1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Resolved Computer freezes when loading certain sites.

Discussion in 'Internet Explorer & Microsoft Edge' started by colinlam, 2016/03/13.

  1. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    Recently the computer has started to freeze when loading certain sites and then after a couple of minutes there is a beep and everything is back to normal. I can then go on the site as many times as I like without problems.

    This is also happening if I use Firefox.

    I have updated Firefox, Adobe Flash, Java and Adobe Shockwave. I have in turn reverted to the previous version of each and it still happens. This started after the Microsoft Updates were download for March but the Restore point to before these were installed is long gone.

    The web page that freezes everything had lots of adverts so thinking that may be the cause I changed my bookmark to the log on page which has no averts and it still locked.

    When using my laptop there is no problem with the site so it's something to do with the set up of this desktop.
     
  2. 2016/03/13
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,899
    Likes Received:
    510
    Hi colinlam. Please follow steps 16-26 in my guide for optimizing Windows 7 and post the requested logs in your next reply.
     

  3. to hide this advert.

  4. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    Log as reqested:

    MiniToolBox by Farbar Version: 07-02-2016 01
    Ran by Colin (administrator) on 13-03-2016 at 20:59:17
    Running from "C:\Users\Colin\Desktop "
    Microsoft Windows 7 Professional Service Pack 1 (X86)
    Model: System Product Name Manufacturer: System manufacturer
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    ProxyServer: localhost:8080

    "Reset IE Proxy Settings ": IE Proxy Settings were reset.

    ========================= FF Proxy Settings: ==============================


    "Reset FF Proxy Settings ": Firefox Proxy settings were reset.

    ========================= Hosts content: =================================
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com
    127.0.0.1 www.123moviedownload.com

    There are 29092 entries.

    ========================= IP Configuration: ================================

    Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller = Local Area Connection (Connected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global icmpredirects=enabled


    popd
    # End of IPv4 configuration



    Windows IP Configuration

    Host Name . . . . . . . . . . . . : Empire
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : Home
    System Quarantine State . . . . . : Not Restricted


    Ethernet adapter Local Area Connection:

    Connection-specific DNS Suffix . : Home
    Description . . . . . . . . . . . : Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller
    Physical Address. . . . . . . . . : 00-24-8C-BA-CF-C7
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    IPv6 Address. . . . . . . . . . . : 2a02:c7d:14a8:bf00:d035:df89:c33a:60a6(Preferred)
    IPv6 Address. . . . . . . . . . . : fd04:e40e:95b7:0:d035:df89:c33a:60a6(Preferred)
    Temporary IPv6 Address. . . . . . : 2a02:c7d:14a8:bf00:c8cf:9fb4:d819:cc0b(Preferred)
    Temporary IPv6 Address. . . . . . : fd04:e40e:95b7:0:c8cf:9fb4:d819:cc0b(Preferred)
    Link-local IPv6 Address . . . . . : fe80::d035:df89:c33a:60a6%19(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.0.4(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : 13 March 2016 19:02:16
    Lease Expires . . . . . . . . . . : 14 March 2016 19:02:16
    Default Gateway . . . . . . . . . : fe80::c23e:fff:fe4f:c738%19
    192.168.0.1
    DHCP Server . . . . . . . . . . . : 192.168.0.1
    DHCPv6 IAID . . . . . . . . . . . : 369108108
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-21-37-EB-00-24-8C-BA-CF-C7
    DNS Servers . . . . . . . . . . . : fd04:e40e:95b7:0:c23e:fff:fe4f:c738
    192.168.0.1
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter isatap.Home:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . : Home
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Teredo Tunneling Pseudo-Interface:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Server: UnKnown
    Address: fd04:e40e:95b7:0:c23e:fff:fe4f:c738

    Name: google.com
    Addresses: 2a00:1450:4009:80f::200e
    216.58.214.14


    Pinging google.com [2a00:1450:4009:80f::200e] with 32 bytes of data:
    Reply from 2a00:1450:4009:80f::200e: time=10ms
    Reply from 2a00:1450:4009:80f::200e: time=9ms

    Ping statistics for 2a00:1450:4009:80f::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 10ms, Average = 9ms
    Server: UnKnown
    Address: fd04:e40e:95b7:0:c23e:fff:fe4f:c738

    Name: yahoo.com
    Addresses: 2001:4998:58:c02::a9
    2001:4998:c:a06::2:4008
    2001:4998:44:204::a7
    98.138.253.109
    98.139.183.24
    206.190.36.45


    Pinging yahoo.com [2001:4998:58:c02::a9] with 32 bytes of data:
    Reply from 2001:4998:58:c02::a9: time=91ms
    Reply from 2001:4998:58:c02::a9: time=91ms

    Ping statistics for 2001:4998:58:c02::a9:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 91ms, Maximum = 91ms, Average = 91ms

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
    19...00 24 8c ba cf c7 ......Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller
    1...........................Software Loopback Interface 1
    15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
    9...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.4 20
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    192.168.0.0 255.255.255.0 On-link 192.168.0.4 276
    192.168.0.4 255.255.255.255 On-link 192.168.0.4 276
    192.168.0.255 255.255.255.255 On-link 192.168.0.4 276
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 192.168.0.4 276
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 192.168.0.4 276
    ===========================================================================
    Persistent Routes:
    None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
    If Metric Network Destination Gateway
    19 276 ::/0 fe80::c23e:fff:fe4f:c738
    1 306 ::1/128 On-link
    19 28 2a02:c7d:14a8:bf00::/64 On-link
    19 276 2a02:c7d:14a8:bf00:c8cf:9fb4:d819:cc0b/128
    On-link
    19 276 2a02:c7d:14a8:bf00:d035:df89:c33a:60a6/128
    On-link
    19 28 fd04:e40e:95b7::/64 On-link
    19 276 fd04:e40e:95b7:0:c8cf:9fb4:d819:cc0b/128
    On-link
    19 276 fd04:e40e:95b7:0:d035:df89:c33a:60a6/128
    On-link
    19 276 fe80::/64 On-link
    19 276 fe80::d035:df89:c33a:60a6/128
    On-link
    1 306 ff00::/8 On-link
    19 276 ff00::/8 On-link
    ===========================================================================
    Persistent Routes:
    None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
    Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
    Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
    Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
    Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
    Catalog5 09 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
    Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
    Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (03/13/2016 11:46:30 AM) (Source: MsiInstaller) (User: Empire)
    Description: Product: Adobe Shockwave Player 12.1 -- Error 1905.Module C:\Windows\system32\Adobe\Director\SwDir.dll failed to unregister. HRESULT -2147220472. Contact your support personnel.

    Error: (03/13/2016 10:32:23 AM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language= "* ",processorArchitecture= "amd64 ",publicKeyToken= "6595b64144ccf1df ",type= "win32 ",version= "6.0.0.0 "1 ".
    Dependent Assembly Microsoft.Windows.Common-Controls,language= "* ",processorArchitecture= "amd64 ",publicKeyToken= "6595b64144ccf1df ",type= "win32 ",version= "6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (03/13/2016 10:32:23 AM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language= "* ",processorArchitecture= "amd64 ",publicKeyToken= "6595b64144ccf1df ",type= "win32 ",version= "6.0.0.0 "1 ".
    Dependent Assembly Microsoft.Windows.Common-Controls,language= "* ",processorArchitecture= "amd64 ",publicKeyToken= "6595b64144ccf1df ",type= "win32 ",version= "6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (03/13/2016 10:32:23 AM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language= "* ",processorArchitecture= "amd64 ",publicKeyToken= "6595b64144ccf1df ",type= "win32 ",version= "6.0.0.0 "1 ".
    Dependent Assembly Microsoft.Windows.Common-Controls,language= "* ",processorArchitecture= "amd64 ",publicKeyToken= "6595b64144ccf1df ",type= "win32 ",version= "6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (03/11/2016 08:35:58 AM) (Source: IDUU) (User: )
    Description: <?xml version= "1.0" encoding= "utf-16 "?>
    <InstallationDevice>
    <IDUUVersion>2.4.0.7</IDUUVersion>
    <Region>en</Region>
    <InstallerName />
    <InstallResult>Exception Thrown!: The specified executable is not a valid application for this OS platform.</InstallResult>
    <FileName>WixLicenseNote.txt</FileName>
    <OS>Windows® 7, 32-bit*</OS>
    <Bitness>32-bit</Bitness>
    <Type>Chipset</Type>
    <DriverClassGUID>4d36e97d-e325-11ce-bfc1-08002be10318</DriverClassGUID>
    <HardwareSignature>VEN_8086&amp;DEV_29C1</HardwareSignature>
    <CurrentDriverDate>21/06/2006</CurrentDriverDate>
    <DriverDescription>Intel(R) G33/G31/P35/P31 Express Chipset PCI Express Root Port - 29C1</DriverDescription>
    <DriverManufacturer>Microsoft</DriverManufacturer>
    <DriverID>24165</DriverID>
    <AvailablePackageVersion>10.0.27</AvailablePackageVersion>
    <AvailablePackageDate>2015-05-07T00:00:00</AvailablePackageDate>
    <AvailablePackageName>WixLicenseNote.txt</AvailablePackageName>
    <InfFilePath>C:\Windows\INF\machine.inf</InfFilePath>
    <DownloadedURL>https://downloadmirror.intel.com/24165/eng/WixLicenseNote.txt</DownloadedURL>
    <VersionBeforeInstallation>6.1.7601.17514</VersionBeforeInstallation>
    <VersionAfterInstallation />
    <InstallSuccessful>False</InstallSuccessful>
    <Timestamp>2016-03-11T08:35:58.1662181Z</Timestamp>
    </InstallationDevice>

    Error: (03/11/2016 08:30:48 AM) (Source: IDUU) (User: )
    Description: <?xml version= "1.0" encoding= "utf-16 "?>
    <InstallationDevice>
    <IDUUVersion>2.4.0.7</IDUUVersion>
    <Region>en</Region>
    <InstallerName />
    <InstallResult>Exception Thrown!: The specified executable is not a valid application for this OS platform.</InstallResult>
    <FileName>WixLicenseNote.txt</FileName>
    <OS>Windows® 7, 32-bit*</OS>
    <Bitness>32-bit</Bitness>
    <Type>Chipset</Type>
    <DriverClassGUID>4d36e97d-e325-11ce-bfc1-08002be10318</DriverClassGUID>
    <HardwareSignature>VEN_8086&amp;DEV_29C1</HardwareSignature>
    <CurrentDriverDate>21/06/2006</CurrentDriverDate>
    <DriverDescription>Intel(R) G33/G31/P35/P31 Express Chipset PCI Express Root Port - 29C1</DriverDescription>
    <DriverManufacturer>Microsoft</DriverManufacturer>
    <DriverID>24165</DriverID>
    <AvailablePackageVersion>10.0.27</AvailablePackageVersion>
    <AvailablePackageDate>2015-05-07T00:00:00</AvailablePackageDate>
    <AvailablePackageName>WixLicenseNote.txt</AvailablePackageName>
    <InfFilePath>C:\Windows\INF\machine.inf</InfFilePath>
    <DownloadedURL>https://downloadmirror.intel.com/24165/eng/WixLicenseNote.txt</DownloadedURL>
    <VersionBeforeInstallation>6.1.7601.17514</VersionBeforeInstallation>
    <VersionAfterInstallation />
    <InstallSuccessful>False</InstallSuccessful>
    <Timestamp>2016-03-11T08:30:48.2444916Z</Timestamp>
    </InstallationDevice>

    Error: (03/11/2016 08:29:24 AM) (Source: Microsoft-Windows-RestartManager) (User: Empire)
    Description: Application or service 'Intel Driver Update Utility' could not be shut down.

    Error: (03/09/2016 11:03:38 PM) (Source: MsiInstaller) (User: Empire)
    Description: Product: Adobe Acrobat Reader DC - Update '{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}' could not be installed. Error code 1625. Additional information is available in the log file C:\Users\Colin\AppData\Local\Temp\MSIc7edf.LOG.

    Error: (03/09/2016 10:01:54 AM) (Source: MsiInstaller) (User: Empire)
    Description: Product: Adobe Acrobat Reader DC - Update '{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}' could not be installed. Error code 1625. Additional information is available in the log file C:\Users\Colin\AppData\Local\Temp\MSIcb3f3.LOG.

    Error: (03/04/2016 12:33:49 PM) (Source: Outlook) (User: )
    Description: Failed to get the Crawl Scope Manager with error=0x80070015.


    System errors:
    =============
    Error: (03/13/2016 07:02:23 PM) (Source: Service Control Manager) (User: )
    Description: The BlueSoleilCS service failed to start due to the following error:
    %%2

    Error: (03/13/2016 07:02:22 PM) (Source: NETLOGON) (User: )
    Description: This computer is configured as a member of a workgroup, not as
    a member of a domain. The Netlogon service does not need to run in this
    configuration.

    Error: (03/13/2016 01:35:27 PM) (Source: Service Control Manager) (User: )
    Description: The SmartLinkService service has reported an invalid current state 0.

    Error: (03/13/2016 12:04:55 PM) (Source: Service Control Manager) (User: )
    Description: The BlueSoleilCS service failed to start due to the following error:
    %%2

    Error: (03/13/2016 12:04:55 PM) (Source: NETLOGON) (User: )
    Description: This computer is configured as a member of a workgroup, not as
    a member of a domain. The Netlogon service does not need to run in this
    configuration.

    Error: (03/13/2016 11:48:31 AM) (Source: Service Control Manager) (User: )
    Description: The BlueSoleilCS service failed to start due to the following error:
    %%2

    Error: (03/13/2016 11:48:30 AM) (Source: NETLOGON) (User: )
    Description: This computer is configured as a member of a workgroup, not as
    a member of a domain. The Netlogon service does not need to run in this
    configuration.

    Error: (03/13/2016 11:34:40 AM) (Source: Service Control Manager) (User: )
    Description: The BlueSoleilCS service failed to start due to the following error:
    %%2

    Error: (03/13/2016 11:34:39 AM) (Source: NETLOGON) (User: )
    Description: This computer is configured as a member of a workgroup, not as
    a member of a domain. The Netlogon service does not need to run in this
    configuration.

    Error: (03/13/2016 11:30:49 AM) (Source: volsnap) (User: )
    Description: The shadow copies of volume W: were aborted during detection because a critical control file could not be opened.


    Microsoft Office Sessions:
    =========================
    Error: (03/13/2016 11:46:30 AM) (Source: MsiInstaller)(User: Empire)
    Description: Product: Adobe Shockwave Player 12.1 -- Error 1905.Module C:\Windows\system32\Adobe\Director\SwDir.dll failed to unregister. HRESULT -2147220472. Contact your support personnel.(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (03/13/2016 10:32:23 AM) (Source: SideBySide)(User: )
    Description: Microsoft.Windows.Common-Controls,language= "* ",processorArchitecture= "amd64 ",publicKeyToken= "6595b64144ccf1df ",type= "win32 ",version= "6.0.0.0 "D:\Colin's Documents\Setup Programs\My Setup Programs\Realtek R233\Vista64\RAVCpl64.exe

    Error: (03/13/2016 10:32:23 AM) (Source: SideBySide)(User: )
    Description: Microsoft.Windows.Common-Controls,language= "* ",processorArchitecture= "amd64 ",publicKeyToken= "6595b64144ccf1df ",type= "win32 ",version= "6.0.0.0 "D:\Colin's Documents\Setup Programs\My Setup Programs\Realtek R233\Vista64\RAVBg64.exe

    Error: (03/13/2016 10:32:23 AM) (Source: SideBySide)(User: )
    Description: Microsoft.Windows.Common-Controls,language= "* ",processorArchitecture= "amd64 ",publicKeyToken= "6595b64144ccf1df ",type= "win32 ",version= "6.0.0.0 "D:\Colin's Documents\Setup Programs\My Setup Programs\Realtek R233\Vista64\vncutil64.exe

    Error: (03/11/2016 08:35:58 AM) (Source: IDUU)(User: )
    Description: <?xml version= "1.0" encoding= "utf-16 "?>
    <InstallationDevice>
    <IDUUVersion>2.4.0.7</IDUUVersion>
    <Region>en</Region>
    <InstallerName />
    <InstallResult>Exception Thrown!: The specified executable is not a valid application for this OS platform.</InstallResult>
    <FileName>WixLicenseNote.txt</FileName>
    <OS>Windows® 7, 32-bit*</OS>
    <Bitness>32-bit</Bitness>
    <Type>Chipset</Type>
    <DriverClassGUID>4d36e97d-e325-11ce-bfc1-08002be10318</DriverClassGUID>
    <HardwareSignature>VEN_8086&amp;DEV_29C1</HardwareSignature>
    <CurrentDriverDate>21/06/2006</CurrentDriverDate>
    <DriverDescription>Intel(R) G33/G31/P35/P31 Express Chipset PCI Express Root Port - 29C1</DriverDescription>
    <DriverManufacturer>Microsoft</DriverManufacturer>
    <DriverID>24165</DriverID>
    <AvailablePackageVersion>10.0.27</AvailablePackageVersion>
    <AvailablePackageDate>2015-05-07T00:00:00</AvailablePackageDate>
    <AvailablePackageName>WixLicenseNote.txt</AvailablePackageName>
    <InfFilePath>C:\Windows\INF\machine.inf</InfFilePath>
    <DownloadedURL>https://downloadmirror.intel.com/24165/eng/WixLicenseNote.txt</DownloadedURL>
    <VersionBeforeInstallation>6.1.7601.17514</VersionBeforeInstallation>
    <VersionAfterInstallation />
    <InstallSuccessful>False</InstallSuccessful>
    <Timestamp>2016-03-11T08:35:58.1662181Z</Timestamp>
    </InstallationDevice>

    Error: (03/11/2016 08:30:48 AM) (Source: IDUU)(User: )
    Description: <?xml version= "1.0" encoding= "utf-16 "?>
    <InstallationDevice>
    <IDUUVersion>2.4.0.7</IDUUVersion>
    <Region>en</Region>
    <InstallerName />
    <InstallResult>Exception Thrown!: The specified executable is not a valid application for this OS platform.</InstallResult>
    <FileName>WixLicenseNote.txt</FileName>
    <OS>Windows® 7, 32-bit*</OS>
    <Bitness>32-bit</Bitness>
    <Type>Chipset</Type>
    <DriverClassGUID>4d36e97d-e325-11ce-bfc1-08002be10318</DriverClassGUID>
    <HardwareSignature>VEN_8086&amp;DEV_29C1</HardwareSignature>
    <CurrentDriverDate>21/06/2006</CurrentDriverDate>
    <DriverDescription>Intel(R) G33/G31/P35/P31 Express Chipset PCI Express Root Port - 29C1</DriverDescription>
    <DriverManufacturer>Microsoft</DriverManufacturer>
    <DriverID>24165</DriverID>
    <AvailablePackageVersion>10.0.27</AvailablePackageVersion>
    <AvailablePackageDate>2015-05-07T00:00:00</AvailablePackageDate>
    <AvailablePackageName>WixLicenseNote.txt</AvailablePackageName>
    <InfFilePath>C:\Windows\INF\machine.inf</InfFilePath>
    <DownloadedURL>https://downloadmirror.intel.com/24165/eng/WixLicenseNote.txt</DownloadedURL>
    <VersionBeforeInstallation>6.1.7601.17514</VersionBeforeInstallation>
    <VersionAfterInstallation />
    <InstallSuccessful>False</InstallSuccessful>
    <Timestamp>2016-03-11T08:30:48.2444916Z</Timestamp>
    </InstallationDevice>

    Error: (03/11/2016 08:29:24 AM) (Source: Microsoft-Windows-RestartManager)(User: Empire)
    Description: 1C:\Program Files\Intel Driver Update Utility\DriverUpdateUI.exeIntel Driver Update Utility0111721680

    Error: (03/09/2016 11:03:38 PM) (Source: MsiInstaller)(User: Empire)
    Description: Adobe Acrobat Reader DC{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}1625C:\Users\Colin\AppData\Local\Temp\MSIc7edf.LOG(NULL)(NULL)

    Error: (03/09/2016 10:01:54 AM) (Source: MsiInstaller)(User: Empire)
    Description: Adobe Acrobat Reader DC{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}1625C:\Users\Colin\AppData\Local\Temp\MSIcb3f3.LOG(NULL)(NULL)

    Error: (03/04/2016 12:33:49 PM) (Source: Outlook)(User: )
    Description: 0x80070015


    =========================== Installed Programs ============================

    Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
    Adobe AIR (HKLM\...\{34927EBC-98D4-4D53-98BE-510DF5999F50}) (Version: 17.0.0.172 - Adobe Systems Incorporated) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
    Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
    Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
    Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824166751}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
    Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
    Allway Sync version 15.3.1 (HKLM\...\Allway Sync_is1) (Version: - Botkind Inc)
    Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.9.5.820 - Amazon Services LLC)
    Apple Application Support (32-bit) (HKLM\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
    Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
    Applian FLV and Media Player 3.1.1.12 (HKLM\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies)
    Arcade Classic Pack 5.10 (HKLM\...\Arcade Classic Pack_is1) (Version: - Arcade Classic Pack)
    Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver (HKLM\...\{6E19F210-3813-4002-B561-94D66AA182B6}) (Version: 2.4.7.29 - Atheros Communications Inc.)
    Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
    AutoStreamer (HKLM\...\{D9CDB463-BB48-4B80-B1B6-5B940A4621E0}) (Version: 1.0.33 - Antonis Kaladis)
    Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.28 - Avanquest Software)
    BBC iPlayer Downloads (HKLM\...\{C3794B09-6C43-4B93-9CA8-F10BECCF2971}) (Version: 1.11.1 - BBC)
    Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
    BurnAware Free 8.9 (HKLM\...\BurnAware Free_is1) (Version: - Burnaware)
    CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
    CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
    Creative ALchemy (HKLM\...\ALchemy) (Version: 1.41 - Creative Technology Limited)
    Creative Audio Control Panel (HKLM\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
    Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
    Creative Sound Blaster Properties (HKLM\...\Creative Sound Blaster Properties) (Version: 1.02 - Creative Technology Limited)
    D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
    Defraggler (HKLM\...\Defraggler) (Version: 2.20 - Piriform)
    Dropbox (HKCU\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
    DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version: - )
    DVD Ripper 4 (HKLM\...\DVD Ripper 4) (Version: 4.0.53.0721 - ImTOO)
    Fantasy Artwork (HKLM\...\Fantasy Artwork) (Version: - )
    Feedback Tool (HKLM\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
    FFmpeg for Audacity on Windows (HKLM\...\FFmpeg for Audacity on Windows_is1) (Version: - )
    FLAC 1.2.1b (remove only) (HKLM\...\FLAC) (Version: 1.2.1b - Xiph.org)
    Foxit PhantomPDF Standard (HKLM\...\{C82148DF-556D-472D-B3F5-5EF85512CDB6}) (Version: 7.2.0.722 - Foxit Software Inc.)
    Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
    GetDiz (HKLM\...\GetDiz) (Version: 4.8 - Outertech)
    Google Advertising Cookie Opt-out (HKLM\...\{291820D0-A626-40F9-BDFF-8D5CEAB04243}) (Version: 1.0.1.0 - Google Inc)
    Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
    Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
    HP PrecisionScan LTX (HKLM\...\HP PrecisionScan LTX) (Version: - )
    HP Scan-to-Web Wizard (HKLM\...\Scan-To-Web) (Version: - )
    hppLaserJetService (HKLM\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
    hppP1100P1560P1600SeriesLaserJetService (HKLM\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
    hppusgP1100P1560P1600Series (HKLM\...\{853F464A-B2B8-404E-BA3E-B98FF6862C41}) (Version: 1.0.0.1 - Hewlett-Packard) Hidden
    HPSSupply (HKLM\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
    ieSpell (HKLM\...\ieSpell) (Version: 2.6.4 (build 573) - Red Egg Software)
    ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
    Intel® Driver Update Utility (HKLM\...\{561b5fb5-1d4d-40e8-b3e4-ad52858b217c}) (Version: 2.4.0.7 - Intel)
    Internet TV for Windows Media Center (HKLM\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 3.2.0.0 - Microsoft Corporation)
    ISO Recorder (HKLM\...\{39600969-41C3-4658-876E-16F108FC5C92}) (Version: 3.0.0 - Alex Feinman)
    iTunes (HKLM\...\{2C741651-87E0-4479-9703-6DD0D7988B84}) (Version: 12.3.2.35 - Apple Inc.)
    Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
    Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.8.73.2 - Oracle Corporation) Hidden
    Junk Mail filter update (HKLM\...\{24758B1D-9345-4538-A69A-05660F63A296}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    KeyScrambler (HKLM\...\KeyScrambler) (Version: 3.8.2.0 - QFX Software Corporation)
    Lyrics Plugin for Windows Media Player (HKLM\...\{43002AE2-4093-49E0-A03D-990EE184C568}) (Version: 0.4 - Lyrics Plugin)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    MarketResearch (HKLM\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
    MartView (HKLM\...\{1857AAB1-77E0-40FF-91C5-9E415F248F36}) (Version: 2.52 - MartView) Hidden
    MartView (HKLM\...\MartView) (Version: 2.52 - MartView)
    Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft Office FrontPage 2003 (HKLM\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
    Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Outlook Personal Folders Backup (HKLM\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 ENU (HKLM\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
    Movie Maker (HKLM\...\{8C22A294-DBBA-445F-B55C-E26817CCFE69}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    Movie Maker (HKLM\...\{C95AEB53-7FAE-4257-97AF-7136E8D9F9CA}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
    Mozilla Firefox 45.0 (x86 en-GB) (HKLM\...\Mozilla Firefox 45.0 (x86 en-GB)) (Version: 45.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
    MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
    MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
    MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
    neroxml (HKLM\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
    NirSoft ShellExView (HKLM\...\NirSoft ShellExView) (Version: - )
    Nitro PDF Professional (HKLM\...\{9B7B20F4-6504-47FB-A061-308840E175D8}) (Version: 5.5.2.5 - Nitro PDF Software)
    nLite 1.4.9.1 (HKLM\...\nLite_is1) (Version: 1.4.9.1 - Dino Nuhagic (nuhi))
    Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
    Nokia Maps Updater 1.0.12 (HKLM\...\Nokia Maps Updater_is1) (Version: 1.0.12 - )
    Nokia PC Suite (HKLM\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
    Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
    Nokia Software Updater (HKLM\...\{7130468A-F53F-4698-8C09-A339EA3B05E6}) (Version: 3.0.655 - Nokia Corporation)
    Nokia Suite (HKLM\...\{3B69A712-4CBC-40B1-AE55-0203075FD093}) (Version: 3.5.34.0 - Nokia) Hidden
    Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.5.34.0 - Nokia)
    Notepad++ (HKLM\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
    OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
    Outer Space Magic (HKLM\...\Outer Space Magic) (Version: - )
    PC Connectivity Solution (HKLM\...\{7390478C-8581-415E-92E9-2997D9306B81}) (Version: 12.0.32.0 - Nokia)
    Photo Common (HKLM\...\{C201BDF9-1C27-46F8-A248-F4469C9FC27C}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    Photo Gallery (HKLM\...\{16E46BCF-3D36-4353-9BCB-344F7812CEDE}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    Photo Gallery (HKLM\...\{DF7DC45D-8A3C-490C-A70F-8C6A6189EDF9}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    PhotoFiltre (HKCU\...\PhotoFiltre) (Version: - )
    PhotoFiltre 7 (HKCU\...\PhotoFiltre 7) (Version: - )
    PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
    PoiEdit (HKLM\...\PoiEdit) (Version: - )
    PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
    QuickTime 7 (HKLM\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.)
    Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
    RoboForm 7-9-17-5 (All Users) (HKLM\...\AI RoboForm) (Version: 7-9-17-5 - Siber Systems)
    RT 7 Lite (32-Bit) (HKCU\...\RT 7 Lite x86) (Version: 2.6.0 - Rockers Team)
    RT 7 Lite x86 (HKLM\...\{F2558AA8-506F-4C58-AB64-C05C6F675756}) (Version: 2.6.0 - Rockers Team) Hidden
    Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
    Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
    Samsung Story Album Viewer (HKLM\...\{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
    Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
    Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
    SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.0 - Seagate Technology)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    ShellExView (HKLM\...\ShellExView) (Version: 1.37 - NirSoft)
    Show Desktop (HKLM\...\{A7EC7775-06C1-4394-830D-240367AF93BF}_is1) (Version: 1.1 - Green Point Software LTD)
    Sim AQUARIUM 2 (HKLM\...\Sim AQUARIUM 2_is1) (Version: 2.32 - Digital Illusions Software)
    SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
    SpywareBlaster 5.4 (HKLM\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1200 - SUPERAntiSpyware.com)
    swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    System Requirements Lab for Intel (HKLM\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
    TomTom HOME (HKLM\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - TomTom)
    TomTom HOME (HKLM\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - TomTom)
    TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
    Total Recorder 7.0 (HKLM\...\TotalRecorder) (Version: - )
    TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    VC 9.0 Runtime (HKLM\...\{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}) (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
    Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
    VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
    Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
    WindowManager (HKLM\...\WindowManager) (Version: 1.6.0 - DeskSoft)
    Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
    Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
    Windows Driver Package - Nokia pccsmcfd "LegacyDriver" (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
    Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.6.2015.18 - Ruiware)
    WinRAR 4.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
    WinX DVD Ripper 5.6.1 (HKLM\...\WinX DVD Ripper_is1) (Version: - Digiarty Software, Inc.)
    WinZip 12.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )
    Your Uninstaller! 2010 (HKLM\...\YU2010_is1) (Version: 7.0 - URSoft, Inc.)
    Yrefresher 1.00 (HKLM\...\YRefresher_is1) (Version: - Yoconsoft)

    ========================= Devices: ================================

    Name: MpKslf6e10e74
    Description: MpKslf6e10e74
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: MpKslf6e10e74
    Device ID: ROOT\LEGACY_MPKSLF6E10E74\0000
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ========================= Memory info: ===================================

    Percentage of memory in use: 56%
    Total physical RAM: 2038.24 MB
    Available physical RAM: 889.95 MB
    Total Virtual: 5095.24 MB
    Available Virtual: 3474.95 MB

    ========================= Partitions: =====================================

    1 Drive c: (Windows 7 Professional) (Fixed) (Total:99.61 GB) (Free:38.48 GB) NTFS
    2 Drive d: (Data) (Fixed) (Total:144.53 GB) (Free:59.6 GB) NTFS
    3 Drive e: (Other Data) (Fixed) (Total:221.62 GB) (Free:94.02 GB) NTFS
    4 Drive f: (Data Backup) (Fixed) (Total:152.67 GB) (Free:48.99 GB) NTFS

    ========================= Users: ========================================

    User accounts for \\EMPIRE

    Colin Guest Julie
    Main User


    **** End of log ****
     
  5. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    Second log:

    # AdwCleaner v5.102 - Logfile created 13/03/2016 at 21:14:15
    # Updated 13/03/2016 by Xplode
    # Database : 2016-03-13.2 [Server]
    # Operating system : Windows 7 Professional Service Pack 1 (x86)
    # Username : Colin - EMPIRE
    # Running from : D:\Colin's Documents\My Downloads\AdwCleaner.exe
    # Option : Clean
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Folders ] *****

    [-] Folder Deleted : C:\Program Files\myfree codec
    [-] Folder Deleted : C:\ProgramData\Innovative Solutions
    [-] Folder Deleted : C:\ProgramData\speedypc software
    [-] Folder Deleted : C:\ProgramData\63b62cee8a71ac3a
    [-] Folder Deleted : C:\ProgramData\{cf81618b-66db-7d28-cf81-1618b66d862d}
    [-] Folder Deleted : C:\Users\Colin\AppData\Local\Innovative Solutions
    [-] Folder Deleted : C:\Users\Colin\AppData\Local\YSearchUtil
    [-] Folder Deleted : C:\Users\Colin\AppData\Roaming\download Manager
    [-] Folder Deleted : C:\Users\Colin\AppData\Roaming\DriverCure
    [-] Folder Deleted : C:\Users\Colin\AppData\Roaming\speedypc software
    [-] Folder Deleted : C:\Windows\system32\C2MP
    [-] Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\YSearchUtil

    ***** [ Files ] *****

    [-] File Deleted : C:\ProgramData\hpe42E3.dll
    [-] File Deleted : C:\Windows\Reimage.ini

    ***** [ DLLs ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****

    [-] Task Deleted : IHUninstallTrackingTASK
    [-] Task Deleted : LaunchApp

    ***** [ Registry ] *****

    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4260E0CC-0F75-462E-88A3-1E05C248BF4C}
    [-] Key Deleted : HKCU\Software\distromatic
    [-] Key Deleted : HKCU\Software\Myfree Codec
    [-] Key Deleted : HKCU\Software\Reimage
    [-] Key Deleted : HKCU\Software\speedypc software
    [-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
    [-] Key Deleted : HKCU\Software\AppDataLow\Software\Yahoo\Companion
    [-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
    [-] Key Deleted : HKLM\SOFTWARE\SK.Enhancer
    [-] Key Deleted : HKLM\SOFTWARE\speedypc software
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Applian FLV and Media Player
    [-] Key Deleted : HKU\S-1-5-21-2548019330-3924178630-1638020567-1003\Software\AGI
    [-] Key Deleted : HKU\S-1-5-21-2548019330-3924178630-1638020567-1003\Software\Myfree Codec
    [-] Key Deleted : HKU\S-1-5-21-2548019330-3924178630-1638020567-1003\Software\Yahoo\Companion
    [-] Key Deleted : HKU\S-1-5-21-2548019330-3924178630-1638020567-1003\Software\Yahoo\YFriendsBar
    [-] Key Deleted : HKU\S-1-5-21-2548019330-3924178630-1638020567-1003\Software\AppDataLow\Software\Yahoo\Companion

    ***** [ Web browsers ] *****

    [-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\veef56bw.default-1426859717114\prefs.js] [Preference] Deleted : user_pref( "browser.search.selectedEngine ", "Conduit Search ");
    [-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\veef56bw.default-1426859717114\prefs.js] [Preference] Deleted : user_pref( "extensions.customizegoogle.web.search-links ", true);
    [-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\veef56bw.default-1426859717114\prefs.js] [Preference] Deleted : user_pref( "extensions.optimizegoogle.web.search-links ", true);
    [-] [C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\veef56bw.default-1426859717114\prefs.js] [Preference] Deleted : user_pref( "extensions.optimizegoogle.web.searchwiki ", false);

    *************************

    :: "Tracing" keys removed
    :: Winsock settings cleared

    *************************

    C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [5484 bytes] - [13/03/2016 21:14:15]
    C:\Program Files\AdwCleaner\AdwCleaner[S1].txt - [5898 bytes] - [13/03/2016 21:09:04]

    ########## EOF - C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [5658 bytes] ##########
     
  6. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    Third log:

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.3 (02.09.2016)
    Operating System: Windows 7 Professional x86
    Ran by Colin (Administrator) on 13/03/2016 at 21:22:50.42
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 20

    Successfully deleted: C:\Program Files\mozilla firefox\defaults\pref\itms.js (File)
    Successfully deleted: C:\ProgramData\productdata (Folder)
    Successfully deleted: C:\Users\Colin\AppData\Local\{86144C42-BCE0-4797-BD75-C0343441CEB5} (Empty Folder)
    Successfully deleted: C:\Windows\wininit.ini (File)
    Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WQ1AMA7 (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\87FL3X4V (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FXPIEAMT (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I1FC3NDI (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N3PNIY7K (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NWDKEA31 (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UG7XSQRM (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZJD61G71 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WQ1AMA7 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\87FL3X4V (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FXPIEAMT (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I1FC3NDI (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N3PNIY7K (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NWDKEA31 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UG7XSQRM (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZJD61G71 (Temporary Internet Files Folder)



    Registry: 0





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 13/03/2016 at 21:24:52.91
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  7. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    Adware Removal Tool:

    SopCast ->> Folder ->> C:\Users\Colin\Appdata\Local\VirtualStore\Program Files
    mysearchdialcdn.com ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
    sweetpacks.com ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
    mysearchdialcdn.com ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\
    sweetpacks.com ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\
    mysearchdialcdn.com ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
    sweetpacks.com ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
    mysearchdialcdn.com ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\
    sweetpacks.com ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\
    mysearchdialcdn.com ->> Registry Key ->> HKEY_USERS\\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
    sweetpacks.com ->> Registry Key ->> HKEY_USERS\\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
    mysearchdialcdn.com ->> Registry Key ->> HKEY_USERS\\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\
    sweetpacks.com ->> Registry Key ->> HKEY_USERS\\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\
    mysearchdialcdn.com ->> Registry Key ->> HKEY_USERS\\S-1-5-21-2548019330-3924178630-1638020567-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
    sweetpacks.com ->> Registry Key ->> HKEY_USERS\\S-1-5-21-2548019330-3924178630-1638020567-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
    mysearchdialcdn.com ->> Registry Key ->> HKEY_USERS\\S-1-5-21-2548019330-3924178630-1638020567-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\
    sweetpacks.com ->> Registry Key ->> HKEY_USERS\\S-1-5-21-2548019330-3924178630-1638020567-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\
    mysearchdialcdn.com ->> Registry Key ->> HKEY_USERS\\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
    sweetpacks.com ->> Registry Key ->> HKEY_USERS\\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
    mysearchdialcdn.com ->> Registry Key ->> HKEY_USERS\\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\
    sweetpacks.com ->> Registry Key ->> HKEY_USERS\\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\
    imesh ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\
    imesh ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\
    imesh ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\
    imesh ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\
    imesh ->> Registry Key ->> HKEY_USERS\\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\
    imesh ->> Registry Key ->> HKEY_USERS\\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\
    imesh ->> Registry Key ->> HKEY_USERS\\S-1-5-21-2548019330-3924178630-1638020567-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\
    imesh ->> Registry Key ->> HKEY_USERS\\S-1-5-21-2548019330-3924178630-1638020567-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\
    imesh ->> Registry Key ->> HKEY_USERS\\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\
    imesh ->> Registry Key ->> HKEY_USERS\\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\
     
  8. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    ZHPCleaner :

    ~ ZHPCleaner v2016.3.13.40 by Nicolas Coolman (2016/03/13)
    ~ Run by Colin (Administrator) (13/03/2016 22:11:45)
    ~ Site : http://www.nicolascoolman.com
    ~ Facebook : https://www.facebook.com/nicolascoolman1
    ~ State version : Version OK
    ~ Type : Repair
    ~ Report : C:\Users\Colin\Desktop\ZHPCleaner.txt
    ~ Quarantine : C:\Users\Colin\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
    ~ UAC : Activate
    ~ Boot Mode : Normal (Normal boot)
    Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)


    ---\\ Services (0)
    ~ No malicious or unnecessary items found.


    ---\\ Browser internet (0)
    ~ No malicious or unnecessary items found.


    ---\\ Hosts file (1)
    ~ The hosts file is legitimate (29149)


    ---\\ Scheduled automatic tasks. (0)
    ~ No malicious or unnecessary items found.


    ---\\ Explorer ( File, Folder) (7)
    MOVED file: C:\ProgramData\InstallMate\{E92B021E-4D56-4478-A693-057432C820E8}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>.Superfluous.Tarma
    MOVED file: C:\ProgramData\InstallMate\{84481A87-2316-4923-8FAB-3BA8CA29323D}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>.Superfluous.Tarma
    MOVED file^: C:\ProgramData\InstallMate\{84481A87-2316-4923-8FAB-3BA8CA29323D}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>.Superfluous.Tarma
    MOVED file^: C:\ProgramData\InstallMate\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>.Superfluous.Tarma
    MOVED file^: C:\ProgramData\InstallMate\{007811BF-E310-4285-BFC6-55DB29B3EDDE}\Setup.exe [Tarma Software Research Pty Ltd - Tarma® InstallMate Setup] =>.Superfluous.Tarma
    MOVED file^: C:\ProgramData\InstallMate\{007811BF-E310-4285-BFC6-55DB29B3EDDE}\TsuDll.dll [Tarma Software Research Pty Ltd - Tarma® InstallMate Setup Library] =>.Superfluous.Tarma
    MOVED folder: C:\ProgramData\InstallMate =>.Superfluous.Tarma


    ---\\ Registry ( Key, Value, Data) (9)
    DELETED data: HKLM\SOFTWARE\Classes\JSFile\Shell\Open\Command\\Default [Bad : [js] C:\Windows\System32\CScript.exe "%1" %*] =>Broken.OpenCommand
    DELETED key*: HKEY_USERS\S-1-5-21-2548019330-3924178630-1638020567-1001\SOFTWARE\RegisteredApplicationsEx [] =>PUP.Optional.SfKpCouponApp
    DELETED key: HKCU\Software\RegisteredApplicationsEx [] =>PUP.Optional.SfKpCouponApp
    DELETED key*: HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>Trojan.Camec
    DELETED key*: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine [ReiEngine Class] =>PUP.Optional.GetLiveSupport
    DELETED key*: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1 [ReiEngine Class] =>PUP.Optional.GetLiveSupport
    DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{0C857665-B49C-D735-8CC2-096142C70B7D} [surf anndi keep] =>PUP.Optional.SurfAndKeep
    DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F49} [SavePass] =>PUP.Optional.CrossRider
    DELETED key: HKLM\SOFTWARE\Classes\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F49}\InprocServer32 [C:\Program Files\Siber Systems\AI RoboForm\roboform.dll] =>PUP.Optional.CrossRider


    ---\\ Summary of the elements found (7)
    http://www.nicolascoolman.fr/?p=259 =>.Superfluous.Tarma
    http://www.nicolascoolman.fr/?p=4664 =>Broken.OpenCommand
    http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SfKpCouponApp
    http://www.nicolascoolman.fr/?p=4664 =>Trojan.Camec
    http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.GetLiveSupport
    http://www.nicolascoolman.fr/?p=1113 =>PUP.Optional.SurfAndKeep
    http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider


    ---\\ Other deletions. (3)
    ~ Registry Keys Tracing deleted (3)
    ~ Remove the old reports ZHPCleaner. (0)


    ---\\ Result of repair
    ~ Repair carried out successfully
    ~ Browser not found (Google Chrome)
    ~ Browser not found (Opera Software)
    ~ The system has been restarted.


    ---\\ Statistics
    ~ Items scanned : 62536
    ~ Items found : 0
    ~ Items cancelled : 0
    ~ Items repaired : 16


    ~ End of clean in 00h03mn51s
    ===================
    ZHPCleaner-[R]-13032016-22_15_36.txt
    ZHPCleaner--13032016-22_07_57.txt
     
  9. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    Hitman Pro would not run as a Trail so although I ran it would not clean or create a log.
     
  10. 2016/03/13
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,899
    Likes Received:
    510
    For Hitman Pro, you need to activate the free license and then it will allow you to clean any items that it finds. Did you look at my screenshots when running Hitman Pro?
     
  11. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    As soon as it's opened there is a banner across the bottom stating "Trial license expired, Removal of viruses and other malicious software is disabled BUY NOW" When you click next like you show I didn't get an EULA page but went to the next page and if you select No, I only want etc. it will not clean without payment.
     
  12. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    Zoek - Part 1


    Zoek.exe v5.0.0.1 Updated 31-December-2015
    Tool run by Colin on 14/03/2016 at 1:01:25.03.
    Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
    Running in: Normal Mode Internet Access Detected
    Launched: D:\Colin's Documents\My Downloads\zoek.exe [Scan all users] [Script inserted]

    ==== Older Logs ======================

    C:\zoek-results2016-03-13-230901.log 56538 bytes

    ==== System Restore Info ======================

    14/03/2016 01:04:11 Zoek.exe System Restore Point Created Successfully.

    ==== Empty Folders Check ======================

    C:\Program Files\HitmanPro deleted successfully

    ==== Deleting CLSID Registry Keys ======================


    ==== Deleting CLSID Registry Values ======================


    ==== Installed Programs ======================

    Adobe Acrobat Reader DC
    Adobe AIR
    Adobe Flash Player 21 ActiveX
    Adobe Flash Player 21 NPAPI
    Adobe Refresh Manager
    Adobe Shockwave Player 12.2
    Allway Sync version 15.3.1
    Amazon Music
    Apple Application Support (32-bit)
    Apple Mobile Device Support
    Apple Software Update
    Arcade Classic Pack 5.10
    Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver
    Audacity 2.1.0
    AutoStreamer
    Avanquest update
    BBC iPlayer Downloads
    Bonjour
    BurnAware Free 8.9
    CCleaner
    CDBurnerXP
    Creative ALchemy
    Creative Audio Control Panel
    Creative Software AutoUpdate
    Creative Sound Blaster Properties
    D3DX10
    DAEMON Tools Lite
    Definition Update for Microsoft Office 2010 (KB3114887) 32-Bit Edition
    Defraggler
    Dropbox
    DVD Decrypter (Remove Only)
    DVD Ripper 4
    Fantasy Artwork
    Feedback Tool
    FFmpeg for Audacity on Windows
    FLAC 1.2.1b (remove only)
    Foxit PhantomPDF Standard
    Foxit Reader
    GetDiz
    Google Advertising Cookie Opt-out
    Google Earth
    Google Update Helper
    HP LaserJet Professional P1100-P1560-P1600 Series
    HP PrecisionScan LTX
    HP Scan-to-Web Wizard
    hppLaserJetService
    hppP1100P1560P1600SeriesLaserJetService
    hppusgP1100P1560P1600Series
    HPSSupply
    ieSpell
    ImgBurn
    Intel(R) Driver Update Utility 2.4
    Intel(R) Graphics Media Accelerator Driver
    Intel© Driver Update Utility
    Internet TV for Windows Media Center
    ISO Recorder
    iTunes
    Java 8 Update 73
    Java Auto Updater
    Junk Mail filter update
    KeyScrambler
    Lyrics Plugin for Windows Media Player
    Malwarebytes Anti-Malware version 2.2.0.1024
    MarketResearch
    MartView
    Microsoft .NET Framework 4.6.1
    Microsoft Application Error Reporting
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office FrontPage 2003
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Outlook Personal Folders Backup
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft SQL Server Compact 3.5 ENU
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
    Microsoft_VC100_CRT_SP1_x86
    Movie Maker
    MozBackup 1.5.1
    Mozilla Firefox 45.0 (x86 en-GB)
    Mozilla Maintenance Service
    MSVC80_x86_v2
    MSVC90_x86
    MSVCRT
    MSVCRT110
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB2721691)
    MSXML 4.0 SP3 Parser (KB2758694)
    MSXML 4.0 SP3 Parser (KB973685)
    neroxml
    NirSoft ShellExView
    Nitro PDF Professional
    nLite 1.4.9.1
    Nokia Connectivity Cable Driver
    Nokia Maps Updater 1.0.12
    Nokia PC Suite
    Nokia Software Updater
    Nokia Suite
    Notepad++
    OGA Notifier 2.0.0048.0
    Outer Space Magic
    PC Connectivity Solution
    Photo Common
    Photo Gallery
    PhotoFiltre
    PhotoFiltre 7
    PlayReady PC Runtime x86
    PoiEdit
    PrimoPDF -- brought to you by Nitro PDF Software
    QuickTime 7
    Realtek High Definition Audio Driver
    Revo Uninstaller 1.92
    RoboForm 7-9-17-5 (All Users)
    RT 7 Lite (32-Bit)
    RT 7 Lite x86
    Samsung Kies
    Samsung Story Album Viewer
    SAMSUNG USB Driver for Mobile Phones
    Samsung USB Driver for Mobile Phones
    SeaTools for Windows
    Security Update for Microsoft .NET Framework 4.6.1 (KB3122661)
    Security Update for Microsoft .NET Framework 4.6.1 (KB3127233)
    Security Update for Microsoft .NET Framework 4.6.1 (KB3136000)
    Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition
    Security Update for Microsoft Excel 2010 (KB3114759) 32-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB3085560) 32-Bit Edition
    Security Update for Microsoft Outlook 2010 (KB3114883) 32-Bit Edition
    Security Update for Microsoft PowerPoint 2010 (KB3114396) 32-Bit Edition
    Security Update for Microsoft Publisher 2010 (KB2817478) 32-Bit Edition
    Security Update for Microsoft Visio 2010 (KB3114402) 32-Bit Edition
    Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition
    Security Update for Microsoft Word 2010 (KB3114878) 32-Bit Edition
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
    Show Desktop
    Sim AQUARIUM 2
    SpeedFan (remove only)
    SpywareBlaster 5.4
    SUPERAntiSpyware
    swMSM
    System Requirements Lab for Intel
    TomTom HOME
    TomTom HOME Visual Studio Merge Modules
    Total Recorder 7.0
    TrueCrypt
    Unlocker 1.9.2
    Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition
    Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition
    Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2494150)
    Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition
    Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition
    Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition
    Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition
    Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition
    Update for Microsoft Office 2010 (KB3085512) 32-Bit Edition
    Update for Microsoft Office 2010 (KB3085515) 32-Bit Edition
    Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition
    Update for Microsoft Office 2010 (KB3114750) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB3114410) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB3114756) 32-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition
    Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition
    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
    Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition
    VC 9.0 Runtime
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    VLC media player
    Winamp
    Winamp Detector Plug-in
    WindowManager
    Windows Driver Package - Nokia Modem (02/25/2011 4.7)
    Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
    Windows Driver Package - Nokia pccsmcfd "LegacyDriver" (05/31/2012 7.1.2.0)
    Windows Installer Clean Up
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Media Player Firefox Plugin
    WinPatrol
    WinRAR 4.00 (32-bit)
    WinX DVD Ripper 5.6.1
    WinZip 12.0
    Your Uninstaller 2010
    Yrefresher 1.00

    ==== Running Processes ======================

    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Program Files\Creative\Shared Files\CTAudSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Amazon\Amazon1ButtonApp\Amazon1ButtonService.Exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Allway Sync\Bin\SyncService.exe
    C:\Windows\system32\CISVC.EXE
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\WindowManager\WindowManager.exe
    C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\KeyScrambler\KeyScrambler.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
    C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
    C:\Users\Colin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
    C:\Windows\system32\HPSIsvc.exe
    D:\Colin's Documents\My Downloads\zoek.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\svchost.exe -k utcsvc
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet

    ==== Deleting Services ======================
     
  13. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    Part 2

    ==== Batch Command(s) Run By Tool======================

    Reseting Interface, OK!
    Restart the computer to complete this action.


    ==== Deleting Files \ Folders ======================

    "C:\Windows\Installer\114ed6.msi" not found

    ==== System Specs ======================

    Windows: Windows 7 Professional Edition Service Pack 1 (Build 7601)
    Memory (RAM): 2039 MB
    CPU Info: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
    CPU Speed: 2523.5 MHz
    Sound Card: Speakers (SB Audigy) |
    Playback through TotalRecorder |
    Modem #0 Line Playback |
    Digital Audio Interface (SB Aud |
    Speakers (Realtek High Definiti |
    Speakers (Total Recorder WDM au |
    Realtek Digital Output (Realtek |
    Display Adapters: Intel(R) G33/G31 Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
    Monitors: 1x; Acer X233H |
    Screen Resolution: 1920 X 1080 - 32 bit
    Network: Network Present
    Network Adapters: Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller
    CD / DVD Drives: 3x (X: | Y: | Z: | ) X: DTSOFT BDROM | Y: ENGDAT I3GHANO1E | Z: HL-DT-STDVD-RAM GH22NS30
    Ports: COM13 | COM1 LPT1
    Mouse: 8 Button Wheel Mouse Present
    Hard Disks: C: 99.6GB | D: 144.5GB | E: 221.6GB | F: 152.7GB
    Hard Disks - Free: C: 37.3GB | D: 59.6GB | E: 94.0GB | F: 48.9GB
    Manufacturer *: American Megatrends Inc.
    BIOS Info: AT/AT COMPATIBLE | 12/09/08 | _ASUS_ - 12000809
    Time Zone: GMT Standard Time
    Motherboard *: ASUSTeK Computer INC. V-P5G31
    Country: United Kingdom
    Language: ENG

    ==== System Specs (Software) ======================

    AV: Microsoft Security Essentials *Enabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
    SP: Microsoft Security Essentials *Enabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    Default Browser: Firefox 45.0
    Internet Explorer Version: 11.0.9600.18230
    Mozilla Firefox version: 45.0 (x86 en-GB)
    Adobe Reader version: 15.10.20056.167417
    Sun Java version: 1.8.0_73 (32-bit)
    Flash Player version: 21.0.0.182
    Shockwave Player version: 12.2.4r194

    ==== Files Recently Created / Modified ======================

    ====== C:\Windows ====
    ====== C:\Users\Colin\AppData\Local\Temp ====
    2016-03-13 21:22:42 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\Colin\AppData\Local\Temp\jrt\libiconv2.dll
    2016-03-13 21:22:42 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\Colin\AppData\Local\Temp\jrt\libintl3.dll
    2016-03-13 21:22:42 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\Colin\AppData\Local\Temp\jrt\pcre3.dll
    2016-03-13 21:22:42 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\Colin\AppData\Local\Temp\jrt\regex2.dll
    2016-03-13 21:22:42 2F9C7FDA92C346CB5AA32091536AE0CB 43520 ----a-w- C:\Users\Colin\AppData\Local\Temp\jrt\nfo\nircmdc.exe
    2016-03-13 21:22:41 BD59D8A4565D1D1AB3C7CF81948C8DBE 86840 ----a-w- C:\Users\Colin\AppData\Local\Temp\jrt\CreateRestorePoint.exe
    2016-03-03 09:50:22 5F09D271B8F4A62FC087E0D5452D2EC8 681097 ----a-w- C:\Users\Colin\AppData\Local\Temp\sqlite3.dll
    ====== Java Cache =====
    2016-03-11 07:04:23 CA3F623E08DA85C7F0CE476E741B2FAC 485257 ----a-w- C:\Users\Colin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\6f20baa4-205e6197
    2016-02-26 11:21:56 4F85459CEC4F78A3987FFFD5B6A816C5 605 ----a-w- C:\Users\Colin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-43fcfc97
    2016-02-26 11:21:56 C9588417B10E1D770E3E5DA1F3510AE5 8425 ----a-w- C:\Users\Colin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-6db2c59c
    2016-03-13 11:04:39 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Colin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-1adccc51
    2016-03-11 07:04:22 C611538EFED63F122E4A07F748AC01B3 793 ----a-w- C:\Users\Colin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\11dd5f3d-5a90506a
    2016-03-11 07:04:23 491F4C45C9043C2F75DB506B2B89A585 99 ----a-w- C:\Users\Colin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\11dd5f3d-866ea8a9a5e54c718f59857e9fb20e99af8e0c6c1540667a6358a78f78af6bf9-6.0.lap
    ====== C:\Windows\system32 =====
    2016-03-13 21:30:03 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Windows\System32\subinacl.exe
    2016-03-13 11:38:35 5D9578879469E7C27E5B6EA2C7B5A195 142528 ----a-w- C:\Windows\System32\FlashPlayerCPLApp.cpl
    2016-03-13 11:38:35 18F80B68ABC58BB5A775629268FEC274 797376 ----a-w- C:\Windows\System32\FlashPlayerApp.exe
    2016-03-13 11:02:01 F3B1491B98161CABC1F0DBF1A2488FE3 95840 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll
    2016-03-08 20:25:49 98F4BA49FDCC7B72C49264C898D95D29 60416 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2016-03-08 20:25:48 DBB5C283EE7F5A7BD17CF920F9829939 102912 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2016-03-08 20:25:48 AE72034FD5DC627560415014B5A9B5AD 667648 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2016-03-08 20:25:48 88B168CC30FFB78275E7804E2167F180 684032 ----a-w- C:\Windows\System32\ie4uinit.exe
    2016-03-08 20:25:48 5CCF8CCADD86DEF3F503869E209CB771 47616 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2016-03-08 20:25:47 FB7B95D4A7F5BA563516335CC23FC53C 130048 ----a-w- C:\Windows\System32\occache.dll
    2016-03-08 20:25:47 E90B8C7F9667650544ADC778CCD43568 30720 ----a-w- C:\Windows\System32\iernonce.dll
    2016-03-08 20:25:47 C99B6E09C23BF1FB1F1B1D02F1E3072F 341200 ----a-w- C:\Windows\System32\iedkcs32.dll
    2016-03-08 20:25:47 C04FE126FE7661A727E2EACA3773BF63 496640 ----a-w- C:\Windows\System32\vbscript.dll
    2016-03-08 20:25:47 77305AE3440CB9A28E76A88AE609C414 47104 ----a-w- C:\Windows\System32\jsproxy.dll
    2016-03-08 20:25:47 6D78ABE37BC816FBC67A62A7A1A5C582 1311744 ----a-w- C:\Windows\System32\urlmon.dll
    2016-03-08 20:25:47 2EC93A7E9DEE0D310729490FD39EB1ED 115712 ----a-w- C:\Windows\System32\ieUnatt.exe
    2016-03-08 20:25:46 D7CCF5333B2F75EF0F5ADC85960872B8 620032 ----a-w- C:\Windows\System32\jscript9diag.dll
    2016-03-08 20:25:46 9D41CAE6A55681E9F816BDC80451B916 416256 ----a-w- C:\Windows\System32\dxtmsft.dll
    2016-03-08 20:25:46 52733FEAAF339B76CF7DD82B676A959E 91136 ----a-w- C:\Windows\System32\inseng.dll
    2016-03-08 20:25:46 0D9E4C237A6B6B78BF237FCA65A1103C 710144 ----a-w- C:\Windows\System32\ieapfltr.dll
    2016-03-08 20:25:46 072926C6A8342EB10FF4DA3BBBE57DB5 687104 ----a-w- C:\Windows\System32\msfeeds.dll
    2016-03-08 20:25:46 02B17540AEDFFD935E1FCFF62941FD63 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2016-03-08 20:25:45 F513214BA350CF5D0D362A002FE79733 2050560 ----a-w- C:\Windows\System32\inetcpl.cpl
    2016-03-08 20:25:45 EFB16D89CDDE7648D14E09D765AE52EB 230400 ----a-w- C:\Windows\System32\webcheck.dll
    2016-03-08 20:25:45 E36BD63A2B9EAC4AE3C5F4F0E0FEA025 168960 ----a-w- C:\Windows\System32\msrating.dll
    2016-03-08 20:25:45 9ECBE17BAE1171042910A24800E1A59C 62464 ----a-w- C:\Windows\System32\iesetup.dll
    2016-03-08 20:25:44 EDB9618FF3238EF0FC2734F584B13A33 2121216 ----a-w- C:\Windows\System32\wininet.dll
    2016-03-08 20:25:44 D4CA25F171F112563E503B5E13CF02B7 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2016-03-08 20:25:44 B8106E5CE39EAF8472DB521BB2C62150 663552 ----a-w- C:\Windows\System32\jscript.dll
    2016-03-08 20:25:43 94295E6C1D6A458D611491C45DA86325 279040 ----a-w- C:\Windows\System32\dxtrans.dll
    2016-03-08 20:25:43 4A7149C25E250A2B3E320556D3B28D8F 476160 ----a-w- C:\Windows\System32\ieui.dll
    2016-03-08 20:25:42 F02CF24E59AF96F7F2FFF8C3204F57B8 13012480 ----a-w- C:\Windows\System32\ieframe.dll
    2016-03-08 20:25:41 FAC2BB786EF0B771633A6CAEEE343CEF 76288 ----a-w- C:\Windows\System32\mshtmled.dll
    2016-03-08 20:25:41 F6F1806F34BB8C6C220A259F584A80E1 341504 ----a-w- C:\Windows\System32\html.iec
    2016-03-08 20:25:40 A795080ED1B03288F90FE7A357B08FA6 64000 ----a-w- C:\Windows\System32\MshtmlDac.dll
    2016-03-08 20:25:40 4F8E44453EDB8083F504DDF679B55034 1155072 ----a-w- C:\Windows\System32\mshtmlmedia.dll
    2016-03-08 20:25:39 D1A735C183F2AD39CF6FE60E8593B0B2 4611072 ----a-w- C:\Windows\System32\jscript9.dll
    2016-03-08 20:25:38 3DF6C79B9F93A289D02395642645319C 20352512 ----a-w- C:\Windows\System32\mshtml.dll
    2016-03-08 20:25:37 C54971134F66CFBDE313D7D74A297AAC 2280448 ----a-w- C:\Windows\System32\iertutil.dll
    2016-03-08 20:25:29 9CB43A3626DA5D043894D743CAB8DEA2 90624 ----a-w- C:\Windows\System32\olepro32.dll
    2016-03-08 20:25:29 55013E011A58E0E4F41CBC51FF89DD68 2387456 ----a-w- C:\Windows\System32\win32k.sys
    2016-03-08 20:25:29 50620D7F4EF26981C76B703C89DFF0FE 67584 ----a-w- C:\Windows\System32\asycfilt.dll
    2016-03-08 20:25:29 4CE464D543C536B2E039524C93413238 572416 ----a-w- C:\Windows\System32\oleaut32.dll
    2016-03-08 20:25:28 73B2226CA11907E2AE3427BBF4C09967 296448 ----a-w- C:\Windows\System32\mfds.dll
    2016-03-08 20:25:27 38CBFFED5FC39CDFE6B4014401ED2629 21504 ----a-w- C:\Windows\System32\seclogon.dll
    2016-03-08 20:25:20 7DAD20AB1DD90D89F9EF851F5EB60651 3938240 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2016-03-08 20:25:20 42EB0FE7AD8508CE81C1213C88E009E6 1310232 ----a-w- C:\Windows\System32\ntdll.dll
    2016-03-08 20:25:19 565DE7C3364D2B17A4115116251D5718 3994560 ----a-w- C:\Windows\System32\ntkrnlpa.exe
    2016-03-08 20:25:19 1B2966418D805A871C30998D45570109 642560 ----a-w- C:\Windows\System32\advapi32.dll
    2016-03-08 20:25:18 F5071D3802BC7A7AA65D58D57F9B7D70 553472 ----a-w- C:\Windows\System32\kerberos.dll
    2016-03-08 20:25:18 B1A05A45F23F1AAF5F2C590278C3067A 654336 ----a-w- C:\Windows\System32\rpcrt4.dll
    2016-03-08 20:25:18 97EC2553D2C09D79985064B8BF106A83 69632 ----a-w- C:\Windows\System32\smss.exe
    2016-03-08 20:25:18 1260B977B3855E5CE51E789B2FE81305 1060864 ----a-w- C:\Windows\System32\lsasrv.dll
    2016-03-08 20:25:17 E972D8F1788B43E357BA75E1EE03BA28 262656 ----a-w- C:\Windows\System32\rstrui.exe
    2016-03-08 20:25:17 D6B30A1D95917A934BA1CEC152763EBB 43008 ----a-w- C:\Windows\System32\srclient.dll
    2016-03-08 20:25:17 CE84B59705A2A8F55EAE912EC2217B95 15872 ----a-w- C:\Windows\System32\sspisrv.dll
    2016-03-08 20:25:17 C9E5B2084321B113344015FEE3C89CCF 17408 ----a-w- C:\Windows\System32\credssp.dll
    2016-03-08 20:25:17 B994002C9AC277B400D8616AAEB3D83E 259584 ----a-w- C:\Windows\System32\msv1_0.dll
    2016-03-08 20:25:17 B3AE2AB29B51BC44511262259499D18B 22016 ----a-w- C:\Windows\System32\secur32.dll
    2016-03-08 20:25:17 ADFB530BD8835ACE1B272DA8A7308A96 50176 ----a-w- C:\Windows\System32\auditpol.exe
    2016-03-08 20:25:17 99D3E1FAB38B1D6DA536243631BAB839 6656 ----a-w- C:\Windows\System32\apisetschema.dll
    2016-03-08 20:25:17 7E916EF3B58764029527F684E4DA66DF 400896 ----a-w- C:\Windows\System32\srcore.dll
    2016-03-08 20:25:17 67A49E0BA4E7BEB62CB9EF073D923C85 22016 ----a-w- C:\Windows\System32\lsass.exe
    2016-03-08 20:25:17 5D7A25E110E666040C37E16DF634A723 36352 ----a-w- C:\Windows\System32\cryptbase.dll
    2016-03-08 20:25:17 5107D0FCD28BC68995D862B718C98CDD 223232 ----a-w- C:\Windows\System32\ncrypt.dll
    2016-03-08 20:25:17 2D80E80C501E4BE7120FADE47001CD92 38912 ----a-w- C:\Windows\System32\csrsrv.dll
    2016-03-08 20:25:17 29FE8C8BB2C241B9754D59037FCF5775 99840 ----a-w- C:\Windows\System32\sspicli.dll
    2016-03-08 20:25:17 21404A9B0692E19E04EE714F5D5C6C48 171520 ----a-w- C:\Windows\System32\wdigest.dll
    2016-03-08 20:25:17 1827E4CAD59C32A1E913AAC375AC094F 251392 ----a-w- C:\Windows\System32\schannel.dll
    2016-03-08 20:25:17 009045301F508A498F11EAD9D0FAA3FD 65536 ----a-w- C:\Windows\System32\TSpkg.dll
    2016-03-08 20:25:16 F0B10B63F257577F270D7E5265FA576C 146432 ----a-w- C:\Windows\System32\msaudite.dll
    2016-03-08 20:25:16 C9A9A093C04AA3DA11D12E6374D7650A 60416 ----a-w- C:\Windows\System32\msobjs.dll
    2016-03-08 20:25:16 886F415E4F7A87AF69EBF5020C67EF6F 686080 ----a-w- C:\Windows\System32\adtschema.dll
    2016-03-08 20:22:23 E85BED746BBDDCD29AD63F6085E1CE78 299520 ----a-w- C:\Windows\System32\atmfd.dll
    2016-03-08 20:22:23 B1B26BEDCB21B574B3CADCDC3BE9E969 70656 ----a-w- C:\Windows\System32\fontsub.dll
    2016-03-08 20:22:23 84E9A8646F19EC99673EC863D0815133 34304 ----a-w- C:\Windows\System32\atmlib.dll
    2016-03-08 20:22:23 40F3BEFCD156B0698280A070047FDEAF 26112 ----a-w- C:\Windows\System32\lpk.dll
    2016-03-08 20:22:23 0F3A519AC7E43B77EE4EAE50F347C913 10240 ----a-w- C:\Windows\System32\dciman32.dll
    2016-03-08 20:22:21 0BACC9DB52051142492AA8F09ADAF8B5 11411456 ----a-w- C:\Windows\System32\wmp.dll
    2016-03-08 20:22:20 6535F092A603C6EEED0D923AB05735E1 8192 ----a-w- C:\Windows\System32\spwmp.dll
    2016-03-08 20:22:20 43C68440DD263F5CAEF8C34C12214A4A 12625408 ----a-w- C:\Windows\System32\wmploc.DLL
    2016-03-08 20:22:20 0B24E6A3563BB541F4DCAF48EC9AE152 4096 ----a-w- C:\Windows\System32\msdxm.ocx
    2016-03-08 20:22:20 0B24E6A3563BB541F4DCAF48EC9AE152 4096 ----a-w- C:\Windows\System32\dxmasf.dll
    2016-03-02 14:23:16 E51B294DC4A0A944DDE468356CFBB4AC 2062848 ----a-w- C:\Windows\System32\wuaueng.dll
    2016-03-02 14:23:16 4EB8535017C07E247CD9C46C7E43A5A5 2956288 ----a-w- C:\Windows\System32\wucltux.dll
    2016-03-02 14:23:15 E869DDBE1C64BECEA0FF26C2BEE6385C 30208 ----a-w- C:\Windows\System32\wups.dll
    2016-03-02 14:23:15 E183FE2B532617F88D8F2DB45D14688D 136192 ----a-w- C:\Windows\System32\wuauclt.exe
    2016-03-02 14:23:15 D432C3E330EC381F18F1D8492FD5A990 93696 ----a-w- C:\Windows\System32\wudriver.dll
    2016-03-02 14:23:15 A5CA641C200944EF57993FB5426AB0D7 73728 ----a-w- C:\Windows\System32\WinSetupUI.dll
    2016-03-02 14:23:15 92986B32E59C28AEDB708F16193C015D 11776 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
    2016-03-02 14:23:15 920D30B8896431DD1D28D67C4726E48C 35840 ----a-w- C:\Windows\System32\wups2.dll
    2016-03-02 14:23:15 8C7AF1C5ED43F6A19D14DE7D04CF2D28 573440 ----a-w- C:\Windows\System32\wuapi.dll
    2016-03-02 14:23:15 7F4449BE58F9D9853F010ADEF57C627E 174080 ----a-w- C:\Windows\System32\wuwebv.dll
    2016-03-02 14:23:15 363C311357833FAB98788CADDA82781C 35328 ----a-w- C:\Windows\System32\wuapp.exe
    2016-03-02 14:23:11 FBE6E886EE51051995E060B2A7A1C5D9 1206784 ----a-w- C:\Windows\System32\appraiser.dll
    2016-03-02 14:23:11 663DF94DB1EB1EE435979C038DB704AD 552960 ----a-w- C:\Windows\System32\generaltel.dll
    2016-03-02 14:23:11 3F844E991159EA6591F1041DF64EA5EF 958464 ----a-w- C:\Windows\System32\aeinv.dll
    2016-03-02 14:23:10 E9DA4EFD87E59232D8019BE80A1564F1 591872 ----a-w- C:\Windows\System32\invagent.dll
    2016-03-02 14:23:10 57EC9811C8B78A022CD7E56B2F2DFE87 65536 ----a-w- C:\Windows\System32\acmigration.dll
    2016-03-02 14:23:10 45AAA02B86F6D4EBC034CAD30A34AF57 424960 ----a-w- C:\Windows\System32\devinv.dll
    2016-03-02 14:23:10 3554274D012DFABCE4732F81D9F6222C 34240 ----a-w- C:\Windows\System32\CompatTelRunner.exe
    ====== C:\Windows\system32\drivers =====
    2016-03-08 20:25:30 144DA53294922A84FFAA3D90B1453745 76288 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS
    2016-03-08 20:25:18 E908304E1F96BD79025A57D6C0E42F62 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2016-03-08 20:25:18 BA4369E0CA60B1674A66041C36E8754C 124416 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
    2016-03-08 20:25:18 550B730505D7C9A1DB89427456C0F5C7 138176 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2016-03-08 20:25:18 02086CA09812392E51A369727BC442BB 225792 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
    2016-03-08 20:25:17 083D60E62F91F9DAA8C1F46C756CA5EE 98304 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
    2016-02-18 13:09:33 978E7A2E4BF4E8E70D0776EF0D9E97FB 1212352 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    ====== C:\Windows\Tasks ======
    ====== C:\Windows\Temp ======
    ======= C:\Program Files =====
    2016-03-13 21:30:03 -------- d-----w- C:\Program Files\Adware Removal Tool by TSA
    2016-03-13 21:08:51 -------- d-----w- C:\Program Files\AdwCleaner
    2016-02-26 11:22:24 -------- d-----w- C:\Program Files\Amazon
    ======= C: =====
    ====== C:\Users\Colin\AppData\Roaming ======
    2016-03-13 21:54:06 -------- d-----w- C:\Users\Colin\AppData\Roaming\ZHP
    2016-03-13 13:41:35 -------- d-----w- C:\Users\Julie\AppData\Roaming\Foxit Software
    2016-03-11 18:05:48 -------- d-----w- C:\Users\Julie\AppData\Local\CEF
    ====== C:\Users\Colin ======
    2016-03-11 08:30:05 -------- d-----w- C:\ProgramData\Intel
    2016-02-26 11:15:23 -------- d--h--w- C:\Users\Colin\.oracle_jre_usage

    ====== C: exe-files ==
    2016-03-13 22:34:50 B86CA88173128F6DA416E0B297DE4EEF 9096848 ----a-w- C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZJD61G71\HitmanPro.exe
    2016-03-13 22:34:50 B86CA88173128F6DA416E0B297DE4EEF 9096848 ----a-w- C:\Documents and Settings\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZJD61G71\HitmanPro.exe
    2016-03-13 22:31:27 B86CA88173128F6DA416E0B297DE4EEF 9096848 ----a-w- C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WQ1AMA7\HitmanPro.exe
    2016-03-13 22:31:27 B86CA88173128F6DA416E0B297DE4EEF 9096848 ----a-w- C:\Documents and Settings\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WQ1AMA7\HitmanPro.exe
    2016-03-13 21:54:06 02AECCB01C38AC6A045173DC2392125C 2088960 ----a-w- C:\Users\Colin\AppData\Roaming\ZHP\ZHPCleaner.exe
    2016-03-13 21:54:06 02AECCB01C38AC6A045173DC2392125C 2088960 ----a-w- C:\Documents and Settings\Colin\AppData\Roaming\ZHP\ZHPCleaner.exe
    2016-03-13 21:30:03 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Windows\System32\subinacl.exe
    2016-03-13 21:22:42 2F9C7FDA92C346CB5AA32091536AE0CB 43520 ----a-w- C:\Users\Colin\AppData\Local\Temp\jrt\nfo\nircmdc.exe
    2016-03-13 21:22:42 2F9C7FDA92C346CB5AA32091536AE0CB 43520 ----a-w- C:\Documents and Settings\Colin\AppData\Local\Temp\jrt\nfo\nircmdc.exe
    2016-03-13 21:22:41 BD59D8A4565D1D1AB3C7CF81948C8DBE 86840 ----a-w- C:\Users\Colin\AppData\Local\Temp\jrt\CreateRestorePoint.exe
    2016-03-13 21:22:41 BD59D8A4565D1D1AB3C7CF81948C8DBE 86840 ----a-w- C:\Documents and Settings\Colin\AppData\Local\Temp\jrt\CreateRestorePoint.exe
    2016-03-13 11:49:58 6F061265A108E031CABED111A266EC19 100883 ----a-w- C:\Windows\System32\Adobe\Shockwave 12\uninstaller.exe
    2016-03-13 11:38:35 18F80B68ABC58BB5A775629268FEC274 797376 ----a-w- C:\Windows\System32\FlashPlayerApp.exe
    2016-03-13 11:04:59 593F6A8E7A6338C168D154EBD383DDCE 594992 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{5A5B70A1-3C06-33EE-E8E2-68229919E94C}-jusched.exe
    2016-03-13 11:04:59 593F6A8E7A6338C168D154EBD383DDCE 594992 ----a-w- C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{5A5B70A1-3C06-33EE-E8E2-68229919E94C}-jusched.exe
    2016-03-13 11:02:01 5B98DCE4893425BA4F08C2BE134CABE5 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe
    2016-03-13 11:02:01 5B98DCE4893425BA4F08C2BE134CABE5 0 ----a-we C:\Documents and Settings\All Users\Oracle\Java\javapath\javaw.exe
    2016-03-13 11:02:01 249C1C8BD8AC9568E5C5A0EC2FB39018 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe
    2016-03-13 11:02:01 249C1C8BD8AC9568E5C5A0EC2FB39018 0 ----a-we C:\Documents and Settings\All Users\Oracle\Java\javapath\java.exe
    2016-03-13 11:02:01 2211C51BABE577798343D69F818E25AB 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe
    2016-03-13 11:02:01 2211C51BABE577798343D69F818E25AB 0 ----a-we C:\Documents and Settings\All Users\Oracle\Java\javapath\javaws.exe
    2016-03-13 11:01:48 DB409F9BD2FA779E75835B1E0FE1181C 159328 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\unpack200.exe
    2016-03-13 11:01:48 C84504D069A78BE5E4444EA06AA5E102 16480 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\orbd.exe
    2016-03-13 11:01:48 ABC1BAF673FA608029D45EB6C78E1D04 50784 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\ssvagent.exe
    2016-03-13 11:01:48 A3AA0A0935506C7ECA6EF2F584CD416F 15968 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\policytool.exe
    2016-03-13 11:01:48 8BD1E7120713F9581645D5FDD14B8D25 15968 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\rmid.exe
    2016-03-13 11:01:48 6ABADA3CA8DC4AC2AFDA69A6836C362F 15968 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\pack200.exe
    2016-03-13 11:01:48 3B74EE580794FCBDE389639E9D8ECEFB 15968 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\rmiregistry.exe
    2016-03-13 11:01:48 2942578781EFB763366176C015F09ACD 16480 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\tnameserv.exe
    2016-03-13 11:01:48 0A7708846A0629D518739075A40DDD06 15968 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\servertool.exe
    2016-03-13 11:01:47 AB6E988F108E2437E65536F3F5550BA2 15968 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\ktab.exe
    2016-03-13 11:01:47 876744373E18627410A9F23C348C5D9E 76896 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\jp2launcher.exe
    2016-03-13 11:01:47 66550F1F363BC66AFD9A530AD8CB6570 15968 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\kinit.exe
    2016-03-13 11:01:47 4383D5735FD7743D01AD04E9AAD1D6CF 15968 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\keytool.exe
    2016-03-13 11:01:47 04E0265E964D9ECB07B105D456B96982 15968 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\klist.exe
    2016-03-13 11:01:46 2211C51BABE577798343D69F818E25AB 278624 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\javaws.exe
    2016-03-13 11:01:46 16E2FE80EE89DCCA1907D97E34656E19 15968 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\jjs.exe
    2016-03-13 11:01:45 B100697A0837596183F3BBD94448F68E 30816 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\jabswitch.exe
    2016-03-13 11:01:45 5B98DCE4893425BA4F08C2BE134CABE5 191584 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\javaw.exe
    2016-03-13 11:01:45 328A57535A2B74C924FA34DD29039E9D 15968 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\java-rmi.exe
    2016-03-13 11:01:45 249C1C8BD8AC9568E5C5A0EC2FB39018 191072 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\java.exe
    2016-03-13 11:01:45 237CDD69D6E3866533B402F321A11A4E 68192 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\javacpl.exe
    2016-03-08 20:25:48 DBB5C283EE7F5A7BD17CF920F9829939 102912 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2016-03-08 20:25:48 AE72034FD5DC627560415014B5A9B5AD 667648 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2016-03-08 20:25:48 88B168CC30FFB78275E7804E2167F180 684032 ----a-w- C:\Windows\System32\ie4uinit.exe
    2016-03-08 20:25:47 2EC93A7E9DEE0D310729490FD39EB1ED 115712 ----a-w- C:\Windows\System32\ieUnatt.exe
    2016-03-08 20:25:47 05AA2E1ABB82B29609A7385C553C2FAB 221184 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
    2016-03-08 20:25:45 F72003973090868B98E8FD394CE8D1FC 473600 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
    2016-03-08 20:25:44 9A663A210C03A364AF5357F5E68203AB 815312 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
    2016-03-08 20:25:20 7DAD20AB1DD90D89F9EF851F5EB60651 3938240 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2016-03-08 20:25:19 565DE7C3364D2B17A4115116251D5718 3994560 ----a-w- C:\Windows\System32\ntkrnlpa.exe
    2016-03-08 20:25:18 97EC2553D2C09D79985064B8BF106A83 69632 ----a-w- C:\Windows\System32\smss.exe
    2016-03-08 20:25:17 E972D8F1788B43E357BA75E1EE03BA28 262656 ----a-w- C:\Windows\System32\rstrui.exe
    2016-03-08 20:25:17 ADFB530BD8835ACE1B272DA8A7308A96 50176 ----a-w- C:\Windows\System32\auditpol.exe
    2016-03-08 20:25:17 67A49E0BA4E7BEB62CB9EF073D923C85 22016 ----a-w- C:\Windows\System32\lsass.exe
    2016-03-08 20:22:20 F46B4BB230B948B458FB378C375C6790 101888 ----a-w- C:\Program Files\Windows Media Player\wmpconfig.exe
    2016-03-08 20:22:20 707642FAB8D46E6671E6245FCFFD8339 102400 ----a-w- C:\Program Files\Windows Media Player\wmpshare.exe
    2016-03-08 20:22:20 3F2E22C0AB860331CB04B5F95A7542FA 164864 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
    2016-03-07 18:42:02 F28A458532DFE3D3E8FA0FFBFEC86E6E 1268453 ----a-w- C:\Program Files\BurnAware Free\unins000.exe
    === C: other files ==
    2016-03-13 23:10:51 234019FAAC45C60888F018AD9E9C9B31 4867 ----a-w- C:\Users\Colin\AppData\Local\Temp\xpi\tmp.zip
    2016-03-13 23:10:51 234019FAAC45C60888F018AD9E9C9B31 4867 ----a-w- C:\Documents and Settings\Colin\AppData\Local\Temp\xpi\tmp.zip
    2016-03-13 21:22:40 D7B94E9872BC71D0B874D0F44A6F5606 126300 ----a-w- C:\Users\Colin\AppData\Local\Temp\jrt\get.bat
    2016-03-13 21:22:40 D7B94E9872BC71D0B874D0F44A6F5606 126300 ----a-w- C:\Documents and Settings\Colin\AppData\Local\Temp\jrt\get.bat
    2016-03-13 11:01:50 EFE4B4EBEBBF14DE84461AFCC281DA12 14130 ----a-w- C:\Program Files\Java\jre1.8.0_73\lib\deploy\ffjcext.zip
    2016-03-08 20:25:30 144DA53294922A84FFAA3D90B1453745 76288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_x86_neutral_de27b3e85e2c60fc\USBSTOR.SYS
    2016-03-08 20:25:30 144DA53294922A84FFAA3D90B1453745 76288 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS
    2016-03-08 20:25:29 55013E011A58E0E4F41CBC51FF89DD68 2387456 ----a-w- C:\Windows\System32\win32k.sys
    2016-03-08 20:25:18 E908304E1F96BD79025A57D6C0E42F62 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2016-03-08 20:25:18 BA4369E0CA60B1674A66041C36E8754C 124416 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
    2016-03-08 20:25:18 550B730505D7C9A1DB89427456C0F5C7 138176 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2016-03-08 20:25:18 02086CA09812392E51A369727BC442BB 225792 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
    2016-03-08 20:25:17 083D60E62F91F9DAA8C1F46C756CA5EE 98304 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

    ==== Startup Registry Enabled ======================

    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar "= "%ProgramFiles%\Windows\Sidebar.exe /autoRun "

    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar "= "%ProgramFiles%\Windows\Sidebar.exe /autoRun "

    [HKEY_USERS\S-1-5-21-2548019330-3924178630-1638020567-1001\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar "= "C:\Program Files\Windows Sidebar\sidebar.exe /autoRun "
    "Microsoft Office Document Cache "= "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE "
    "Dropbox Update "= "C:\Users\Colin\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c "
    "WinPatrol "= "C:\Program Files\Ruiware\WinPatrol\winpatrol.exe "
    "RoboForm "= "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe "

    [HKEY_USERS\S-1-5-21-2548019330-3924178630-1638020567-1001\Software\Microsoft\Windows\CurrentVersion\Run\Software\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_USERS\S-1-5-21-2548019330-3924178630-1638020567-1003\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar "= "C:\Program Files\Windows Sidebar\sidebar.exe /autoRun "
    "CCleaner Monitoring "= "C:\Program Files\CCleaner\CCleaner.exe /MONITOR "

    [HKEY_USERS\S-1-5-21-2548019330-3924178630-1638020567-500\Software\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "mctadmin "= "C:\Windows\System32\mctadmin.exe "

    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "mctadmin "= "C:\Windows\System32\mctadmin.exe "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MSC "= "C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey "
    "Persistence "= "C:\Windows\system32\igfxpers.exe "
    "KeyScrambler "= "C:\Program Files\KeyScrambler\keyscrambler.exe /a "

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar "= "C:\Program Files\Windows Sidebar\sidebar.exe /autoRun "
    "Microsoft Office Document Cache "= "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE "
    "Dropbox Update "= "C:\Users\Colin\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c "
    "WinPatrol "= "C:\Program Files\Ruiware\WinPatrol\winpatrol.exe "
    "RoboForm "= "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe "
     
  14. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    Part 3:

    [HKEY_USERS\S-1-5-21-2548019330-3924178630-1638020567-1001\Software\Microsoft\Windows\CurrentVersion\Run\Software\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_USERS\S-1-5-21-2548019330-3924178630-1638020567-1003\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar "= "C:\Program Files\Windows Sidebar\sidebar.exe /autoRun "
    "CCleaner Monitoring "= "C:\Program Files\CCleaner\CCleaner.exe /MONITOR "

    [HKEY_USERS\S-1-5-21-2548019330-3924178630-1638020567-500\Software\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "mctadmin "= "C:\Windows\System32\mctadmin.exe "

    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "mctadmin "= "C:\Windows\System32\mctadmin.exe "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MSC "= "C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey "
    "Persistence "= "C:\Windows\system32\igfxpers.exe "
    "KeyScrambler "= "C:\Program Files\KeyScrambler\keyscrambler.exe /a "

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar "= "C:\Program Files\Windows Sidebar\sidebar.exe /autoRun "
    "Microsoft Office Document Cache "= "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE "
    "Dropbox Update "= "C:\Users\Colin\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c "
    "WinPatrol "= "C:\Program Files\Ruiware\WinPatrol\winpatrol.exe "
    "RoboForm "= "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe "

    ==== Startup Registry Disabled ======================

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
    "key "= "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run "
    "item "= "CCleaner Monitoring "
    "hkey "= "HKCU "
    "command "= "\ "C:\\Program Files\\CCleaner\\CCleaner.exe\" /MONITOR "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
    "key "= "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run "
    "item "= "DAEMON Tools Lite "
    "hkey "= "HKCU "
    "command "= "\ "C:\\Program Files\\DAEMON Tools Lite\\DTLite.exe\" -autorun "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
    "key "= "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run "
    "item "= "SunJavaUpdateSched "
    "hkey "= "HKLM "
    "command "= "\ "C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\" "


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NMIndexingService]


    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
    "NokiaMServer "= "C:\\Program Files\\Common Files\\Nokia\\MPlatform\\NokiaMServer /watchfiles startup "


    ==== Startup Folders ======================

    2015-05-12 09:52:48 1157 ----a-w- C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    2014-08-23 17:48:40 2697 ----a-w- C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk
    2015-03-04 12:24:41 1925 ----a-w- C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WindowManager.lnk

    ==== Task Scheduler Jobs ======================

    C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2548019330-3924178630-1638020567-1001Core.job --a------ C:\Users\Colin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [13/06/2015 08:49]
    C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2548019330-3924178630-1638020567-1001UA.job --a------ C:\Users\Colin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [13/06/2015 08:49]
    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29/08/2015 14:19]

    ==== Other Scheduled Tasks ======================

    "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
    "C:\Windows\system32\tasks\Allway Sync_{414CB83C37CFC1ED394642E6448E2DB0}" [C:\Program Files\Allway Sync\Bin\syncappw.exe]
    "C:\Windows\system32\tasks\CCleaner" [ "C:\Program Files\CCleaner\CCleaner.exe"]
    "C:\Windows\system32\tasks\CCleanerSkipUAC" [ "C:\Program Files\CCleaner\CCleaner.exe"]
    "C:\Windows\system32\tasks\Create Restore Point" [C:\Scripts\createrp.vbs]
    "C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-2548019330-3924178630-1638020567-1001Core" [C:\Users\Colin\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
    "C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-2548019330-3924178630-1638020567-1001UA" [C:\Users\Colin\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
    "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
    "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
    "C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-2548019330-3924178630-1638020567-500" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
    "C:\Windows\system32\tasks\Run RoboForm TaskBar Icon" [C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe]
    "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
    "C:\Windows\system32\tasks\WindowManager" [C:\Program Files\WindowManager\WindowManager.exe]
    "C:\Windows\system32\tasks\{0148AA39-E98A-4D5A-892C-53AFC6965379}" [C:\Program Files\Mozilla Firefox\firefox.exe]
    "C:\Windows\system32\tasks\{03A790EC-EC3B-47C5-A031-44046A2C33F1}" [C:\Program Files\PhotoFiltre\PhotoFiltre.exe]
    "C:\Windows\system32\tasks\{07BAB270-CD7C-424D-A9AD-53CBA9AE7A13}" [C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE]
    "C:\Windows\system32\tasks\{1516E6F3-ADD9-4128-9026-352998B49CB8}" [C:\Program Files\Unlocker\uninst.exe]
    "C:\Windows\system32\tasks\{15786B07-B0D7-458C-9958-EE8A4D9141E4}" [C:\Program Files\Mozilla Firefox\firefox.exe]
    "C:\Windows\system32\tasks\{16600099-B373-4554-9634-38091BFA34E6}" [C:\Program Files\iTunes\iTunes.exe]
    "C:\Windows\system32\tasks\{18831D3B-C26A-4DBB-8B62-A8F4BFB0005F}" [C:\Program Files\AVS4YOU\AVSDVDPlayer\AVSDVDPlayer.exe]
    "C:\Windows\system32\tasks\{1EAAF5B0-EDF4-4206-94EF-F3A296464725}" [C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe]
    "C:\Windows\system32\tasks\{2E629B41-7A55-4BA5-A8A9-87480EFDB1E0}" [msiexec.exe]
    "C:\Windows\system32\tasks\{31DC229D-779B-43E4-9B91-03AD122B79C1}" [D:\Colin's Documents\Setup Programs\My Setup Programs\daemon4304-lite.exe]
    "C:\Windows\system32\tasks\{361C4E9B-9FD3-4470-8F3C-AEF5E4389080}" [C:\Users\Colin\Desktop\unlocker1.8.7.exe]
    "C:\Windows\system32\tasks\{3AAA116C-B562-488E-B248-37CB960B3CEE}" [C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe]
    "C:\Windows\system32\tasks\{3C0D0CDE-7BEA-4A40-B8E9-ABE96CBC0021}" [C:\Program Files\Allway Sync\Bin\syncappw.exe]
    "C:\Windows\system32\tasks\{47D3D2EB-03F6-4BDC-A2F9-6575289C74FF}" [C:\Program Files\Allway Sync\Bin\syncappw.exe]
    "C:\Windows\system32\tasks\{58213922-0F1D-43C7-A16A-91BF42D14F0A}" [C:\Program Files\AVStoDVD\AVStoDVD.exe]
    "C:\Windows\system32\tasks\{65626912-8A8A-48AB-A242-06651FBF3915}" [C:\Users\Colin\Desktop\wlsetup-web.exe]
    "C:\Windows\system32\tasks\{69417E0F-05A8-472A-9BE6-DA655783F349}" [D:\Colin's Documents\Setup Programs\My Setup Programs\java3d-1_5_1-windows-i586.exe]
    "C:\Windows\system32\tasks\{6F5F16A1-C629-4A4F-995F-6F5715B23A18}" [C:\Program Files\WindowManager\WindowManager.exe]
    "C:\Windows\system32\tasks\{71889984-AECB-4D60-A053-76A8DF7791B1}" [C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe]
    "C:\Windows\system32\tasks\{73963FC1-883D-4E27-B244-CCB383BA03EF}" [C:\Program Files\Allway Sync\unins000.exe]
    "C:\Windows\system32\tasks\{7735F762-A23A-43AC-920B-8E9BA03BB1B6}" [msiexec.exe]
    "C:\Windows\system32\tasks\{7BD8310F-A417-4F43-8D21-32611D67A872}" [C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe]
    "C:\Windows\system32\tasks\{8C450E87-935C-49CA-91A0-1A3AEFA01C8D}" [D:\Colin's Documents\Setup Programs\My Setup Programs\Your Uninstaller 2010\yusetup2010.exe]
    "C:\Windows\system32\tasks\{9666F58D-7ACE-40A6-B5E5-FD50DDECC94E}" [C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE]
    "C:\Windows\system32\tasks\{A014501B-7890-4BBC-B9F1-14682AF975E1}" [C:\Users\Colin\Desktop\wlsetup-web.exe]
    "C:\Windows\system32\tasks\{A4F98B04-B24D-469B-B578-572E947FC5DE}" [C:\Program Files\eRightSoft\SUPER\SUPER.exe]
    "C:\Windows\system32\tasks\{AB00ECE6-8515-49E4-AD51-27999B95C0B5}" [C:\Program Files\Allway Sync\Bin\syncappw.exe]
    "C:\Windows\system32\tasks\{AC279307-945D-494C-9298-1794E8B2DF04}" [C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe]
    "C:\Windows\system32\tasks\{B02C575C-DDCE-472D-A69A-19FF0C18DB0B}" [C:\Program Files\Replay Media Catcher\MediaCatcher.exe]
    "C:\Windows\system32\tasks\{B1D1AD4A-1393-4DB9-ADF2-9AECD403E0D4}" [C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe]
    "C:\Windows\system32\tasks\{B2AC841B-5294-4A9E-8DB9-A3D286DE2937}" [C:\Program Files\GoogleChromePortable\GoogleChromePortable.exe]
    "C:\Windows\system32\tasks\{B32F2BFB-A1B1-4439-ACD9-1B06680AD7E7}" [C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe]
    "C:\Windows\system32\tasks\{B4D2EDA0-BB3E-425B-89BB-E08B7CE83260}" [C:\Program Files\AVStoDVD\AVStoDVD.exe]
    "C:\Windows\system32\tasks\{B7AF4550-FC7A-4542-8FD4-4E728667C301}" [C:\Program Files\PhotoFiltre\PhotoFiltre.exe]
    "C:\Windows\system32\tasks\{BA006039-566E-4B25-8E76-9BF7732171F2}" [C:\Program Files\SIW\siw.exe]
    "C:\Windows\system32\tasks\{BB59D284-B2E6-48D6-890E-B0EC78520273}" [msiexec.exe]
    "C:\Windows\system32\tasks\{CCC98C6B-32E2-42FF-BFBE-3FDFBFCA65C7}" [C:\Users\Colin\Desktop\MozBackup-1.4.9_EN.exe]
    "C:\Windows\system32\tasks\{CF961957-F336-4135-B2BB-3FB436B3FA4D}" [C:\Program Files\Allway Sync\Bin\syncappw.exe]
    "C:\Windows\system32\tasks\{E3FA109D-7A23-490F-AE3E-A44A2052D452}" [C:\Program Files\GoogleChromePortable\GoogleChromePortable.exe]
    "C:\Windows\system32\tasks\{E74F8EE3-7953-43DE-A133-A2B8E134A937}" [C:\Program Files\Replay Media Catcher\MediaCatcher.exe]
    "C:\Windows\system32\tasks\{F4BD35C7-6EAF-42B7-A54D-D2C5FCEF61EE}" [C:\Program Files\Frameworkx\Vista Shortcut Manager\FxVisor.exe]
    "C:\Windows\system32\tasks\{F6A0126B-F95F-4E79-ADB5-D57ED4BD672E}" [C:\Program Files\WindowManager\WindowManager.exe]
    "C:\Windows\system32\tasks\{F77CB2F2-7098-40A6-B2AB-903401B44F5D}" [msiexec.exe]
    "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

    ==== Firefox Start and Search pages ======================

    ProfilePath: C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\veef56bw.default-1426859717114
    user_pref( "browser.startup.homepage ", "http://www.bbc.co.uk/news|http://www.windowsbbs.com/|https://www.google.co.uk/ ");

    ProfilePath: C:\Users\Julie\AppData\Roaming\Mozilla\Firefox\Profiles\rwa46krr.default
    user_pref( "browser.startup.homepage ", "https://www.google.co.uk/|http://www.bbc.co.uk/sport/0/football/ ");

    ProfilePath: C:\Users\MAINUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\vup7hteh.default
    user_pref( "browser.startup.homepage ", "http://www.google.co.uk/ ");

    ==== Firefox Extensions Registry ======================

    [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
    "{22119944-ED35-4ab1-910B-E619EA06A115} "= "C:\Program Files\Siber Systems\AI RoboForm\Firefox\roboform.xpi" [07/01/2016 07:02]
    [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
    "{22119944-ED35-4ab1-910B-E619EA06A115} "= "C:\Program Files\Siber Systems\AI RoboForm\Firefox\roboform.xpi" [07/01/2016 07:02]

    ==== Firefox Extensions ======================

    ProfilePath: C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\veef56bw.default-1426859717114
    - British English Dictionary - %ProfilePath%\extensions\en-GB@dictionaries.addons.mozilla.org
    - British English Dictionary Updated - %ProfilePath%\extensions\en-gb@flyingtophat.co.uk
    - British English Dictionary Forked by Marco Pinto - %ProfilePath%\extensions\marcoagpinto@mail.telepac.pt
    - ColorfulTabs - %ProfilePath%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
    - IE Tab 2 FF 3.6 - %ProfilePath%\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
    - FEBE - %ProfilePath%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
    - FT DeepDark - %ProfilePath%\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
    - Double-click To Reload Tab - %ProfilePath%\extensions\doubleclick2reloadtab@linhph.com.xpi
    - Element Hiding Helper for Adblock Plus - %ProfilePath%\extensions\elemhidehelper@adblockplus.org.xpi
    - NASA Night Launch - %ProfilePath%\extensions\nasanightlaunch@example.com.xpi
    - The Addon Bar restored - %ProfilePath%\extensions\the-addon-bar@GeekInTraining-GiT.xpi
    - Trnh Qun L Phin - %ProfilePath%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
    - PrintPrint Preview - %ProfilePath%\extensions\{19EB90DC-A456-458b-8AAC-616D91AAFCE1}.xpi
    - Multirow Bookmarks Toolbar Plus - %ProfilePath%\extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi
    - Download Status Bar - %ProfilePath%\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi
    - ReloadEvery - %ProfilePath%\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
    - Undetermined - %ProfilePath%\extensions\{891f0410-aaa2-11e0-9f1c-0800200c9a66}.xpi
    - Reload Tab On Double-Click - %ProfilePath%\extensions\{aede9b05-c23c-479b-a90e-9146ed62d377}.xpi
    - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    - BetterPrivacy em:version1.69 em:type2 em:creatorGreg Yardley version 0.2 www.yardley.ca em:descriptionquot - %ProfilePath%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi

    ProfilePath: C:\Users\Colin\AppData\Roaming\TomTom\HOME\Profiles\pf9f8ymw.default
    - Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
    - TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
    - Emulator - %ProfilePath%\extensions\Navcore.7.903.9183@tomtom.com

    ProfilePath: C:\Users\Julie\AppData\Roaming\Mozilla\Firefox\Profiles\rwa46krr.default
    - Undetermined - %ProfilePath%\extensions\sfStatistics.xml
    - ColorfulTabs - %ProfilePath%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
    - IE Tab 2 FF 3.6 - %ProfilePath%\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
    - SearchPreview - %ProfilePath%\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
    - The Addon Bar restored - %ProfilePath%\extensions\the-addon-bar@GeekInTraining-GiT.xpi
    - Trnh Qun L Phin - %ProfilePath%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
    - Multirow Bookmarks Toolbar Plus - %ProfilePath%\extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi
    - ReloadEvery - %ProfilePath%\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
    - Undetermined - %ProfilePath%\extensions\{891f0410-aaa2-11e0-9f1c-0800200c9a66}.xpi
    - Reload Tab On Double-Click - %ProfilePath%\extensions\{aede9b05-c23c-479b-a90e-9146ed62d377}.xpi
    - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    - BetterPrivacy - %ProfilePath%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi

    ProfilePath: C:\Users\MAINUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\vup7hteh.default
    - RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\Firefox
    - Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    - Undetermined - C:\Users\Main User\AppData\Roaming\Mozilla\Firefox\Profiles\vup7hteh.default\extensions\keyscrambler@qfx.software.corporation

    AppDir: C:\Program Files\Mozilla Firefox
    - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

    ==== Firefox Plugins ======================

    Profilepath: C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\veef56bw.default-1426859717114
    5162B726F4F1F74CF8CC14E563DEB8CB - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.8
    A227D9596CC0B667528677D43E9A0AFD - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.8
    EC5C4279FF80CA27A7B7EB1D309E0448 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.8
    5414965AEC0E6990B12EEE9AA0641A82 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.8
    285558B87082ECAE44D1287ED14DF5EA - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.8
    999A833D87C8CD918B5EE8C3F8149D2B - C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll - Adobe Acrobat
    52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
    AF8A94BCB98C299C49B28CC12EBC0ED2 - C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll - Google Update
    7F4E2D4D63BAEDDF80C1759A9F8DE364 - C:\Program Files\Winamp Detect\npwachk.dll - Winamp Application Detector
    2934F340FCE63D0E60353A73B4202BDC - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll - Nokia Suite Enabler Plugin
    A0B8C52A92D14E9AF84540A5F39D3D18 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
    1B743D5B6FD001660FAB17DD7C347A38 - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In
    9EA6FA4806BB45185FE743D534CEE9E6 - C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U73
    843AE18C93C6DFD214AB7EAF338B4D6F - C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.730.2
    5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
    694033ECB8CAFDE745587E85A1FA5851 - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll - Foxit PhantomPDF Plugin for Mozilla
    46A59E6F7F7C1679AC7C4655E055326D - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
    8CE35D76726DFC8C3848BB26B3C79A54 - C:\Windows\system32\Adobe\Director\np32dsw_1224194.dll - Shockwave for Director / Shockwave for Director
    F627791AB91E01A9829A8D9B6E024D52 - C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll - Shockwave Flash
    2F2263478BEA35C2CFF5EB0EB23486CE - C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll - Foxit Reader Plugin for Mozilla
    4F3F6B17B4A5BDB68B3CB0367A2C214E - C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight


    ==== Chromium Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
    jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[]

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page "= "http://www.bbc.co.uk/news "
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page "= "http://www.google.com "
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
    "Tabs "= "res://ieframe.dll/tabswelcome.htm "

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page "= "http://www.bbc.co.uk/news "
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page "= "http://go.microsoft.com/fwlink/?LinkId=69157 "
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
    "Tabs "= "about:newtab "

    ==== All HKLM and HKCU SearchScopes ======================

    HKLM\SearchScopes "DefaultScope "=" "
    HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    HKCU\SearchScopes "DefaultScope "= "{75F2D7D1-E886-4156-8FB2-4A4502DA0961} "
    HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
    HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
    HKCU\SearchScopes\{75F2D7D1-E886-4156-8FB2-4A4502DA0961} - https://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
     
  15. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    Part4:

    ==== Reset IE Proxy ======================

    Value(s) before fix:
    "ProxyOverride "= "*.local "
    "ProxyEnable "=dword:00000000

    Value(s) after fix:
    "ProxyEnable "=dword:00000000

    ==== Uninstall List x86 ======================

    Adobe Acrobat Reader DC [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}]
    Adobe AIR [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{34927EBC-98D4-4D53-98BE-510DF5999F50}]
    Adobe AIR [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR]
    Adobe Flash Player 21 ActiveX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]
    Adobe Flash Player 21 NPAPI [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI]
    Adobe Refresh Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824166751}]
    Adobe Shockwave Player 12.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player]
    Allway Sync version 15.3.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Allway Sync_is1]
    Amazon Music [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Amazon Music]
    Apple Application Support (32-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}]
    Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}]
    Apple Software Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}]
    Arcade Classic Pack 5.10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Arcade Classic Pack_is1]
    Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6E19F210-3813-4002-B561-94D66AA182B6}]
    Audacity 2.1.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Audacity_is1]
    AutoStreamer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D9CDB463-BB48-4B80-B1B6-5B940A4621E0}]
    Avanquest update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}]
    BBC iPlayer Downloads [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C3794B09-6C43-4B93-9CA8-F10BECCF2971}]
    Bonjour [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}]
    BurnAware Free 8.9 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BurnAware Free_is1]
    CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner]
    CDBurnerXP [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1]
    Creative ALchemy [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ALchemy]
    Creative Audio Control Panel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AudioCS]
    Creative Software AutoUpdate [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Creative Software AutoUpdate]
    Creative Sound Blaster Properties [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Creative Sound Blaster Properties]
    D3DX10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}]
    DAEMON Tools Lite [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Lite]
    Defraggler [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Defraggler]
    Dropbox [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox]
    DVD Decrypter (Remove Only) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DVD Decrypter]
    DVD Ripper 4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DVD Ripper 4]
    Fantasy Artwork [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fantasy Artwork]
    Feedback Tool [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13A5E785-5197-4EAD-8EE3-D660271E49BC}]
    FFmpeg for Audacity on Windows [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\FFmpeg for Audacity on Windows_is1]
    FLAC 1.2.1b (remove only) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLAC]
    Foxit PhantomPDF Standard [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C82148DF-556D-472D-B3F5-5EF85512CDB6}]
    Foxit Reader [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Foxit Reader_is1]
    GetDiz [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\GetDiz]
    Google Advertising Cookie Opt-out [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{291820D0-A626-40F9-BDFF-8D5CEAB04243}]
    Google Earth [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}]
    Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}]
    Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
    HP LaserJet Professional P1100-P1560-P1600 Series [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP LaserJet Professional P1100-P1560-P1600 Series]
    HP PrecisionScan LTX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP PrecisionScan LTX]
    HP Scan-to-Web Wizard [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Scan-To-Web]
    hppLaserJetService [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}]
    hppP1100P1560P1600SeriesLaserJetService [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}]
    hppusgP1100P1560P1600Series [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{853F464A-B2B8-404E-BA3E-B98FF6862C41}]
    HPSSupply [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}]
    ieSpell [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ieSpell]
    ImgBurn [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ImgBurn]
    Intel(R) Driver Update Utility 2.4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1766DD04-5D4D-40BC-953A-D80624BCC063}]
    Intel(R) Graphics Media Accelerator Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HDMI]
    Intel© Driver Update Utility [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{561b5fb5-1d4d-40e8-b3e4-ad52858b217c}]
    Internet TV for Windows Media Center [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}]
    ISO Recorder [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{39600969-41C3-4658-876E-16F108FC5C92}]
    iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C741651-87E0-4479-9703-6DD0D7988B84}]
    Java 8 Update 73 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218073F0}]
    Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{24758B1D-9345-4538-A69A-05660F63A296}]
    KeyScrambler [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\KeyScrambler]
    Lyrics Plugin for Windows Media Player [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{43002AE2-4093-49E0-A03D-990EE184C568}]
    Malwarebytes Anti-Malware version 2.2.0.1024 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1]
    MarketResearch [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{175F0111-2968-4935-8F70-33108C6A4DE3}]
    MartView [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1857AAB1-77E0-40FF-91C5-9E415F248F36}]
    MartView [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MartView]
    Microsoft .NET Framework 4.6.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{30500C7C-2206-3DC6-9792-96E95A04669D}]
    Microsoft .NET Framework 4.6.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033]
    Microsoft Office FrontPage 2003 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{90170409-6000-11D3-8CFE-0150048383C9}]
    Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Office14.PROPLUSR]
    Microsoft Outlook Personal Folders Backup [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}]
    Microsoft Security Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BF455BD4-60BB-4E6E-867A-B4F57BC1164B}]
    Microsoft Security Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Security Client]
    Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
    Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}]
    Microsoft SQL Server Compact 3.5 ENU [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}]
    Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]
    Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}]
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}]
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}]
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]
    Microsoft Visual Studio 2010 Tools for Office Runtime (x86) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4DC59BF3-0D72-3CE8-BFEF-1E8FAF689EB0}]
    Microsoft Visual Studio 2010 Tools for Office Runtime (x86) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)]
    Microsoft_VC100_CRT_SP1_x86 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E3B64CC5-C011-40C0-92BC-7316CD5E5688}]
    Movie Maker [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C22A294-DBBA-445F-B55C-E26817CCFE69}]
    Movie Maker [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C95AEB53-7FAE-4257-97AF-7136E8D9F9CA}]
    MozBackup 1.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MozBackup]
    Mozilla Firefox 45.0 (x86 en-GB) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 45.0 (x86 en-GB)]
    Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]
    MSVC80_x86_v2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}]
    MSVC90_x86 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}]
    MSVCRT [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}]
    MSVCRT110 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}]
    MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}]
    MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}]
    MSXML 4.0 SP3 Parser (KB2721691) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}]
    MSXML 4.0 SP3 Parser (KB2758694) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}]
    MSXML 4.0 SP3 Parser (KB973685) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}]
    MSXML 4.0 SP3 Parser [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{196467F1-C11F-4F76-858B-5812ADC83B94}]
    neroxml [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}]
    NirSoft ShellExView [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NirSoft ShellExView]
    Nitro PDF Professional [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9B7B20F4-6504-47FB-A061-308840E175D8}]
    nLite 1.4.9.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\nLite_is1]
    Nokia Connectivity Cable Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A57025CC-5F2E-4D01-B387-06DB10500D43}]
    Nokia Maps Updater 1.0.12 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Nokia Maps Updater_is1]
    Nokia PC Suite [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}]
    Nokia PC Suite [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Nokia PC Suite]
    Nokia Software Updater [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7130468A-F53F-4698-8C09-A339EA3B05E6}]
    Nokia Suite [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3B69A712-4CBC-40B1-AE55-0203075FD093}]
    Nokia Suite [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Nokia Suite]
    Notepad++ [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Notepad++]
    OGA Notifier 2.0.0048.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}]
    Outer Space Magic [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Outer Space Magic]
    PC Connectivity Solution [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7390478C-8581-415E-92E9-2997D9306B81}]
    Photo Common [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C201BDF9-1C27-46F8-A248-F4469C9FC27C}]
    Photo Gallery [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{16E46BCF-3D36-4353-9BCB-344F7812CEDE}]
    Photo Gallery [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DF7DC45D-8A3C-490C-A70F-8C6A6189EDF9}]
    PhotoFiltre [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\PhotoFiltre]
    PhotoFiltre 7 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\PhotoFiltre 7]
    PlayReady PC Runtime x86 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}]
    PoiEdit [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PoiEdit]
    PrimoPDF -- brought to you by Nitro PDF Software [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PrimoPDF]
    QuickTime 7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}]
    Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}]
    Revo Uninstaller 1.92 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Revo Uninstaller]
    RoboForm 7-9-17-5 (All Users) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AI RoboForm]
    RT 7 Lite (32-Bit) [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\RT 7 Lite x86]
    RT 7 Lite x86 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F2558AA8-506F-4C58-AB64-C05C6F675756}]
    Samsung Kies [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{758C8301-2696-4855-AF45-534B1200980A}]
    Samsung Kies [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}]
    Samsung Story Album Viewer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{698BBAD8-B116-495D-B879-0F07A533E57F}]
    Samsung Story Album Viewer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}]
    SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\01_Simmental]
    SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\02_Siberian]
    SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\03_Swallowtail]
    SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\04_semseyite]
    SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\07_Schorl]
    SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\09_Hsp]
    SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\11_HSP_Plus_Default]
    SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\16_Shrewsbury]
    SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\20_NXP_Driver]
    SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\24_flashusbdriver]
    Samsung USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\25_escape]
    Samsung USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}]
    SeaTools for Windows [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{98613C99-1399-416C-A07C-1EE1C585D872}]
    ShellExView [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShellExView]
    Show Desktop [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A7EC7775-06C1-4394-830D-240367AF93BF}_is1]
    Sim AQUARIUM 2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sim AQUARIUM 2_is1]
    SpeedFan (remove only) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SpeedFan]
    SpywareBlaster 5.4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SpywareBlaster_is1]
    SUPERAntiSpyware [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}]
    swMSM [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}]
    System Requirements Lab for Intel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}]
    TomTom HOME [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}]
    TomTom HOME [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BB05590A-6602-43F3-A400-77EA0976BC0A}]
    TomTom HOME Visual Studio Merge Modules [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}]
    Total Recorder 7.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TotalRecorder]
    TrueCrypt [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TrueCrypt]
    Unlocker 1.9.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Unlocker]
    VC 9.0 Runtime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}]
    Visual C++ 2008 x86 Runtime - (v9.0.30729) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F333A33D-125C-32A2-8DCE-5C5D14231E27}]
    Visual C++ 2008 x86 Runtime - v9.0.30729.01 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01]
    VLC media player [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player]
    Winamp [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp]
    Winamp Detector Plug-in [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Detect]
    WindowManager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindowManager]
    Windows Driver Package - Nokia Modem (02/25/2011 4.7) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\E0AC723A3DE3A04256288CADBBB011B112AED454]
    Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\72A50F48CC5601190B9C4E74D81161693133E7F7]
    Windows Driver Package - Nokia pccsmcfd "LegacyDriver" (05/31/2012 7.1.2.0) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382]
    Windows Installer Clean Up [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}]
    Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A9FFEC6C-9C44-4597-8E23-EDD78BF5D0B2}]
    Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FCEDADE3-1C8A-4858-BE93-360168178BB2}]
    Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite]
    Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8256F87F-8554-4457-8C3D-3F3324697D9F}]
    Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4260CAAE-D108-4223-A1C5-96B67062FE86}]
    Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1F9E8447-9B82-45D5-A6D7-2A4CB874111F}]
    Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{72D9236D-C6EA-4DA6-A18C-CC24521A70D4}]
    Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7C0791D9-F1FB-48DD-B8E4-662BDAE42357}]
    Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5E83E00-1144-4821-B6B6-7A16C41EFC39}]
    Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D163019D-354F-4940-AAEB-7BDC46693572}]
    Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{983FA94A-A7DD-40B1-B7F9-F45D2B4FD1DE}]
    Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{59307833-CB98-4440-B644-0CD352F61907}]
    Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C87DF7BB-4F5C-4BBE-B041-A59FFF4A1D07}]
    Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8F66BFDE-B213-48E2-93EF-7151277A2916}]
    Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{94532CD5-C66D-49E3-9131-5FB04D7647A1}]
    Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A2F4B74E-D722-4D9E-817B-F58F32A55A51}]
    Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9797D7BA-A333-4DF1-AF55-AC745D216EDB}]
    Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99E82553-9654-4FB7-8DB3-900C0FDB1A70}]
    Windows Media Player Firefox Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}]
    WinPatrol [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}]
    WinRAR 4.00 (32-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]
    WinX DVD Ripper 5.6.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinX DVD Ripper_is1]
    WinZip 12.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}]
    Your Uninstaller 2010 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\YU2010_is1]
    Yrefresher 1.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\YRefresher_is1]

    ==== Deleting Registry Keys ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A8640317F35F8964C8903A93AEB3506E deleted successfully
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2} deleted successfully
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7130468A-F53F-4698-8C09-A339EA3B05E6} deleted successfully
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13A5E785-5197-4EAD-8EE3-D660271E49BC} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A8640317F35F8964C8903A93AEB3506E deleted successfully
    HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\587E5A317915DAE4E83E6D0672E194CB deleted successfully

    ==== HijackThis Entries ======================

    O1 - Hosts: ::1 localhost
    O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll
    O2 - BHO: Advertising Cookie Opt-out - {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} - C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll
    O3 - Toolbar: RefresherBand Class - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\PROGRA~1\YREFRE~1\YREFRE~1.DLL
    O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe /a
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Microsoft Office Document Cache] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
    O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Colin\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
    O4 - HKCU\..\Run: [WinPatrol] C:\Program Files\Ruiware\WinPatrol\winpatrol.exe
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe "
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-2548019330-3924178630-1638020567-1003\..\Run: [] (User 'Julie')
    O4 - HKUS\S-1-5-21-2548019330-3924178630-1638020567-500\..\Run: [] (User 'Main User')
    O4 - Startup: Dropbox.lnk = Colin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Startup: Microsoft Outlook 2010.lnk = ?
    O4 - Startup: WindowManager.lnk = C:\Program Files\WindowManager\WindowManager.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - (no file)
    O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - (no file)
    O9 - Extra button: Options - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O9 - Extra 'Tools' menuitem: RoboForm Options - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O9 - Extra 'Tools' menuitem: Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Amazon 1Button App Service - Amazon Inc. - C:\Program Files\Amazon\Amazon1ButtonApp\Amazon1ButtonService.Exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe (file missing)
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Botkind Service (BotkindSyncService) - Unknown owner - C:\Program Files\Allway Sync\Bin\SyncService.exe
    O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
    O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
    O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
    O23 - Service: Google Update Service (gupdate1ca22f353ab90dc) (gupdate1ca22f353ab90dc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
    O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\Windows\SYSTEM32\slserv.exe
    O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

    ==== Empty IE Cache ======================

    C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
    C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Julie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Julie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    ==== Empty FireFox Cache ======================

    C:\Users\Colin\AppData\Local\Mozilla\Firefox\Profiles\bmjl2iiz.default-1431598100826\cache2 emptied successfully
    C:\Users\Colin\AppData\Local\Mozilla\Firefox\Profiles\veef56bw.default-1426859717114\cache2 emptied successfully
    C:\Users\Julie\AppData\Local\Mozilla\Firefox\Profiles\rwa46krr.default\cache2 emptied successfully
    C:\Users\Main User\AppData\Local\Mozilla\Firefox\Profiles\vup7hteh.default\Cache emptied successfully

    ==== Empty Chrome Cache ======================

    No Chrome User Data found

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== C:\zoek_backup content ======================

    C:\zoek_backup (files=200 folders=60 437262976 bytes)

    ==== Empty Temp Folders ======================

    C:\Users\Colin\AppData\Local\Temp will be emptied at reboot
    C:\Users\Default\AppData\Local\Temp emptied successfully
    C:\Users\Default User\AppData\Local\Temp emptied successfully
    C:\Users\Julie\AppData\Local\Temp emptied successfully
    C:\Users\Main User\AppData\Local\Temp emptied successfully
    C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp will be emptied at reboot
    C:\Windows\Temp will be emptied at reboot

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\Windows\Temp successfully emptied
    C:\Users\Colin\AppData\Local\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== EOF on 14/03/2016 at 1:47:52.50 ======================
     
  16. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
  17. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    Results of screen317's Security Check version 1.014 --- 12/23/15
    Windows 7 Service Pack 1 x86 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Microsoft Security Essentials
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    SpywareBlaster 5.4
    SUPERAntiSpyware
    CCleaner
    Java 8 Update 73
    Java version 32-bit out of Date!
    Adobe Flash Player 21.0.0.182
    Mozilla Firefox (45.0)
    ````````Process Check: objlist.exe by Laurent````````
    Microsoft Security Essentials MSMpEng.exe
    Microsoft Security Essentials msseces.exe
    WinPatrol winpatrol.exe
    Ruiware WinPatrol WinPatrol.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 0%
    ````````````````````End of Log``````````````````````
     
  18. 2016/03/13
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    First I'd like to thank all those involved in creating such an excellent Tutorial, great job.

    The log above is showing the Java version 32-bit out of Date! I cannot find a more up to date version.

    Unfortunately the computer is still freezing on the first visit to certain sites.
     
    Last edited: 2016/03/13
  19. 2016/03/14
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,899
    Likes Received:
    510
    Click Start< Control Panel< Uninstall a program and remove the following items:

    Adobe AIR
    Adobe Refresh Manager
    Adobe Shockwave Player
    Allway Sync version
    Amazon Music
    iespell
    Java 8 Update 73
    MarketResearch
    MartView
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition
    Microsoft SQL Server Compact 3.5
    All Nokia items unless you use them
    PC Connectivity Solution
    System Requirements Lab for Intel
    TomTom HOME
    WinZip 12.0
    Your Uninstaller 2010
    Yrefresher 1.00

    Once that is done download JavaRa to your desktop and unzip it.

    • Run JavaRa.exe by right clicking on JavaRa.exe, and clicking Run as administrator, pick the language of your choice and click Select. Then click Remove Older Versions.
    • Accept any prompts.
    • Do NOT post JavaRa log.

    Reboot the computer after JavaRa completes.

    Then in Autoruns on the Logon Tab, remove the following items:

    persistence
    Microsoft Office Document (both items)
    Microsoft Outlook
    WindowManager Application
    Amazon 1Button
    Windows Mail

    Reboot the computer after following those steps and let me know if Firefox or Internet Explorer work properly.
     
  20. 2016/03/14
    colinlam

    colinlam Well-Known Member Thread Starter

    Joined:
    2006/04/19
    Messages:
    107
    Likes Received:
    0
    Hi, couldn't find Adobe Refresh Manager or MarketResearch to uninstall but did the rest of your instructions but I'm sorry to say that neither browser opened the site without freezing.
     
  21. 2016/03/15
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,899
    Likes Received:
    510

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.