08-18 22:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-09-11 17:50 - 2014-08-18 21:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-09-11 17:50 - 2014-08-18 21:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-09-11 17:50 - 2014-08-18 21:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-09-11 17:48 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-09-10 22:15 - 2014-07-07 02:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-09-10 22:15 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-09-10 22:14 - 2014-09-05 02:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-10 22:14 - 2014-09-05 02:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-10 22:14 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-09-10 22:14 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-09-10 00:52 - 2014-09-10 00:52 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
    2014-08-28 16:02 - 2014-08-23 02:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-28 16:02 - 2014-08-23 01:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-19 14:56 - 2014-05-14 17:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2014-08-19 14:56 - 2014-05-14 17:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2014-08-19 14:56 - 2014-05-14 17:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2014-08-19 14:56 - 2014-05-14 17:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2014-08-19 14:55 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2014-08-19 14:55 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2014-08-19 14:55 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2014-08-19 14:55 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2014-08-19 14:55 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-18 20:35 - 2014-09-18 20:34 - 00021046 _____ () C:\Users\Any Authorised User\Downloads\FRST.txt
    2014-09-18 20:35 - 2011-01-24 18:30 - 01426546 _____ () C:\Windows\WindowsUpdate.log
    2014-09-18 20:34 - 2014-09-18 20:34 - 00000000 ____D () C:\FRST
    2014-09-18 20:33 - 2014-09-18 20:33 - 01097728 _____ (Farbar) C:\Users\Any Authorised User\Downloads\FRST.exe
    2014-09-18 20:33 - 2011-01-24 18:35 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
    2014-09-18 20:31 - 2012-10-11 21:16 - 00001837 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
    2014-09-18 20:31 - 2012-10-11 21:11 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
    2014-09-18 20:31 - 2011-08-09 15:47 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-09-18 20:30 - 2011-06-23 16:55 - 00116477 _____ () C:\Windows\setupact.log
    2014-09-18 20:30 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-09-18 20:27 - 2011-01-24 18:35 - 00000382 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
    2014-09-18 20:16 - 2011-09-27 19:47 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098016922-1146624395-3197941800-1000UA1cc7d45eb196a51.job
    2014-09-18 19:52 - 2013-03-10 19:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-09-18 19:50 - 2011-04-05 18:06 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-09-18 17:12 - 2009-07-14 05:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-09-18 17:12 - 2009-07-14 05:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-09-18 16:57 - 2013-11-14 18:57 - 00000000 ____D () C:\Users\Any Authorised User\AppData\Roaming\Skype
    2014-09-18 16:55 - 2013-04-06 16:16 - 00000000 ____D () C:\Program Files\New folder
    2014-09-18 16:50 - 2012-07-15 14:49 - 00000000 ____D () C:\Program Files\Common Files\Steam
    2014-09-18 16:27 - 2011-09-27 19:47 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098016922-1146624395-3197941800-1000Core1cc7d45ea247f6b.job
    2014-09-17 20:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
    2014-09-17 19:06 - 2014-09-17 19:04 - 00000000 ____D () C:\Users\Any Authorised User\AppData\Local\adawarebp
    2014-09-16 16:23 - 2014-09-16 16:23 - 00001287 _____ () C:\Users\Any Authorised User\Desktop\JRT.txt
    2014-09-15 21:58 - 2011-04-05 17:12 - 00000000 ____D () C:\Users\Any Authorised User\AppData\Local\CrashDumps
    2014-09-15 20:04 - 2011-09-18 19:12 - 00000000 ____D () C:\Users\Any Authorised User\AppData\Roaming\vlc
    2014-09-14 13:29 - 2012-10-11 21:15 - 00000000 ____D () C:\Program Files\Ad-Aware Antivirus
    2014-09-12 23:17 - 2011-04-04 19:49 - 00002457 _____ () C:\Users\Any Authorised User\Desktop\Google Chrome.lnk
    2014-09-12 21:58 - 2013-04-20 22:09 - 00000000 ____D () C:\Qoobox
    2014-09-12 21:57 - 2014-09-12 21:57 - 00029977 _____ () C:\ComboFix.txt
    2014-09-12 21:51 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
    2014-09-12 19:59 - 2012-12-26 16:14 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
    2014-09-12 19:59 - 2011-03-16 18:57 - 00507122 _____ () C:\Windows\PFRO.log
    2014-09-12 19:12 - 2014-09-12 19:12 - 00013463 _____ () C:\Users\Any Authorised User\Desktop\AdwCleaner - Shortcut.lnk
    2014-09-12 19:11 - 2014-09-12 19:11 - 00013502 _____ () C:\Users\Any Authorised User\Desktop\RogueKiller - Shortcut.lnk
    2014-09-12 19:11 - 2014-09-12 19:11 - 00013465 _____ () C:\Users\Any Authorised User\Desktop\ComboFix - Shortcut.lnk
    2014-09-12 19:11 - 2014-09-12 19:11 - 00013448 _____ () C:\Users\Any Authorised User\Desktop\JRT_6.0.7 - Shortcut.lnk
    2014-09-12 19:10 - 2014-09-12 19:10 - 00002077 _____ () C:\Users\Any Authorised User\Desktop\RKreport[0]_D_09122014_191058.txt
    2014-09-12 19:10 - 2014-09-12 19:10 - 00002035 _____ () C:\Users\Any Authorised User\Desktop\RKreport[0]_S_09122014_191045.txt
    2014-09-12 19:10 - 2013-11-16 20:39 - 00000000 ____D () C:\Users\Any Authorised User\Desktop\RK_Quarantine
    2014-09-12 18:29 - 2014-09-12 18:29 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2014-09-12 01:17 - 2012-06-04 12:43 - 00000000 ____D () C:\Users\Any Authorised User\AppData\Roaming\uTorrent
    2014-09-11 22:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
    2014-09-11 19:17 - 2014-09-11 19:17 - 00000218 _____ () C:\Users\Any Authorised User\Desktop\Team Fortress 2.url
    2014-09-11 18:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-09-11 17:49 - 2011-03-16 18:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-09-11 17:47 - 2014-05-07 21:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-09-10 00:52 - 2014-09-10 00:52 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
    2014-09-10 00:52 - 2012-11-10 15:35 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2014-09-10 00:52 - 2012-11-10 15:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2014-09-08 17:09 - 2009-07-14 05:53 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-09-05 02:52 - 2014-09-10 22:14 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-05 02:47 - 2014-09-10 22:14 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-08-29 19:36 - 2009-07-14 05:33 - 00359168 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-08-23 02:46 - 2014-08-28 16:02 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-23 01:42 - 2014-08-28 16:02 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-20 13:52 - 2011-01-24 18:28 - 00000000 ____D () C:\swshare
    2014-08-19 18:39 - 2014-09-11 17:50 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-08-19 00:53 - 2013-05-25 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-09-16 00:14

    ==================== End Of Log ============================
     
  4. tali1

    tali1 Regular member

    Joined:
    Apr 12, 2008
    Messages:
    137
    Likes Received:
    2
    Trophy Points:
    28
    And next
    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-09-2014
    Ran by Any Authorised User at 2014-09-18 20:35:45
    Running from C:\Users\Any Authorised User\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Lavasoft Ad-Aware (Enabled - Up to date) {445B48C3-0FA4-6B16-8F07-6506F305D800}
    AS: Lavasoft Ad-Aware (Enabled - Up to date) {FF3AA927-299E-6498-B5B7-5E74888292BD}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Lavasoft Ad-Aware (Disabled) {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
    7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
    Access Help (HKLM\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 2.00 - Lenovo)
    Ad-Aware Antivirus (HKLM\...\{6a4b0a4f-58d0-430c-becc-aa50733cd761}) (Version: 10.3.45.3935 - Lavasoft)
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
    Adobe AIR (Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Reader 9.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
    Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
    Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
    Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
    Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
    Alliance of Valiant Arms (HKLM\...\Alliance of Valiant Arms) (Version: - )
    Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
    Bing Maps 3D (HKLM\...\{2D87E961-577B-492B-AD54-1368680FB9A7}) (Version: 4.0.903.16005 - Microsoft Corporation)
    Bing Rewards Client Installer (Version: 16.0.345.0 - Microsoft Corporation) Hidden
    BitMeter (HKLM\...\BitMeter) (Version: - )
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    Burn.Now 4.5 (Version: 4.5.0 - Corel Corporation) Hidden
    CardRecoveryPro 2.1.5 (HKLM\...\{CE13C819-54FF-44B0-8195-5A2095142CF0}_is1) (Version: 2.1.5 - LionSea SoftWare)
    Console Classix version 4.26 (HKLM\...\{BC91CDA9-D8D5-4F67-A507-B8BB81F310DB}_is1) (Version: 4.26 - Console Classix)
    Corel Burn.Now Lenovo Edition (HKLM\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
    Corel DVD MovieFactory 7 (Version: 7.0.0 - Corel Corporation) Hidden
    Corel DVD MovieFactory Lenovo Edition (HKLM\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
    Create Recovery Media (HKLM\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version: - Microsoft)
    Direct DiscRecorder (Version: 1.00.0000 - Corel Corporation) Hidden
    eMule (HKLM\...\eMule) (Version: - )
    ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
    Flickr Uploadr 3.2.1 (HKLM\...\Flickr Uploadr) (Version: - )
    Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
    Google Drive (HKLM\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
    Google Toolbar for Firefox (HKLM\...\{2CCBABCB-6427-4A55-B091-49864623C43F}) (Version: 7.1.20101113 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
    Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2025 - Intel Corporation)
    Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
    IP Camera Adapter (HKLM\...\{F43D5CA6-1F22-436D-AF64-B254E7F1FC3D}) (Version: 1.0.0 - Pas)
    IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
    iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
    Java 7 Update 10 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217010FF}) (Version: 7.0.100 - Oracle)
    Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
    Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
    JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
    Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Junkies Client ULTIMATE (HKLM\...\{523EE064-F2C2-4E2D-987B-1C7459A69D18}_is1) (Version: - planetcss.com, Inc.)
    Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.05 - Lenovo)
    Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5717.21 - PC-Doctor, Inc.)
    Lenovo Welcome (HKLM\...\{67708668-13ED-4CB3-B01F-EEE6155020A7}) (Version: 1.7.5.10 - DDNI)
    Lenovo Welcome (HKLM\...\Lenovo Welcome_is1) (Version: - Lenovo)
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
    Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Message Center Plus (HKLM\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
    Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mozilla Firefox 32.0.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 32.0.1 (x86 en-GB)) (Version: 32.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MPC-HC 1.7.3 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)
    MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
    MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    MTA:SA v1.3.4 (HKLM\...\MTA:SA 1.3) (Version: v1.3.4 - Multi Theft Auto)
    Nectar Search Toolbar (HKCU\...\Nectar Search Toolbar) (Version: - )
    Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
    Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
    Nokia PC Suite (Version: 7.1.180.94 - Nokia) Hidden
    NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
    Olivetti Toolbox (HKLM\...\{69E0C313-68AD-4FE0-A85A-3595BB81D6C5}) (Version: 002.000.0018 - Olivetti S.p.A.)
    PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
    PixRecovery (HKLM\...\{861AE636-7123-446C-AB79-D898B9442716}) (Version: 1.6 - Recoveronix)
    PowerISO (HKLM\...\PowerISO) (Version: 5.8 - Power Software Ltd)
    Rapport (HKLM\...\Rapport_msi) (Version: 3.5.1208.33 - Trusteer)
    Rapport (Version: 3.5.1208.33 - Trusteer) Hidden
    Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6024 - Realtek Semiconductor Corp.)
    Recuva (HKLM\...\Recuva) (Version: 1.44 - Piriform)
    Rescue and Recovery (HKLM\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0025.00 - Lenovo Group Limited)
    ROBLOX Player for Any Authorised User (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
    Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
    Samsung Kies (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
    Shockwave (HKLM\...\Shockwave) (Version: - )
    SIMPLE_WAY (HKLM\...\{1B601690-9508-4AD0-A006-F3AF9CF2B74A}) (Version: 002.000.00013 - Olivetti S.p.A.)
    Sitting Ducks (HKLM\...\{3D60611F-EBAC-4D0C-8E6B-FC385611AE02}) (Version: 1.00.0000 - LSP Games)
    Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
    Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
    Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0032 - Lenovo)
    Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
    ThinkVantage Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 1.02.0015 - Lenovo Group Limited)
    Thumbnail me 3.0 (HKCU\...\Thumbnail me 3.0) (Version: - )
    TwelveSky2 (HKLM\...\TwelveSky2) (Version: - )
    UK-Info 2004 SE (HKLM\...\{BC9BDD06-5674-4FAB-A30F-559C2DB171CA}) (Version: - )
    Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
    Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version: - Microsoft)
    Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
    Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
    Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
    Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
    Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
    Virtua Cop 2 - www.classic-gaming.net (HKLM\...\Virtua Cop 2_is1) (Version: - Classic Gaming Network)
    VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
    Windows Driver Package - Intel Corporation (igfx) Display (12/18/2009 8.15.10.2025) (HKLM\...\6173494C218777FC84EA543F98F626E4FCB9E58E) (Version: 12/18/2009 8.15.10.2025 - Intel Corporation)
    Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
    Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
    Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
    Windows Driver Package - Realtek (RTL8167) Net (11/27/2009 7.011.1127.2009) (HKLM\...\FB627E47ED3DD713F9902C51061322270ACB1600) (Version: 11/27/2009 7.011.1127.2009 - Realtek)
    Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (01/12/2010 6.0.1.6024) (HKLM\...\07B93EDB9CC6BC0276487EBB7D01015438101AF0) (Version: 01/12/2010 6.0.1.6024 - Realtek Semiconductor Corp.)
    Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (01/12/2010 6.0.1.6024) (HKLM\...\39C7474DA0199DEC9927E4094B3485A8A22A5C64) (Version: 01/12/2010 6.0.1.6024 - Realtek Semiconductor Corp.)
    Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
    Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
    Wondershare Photo Recovery (build 3.0.3) (HKLM\...\Wondershare Photo Recovery_is1) (Version: - Wondershare Software Co., Ltd.)
    XTube Uploader (HKLM\...\com.xtube.airuploader) (Version: 0.4.17 - UNKNOWN)
    XTube Uploader (Version: 0.4.17 - UNKNOWN) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Any Authorised User\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Any Authorised User\AppData\Local\Google\Chrome\Application\37.0.2062.120\delegate_execute.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{76D50904-6780-4c8b-8986-1A7EE0B1716D}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Roblox\Versions\version-de8b84f90efc4ca5\RobloxProxy.dll (ROBLOX Corporation)
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
    CustomCLSID: HKU\S-1-5-21-2098016922-1146624395-3197941800-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

    ==================== Restore Points =========================

    29-08-2014 14:15:42 Windows Update
    05-09-2014 22:15:53 Scheduled Checkpoint
    11-09-2014 16:38:02 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 03:04 - 2014-09-12 21:51 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {05A31A9C-5C93-47AE-B207-6E80C9316BF0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2098016922-1146624395-3197941800-1000UA1cc7d45eb196a51 => C:\Users\Any Authorised User\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-04] (Google Inc.)
    Task: {0B6D14DB-6700-4B17-858A-ACBC6BFAF0CB} - \EPUpdater No Task File <==== ATTENTION
    Task: {18B6BC9D-3392-41CC-8051-59664E94BECC} - System32\Tasks\{B1EEA9CC-84C9-4A0B-8CC7-9A54DA816F82} => C:\Program Files\eMule\emule.exe [2010-04-07] (http://www.emule-project.net)
    Task: {28965269-AE69-44F7-8046-B1A5730B0613} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2098016922-1146624395-3197941800-1000Core1cc7d45ea247f6b => C:\Users\Any Authorised User\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-04] (Google Inc.)
    Task: {38D2AB09-3228-4C63-BDD0-7A7C9EAAB838} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2010-11-12] (PC-Doctor, Inc.)
    Task: {3D23B94E-41E2-44CA-9AE2-4BC23C53FD49} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
    Task: {4300D972-C693-43D0-A039-9B9490AD773D} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
    Task: {4647A10A-3613-4834-BADB-7FE0E287E002} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe [2012-09-20] (Lavasoft Limited)
    Task: {47D690E3-C278-4C23-B5B7-21E15A57D176} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\pcdrcui.exe [2010-11-12] (PC-Doctor, Inc.)
    Task: {56F2AEC1-EAAB-478E-BE9C-EDC0AC6FABD2} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
    Task: {5DC19C70-72D1-430E-892F-67D360B44F3E} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
    Task: {7228EA9A-2841-4CFC-993D-3660D2D6431E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-04] (Google Inc.)
    Task: {7570D398-03C1-4294-B74B-7A15E7AD47F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-04] (Google Inc.)
    Task: {A4BF17DF-BF52-499B-B7CC-18A9C03798F5} - System32\Tasks\realtekHDAudio => c:\program files\realtek\audio\hda\rthdvcpl.exe [2010-01-12] (Realtek Semiconductor)
    Task: {ABB3514B-277A-43B7-AE18-E9DFC97F8D73} - System32\Tasks\PMTask => C:\Program Files\ThinkPad\Utilities\PWMIDTSV.EXE [2010-03-05] (Lenovo Group Limited)
    Task: {C2DACEDE-0801-4FF7-A071-DFC7F926F2A9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {CA77C84E-00BF-4921-8D25-489A600A18FE} - System32\Tasks\{3F57D170-D88B-4755-A7A4-D234C1DE61B2} => C:\Program Files\eMule\emule.exe [2010-04-07] (http://www.emule-project.net)
    Task: {D3762701-EF77-490D-BA9C-D63D823451D1} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
    Task: {D7E779AD-2B85-42AE-A052-A033E9CB48E8} - System32\Tasks\RMSmartUpdate => C:\Program Files\Registry Mechanic\update.exe
    Task: {DADE31F0-B515-4120-B4CA-63ECB65CF1D3} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2010-11-12] ()
    Task: {E059A8BC-ECD3-4B66-A365-95E4437D784A} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
    Task: {E2BFD7EE-580B-4B99-A695-8A0C1344682E} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cc376ee28ef379.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098016922-1146624395-3197941800-1000Core1cc7d45ea247f6b.job => C:\Users\Any Authorised User\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098016922-1146624395-3197941800-1000UA1cc7d45eb196a51.job => C:\Users\Any Authorised User\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
    Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\pcdrcui.exe

    ==================== Loaded Modules (whitelisted) =============

    2012-08-27 22:33 - 2012-08-27 22:33 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2012-08-27 22:33 - 2012-08-27 22:33 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2011-01-24 18:26 - 2010-03-03 18:02 - 00028672 ____N () C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL
    2014-09-18 20:31 - 2014-09-18 20:31 - 00098816 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\win32api.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00110080 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\pywintypes27.dll
    2014-09-18 20:31 - 2014-09-18 20:31 - 00364544 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\pythoncom27.dll
    2014-09-18 20:31 - 2014-09-18 20:31 - 00045568 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\_socket.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 01160704 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\_ssl.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00320512 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\win32com.shell.shell.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00713216 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\_hashlib.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 01175040 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\wx._core_.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00805888 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\wx._gdi_.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00811008 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\wx._windows_.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 01062400 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\wx._controls_.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00735232 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\wx._misc_.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00128512 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\_elementtree.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00127488 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\pyexpat.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00557056 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\pysqlite2._sqlite.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00007168 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\hashobjs_ext.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00087552 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\_ctypes.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00119808 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\win32file.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00108544 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\win32security.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00018432 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\win32event.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00038912 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\win32inet.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00070656 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\wx._html2.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00167936 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\win32gui.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00011264 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\win32crypt.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00027136 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\_multiprocessing.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00686080 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\unicodedata.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00122368 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\wx._wizard.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00010240 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\select.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00024064 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\win32pipe.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00025600 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\win32pdh.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00525640 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\windows._lib_cacheinvalidation.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00035840 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\win32process.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00017408 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\win32profile.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00022528 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\win32ts.pyd
    2014-09-18 20:31 - 2014-09-18 20:31 - 00078336 _____ () C:\Users\Any Authorised User\AppData\Local\temp\_MEI23282\wx._animate.pyd
    2014-09-12 23:17 - 2014-09-04 04:01 - 01098056 _____ () C:\Users\Any Authorised User\AppData\Local\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
    2014-09-12 23:17 - 2014-09-04 04:01 - 00174408 _____ () C:\Users\Any Authorised User\AppData\Local\Google\Chrome\Application\37.0.2062.120\libegl.dll
    2011-09-10 18:44 - 2012-07-11 22:17 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
    2010-05-04 19:47 - 2010-05-04 19:47 - 00125952 ____N () C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
    2012-10-11 21:25 - 2014-06-20 06:08 - 00192376 _____ () C:\Program Files\Ad-Aware Antivirus\Definitions\libBase64.dll
    2012-10-11 21:25 - 2014-06-20 06:08 - 00180088 _____ () C:\Program Files\Ad-Aware Antivirus\Definitions\libMachoUniv.dll
    2014-09-12 23:17 - 2014-09-04 04:01 - 08577864 _____ () C:\Users\Any Authorised User\AppData\Local\Google\Chrome\Application\37.0.2062.120\pdf.dll
    2014-09-12 23:17 - 2014-09-04 04:01 - 00331592 _____ () C:\Users\Any Authorised User\AppData\Local\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
    2014-09-12 23:17 - 2014-09-04 04:01 - 01660232 _____ () C:\Users\Any Authorised User\AppData\Local\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
    2014-09-12 23:17 - 2014-09-04 04:01 - 14891848 _____ () C:\Users\Any Authorised User\AppData\Local\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\ProgramData:NT
    AlternateDataStreams: C:\Users\All Users:NT
    AlternateDataStreams: C:\ProgramData\Application Data:NT
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
    AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
    AlternateDataStreams: C:\Users\Any Authorised User\Application Data:NT
    AlternateDataStreams: C:\Users\Any Authorised User\Downloads\Reference 21710.eml:OECustomProperty
    AlternateDataStreams: C:\Users\Any Authorised User\Downloads\Thank you for your application.eml:OECustomProperty
    AlternateDataStreams: C:\Users\Any Authorised User\AppData\Roaming:NT

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service => ""="Ad-Aware Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ad-Aware Service => ""="Ad-Aware Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
    MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Any Authorised User\AppData\Local\Akamai\netsession_win.exe"
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: chromium => C:\Users\Any Authorised User\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window
    MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
    MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
    MSCONFIG\startupreg: Message Center Plus => C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
    MSCONFIG\startupreg: Monitor => C:\Windows\PixArt\PAC207\Monitor.exe
    MSCONFIG\startupreg: OlStatusMon => "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
    MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    MSCONFIG\startupreg: Power Manager Power Agenda => C:\PROGRA~1\ThinkPad\UTILIT~1\DPMHost.exe
    MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
    MSCONFIG\startupreg: SSDMonitor => C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
    MSCONFIG\startupreg: Steam => "C:\Program Files\New folder\Steam.exe" -silent
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: Vidalia => "C:\Users\Any Authorised User\Downloads\Tor Browser\App\vidalia.exe"

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/18/2014 08:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
    Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
    Exception code: 0x40000015
    Fault offset: 0x0007da8a
    Faulting process id: 0xab4
    Faulting application start time: 0xmbamservice.exe0
    Faulting application path: mbamservice.exe1
    Faulting module path: mbamservice.exe2
    Report Id: mbamservice.exe3

    Error: (09/18/2014 08:31:11 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: mbamscheduler.exe, version: 3.0.2.0, time stamp: 0x5339cec3
    Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
    Exception code: 0x40000015
    Fault offset: 0x0008d6fd
    Faulting process id: 0x758
    Faulting application start time: 0xmbamscheduler.exe0
    Faulting application path: mbamscheduler.exe1
    Faulting module path: mbamscheduler.exe2
    Report Id: mbamscheduler.exe3

    Error: (09/18/2014 05:04:19 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
    Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
    Exception code: 0x40000015
    Fault offset: 0x0007da8a
    Faulting process id: 0xf0
    Faulting application start time: 0xmbamservice.exe0
    Faulting application path: mbamservice.exe1
    Faulting module path: mbamservice.exe2
    Report Id: mbamservice.exe3

    Error: (09/18/2014 05:03:57 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: mbamscheduler.exe, version: 3.0.2.0, time stamp: 0x5339cec3
    Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
    Exception code: 0x40000015
    Fault offset: 0x0008d6fd
    Faulting process id: 0x738
    Faulting application start time: 0xmbamscheduler.exe0
    Faulting application path: mbamscheduler.exe1
    Faulting module path: mbamscheduler.exe2
    Report Id: mbamscheduler.exe3

    Error: (09/18/2014 04:58:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 38158

    Error: (09/18/2014 04:58:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 38158

    Error: (09/18/2014 04:58:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (09/18/2014 04:58:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 37160

    Error: (09/18/2014 04:58:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 37160

    Error: (09/18/2014 04:58:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    System errors:
    =============
    Error: (09/18/2014 08:31:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).

    Error: (09/18/2014 08:31:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    prodrv06
    prohlp02
    prosync1
    sfhlp01

    Error: (09/18/2014 08:31:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The MBAMScheduler service failed to start due to the following error:
    %%1053

    Error: (09/18/2014 08:31:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.

    Error: (09/18/2014 08:30:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The BingBar Service service failed to start due to the following error:
    %%2

    Error: (09/18/2014 08:30:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Rapport Management Service service failed to start due to the following error:
    %%14001

    Error: (09/18/2014 08:30:51 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 20:29:46 on ‎18/‎09/‎2014 was unexpected.

    Error: (09/18/2014 08:30:44 PM) (Source: Application Popup) (EventID: 875) (User: )
    Description: Driver prodrv06.sys has been blocked from loading.

    Error: (09/18/2014 08:30:36 PM) (Source: Application Popup) (EventID: 875) (User: )
    Description: Driver prohlp02.sys has been blocked from loading.

    Error: (09/18/2014 08:30:36 PM) (Source: Application Popup) (EventID: 875) (User: )
    Description: Driver prosync1.sys has been blocked from loading.


    Microsoft Office Sessions:
    =========================
    Error: (09/18/2014 08:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8aab401cfd3771c1ebb6fC:\Program Files\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe664c1f59-3f6a-11e4-ad88-1078d2aa397a

    Error: (09/18/2014 08:31:11 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: mbamscheduler.exe3.0.2.05339cec3MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd75801cfd377110a6423C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dll57f3f5d9-3f6a-11e4-ad88-1078d2aa397a

    Error: (09/18/2014 05:04:19 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8af001cfd35a27d6538dC:\Program Files\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe71c964a1-3f4d-11e4-8f5b-1078d2aa397a

    Error: (09/18/2014 05:03:57 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: mbamscheduler.exe3.0.2.05339cec3MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd73801cfd35a1e543d78C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dll65109c60-3f4d-11e4-8f5b-1078d2aa397a

    Error: (09/18/2014 04:58:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 38158

    Error: (09/18/2014 04:58:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 38158

    Error: (09/18/2014 04:58:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (09/18/2014 04:58:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 37160

    Error: (09/18/2014 04:58:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 37160

    Error: (09/18/2014 04:58:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    ==================== Memory info ===========================

    Processor: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
    Percentage of memory in use: 72%
    Total physical RAM: 1917.24 MB
    Available physical RAM: 533.02 MB
    Total Pagefile: 2917.24 MB
    Available Pagefile: 1408 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1888.29 MB

    ==================== Drives ================================

    Drive c: (Windows7_OS) (Fixed) (Total:287.15 GB) (Free:35.85 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive q: (Lenovo_Recovery) (Fixed) (Total:9.77 GB) (Free:4.13 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 298.1 GB) (Disk ID: DB75F3D2)
    Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=287.2 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  5. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Oh tali1, I can see why you have problems......
    You are loaded with malware but the main problem is: your C drive is FULL and heavily fragmented .. You only have 12% free space and that's not enough room to defrag or download any other programs or pics.... :(

    I can help you clean it and a lot of stuff will have to be removed and un-installed to gain enough room to do anything at all with it.

    After getting rid of the malware you may have to invest in a larger drive...

    This will take a while but I'm willing if you are..

    Just let me know and we can start the procedure when you are ready..

    2oG o_O
     
  6. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,167
    Likes Received:
    136
    Trophy Points:
    143
    2oG, 35.85 GB is still lots of room to install programs as it is equal to 8 dvds.
     
  7. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    I know it sounds like a lot but, it isn’t..

    Windows requires 15+ percent free space in order to work.

    Your drive is 287.15GB with 35.85GB free space and that’s 35.85/287.15 = 12.4% free.

    At fewer than 15% free, Defrag cannot work and you are fragmented so much that windows cannot add to this drive….



    Sorry but that’s how it works…. :(
     
  8. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    @ddp, when you have a 900GB drive, you need 135GB free in order to work properly and that's a lot..
     
  9. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,167
    Likes Received:
    136
    Trophy Points:
    143
    i've defragged with less then 12% a number of times but on customers' computers.
     
  10. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Too many variables to argue about.. I also defrag computers with less by using MyDefrag, it uses RAM to move things that you Have to have the space to move... It's a shell game to move and replace and don't always hold up to what you think it should..... tali1 is using XP and that defragger is not as good as the newer ones.....
     
  11. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    @tali1,
    Got busy and never heard back if you wanted to clean and get some space to work in or what did you decide???

    2oG o_O
     
  12. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,167
    Likes Received:
    136
    Trophy Points:
    143
    2oG, tali is using win7 not xp as xp cannot run ie11.
    "Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11"
     
  13. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Yeah, so I got confused because I was working on 3 other Logs at the time the "nit picking" moderator was running his post count up playing "peanut gallery" instead of being a MOD......... :p
     
  14. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,167
    Likes Received:
    136
    Trophy Points:
    143
    bitch & complain, bitch & complain, that is all you do is bitch & complain. why run up my post count being i have the highest count on this site including that of all site admin!
     
  15. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    LOL[​IMG]

    When one is 7 or 70 they can piddle in the driveway and get away with it……

    The only reason you have the highest count is because of your insignificant, irrelevant, trifling, minute, minuscule, picayune, butt-in-ski posts. On other sites, I never hear from a MOD unless I PM them and then it’s strictly business on the thread and no chit-chat back and forth except in a PM conversation……But then, that’s why I like AD it’s very loose and lay-back..
    Keep your powder dry. [​IMG]
     
  16. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,167
    Likes Received:
    136
    Trophy Points:
    143
    can't keep my powder dry as it is raining here, off & on & i still have over 6 tons of recycled asphalt to shovrl over my driveway.
     
  17. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Shovrl??? rent a Back Hoe.
     
  18. tali1

    tali1 Regular member

    Joined:
    Apr 12, 2008
    Messages:
    137
    Likes Received:
    2
    Trophy Points:
    28
    2oldGeek - you know any time i try defrag -even with lots of space-it always says it is ok .Analysed now and it says 0%.
    It must be over 7 yrs when it has said you should defrag on ANY of my 5 devices
     
  19. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    tali1,
    One of the first things I look at, when some victim says their computer is slow or can't download, is the space left on the HDD.......

    I got a little confused because I was working on other Logs and had a "Brain Fart". hehe

    I went over your Log real well and you have no malware, just some remnants. We'll see if we can locate your problem....

    First:

    [​IMG] SpyBot S&D Warning

    SpyBot S&D is no longer recommend due to very poor testing results. See here -> MVPS.org (scroll down and read under Freeware Antispyware Products).
    My advice is to get rid of this program. To do so:
    • Press the [​IMG] + R on your keyboard at the same time. Type appwiz.cpl and click OK.
    • Search for SpyBot, right-click the entry and click Uninstall.

    This is optional, but please consider it because it sometimes causes problems when cleaning.

    Second:

    Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
    Please also download the attached scriptfile, named zoekscript.txt.

    NOTE: You may have to disable your AV in order to download Zoek, Some AV's catch it as malware, it's not, it's safe!

    [​IMG] Disable your AntiVirus and AntiSpyware programs, so they do not interfere with the running of Zoek.exe. You can find instructions how to disable your security applications here.

    Now, on your Desktop, drag and drop zoekscript.txt on Zoek.exe as shown below:
    [​IMG]

    Please approve any UAC prompt to allow this action to proceed.

    Answer Yes to the following prompt to allow the zoek script to run:

    [​IMG]

    This action causes Zoek.exe to start automatically. Please be patient while Zoek is scanning.

    When the tool finishes, the zoek-results.log is opened in Notepad.
    The log is also found on the systemdrive, normally C:\
    If a reboot is needed, the log is opened after the reboot.

    Please attach the zoek-results.log in your reply.


    2oG
     

    Attached Files:

    Last edited: Sep 21, 2014
  20. tali1

    tali1 Regular member

    Joined:
    Apr 12, 2008
    Messages:
    137
    Likes Received:
    2
    Trophy Points:
    28
    For your perusal

    Zoek.exe v5.0.0.0 Updated 20-September-2014
    Tool run by Any Authorised User on 21/09/2014 at 20:22:42.58.
    Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Any Authorised User\Downloads\zoek.exe
    Script used: C:\Users\Any Authorised User\Downloads\zoekscript.txt

    ==== System Restore Info ======================

    21/09/2014 20:26:14 Zoek.exe System Restore Point Created Succesfully.

    ==== Empty Folders Check ======================

    C:\Program Files\Malwarebytes' Anti-Malware deleted successfully
    C:\PROGRA~2\NokiaAccount deleted successfully
    C:\Users\Any Authorised User\AppData\Roaming\Malwarebytes deleted successfully
    C:\Users\Any Authorised User\AppData\Roaming\Update deleted successfully
    C:\Users\Any Authorised User\AppData\Local\LogMeIn Rescue Applet deleted successfully
    C:\Users\Guest\AppData\Local\VirtualStore deleted successfully
    C:\Windows\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully

    ==== Deleting CLSID Registry Keys ======================

    HKEY_USERS\S-1-5-21-2098016922-1146624395-3197941800-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
    HKEY_USERS\S-1-5-21-2098016922-1146624395-3197941800-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
    HKEY_USERS\S-1-5-21-2098016922-1146624395-3197941800-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
    HKEY_USERS\S-1-5-21-2098016922-1146624395-3197941800-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
    HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
    HKEY_CLASSES_ROOT\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

    ==== Deleting CLSID Registry Values ======================

    HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
    HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
    HKEY_USERS\S-1-5-21-2098016922-1146624395-3197941800-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

    ==== Deleting Services ======================


    ==== FireFox Fix ======================

    ProfilePath: C:\Users\ANYAUT~1\AppData\Roaming\Flickr\Flickr Uploadr\Profiles\ej1jk4c5.default

    user.js not found
    ---- FireFox user.js and prefs.js backups ----

    prefs_092014_2035_.backup

    ProfilePath: C:\Users\ANYAUT~1\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default

    user.js not found
    ---- Lines blekko removed from prefs.js ----
    user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"private
    ---- Lines imbooster removed from prefs.js ----
    user_pref("id_imbooster4web_v6.cache.tbs_include_xml_006938", "35/17/2/6/112");
    user_pref("id_imbooster4web_v6.firstlaunch", "0");
    user_pref("id_imbooster4web_v6.guid", "%7B93A531BF-1642-F9B9-A96D-C1778673C9F4%7D");
    user_pref("id_imbooster4web_v6.stored_historysearch", "////%20google");
    user_pref("id_imbooster4web_v6.userId", "%12");
    user_pref("id_imbooster4web_v6.Var1", "0");
    user_pref("id_imbooster4web_v6.Var10", "0");
    user_pref("id_imbooster4web_v6.Var2", "0");
    user_pref("id_imbooster4web_v6.Var3", "0");
    user_pref("id_imbooster4web_v6.Var4", "0");
    user_pref("id_imbooster4web_v6.Var5", "0");
    user_pref("id_imbooster4web_v6.Var6", "0");
    user_pref("id_imbooster4web_v6.Var7", "0");
    user_pref("id_imbooster4web_v6.Var8", "0");
    user_pref("id_imbooster4web_v6.Var9", "0");
    user_pref("id_imbooster4web_v6_installed_version", "1.0.1018.0");
    ---- Lines extensions.5197bfa33aa52 removed from prefs.js ----
    user_pref("extensions.5197bfa33aa52.epoch", "1370205603");
    user_pref("extensions.5197bfa33aa52.url", "http://getjpinet.info/sync/?ext=cto...30518175131&lsd=130601201353&ind=2687739033&s
    ---- FireFox user.js and prefs.js backups ----

    prefs_092014_2035_.backup

    ==== Batch Command(s) Run By Tool======================


    ==== Deleting Files \ Folders ======================

    C:\Program Files\Java deleted
    C:\Program Files\Mozilla Firefox\components\msservice.js deleted
    C:\Program Files\Toolbar Cleaner deleted
    C:\Program Files\Wondershare deleted
    C:\found.000 deleted
    C:\Users\Any Authorised User\AppData\Roaming\Nectar Search Toolbar deleted
    C:\Users\Any Authorised User\AppData\Local\adawarebp deleted
    C:\Users\Guest\AppData\Local\adawarebp deleted
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
    C:\Users\Any Authorised User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat deleted
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
    C:\Users\Any Authorised User\Downloads\iMeshV10.exe deleted
    C:\Users\Any Authorised User\Downloads\The_HL_Guide_to_Fund_Prices,_Savings_and_Yields.pdf deleted
    C:\Users\Any Authorised User\AppData\LocalLow\IncrediMail_MediaBar_4 deleted
    C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
    C:\Windows\system32\config\systemprofile\AppData\LocalLow\Toolbar4 deleted
    C:\Windows\system32\config\systemprofile\Searches deleted
    C:\Windows\System32\InstallUtil.InstallLog deleted
    C:\Users\ANYAUT~1\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default\jetpack deleted
    C:\Users\ANYAUT~1\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default\CT2878731 deleted
    C:\Users\ANYAUT~1\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default\CT3072253 deleted
    C:\Users\ANYAUT~1\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack deleted

    ==== Firefox Extensions Registry ======================

    [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
    "{3112ca9c-de6d-4884-a869-9855de68056c}"="C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}" [18/12/2011 20:59]
    [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
    "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04/04/2014 11:36]

    ==== Firefox Extensions ======================

    ProfilePath: C:\Users\ANYAUT~1\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default
    - Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi
    - Troll Faces - %ProfilePath%\extensions\jid0-OJczISDnLvcSqtzcbF8q5kQrP5o@jetpack.xpi
    - Silvermel - %ProfilePath%\extensions\silvermel@pardal.de.xpi
    - Silvermel and Charamel XT - %ProfilePath%\extensions\silvermelxt@pardal.de.xpi
    - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

    AppDir: C:\Program Files\Mozilla Firefox
    - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ==== Firefox Plugins ======================

    Profilepath: C:\Users\Any Authorised User\AppData\Roaming\Mozilla\Firefox\Profiles\6mbb9beb.default
    DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
    FB5621842FDABF9F8359775573498FBC - C:\Users\Any Authorised User\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update
    FB5621842FDABF9F8359775573498FBC - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update
    893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In
    F6D12679B9112358AC705A1308156F59 - C:\Users\Any Authorised User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
    EC4656A202D861D3637DC1EE6A6D6794 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
    12B7DC255875CEC877E67B859D80350B - C:\Users\Any Authorised User\AppData\Local\Roblox\Versions\version-de8b84f90efc4ca5\NPRobloxProxy.dll - Roblox Launcher Plugin
    7D35CB60201CED2F01AE06F1816231E2 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.100.18
    6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director
    C1680C34DE8A405C8829AB93236576FD - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
    18C6A57B569F088C2BD7B828A211AC06 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U5
    3D3CAF586124C4E8102764C8B3063BB6 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
    AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
    727BBA327A0CF4B7A0537287B6E81B5D - C:\Program Files\Virtual Earth 3D\npVE3D.dll - Virtual Earth 3D 4.00100226006 plugin for Mozilla
    28D2C5CE5944E1B027CF5C8004CF89A1 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
    15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System
    8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight


    ==== Chromium Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
    bopakagnckmlgajfccecajhnimjiiedh - No path found[]
    klibnahbojhkanfgaglnlalfkgpcppfi - C:\Users\Any Authorised User\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx[]

    HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
    apdfllckaahabafndbhieahigkjlhalf - C:\Users\ANYAUT~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[22/03/2014 15:55]
    klibnahbojhkanfgaglnlalfkgpcppfi - C:\Users\Any Authorised User\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx[]
    kljghhlcggnhofdcnlkelobcehdbnfnd - No path found[]

    Google Voice Search Hotword (Beta) - Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
    MSS+ Extension - Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh

    ==== Chromium Fix ======================

    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_find.conduit.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_find.conduit.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_sac.conduit.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_sac.conduit.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_youtube.conduitapps.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_youtube.conduitapps.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_toolbar.utorrent.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_toolbar.utorrent.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lyrics.wikia.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lyrics.wikia.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsmania.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsmania.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.songlyrics.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.songlyrics.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.iminent.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adultfriendfinder.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adultfriendfinder.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_banners.adultfriendfinder.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_banners.adultfriendfinder.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_geobanner.adultfriendfinder.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_geobanner.adultfriendfinder.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.localslutsfinder.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.localslutsfinder.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.specsavers.co.uk_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.specsavers.co.uk_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_irfanview.en.softonic.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_irfanview.en.softonic.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_spider-man-friend-or-foe.en.softonic.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_spider-man-friend-or-foe.en.softonic.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.usa-people-search.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.usa-people-search.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ussearch.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ussearch.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.zabasearch.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.zabasearch.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_xml.ussearch.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_xml.ussearch.com_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_blekko.com_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_klibnahbojhkanfgaglnlalfkgpcppfi_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_klibnahbojhkanfgaglnlalfkgpcppfi_0.localstorage-journal deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_klibnahbojhkanfgaglnlalfkgpcppfi_0 deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klibnahbojhkanfgaglnlalfkgpcppfi deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kljghhlcggnhofdcnlkelobcehdbnfnd_0.localstorage deleted successfully
    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kljghhlcggnhofdcnlkelobcehdbnfnd_0.localstorage-journal deleted successfully

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://google.com/"

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://google.com/"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
    {E7838DDB-2925-40A3-BDE3-3AEEE4D65663} Unknown Url="Not_Found"

    ==== Deleting CLSID Registry Keys ======================

    HKEY_USERS\S-1-5-21-2098016922-1146624395-3197941800-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E7838DDB-2925-40A3-BDE3-3AEEE4D65663} deleted successfully

    ==== Deleting CLSID Registry Values ======================


    ==== Deleting Registry Keys ======================

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1B7CE040-ADB0-72C2-4ADF-F8A1F280CF7C} deleted successfully
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3097F679-B749-4C09-9CD1-B6A61D7D4E67} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi deleted successfully
    HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi deleted successfully
    HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\kljghhlcggnhofdcnlkelobcehdbnfnd deleted successfully

    ==== Empty IE Cache ======================

    C:\Users\Any Authorised User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Any Authorised User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
    C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    ==== Empty FireFox Cache ======================

    No FireFox Cache found

    ==== Empty Chrome Cache ======================

    C:\Users\Any Authorised User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== C:\zoek_backup content ======================

    C:\zoek_backup (files=1849 folders=168 267280047 bytes)

    ==== Empty Temp Folders ======================

    C:\Users\Any Authorised User\AppData\Local\temp will be emptied at reboot
    C:\Users\Default\AppData\Local\temp emptied successfully
    C:\Users\Default User\AppData\Local\temp emptied successfully
    C:\Users\Guest\AppData\Local\temp emptied successfully
    C:\Users\Public\AppData\Local\temp emptied successfully
    C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
    C:\Windows\Temp will be emptied at reboot

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\Windows\Temp successfully emptied
    C:\Users\ANYAUT~1\AppData\Local\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== EOF on 21/09/2014 at 20:41:55.05 ======================
     

Share This Page