i have downloaded some viruses on my computer; i have run malware byte and adwcleaner and it removed around 500 viuses.
before i restarted my computer my internet connections was working fine but right after i restarted cause the malware byte scanner told me to restart my internet connection wasnt working. I tried doing trouble shoot but all it says is The wireless/wired network adapter is experiencing problems and didnt give a solution to fix it. I tried to do ipconfig /all on my cmd but all it gave me was "Windows ip configuration Host name ...: Blackface-pc , primay dns ....: (BLANK nothing was written) node type ... : Hybrid Ip routing enabled... No wins proxy enabled ... : No. nothing else. when i try to connect to my wifi it says limited acess and wont let me connect. when i try to connect lan it doesnt detect any lan input even tho thee a wire connected flashing green. The programs i have already used are : Malware byte, adwcleaner, OTL.exe, Roguekiller, Combofixer,JRT.exe
Also when i go check my status on my local area connection it says IPv4/6 not connected. Can you guys help me please!!

SysInfo:
Tech Support Guy System Info Utility version 1,0.0.2
OS Version: Microsoft winndows 7 ultimate, sevice pack 1 64 bits
Processor: Intel(R) Core(TM) i5-2320 cpu @ 3.00ghz, intel64Family 6
Model 42 stepping 7
Processor count: 4,
RAM: 12270Mb
Graphic card: NVIDIA GeFoce GTX660, -2048Mb
Hard Drives: C: total 953539 MB; Free - 8662 MB;
Motherboard: Gateway, IPISB-VR
Antivirus: None

Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same

Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same

Howdy, welcome.

http://forums.techguy.org/virus-othe...e-posting.html

Greetings,

I have had free Avira on my computer for a while without any real issue. Suddenly, now I have this notification that pops up after I followed "the internet's" method of making those annoying pop-ups (telling me to update) go away. I get this "This program is blocked by group policy. For more information, contact your system administrator." which pop ups multiple times any time I am on the internet. I've tried to follow what others have said about taking avnotify.exe and ipmgui.exe and clicking the boxes to reflect read and execute in the deny column. Can someone help me get rid of this? My wife is driving me crazy with this...

I have windows 7, compac presario SR5410F, not sure where to find out the rest of the info.
Help me please?

I have a windows 7 dell laptop, I use Google Chrome, and I completely uninstalled internet explorer but i still get a PC firewall popup from internet explorer. It says:

"WARNING! Your PC may not be protected!

If you see this message more than once, you need to call PC support at
1-888-653-5637 immediately

During this free call, you will receive assistance on how to remove
malicious malware from your PC."


On the webpage behind it all the info, for example location and date, are incorrect. I can't close the browser or the popup. How can I fix this?

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 4085 Mb
Graphics Card: Intel(R) G33/G31 Express Chipset Family, 256 Mb
Hard Drives: C: Total - 598268 MB, Free - 444904 MB; D: Total - 12108 MB, Free - 2206 MB;
Motherboard: MSI, Boston
Antivirus: Kaspersky Internet Security, Not Updated


Problem:

I clicked on an email and opened an attachment from someone I thought I knew, but turned out to be a virus (I assume.) I now cannot get past the log-in screen for windows. Upon entering my password at the log-in screen, the screen simply turns black. I have ran MBAM 2-3 times with no change in performance after removing the located viruses. Any help would be appreciated.

Please download Farbar Recovery Scan Tool 64bit and save it to a USB stick.

Please download MiniToolBox and save it to your USB stick.

Using the USB stick, please transfer the two programs to the Desktop of the 'infected' machine.

FRST
On the infected machine, run the following:

• Right click the FRST file on your desktop and select "Run as Administrator..." (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• If an update is available, the program will inform you and download the update. Allow it do this please.
• Press the Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy the log onto the USB stick and paste the log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST64.exe). Please also copy this log on to the USB stick and paste that along with the FRST.txt into your reply.

MiniToolBox
Double click on MiniToolBox.exe to run it.
Checkmark the following checkboxes:

• Flush DNS
• Report IE Proxy Settings
• Report FF Proxy Settings
• List content of Hosts
• List IP configuration
• List Winsock Entries
• List last 10 Event Viewer log
• List Installed Programs
• List Devices
• List Users, Partitions and Memory size.
• List Minidump Files

Click Go; the tool will create a log file on the desktop called Result.txt. Please copy Result.txt to the USB stick and post it in a reply here.

Information to Reply with >>>>

• Any questions or concerns you may have for me.
• The FRST.txt log text.
• The Addition.txt log text.
• The MiniToolBox Result.txt log text.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Hi bubbletea

Welcome to Tech Support Guy. My name is dbreeze and I'll be helping you with this problem. Before I get into the removal of malware / correction of your problem, I need you to be aware of the following:

• Please read all of my response through at least once before attempting to follow the procedures described.I would recommend printing them out, if you can, as you can check off each step as you complete it. Also, as some of the cleaning may be done in Safe Mode and there will be no internet connection then, you will find that having the steps printed for reference speeds the cleaning process along. If there's anything you don't understand or isn't totally clear to you, please come back to me for clarification before you start those steps.
• All of the assistants and staff at Tech Support Guy are here on a volunteer basis; please respect our time given to the cause of helping others.If you are going to be away for more than 4 days, please let me know here. (I will do the same for you.) We do realize that 'life happens' and situations arise unexpectedly; we just ask that you keep us up to date.
• Malware removal is a complex, multiple step process; please stay with me on this thread (don't start another thread) until I declare that your logs are clean and you are good to go. The absence of apparent issues does not mean your system is clean; I will tell you when everything looks good for you to go and help you remove the tools we have used.
• If any of the security programs on your system should give any warnings about the software tools I ask you to download and use, please do not be alarmed.All of the tools I will have you use are safe to use (as instructed) and malware free.
• While we strive to disrupt your system as little as possible, things happen.If you can, it would be best to back up your personal files now (if you do not already have a backup). You can store these on a CD/DVD, USB drive or stick, anywhere but on your same system. This will save you from possible anguish later if something unforeseen happens.
• Please do not run any other tools or scanners than what I ask you to.Some of the openly available software made for malware removal can make changes to your system that interfere with the cleaning of the malware, or even destroy your system. I will use only what the situation calls for and direct you in the proper use of that software.
• Please do not attach any log files to your replies unless I specifically ask you.Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  
  
  - Save ALL Tools to your Desktop-
  
  All the tools that I will have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
  
  Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
  Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Choose Settings. at the bottom of the screen click the
  "Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
  Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
  and the click the "Select Folder" button. Click OK to get out of the Options menu.
  Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and
  select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
  NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
  

Let's get started....

Please download Farbar Recovery Scan Tool 64bit and save it to your Desktop.

• Right click the FRST file on your desktop and select "Run as Administrator..." (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• If an update is available, the program will inform you and download the update. Allow it do this please.
• Press the Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

yes, just delete the 4 in downloads folder

Hi, I was using the internet (Google Chrome) when suddenly a new tab opened itself and a recording began to play. It was an alert said to be from google chrome, saying that I had possibly contracted a virus on my computer and I should call the following number immediately. I didnt call, it was too odd, it said my location was in Israel, but I am in Canada, but I am slightly concerned as if it was real, it said all my information including bank info, passwords, that sort of thing, was at risk. Is this simply a scam that adblock somehow didnt detect? or is it the real thing? i took a screenshot of the page and have attached it here. any help is appreciated!!! I have the free version of AVG security installed on my computer as well. Thanks

Attached Images

pop-up.png (194.9 KB)

Addition report

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Main at 2015-01-19 19:01:23
Running from C:\Users\Main\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-594262813-2494836803-3192493301-1000\...\Adobe Connect 9 Add-in) (Version: 11.2.251.0 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Amazon MP3 Uploader (HKLM-x32\...\com.amazon.music.uploader) (Version: 1.0.8 - Amazon Services LLC)
Amazon MP3 Uploader (x32 Version: 1.0.8 - Amazon Services LLC) Hidden
AMD Catalyst Install Manager (HKLM\...\{E85D1C80-28C4-76B8-5A5A-2C8D8B38D5D9}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Application Support (HKLM-x32\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Smart Doctor (HKLM-x32\...\InstallShield_{37CAA669-9BA0-49F2-8462-C76269E474E8}) (Version: 5.25 - ASUSTek COMPUTER INC.)
ATI AVIVO64 Codecs (Version: 9.15.0.20713 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{CCC50A42-892B-AF23-6188-6E8D2FDF34E3}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AudioLabel (HKLM-x32\...\AudioLabel) (Version: 6.0 (Build 2) - CDCoverSoft)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AVS Audio Editor 7.3 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.3.1.493 - Online Media Technologies Ltd.)
AVS Audio Recorder version 4.0 (HKLM-x32\...\AVS Audio Recorder_is1) (Version: - Online Media Technologies Ltd.)
AVS Cover Editor 2.0.1.3 (HKLM-x32\...\AVSCoverEditor2_is1) (Version: - Online Media Technologies Ltd.)
AVS Cover Editor Free Download Packages (HKU\S-1-5-21-594262813-2494836803-3192493301-1000\...\AVS Cover Editor Free Download Packages) (Version: - ) <==== ATTENTION
AVS DVD Copy 4.1.2.283 (HKLM-x32\...\AVS DVD Copy_is1) (Version: - Online Media Technologies Ltd.)
AVS Image Converter 2.2.2.218 (HKLM-x32\...\AVS Image Converter_is1) (Version: - Online Media Technologies Ltd.)
AVS Media Player 4.1.10.97 (HKLM-x32\...\AVS Media Player_is1) (Version: - Online Media Technologies Ltd.)
AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Editor 7.0 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.0.1.258 - Online Media Technologies Ltd.)
AVS Video Recorder 2.5 (HKLM-x32\...\AVS Video Recorder_is1) (Version: - Online Media Technologies Ltd.)
AVS Video ReMaker 4.1.1.144 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
AX88772A (HKLM-x32\...\{CAAF899F-D15F-480F-AF10-22B1431A5E9F}) (Version: 1.00.0000 - )
Belkin USB Wireless Adaptor (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.10 - Belkin)
Belkin USB Wireless Adaptor (x32 Version: 1.0.0.10 - Belkin) Hidden
Bing Bar Platform (x32 Version: 6.3.2322.0 - Microsoft Corporation) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.05 - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BtwMfcMM (HKLM\...\{D5B46D30-F054-4C64-9C0F-97C8451E7D04}) (Version: 6.00.0000 - Broadcom Corporation)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Canon MG6300 series On-screen Manual (HKLM-x32\...\Canon MG6300 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG6300 series User Registration (HKLM-x32\...\Canon MG6300 series User Registration) (Version: - Canon Inc.‎)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CarMD (HKLM-x32\...\{A628FE9D-F6FA-4DB5-8817-A3617CD11A74}) (Version: 2.0.0 - CarMD.com Corp)
ccc-core-static (x32 Version: 2009.1124.2131.38610 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0210.1730.31317 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.35 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{3E7E6F1E-7376-475A-8BC9-E3126B20CF5F}) (Version: 1.0.198 - Citrix)
Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.1.44.1 - Citrix Systems, Inc.)
C-Media Card Reader Driver USB2.0 (HKLM\...\C-Media Card Reader Driver USB2.0) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Credit Detailer Free Personal Edition 4.0 (HKLM-x32\...\Credit Detailer Free Personal Edition) (Version: 4.0 - www.CreditDetailer.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DebtFree(tm) for Windows Personal 5.0h (HKLM-x32\...\DebtFree(tm) for Windows Personal 5.0h) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 1.21 - Piriform)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version: - NCH Software)
Dropbox (HKU\S-1-5-21-594262813-2494836803-3192493301-1000\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
EndItAll 2.0 (HKLM-x32\...\EndItAll_is1) (Version: 2.0 - Ziff Davis Media, Inc.)
EPSON NX110 Series Printer Uninstall (HKLM\...\EPSON NX110 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Fieldrunners 2 (HKLM-x32\...\Steam App 215710) (Version: - Subatomic Studios LLC)
FoxTab PDF Creator (HKU\S-1-5-21-594262813-2494836803-3192493301-1000\...\FoxTab PDF Creator) (Version: - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth (HKLM-x32\...\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}) (Version: 6.1.0.5001 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMyPC (HKLM\...\{260BCAC0-8BF7-40E2-92C1-7B106FD1116B}) (Version: 8.1.1337 - Citrix Online)
High Power 150Mbps Wireless N USB Adapter Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0174 - TRENDnet Inc.)
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HotKeyz 2.8.3 (HKLM-x32\...\HotKeyz_is1) (Version: 2.8.3 - Skynergy)
iCloud (HKLM\...\{704C0303-D20C-45AF-BD2B-556EAF31BE09}) (Version: 2.1.2.8 - Apple Inc.)
ieSpell (HKLM-x32\...\ieSpell) (Version: 2.6.4 (build 573) - Red Egg Software)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
J2SE Runtime Environment 5.0 Update 12 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150120}) (Version: 1.5.0.120 - Sun Microsystems, Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.63.1 - JMicron Technology Corp.)
LightScribe System Software (HKLM-x32\...\{FD71E2F7-B9FC-4072-88DB-AC19E2464D82}) (Version: 1.18.17.1 - LightScribe)
LightScribe Template Designs - Expressions (HKLM-x32\...\{A5CC4D86-371A-4044-A7F3-C6CFCC4CA813}) (Version: 1.18.8.111 - LightScribe)
LightScribe Template Designs - Floral Pack 1 (HKLM-x32\...\{605C0E57-BBB8-458F-9020-B17DCF0D5DEA}) (Version: 1.15.0.0 - LightScribe)
LightScribe Template Designs - Food-n-Family Pack 1 (HKLM-x32\...\{B06EFB5F-FDDC-4DA3-BE5C-3E2A72D5BEAE}) (Version: 1.17.2.0 - LightScribe)
LightScribe Template Designs - Holiday Pack 1 (HKLM-x32\...\{CEF736FF-8133-42F3-8E18-BDFE293B87FF}) (Version: 1.10.16.1 - LightScribe)
LightScribe Template Designs - Kids Korner Pack 1 (HKLM-x32\...\{742F1560-893C-457B-A47A-DBC62A1302FB}) (Version: 1.17.0.0 - LightScribe)
LightScribe Template Designs - Music Pack 1 (HKLM-x32\...\{4ECA4128-8B48-44A0-90E8-B93C6A69CE4B}) (Version: 1.15.0.0 - LightScribe)
LightScribe Template Designs - Seasonal Pack 1 (HKLM-x32\...\{84B01A13-F78F-4281-9224-C96FB3530A2C}) (Version: 1.15.0.0 - LightScribe)
LightScribe Template Designs - Special Occasion Pack 1 (HKLM-x32\...\{B6C766E9-B26D-4D54-A22B-A52B069C6C14}) (Version: 1.10.19.1 - LightScribe)
LightScribe Template Designs - Winter Whimsy (HKLM-x32\...\{BF2115A8-1096-4C84-AA2D-B4DE3ADA2536}) (Version: 1.18.8.110 - LightScribe)
LightScribe Template Designs - With The Band (HKLM-x32\...\{7495F8B4-6F73-496C-AC48-FE7F8867FF59}) (Version: 1.18.8.110 - LightScribe)
Logitech Harmony Remote Software (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 1.0.110307 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.45.4.3 - Marvell)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-594262813-2494836803-3192493301-1000\...\SkyDriveSetup.exe) (Version: 17.0.2011.0627 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 6.0 (HKLM-x32\...\{067B277E-F94B-4F04-B380-BA967C00377C}_is1) (Version: - MiniTool Solution Ltd.)
MobileMe Control Panel (HKLM\...\{39107B20-EA1C-4974-881C-607300BB3C99}) (Version: 2.6.0.29 - Apple Inc.)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Morgan Multimedia Motion JPEG Codec 3.0.0.9 (HKLM-x32\...\Morgan Multimedia Motion JPEG Codec_is1) (Version: 3.0.0.9 - Morgan Multimedia)
Motorola Bluetooth (HKLM\...\1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1) (Version: 3.0.02.285 - Motorola, Inc.)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 en-US)) (Version: 31.3.0 - Mozilla)
Neat (HKLM-x32\...\Neat) (Version: 5.2.2.3 - The Neat Company)
Neat ADF Scanner 2008 Driver (HKLM\...\{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}) (Version: 2.0.1.5 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.1 - The Neat Company)
Neat Core Files (x32 Version: 5.2.2.3 - The Neat Company) Hidden
Neat Mobile Scanner (Silver) Driver (HKLM\...\{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}) (Version: 2.0.1.5 - The Neat Company)
Neat Mobile Scanner 2008 Driver (HKLM\...\{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}) (Version: 2.0.1.4 - The Neat Company)
Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company)
Nero MediaHome 4 Essentials (HKLM-x32\...\{c9357ea9-cfb9-447f-841e-d0e9edc4caa1}) (Version: - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Orb Runtime libraries (x32 Version: 1.0.0 - Orb Networks, Inc.) Hidden
Paint.NET v3.5.4 (HKLM\...\{053B3DA8-91B5-4682-A130-715412A1A253}) (Version: 3.54.0 - dotPDN LLC)
Paint.NET v3.5.7 (HKLM\...\{45212F71-750F-4B98-8931-2F35DBE6B662}) (Version: 3.57.0 - dotPDN LLC)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 9.0 - PlotSoft LLC)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
Safari (HKLM-x32\...\{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}) (Version: 5.33.19.4 - Apple Inc.)
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Saitek SD6 Programming Software 6.6.6.9 (HKLM\...\{EB7C6F78-2A27-4FEF-A98B-5F2698DC4CBF}) (Version: 6.6.6.9 - Saitek)
Saitek SD6 Programming Software 6.7.5.2 (HKLM\...\{E90BE8E7-0052-46D8-AA7A-7F8F82A8DCCB}) (Version: 6.7.5.2 - Saitek)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
SecurView Pro 2.1.1 (HKLM-x32\...\DVRServer.Application_is1) (Version: 2.1.1 - TRENDnet)
Send To Neat (HKLM\...\{237E305C-B625-466A-88CE-1E121BF4FDB1}) (Version: 1.1.0.0 - The Neat Company)
Speccy (HKLM\...\Speccy) (Version: 1.21 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.38.1004 - SUPERAntiSpyware.com)
TeraCopy 2.1 (HKLM\...\TeraCopy_is1) (Version: - Code Sector Inc.)
The Lord of the Rings FREE Trial (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Tiny Burner 1 (HKLM-x32\...\Tiny Burner_is1) (Version: 1.0 - Softland)
TreeSize Free V2.4 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.4 - JAM Software)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veoh Web Player (HKLM-x32\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.)
VideoMate X-Series Driver (HKLM-x32\...\{D72601C5-3960-4093-8DC0-6A4C44553A56}) (Version: 5.00.800 - )
VS 2008 CRT Package (HKLM-x32\...\{ED79C920-2FF2-4742-AF32-B58BE68B0FA6}) (Version: 1.1.0 - Microsoft)
WinDirStat 1.1.2 (HKU\S-1-5-21-594262813-2494836803-3192493301-1000\...\WinDirStat) (Version: - )
Windows Driver Package - Advanced Micro Devices, Inc. (amdkmdap) Display (07/28/2011 8.881.0.0000) (HKLM\...\336D11F52E7535B73E723172D474100C8387D19E) (Version: 07/28/2011 8.881.0.0000 - Advanced Micro Devices, Inc.)
Windows Driver Package - Advanced Micro Devices, Inc. (amdkmdap) Display (09/08/2011 8.892.0.0000) (HKLM\...\975A45FBE93AB46F34C02799890FC96D277C65B1) (Version: 09/08/2011 8.892.0.0000 - Advanced Micro Devices, Inc.)
Windows Driver Package - ATI Technologies Inc. (amdkmdap) Display (01/04/2011 8.812.0.0000) (HKLM\...\266950386A8725C58991CD8CDDF24C8D53ED10B4) (Version: 01/04/2011 8.812.0.0000 - ATI Technologies Inc.)
Windows Driver Package - ATI Technologies Inc. (amdkmdap) Display (01/26/2011 8.821.0.0000) (HKLM\...\FD3D220DDF48408A15C0A3F4E4AC2FFE453D3E4A) (Version: 01/26/2011 8.821.0.0000 - ATI Technologies Inc.)
Windows Driver Package - ATI Technologies Inc. (amdkmdap) Display (03/08/2011 8.831.2.0000) (HKLM\...\8BC35419E40F7D763CE22BC6F5E4A91D929FC705) (Version: 03/08/2011 8.831.2.0000 - ATI Technologies Inc.)
Windows Driver Package - ATI Technologies Inc. (amdkmdap) Display (05/24/2011 8.861.0.0000) (HKLM\...\F0476EE0B7131E554D4B3907F2E1364B6406CEAB) (Version: 05/24/2011 8.861.0.0000 - ATI Technologies Inc.)
Windows Driver Package - Broadcom Corporation (bcbtums) Bluetooth (03/16/2012 6.5.1.2600) (HKLM\...\6A044848DB955BAB41313E7878DE4E2C68715F24) (Version: 03/16/2012 6.5.1.2600 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600) (HKLM\...\524FB58AAB1C34915E5DAE6F9A7ABD1AA8C96614) (Version: 03/16/2012 6.5.1.2600 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600) (HKLM\...\73EBF284DDB186EC3E526FEE77E2325097703596) (Version: 03/16/2012 6.5.1.2600 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600) (HKLM\...\765E3A42F1EB7BB642F073A20918B588DC4D1193) (Version: 03/16/2012 6.5.1.2600 - Broadcom Corporation)
Windows Driver Package - Broadcom HIDClass (09/11/2009 6.3.0.1500) (HKLM\...\3366905E6EFF86120E12E2DB3F8F2EDC3B7F5003) (Version: 09/11/2009 6.3.0.1500 - Broadcom)
Windows Driver Package - Citrix Systems monblanking Citrix Driver (04/25/2013 6.2.101.0) (HKLM\...\831FB1509292986F102B3AB7C8451FA1EA13B0F7) (Version: 04/25/2013 6.2.101.0 - Citrix Systems)
Windows Driver Package - Marvell (yukonw7) Net (02/15/2010 11.24.3.3) (HKLM\...\79A0B98FC74695816C3C2ADA6A200686E6A35E96) (Version: 02/15/2010 11.24.3.3 - Marvell)
Windows Driver Package - Marvell (yukonw7) Net (02/17/2011 11.41.3.3) (HKLM\...\18644734AE6671A5DEDBBFB5EDEB83A73C4F6B85) (Version: 02/17/2011 11.41.3.3 - Marvell)
Windows Driver Package - Marvell (yukonw7) Net (05/12/2011 11.43.1.3) (HKLM\...\0F52520398B617887787435CBAD477C42FD0F6C5) (Version: 05/12/2011 11.43.1.3 - Marvell)
Windows Driver Package - Marvell (yukonw7) Net (09/15/2010 11.30.1.3) (HKLM\...\E91821C6BE5EDBF05E0447281EAE1BB17AD713EC) (Version: 09/15/2010 11.30.1.3 - Marvell)
Windows Driver Package - Realtek Semiconductor Corp. (RTL8192su) Net (11/05/2010 1086.37.1105.2010) (HKLM\...\6A59B39855823751D1CA1C292F07DE8280624B8D) (Version: 11/05/2010 1086.37.1105.2010 - Realtek Semiconductor Corp.)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Main\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Main\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriv eShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Main\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriv eShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Main\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriv eShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Main\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriv eShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Main\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\FileSyn cApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Main\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Main\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Main\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Main\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Main\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Main\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Main\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-594262813-2494836803-3192493301-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Main\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0280B167-8876-4715-A8C9-44F1B6B5B87C} - System32\Tasks\{3861F0AF-F3C8-4F74-8B73-65C65681618C} => C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
Task: {0BA9CFA6-F5E6-478A-8458-1BA0C20DDA98} - System32\Tasks\{908782A9-C318-4ACC-9EDB-22B3C86539D9} => pcalua.exe -a "C:\Users\Main\office xp\ORK\INSTMSI.EXE" -d "C:\Users\Main\office xp\ORK"
Task: {13DA4163-6BD6-42EB-854E-325CF615E762} - System32\Tasks\{3ADF1A2C-FAA7-405E-838F-9505C4889AEA} => C:\Download\iTunes64Setup.exe [2010-09-04] (Apple Inc.)
Task: {13E476E7-FA20-4361-86E7-83A45BDA50C8} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL http://go.microsoft.com/fwlink/?LinkID=230628
Task: {1E16D49A-29C4-4120-B5BE-3E3AB5738A72} - System32\Tasks\{5DE1F614-C2C7-481F-9B97-3E1AD3BC9D92} => pcalua.exe -a "C:\Users\Public\Documents\Downloads\ATK0110 ACPI UTILITY eee48ec821b14cd5eb798e7d863c2c1d\ATK0110 ACPI UTILITY eee48ec821b14cd5eb798e7d863c2c1d\AsusSetup.exe" -d "C:\Users\Public\Documents\Downloads\ATK0110 ACPI UTILITY eee48ec821b14cd5eb798e7d863c2c1d\ATK0110 ACPI UTILITY eee48ec821b14cd5eb798e7d863c2c1d"
Task: {20558023-C68F-45DD-AAB1-913E1D7A85E0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {284774A7-A6D2-4815-A719-D8A28DC2815A} - System32\Tasks\{32E0F337-1F6C-4A62-8B16-3193F3662B0E} => C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
Task: {2B0F65CA-72C3-4864-AF61-42122533982A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {2B7A1EB6-9093-47A3-8BCC-8A641C563BFA} - System32\Tasks\{BFE35EBD-1540-43BE-9D30-4D4F4F0ED927} => pcalua.exe -a "C:\Users\Main\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3J9UGAVK\vadriver[1].exe" -d C:\Users\Main\Desktop
Task: {302E182E-6E84-46AE-8737-DB207D62A157} - System32\Tasks\{9270DE44-0881-4332-8605-CC5E5D68681B} => pcalua.exe -a C:\macdrive_8.0.6.52_en_setup.exe -d C:\Users\Main\Desktop
Task: {30EF7315-0203-4448-BC64-2EE61D055534} - System32\Tasks\{AC635879-0CB5-4370-9AC8-525F39E66CA4} => pcalua.exe -a C:\Users\Main\Downloads\AdobeAIRSetup.exe -d C:\Users\Main\Downloads
Task: {3198B04E-B216-48B2-8EFE-7D7DF7C0B645} - System32\Tasks\{A44F2F60-CF32-4371-AD41-C79ECA5AEA8F} => pcalua.exe -a C:\Users\Main\Downloads\Saitek_Cyborg_Keyboard_SD6_64_Drivers_pfw.exe -d C:\Users\Main\Desktop
Task: {33F30F14-B6F3-46E4-B0B5-9ECBAAF1C4D9} - System32\Tasks\{6CB0B8FE-8262-4482-A9CA-EEB6BD7E24A1} => C:\Users\Main\Documents\Acronis\tih_s_e_14192.exe [2013-05-14] (Acronis)
Task: {43CF029C-DEA2-451D-B7EF-C08D9A01F2C4} - System32\Tasks\{4DC2367F-407C-4ACC-9116-AC2EF456F7C3} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe" -c REMOVESERIALNUMBER="2M05-K083-HZ9T-3U3Z-82U4-WA56-95AA-KZ9C-6A22-4UX4-7T73-4W24-8H6Z"
Task: {46B0B710-7379-4A71-A0FA-8869A70B38CF} - System32\Tasks\SUPERAntiSpyware Scheduled Task 81228c0e-6d78-4c4f-913d-4cad7d1cb982 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-08-15] (SUPERAdBlocker.com)
Task: {47709FDD-E566-4829-A902-DF8E0A9CBC9D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {485D8EA8-F277-4E72-B20C-89F74ECD8C15} - System32\Tasks\{388E7951-D2A4-4CE0-AE0A-E3D684A93F10} => pcalua.exe -a "C:\Users\Main\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A64VL23W\Saitek_Cyborg_V1_Keyboard_SD6_64_Drivers_pfw[1].exe" -d C:\Users\Main\Desktop
Task: {48706A94-A7B2-4FBC-8AC6-1D42835FF5B7} - System32\Tasks\{A02CDD48-478C-4145-927A-1537144AB3FD} => pcalua.exe -a "C:\Users\Public\Documents\Downloads\ATK0110 ACPI UTILITY eee48ec821b14cd5eb798e7d863c2c1d\ATK0110 ACPI UTILITY eee48ec821b14cd5eb798e7d863c2c1d\Acpi64\AsusSetup.exe" -d "C:\Users\Public\Documents\Downloads\ATK0110 ACPI UTILITY eee48ec821b14cd5eb798e7d863c2c1d\ATK0110 ACPI UTILITY eee48ec821b14cd5eb798e7d863c2c1d\Acpi64"
Task: {52B38384-9B64-4D57-8E7E-2332DD063E77} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {530328CD-11DA-4578-BB26-19416D78823E} - System32\Tasks\4570 => Wscript.exe C:\Users\Main\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {5FF18805-570B-4564-A6CF-0D6835EFD37B} - System32\Tasks\{FF80DDC0-2981-421E-ACEC-4B7B87C24B7C} => C:\Download\iTunes64Setup.exe [2010-09-04] (Apple Inc.)
Task: {6BA43024-8236-4BA8-B04B-ACBFA0547571} - System32\Tasks\{F13F758E-6E1F-4977-BC0C-4A20D3A4D26E} => pcalua.exe -a "C:\Users\Main\AppData\Local\Apple\Apple Software Update\QuickTimeInstallerAdmin.exe" -d "C:\Users\Main\AppData\Local\Apple\Apple Software Update"
Task: {750D57DE-20BC-4CA2-9CD2-FB821F003BA5} - System32\Tasks\{2604E1B3-8326-451C-AD95-7B6C65630318} => C:\ProgramData\TVersity\Media Server\web\admin\TVersity.exe
Task: {777F79CD-2191-41F5-8F76-AA3E6C4AF1E4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {78905D7F-5FFC-44D7-A591-81B762CA8D5A} - System32\Tasks\{22F77B23-1C94-44DA-83D4-165F9821DAFD} => C:\Download\iTunes64Setup.exe [2010-09-04] (Apple Inc.)
Task: {7A1B968F-3E9A-46FD-9026-26590C30A3DD} - System32\Tasks\{1A384A8C-1DC6-48D4-AF67-36802690AAF9} => C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
Task: {7B7472CA-C354-4AFE-8246-D905BEE5321D} - System32\Tasks\{AC803CA3-8048-4F34-BDA8-7D90F2AD3ECB} => pcalua.exe -a "C:\Users\Main\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6VXK1ZD\MemoryMechanic.exe" -d C:\Users\Main\Desktop
Task: {7C03AFA9-9722-44F7-B051-971A936E23F5} - System32\Tasks\{A31678C5-A2A2-4D19-937A-D0EFA802C835} => C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
Task: {7DD30D43-C605-486B-85AC-D5C8F7E9CA2A} - System32\Tasks\{614663A0-13E1-4CD1-9D3B-E780C3A04E98} => C:\Download\iTunes64Setup.exe [2010-09-04] (Apple Inc.)
Task: {887E668E-1CAC-46E6-81C3-20B7B0FF9198} - System32\Tasks\{37BC3ABF-2580-4681-B530-6208E961D392} => pcalua.exe -a "C:\Users\Main\AppData\Local\Apple\Apple Software Update\SetupAdmin.exe" -d "C:\Users\Main\AppData\Local\Apple\Apple Software Update"
Task: {8950C718-CC93-45D6-ABE4-FEBF2981F4F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {8D96478C-F7FF-4F89-9150-F009F6C60374} - System32\Tasks\{8367D590-DA4E-42A5-AD00-5E63DC038937} => pcalua.exe -a C:\Users\Main\Downloads\V5_Keyboard_SD7_0_23_0_x64_Drivers.exe -d C:\Users\Main\Desktop
Task: {8E18DDCA-F9CB-4F2E-9FAC-09C9C80A28D4} - System32\Tasks\{19132259-3099-49A1-9C05-189A39E7D7BC} => pcalua.exe -a C:\Users\Main\AppData\Local\Temp\Temp1_ac_addin_win_251.zip\setup.exe
Task: {91165A44-4C6B-46C9-9439-B56E8193CB84} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {91CB5259-ADFC-4B4C-AA73-258A6D21D53A} - System32\Tasks\{F16B36C5-B14E-4895-A042-762714A02F62} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {921E98A5-7D99-4872-91F6-76F783B43D51} - System32\Tasks\{6DACD79E-BA43-40BE-B284-AB78936A5956} => msiexec.exe /package "C:\Users\Main\office xp\ORK\ORK.MSI"
Task: {99C8FF17-4B32-4052-8F6B-A363A5584451} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {9A70782F-74AF-4172-8529-68BB2E540A76} - System32\Tasks\{01398926-BDB3-4D43-A1A5-ED4D548A013B} => pcalua.exe -a "C:\Users\Main\AppData\Local\Temp\Temp1_Microsoft Office XP PRO (word, excel, powerpoint, outlook, access, frontpage).zip\INSTMSI.EXE"
Task: {A094AE2E-3521-4A2E-94C1-5FB6C4D8F31C} - System32\Tasks\{6477B9EE-AD34-4E69-B49E-DDD91A3EE26E} => C:\Download\iTunes64Setup.exe [2010-09-04] (Apple Inc.)
Task: {A4DF38B7-E092-477A-BA10-3C508D4B27F4} - System32\Tasks\{5F82AFFA-51AB-4D3C-A014-E9378B9366FD} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {A6CDA19E-B3F8-4B53-B828-2CAC2644E6CC} - System32\Tasks\{3452E43D-183A-4387-8161-6E114125BE4E} => C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
Task: {AA473A9D-6561-400E-8DB4-45A76FE4391B} - System32\Tasks\{109D5B57-BFA8-473A-BACE-910361B04287} => pcalua.exe -a T:\Windows\bin\eblSetup.exe -d T:\Windows\bin
Task: {AF938A72-F95B-4BFC-BD42-7A5B96273610} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {B25DF6D3-0545-4DAC-B551-DD0900398B8D} - System32\Tasks\{491BEC24-4A47-4A0B-B03F-464CF43AA64E} => pcalua.exe -a G:\Saitek_Cyborg_V5_Keyboard_SD6_64_Drivers_pfw.exe -d G:\
Task: {BB18E27C-C1EC-41B8-BA2E-A71C4A88F43C} - System32\Tasks\{316342B0-7DAD-42B5-A310-CE6190DC22AC} => pcalua.exe -a "C:\Users\Main\Desktop\Smart Technology 7_0_27_13 64Bit.exe" -d C:\Users\Main\Desktop
Task: {BE0E1C8D-F08B-4D9A-B5E4-DF7B7523969F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {BE2246D5-14F7-4AA7-8197-F670FA5D0A13} - System32\Tasks\{D91BD548-53EC-4F86-9450-2571065FD5CD} => pcalua.exe -a "C:\Users\Main\office xp\ORK\SETUP.EXE" -d "C:\Users\Main\office xp\ORK"
Task: {CA1AF930-370B-4010-BF68-C8984095294B} - System32\Tasks\{21D136C1-DA1E-4A31-8DE2-3CE386599E37} => pcalua.exe -a "T:\Windows\Setup eBook Library.exe" -d T:\Windows
Task: {CCF1F992-35B2-42FB-B966-BD1D6707983F} - System32\Tasks\{72C99FE8-45CE-4DBD-A207-9B0A4C01BA9C} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}\Install.exe" -d "C:\Program Files (x86)\InstallShield Installation Information\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" -c -uninst -l0x9
Task: {CFC09B64-94B6-4E50-8E5F-E78C6C6EBE2D} - System32\Tasks\{69D28911-510C-467C-BAF1-5831E96B9FBF} => pcalua.exe -a "C:\Users\Main\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6APDBVK\dotnetfx35setup[1].exe" -d C:\Users\Main\Desktop
Task: {D129A383-4CD5-4388-98CD-FD5A5AC15E76} - System32\Tasks\{2CB6908C-2660-4A07-AEAA-5601494E911D} => msiexec.exe /package "C:\Users\Main\office xp\ORK\ORK.MSI"
Task: {D2CA1AD6-62B2-4485-B644-2012FDE4144D} - System32\Tasks\{DBBA377E-FB53-4E9D-87AB-D1123413EA1E} => pcalua.exe -a C:\Users\Main\Documents\Acronis\DiscWizardSetup-14387.en.exe -d C:\Users\Main\Documents\Acronis
Task: {D6FBBA90-CC58-4CEB-9EA5-E692F5BE7911} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {DE217F6F-862F-4511-9160-F3C5D12DC73D} - System32\Tasks\{50A9B354-DEA3-416D-8669-4B9FE4B5532B} => msiexec.exe /package "C:\Users\Main\office xp\ORK\ORK.MSI"
Task: {E050E379-CE4E-4115-8AAC-BF16D6CA3600} - System32\Tasks\SUPERAntiSpyware Scheduled Task 57e6e757-96a7-437c-8769-ce68e6b060b5 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-08-15] (SUPERAdBlocker.com)
Task: {E44EEA0C-116B-4F0E-9E21-64DCF7CC0576} - System32\Tasks\{CB40FA71-6C4D-4F6D-962E-F86D257C0C7D} => C:\Users\Main\office xp\ORK\SETUP.EXE [2001-04-04] (Microsoft Corporation)
Task: {ED45B9C4-2363-4809-B349-B411B0A62553} - System32\Tasks\{F0889711-63BC-413C-8938-B60BFBB25A1B} => msiexec.exe /package "C:\Users\Main\office xp\ORK\ORK.MSI"
Task: {F3E87BDA-E77B-45FF-97D6-0F2B4FA7DC84} - System32\Tasks\{DADBEA7C-7FA2-4BCF-B786-E3DA92D4330C} => pcalua.exe -a "C:\Users\Main\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7JG5HWF8\macdrive_8.0.6.52_en_setup[1].exe" -d C:\Users\Main\Desktop
Task: {F81FD131-D1B7-466F-9A33-5C421D911D87} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {FB128F58-D7BC-44F9-BC68-955B44A74F9A} - System32\Tasks\{C54B61DC-A8E1-4078-87D7-245B818C1CA3} => msiexec.exe /package "C:\Users\Main\office xp\ORK\ORK.MSI"
Task: {FE5104A5-3C86-406D-A775-898509F9BEC7} - System32\Tasks\{BB59FB2C-E22C-48EE-9283-14B2B731F7DD} => pcalua.exe -a E:\setup.exe -d E:\ -c /s
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 57e6e757-96a7-437c-8769-ce68e6b060b5.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 81228c0e-6d78-4c4f-913d-4cad7d1cb982.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2010-01-13 18:21 - 2009-07-30 19:58 - 00090624 ____N () C:\Windows\System32\Primomonnt.dll
2012-06-04 17:45 - 2013-06-25 10:08 - 00054784 _____ () C:\Windows\System32\sdtnpm.dll
2014-03-19 08:00 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-05 14:52 - 2012-03-28 06:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-11-21 01:42 - 2014-09-23 07:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-01-13 18:18 - 2009-06-21 07:52 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2013-04-05 11:58 - 2013-04-05 11:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2011-05-06 05:35 - 2010-11-30 18:31 - 21705296 _____ () C:\Program Files\Motorola\Bluetooth\btmshell.dll
2014-05-12 03:49 - 2014-05-12 03:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-07-03 12:20 - 2014-07-03 12:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 12:19 - 2014-07-03 12:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-01 08:28 - 2014-11-11 12:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-01 08:28 - 2014-11-11 12:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-01 08:28 - 2014-11-11 12:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-01 08:28 - 2014-11-11 12:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-01 08:28 - 2014-11-18 14:23 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-01 08:28 - 2014-11-11 12:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-01 08:28 - 2014-11-11 12:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-12-01 08:28 - 2014-11-18 14:23 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-12-01 08:28 - 2014-11-11 12:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-10-28 05:16 - 2014-10-21 22:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 05:16 - 2014-10-21 22:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 05:16 - 2014-10-21 22:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 05:16 - 2014-10-21 22:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:2BDCFAD6
AlternateDataStreams: C:\ProgramData\TEMP:2D5907B8
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\ProgramData\TEMP:DD160B0D
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\Users\Main\Documents\2014 tax form.eml:OECustomProperty
AlternateDataStreams: C:\Users\Main\Documents\Keith N Suzi, you have notifications pending.eml:OECustomProperty
AlternateDataStreams: C:\Users\Main\Documents\SHIPPED USB Rechargeable Rabbit Dildo Vibrator G-Spot Clitoral M....eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: ATKFUSService => 3
MSCONFIG\Services: Browser Defender Update Service => 2
MSCONFIG\Services: Fix-It Task Manager => 3
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LightScribeService => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: LMIMaint => 2
MSCONFIG\Services: LogMeIn => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: PCPitstop Scheduling => 2
MSCONFIG\Services: RichVideo => 3
MSCONFIG\Services: SASCORE => 3
MSCONFIG\Services: sdAuxService => 2
MSCONFIG\Services: sdCoreService => 2
MSCONFIG\Services: SgtSch2Svc => 3
MSCONFIG\Services: Sony SCSI Helper Service => 3
MSCONFIG\Services: ThreatFire => 3
MSCONFIG\Services: TOSHIBA Bluetooth Service => 3
MSCONFIG\Services: TVersityMediaServer => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk => C:\Windows\pss\Bluetooth Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Main^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Folding@home-gpu.lnk => C:\Windows\pss\Folding@home-gpu.lnkStartup
MSCONFIG\startupfolder: C:^Users^Main^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Main^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Main^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^System Monitors Fix-It.lnk => C:\Windows\pss\System Monitors Fix-It.lnk.Startup
MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUSGamerOSD => C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
MSCONFIG\startupreg: BackgroundSwitcher => "C:\Program Files (x86)\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe"
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CarMD => C:\Program Files (x86)\CarMD\CarMD.exe
MSCONFIG\startupreg: DiscWizardMonitor.exe => C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: fssui => "C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe" -autorun
MSCONFIG\startupreg: InstallIQUpdater => "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
MSCONFIG\startupreg: ISTray => "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI
MSCONFIG\startupreg: ITSecMng => %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exe
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Nero MediaHome 4 => "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
MSCONFIG\startupreg: OM2_Monitor => "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
MSCONFIG\startupreg: PC MaticRT => C:\Program Files (x86)\PCPitstop\PC MaticRT\PCMaticRT.exe
MSCONFIG\startupreg: PCTools FGuard => C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Seagate Scheduler2 Service => "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: SoundMAX => "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe" /tray
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
MSCONFIG\startupreg: Spyware Doctor with AntiVirus => C:\Users\Main\Desktop\sdasetup[1].exe -min
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: StartNowToolbarHelper => "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"
MSCONFIG\startupreg: VeohPlugin => "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-594262813-2494836803-3192493301-500 - Administrator - Disabled)
Guest (S-1-5-21-594262813-2494836803-3192493301-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-594262813-2494836803-3192493301-1002 - Limited - Enabled)
Keith (S-1-5-21-594262813-2494836803-3192493301-1003 - Administrator - Enabled) => C:\Users\Keith
Main (S-1-5-21-594262813-2494836803-3192493301-1000 - Administrator - Enabled) => C:\Users\Main
Me (S-1-5-21-594262813-2494836803-3192493301-1004 - Limited - Enabled) => C:\Users\Me
NeroMediaHomeUser.4 (S-1-5-21-594262813-2494836803-3192493301-1005 - Limited - Enabled) => C:\Users\NeroMediaHomeUser.4

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2015 03:00:12 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x80042318).

Error: (01/19/2015 03:00:12 AM) (Source: VSS) (EventID: 12347) (User: )
Description: Volume Shadow Copy Service error: An internal inconsistency was detected in trying
to contact shadow copy service writers. The Registry Writer failed to respond to a query
from VSS. Check to see that the Event Service and Volume Shadow Copy Service
are operating properly, and please check the Application event log for any other events.


Operation:
Gathering Writer Data
Executing Asynchronous Operation

Context:
Execution Context: Requestor
Current State: GatherWriterMetadata

Error: (01/19/2015 00:49:13 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x80042318).

Error: (01/19/2015 00:49:13 AM) (Source: VSS) (EventID: 12347) (User: )
Description: Volume Shadow Copy Service error: An internal inconsistency was detected in trying
to contact shadow copy service writers. The Registry Writer failed to respond to a query
from VSS. Check to see that the Event Service and Volume Shadow Copy Service
are operating properly, and please check the Application event log for any other events.


Operation:
Gathering Writer Data
Executing Asynchronous Operation

Context:
Execution Context: Requestor
Current State: GatherWriterMetadata

Error: (01/19/2015 00:00:00 AM) (Source: System Restore) (EventID: 8211) (User: )
Description: The scheduled restore point could not be created. Additional information: (0x80042318).

Error: (01/19/2015 00:00:00 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80042318).

Error: (01/19/2015 00:00:00 AM) (Source: VSS) (EventID: 12347) (User: )
Description: Volume Shadow Copy Service error: An internal inconsistency was detected in trying
to contact shadow copy service writers. The Registry Writer failed to respond to a query
from VSS. Check to see that the Event Service and Volume Shadow Copy Service
are operating properly, and please check the Application event log for any other events.


Operation:
Gathering Writer Data
Executing Asynchronous Operation

Context:
Execution Context: Requestor
Current State: GatherWriterMetadata

Error: (01/18/2015 10:49:50 PM) (Source: System Restore) (EventID: 8211) (User: )
Description: The scheduled restore point could not be created. Additional information: (0x80042318).

Error: (01/18/2015 10:49:50 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80042318).

Error: (01/18/2015 10:49:50 PM) (Source: VSS) (EventID: 12347) (User: )
Description: Volume Shadow Copy Service error: An internal inconsistency was detected in trying
to contact shadow copy service writers. The Registry Writer failed to respond to a query
from VSS. Check to see that the Event Service and Volume Shadow Copy Service
are operating properly, and please check the Application event log for any other events.


Operation:
Gathering Writer Data
Executing Asynchronous Operation

Context:
Execution Context: Requestor
Current State: GatherWriterMetadata


System errors:
=============
Error: (01/19/2015 06:40:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The VPDAgent service terminated unexpectedly. It has done this 1 time(s).

Error: (01/19/2015 06:39:44 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/19/2015 00:48:06 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk8\DR8.

Error: (01/19/2015 00:48:05 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk8\DR8.

Error: (01/19/2015 09:42:06 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk8\DR8.

Error: (01/19/2015 09:42:05 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk8\DR8.

Error: (01/19/2015 08:21:06 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk8\DR8.

Error: (01/19/2015 08:21:05 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk8\DR8.

Error: (01/19/2015 03:00:47 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB3024777).

Error: (01/18/2015 03:00:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB3024777).


Microsoft Office Sessions:
=========================
Error: (01/19/2015 03:00:12 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80042318

Error: (01/19/2015 03:00:12 AM) (Source: VSS) (EventID: 12347) (User: )
Description: Operation:
Gathering Writer Data
Executing Asynchronous Operation

Context:
Execution Context: Requestor
Current State: GatherWriterMetadata

Error: (01/19/2015 00:49:13 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80042318

Error: (01/19/2015 00:49:13 AM) (Source: VSS) (EventID: 12347) (User: )
Description: Operation:
Gathering Writer Data
Executing Asynchronous Operation

Context:
Execution Context: Requestor
Current State: GatherWriterMetadata

Error: (01/19/2015 00:00:00 AM) (Source: System Restore) (EventID: 8211) (User: )
Description: 0x80042318

Error: (01/19/2015 00:00:00 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x80042318

Error: (01/19/2015 00:00:00 AM) (Source: VSS) (EventID: 12347) (User: )
Description: Operation:
Gathering Writer Data
Executing Asynchronous Operation

Context:
Execution Context: Requestor
Current State: GatherWriterMetadata

Error: (01/18/2015 10:49:50 PM) (Source: System Restore) (EventID: 8211) (User: )
Description: 0x80042318

Error: (01/18/2015 10:49:50 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x80042318

Error: (01/18/2015 10:49:50 PM) (Source: VSS) (EventID: 12347) (User: )
Description: Operation:
Gathering Writer Data
Executing Asynchronous Operation

Context:
Execution Context: Requestor
Current State: GatherWriterMetadata


CodeIntegrity Errors:
===================================
Date: 2015-01-12 00:45:27.319
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EIO64_XP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-12 00:45:27.210
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EIO64_XP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-11 22:36:33.600
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EIO64_XP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-11 22:36:33.491
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EIO64_XP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-07 15:19:36.952
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EIO64_XP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-07 15:19:36.843
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EIO64_XP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-27 12:34:55.768
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EIO64_XP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-27 12:34:55.659
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EIO64_XP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-23 16:28:11.985
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EIO64_XP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-23 16:28:11.876
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\EIO64_XP.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Percentage of memory in use: 49%
Total physical RAM: 8191.3 MB
Available physical RAM: 4131.27 MB
Total Pagefile: 16380.79 MB
Available Pagefile: 13516.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.5 GB) (Free:352.45 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive g: () (Fixed) (Total:931.51 GB) (Free:673.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 11F811F8)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0AC9B94F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Could not read MBR for disk 10.

==================== End Of Log ============================

Hi
Somehow I downloaded some sort of virus on my computer. I'm started to get all sort of pop ups on my browser and I discovered a game called total domination on my computer that i couldn't delete. I finally downloaded Revo Uninstaller and was able to delete the game. But i keep getting the pop ups and extra tabs for different adds when I open my browser. HELP!

Hi,

I tried to install BlueStacks (the android emulator) and I ended up cancelling the installation before it started, but I still got riddled with Adware. I use Norton Antivirus (which is up to date, and was enabled at the time, and alerted me). However, Norton has failed to remove the adware. I also tried Anti-MalwareBytes and ADWCleaner... no luck. My browsing is slowed, I have extra floating advertisements, and almost every time I click on something I get another tab that opens with an ad. Please help!

My TSG info:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i5-3339Y CPU @ 1.50GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 3975 Mb
Graphics Card: Intel(R) HD Graphics 4000, -2044 Mb
Hard Drives: C: Total - 103301 MB, Free - 35703 MB; D: Total - 4095 MB, Free - 2337 MB;
Motherboard: LENOVO, Yoga2
Antivirus: Windows Defender, Disabled

HiJackThis file:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:28:00 PM, on 1/19/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)

FIREFOX: 35.0 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
C:\Program Files (x86)\Lenovo\Lenovo Transition\Lenovo Transition.exe
C:\ProgramData\YogaSmartSwicth\yogaserver.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Jonah\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\LastPass\nplastpass.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jonah\Downloads\SysInfo.exe
C:\Users\Jonah\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://email.nyu.edu/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6486D439A8752B7E0685A4EF622E15EE] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Dropbox.lnk = C:\Users\Jonah\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe
O4 - Global Startup: Motion Control.lnk = C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: LastPass - file://C:\Users\Jonah\AppData\LocalLow\LastPass\context.html?cmd=lastpass
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Jonah\AppData\LocalLow\LastPass\context.html?cmd=fillforms
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} (F5 Networks VPN Manager) - C:\Users\Jonah\AppData\Local\Temp\f5tmp\urxvpn.cab
O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} (F5 Networks Dynamic Application Tunnel Control) - C:\Users\Jonah\AppData\Local\Temp\f5tmp\f5tunsrv.cab
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - C:\Users\Jonah\AppData\Local\Temp\IXP000.TMP\InstallerControl.cab#-1,-1,-1,-1
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - C:\Users\Jonah\AppData\Local\Temp\f5tmp\urxshost.cab
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - C:\Users\Jonah\AppData\Local\Temp\f5tmp\urxhost.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.uphs.upenn.edu/dana...etupClient.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O20 - AppInit_DLLs: C:\WINDOWS\Jaksta\AC\x86\jaudcap.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: Dragon Assistant Core (DACoreService) - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
O23 - Service: @oem43.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem43.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: @oem43.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyLpmService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\NLSSRV32.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ymc - Lenovo - C:\ProgramData\YogaSmartSwicth\Server\x64\ymc.exe

--
End of file - 14687 bytes

My system runs very bad after reboot or restart it takes forever to start simple google/chrome or firefox.
Tried to clean cache or cookies nothing helps.
I can't see if there is some kinda program that takes all usage off processor and or which program.
I run virus and mallware protection and they find/found no isseu's
please help?

I run this system
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1 Pro, 32 bit
Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz, x64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 2045 Mb
Graphics Card: NVIDIA GeForce GT 620, 1024 Mb
Hard Drives: C: Total - 1907726 MB, Free - 1376563 MB;
Motherboard: Dell Inc., 0T656F
Antivirus: Windows Defender, Disabled

oke nice i see that my windows defender is disabled while when i look at the program it states pc protected

Help what now?

Hi, how did you remove the Trogans-ZL-000?
You may need help from our Malware Experts to make sure that your pc is clean and safe to use.

http://myonlinesecurity.co.uk/how-to...hten-security/ is information on how to, help, prevent future attacks. There is nothing to scan there
Norton is as good as any other antivirus, if you have the latest version
You said previously that you have a 3 computer licence, so reinstall it. Go to Norton.com & download the latest version that you are eligible to use & use your existing licence key

If Norton is due to expire very soon, then you have nothing to lose by trying an alternative antivirus. There are various free ones and MSE is about as good as any other free one. For paid, I always use ESET, but others have different views. If you look in general security forum, you will see hundreds of topics asking what is best and thousands of different answers . Basically the best one is what works for you at a price that you can afford

All seem fine now.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by Roy at 2015-01-20 15:35:59 Run:1
Running from C:\Users\Roy\Desktop
Loaded Profiles: Roy (Available profiles: Roy)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
C:\Users\Roy\AppData\Local\Temp\Quarantine.exe
C:\Users\Roy\AppData\Local\Temp\sqlite3.dll
Emptytemp:
end



*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjni f" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdoneh dalibjnif" => Key deleted successfully.
"C:\Users\Roy\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.
"C:\Users\Roy\AppData\Local\Temp\sqlite3.dll" => File/Directory not found.
EmptyTemp: => Removed 313.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog 15:36:20 ====

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 20/01/2015 08:55:11, SYSTEM, OUR-COMPUTER, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 20/01/2015 08:55:11, SYSTEM, OUR-COMPUTER, Manual, Rootkit Database, 2014.11.18.1, 2015.1.14.1,
Update, 20/01/2015 08:55:20, SYSTEM, OUR-COMPUTER, Manual, Malware Database, 2014.11.20.6, 2015.1.20.3,
Update, 20/01/2015 15:39:56, SYSTEM, OUR-COMPUTER, Manual, Malware Database, 2015.1.20.3, 2015.1.20.6,
Scan, 20/01/2015 15:51:29, SYSTEM, OUR-COMPUTER, Manual, Start:20/01/2015 15:42:42, Duration:7 min 5 sec, Threat Scan, Completed, 0 Malware Detections, 4 Non-Malware Detections,

(end)

Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)
Started On Tue Jan 20 08:48:23 2015

Engine: 1.1.11302.0
Signatures: 1.191.1276.0
Microsoft Windows Malicious Software Removal Tool Finished On Tue Jan 20 08:48:42 2015


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)
Started On Tue Jan 20 16:08:48 2015

Engine: 1.1.11302.0
Signatures: 1.191.1276.0

Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Tue Jan 20 16:10:57 2015


Return code: 0 (0x0)

Thanks so much for your time and clear instructions, much appreciated, any suggestions of how to stop this happening again?

Thanks for your reply Derek. We were unable to try Adwcleaner, until this morning because of travel involved.
That being said, it did not remove Maestro and the pop-ups appear as soon as Windows opens. Nevertheless, the report is pasted below. Is there another safe program that we could try? Microsoft Security Essentials is running

# AdwCleaner v4.108 - Report created 20/01/2015 at 10:48:10
# Updated 17/01/2015 by Xplode
# Database : 2015-01-18.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Grandma - Grandma-PC
# Running from : C:\Users\Grandma\Desktop\adwcleaner_4.108.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\MyPC Backup

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v25.0.1 (en-US)


-\\ Google Chrome v


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [33470 octets] - [05/01/2010 00:05:01]
AdwCleaner[R1].txt - [7210 octets] - [20/01/2015 10:12:29]
AdwCleaner[R2].txt - [1097 octets] - [20/01/2015 10:45:55]
AdwCleaner[S0].txt - [32736 octets] - [13/10/2014 10:38:58]
AdwCleaner[S1].txt - [10180 octets] - [20/01/2015 10:14:47]
AdwCleaner[S2].txt - [1021 octets] - [20/01/2015 10:48:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1081 octets] ##########

Okay, lots to do, so lets start at the beginning :)


Firstly, go to Programs and Features via the Control Panel, and uninstall these:


Java 7 Update 67
Reimage Repair

(Java is in there as that is an old version, and you already have the latest one installed)

----

Next, can you use SFP to upload a file again, like you did a while ago. If you're unsure how etc, I'll post it here again :)


Download suspicious file packer from http://www.safer-networking.org/files/sfp.zip

Unzip it to desktop, open it & copy/paste in the contents of the quote box below:


So, it looks like this:



Then this when copy/paste:




Press Continue & it will create an archive (zip/cab file) on desktop.

Please upload that to http://www.thespykiller.co.uk/index.php?board=1.0 so we can examine the files.

Just Register, press new topic, fill in the needed details and just give a link to your post here & then press the browse button and then navigate to & select the files on your computer, When the file is listed in the windows press send to upload the file.

Let me know when its uploaded :)


-------

After doing that, we're going to use FRST to run a fix:





Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

------------

After doing that, we'll work on the manual approach for certain things :)

eddie

Attached Files

fixlist.txt (4.5 KB)