A computer is ready for LzD therapy!

Started by DR M, May 03, 2016, 04:56:51 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1 2
User actions

DR M

May 03, 2016, 04:56:51 PM
Hello all!

A friend of mine has a computer which needs therapy!

First of all, the keyboard is problematic. It seems that Shift is clicked all the time. E.g., I can't write numbers, because the shift characters are being produced when I click on them. Also, it selects desktop icons itself, and I cannot deselect them.

Ok, there is ask.com in Internet explorer, and 1,5gb free from 56gb hard drive space...

I attach the logs, and I'm looking forward for your help. First, I have to mention that I uninstalled many programs, as well as flash player, reader, java... Also I installed Pale moon.

Result of Security Analysis by Rocket Grannie (x86) version: 25th April 2016
Running from:C:\Users\EleniAn\Desktop (19:44:34 - 05/03/2016)
***---------------------------------------------------------***
Microsoft® Windows Vistaâ,,¢ Business X86 Service Pack 2
UAC is Enabled!
Internet Explorer 8
Default Browser: C:\Program Files\Pale Moon\palemoon.exe
***-----------------Anti-Virus - Firewall-------------------***

Windows Firewall is Enabled!
Searching for any other Firewall
*No other Firewall Installed*
***----------------AntiSpyware - Miscellaneous---------------***
Adobe flash Player Plugin is not installed
Microsoft Silverlight (version 5)
Pale Moon (version 26)
Windows Live Essentials -- An older version than '16.4' is installed.
Windows Live Essentials (version 15.4.3555.0308) is *out of Date*
Windows Live Essentials (version 15.4.3502.0922) is *out of Date*

***----------------Analysis Complete-------------------------***


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:03-05-2016
Ran by EleniAn (administrator) on ELENIAN-PC (03-05-2016 19:29:23)
Running from C:\Users\EleniAn\Desktop
Loaded Profiles: EleniAn (Available Profiles: EleniAn)
Platform: Microsoft® Windows Vistaâ,,¢ Business  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: "C:\Program Files\Pale Moon\palemoon.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Dropbox, Inc.) C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Moonchild Productions) C:\Program Files\Pale Moon\palemoon.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [TOSDCR] => C:\Program Files\TOSHIBA\PasswordUtility\TOSDCR.exe [174200 2006-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [411768 2006-12-20] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [448632 2006-12-11] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [530552 2006-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [3784704 2006-11-09] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [180224 2006-09-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [NDSTray.exe] => NDSTray.exe
HKLM\...\Run: [topi] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [577536 2006-12-15] (TOSHIBA)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [554640 2006-12-13] (Toshiba)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [417792 2006-11-10] (TOSHIBA)
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3477312 2012-01-19] (DT Soft Ltd)
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\Run: [GoogleDriveSync] => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\Run: [Dropbox Update] => C:\Users\EleniAn\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\MountPoints2: {0ddbb88e-548d-11e0-a6f1-0015b76389e7} - I:\Startme.exe
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\MountPoints2: {191bfcd0-53f9-11e1-942c-001b77226924} - G:\Setup.exe -auto
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\MountPoints2: {29ecbf58-ae3c-11e5-9499-0015b76389e7} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\MountPoints2: {a8c26a2a-9e50-11df-a876-0015b76389e7} - D:\LaunchU3.exe -a
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Settings Manager\systemk\sysapcrt.dll
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2010-08-30]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk [2014-06-11]
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)
Startup: C:\Users\EleniAn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-03]
ShortcutTarget: Dropbox.lnk -> C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0F2B657F-318E-4505-9658-1CB5C1DA22FE}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{BF3C62F7-84D0-4A12-82EF-67ADF68584C8}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.msn.com/en-us/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://gr.msn.com/?mkt=el-gr&ocid=iehp
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.search.ask.com/?tpid=SGT&o=APN10374&pf=V5&trgb=ALL&p2=%5EAHO%5EYYYYYY%5EYY%5ECY&gct=hp&apn_ptnrs=%5EAHO&apn_dtid=%5EYYYYYY%5EYY%5ECY&apn_dbr=ff_13.0.1&apn_uid=89b4d772-b6d9-4b8c-b0af-6800347f7173&itbv=12.10.2.4202&doi=2013-08-02&psv=
URLSearchHook: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=100&itype=n&ver=12692&tm=375&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=100&itype=n&ver=12692&tm=375&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 -> {A2D495E6-BE5E-4A64-8DD3-9F4124242F93} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 -> {E54276C4-1D6E-4D42-9DC9-35ED1B4F6BCD} URL = hxxp://www.search.ask.com/web?tpid=SGT&o=APN10374&pf=V7&p2=%5EAHO%5EYYYYYY%5EYY%5ECY&gct=&itbv=12.10.2.4202&apn_uid=89b4d772-b6d9-4b8c-b0af-6800347f7173&apn_ptnrs=%5EAHO&apn_dtid=%5EYYYYYY%5EYY%5ECY&apn_dbr=ff_13.0.1&doi=2013-08-02&trgb=ALL&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 -> {F56BAF00-990D-4213-B33F-AE5B06BEEBC4} URL = hxxp://www.mysearchresults.com/search?c=3513&t=07&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.6.0\bin\jp2ssv.dll => No File
Toolbar: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\EleniAn\AppData\Roaming\Mozilla\Firefox\Profiles\3rkmdjoy.default-1459704551750
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\default-search.xml [2014-06-11]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-04-03] [not signed]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-04-03] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-08-09] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fjbbjfdilbioabojmcplalojlmdngbjl] - C:\Users\EleniAn\AppData\Local\Temp\swlfiles\smileyswelovetoolbar.crx [2014-02-04]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKU\S-1-5-21-3284848731-2923227114-796928758-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\EleniAn\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-3284848731-2923227114-796928758-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3284848731-2923227114-796928758-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
R2 TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [77824 2006-11-01] (TOSHIBA CORPORATION) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-02-10] (DT Soft Ltd)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 Tosrfusb; C:\Windows\System32\Drivers\Tosrfusb.sys [40960 2006-10-28] (TOSHIBA CORPORATION)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-03 19:29 - 2016-05-03 19:31 - 00018067 _____ C:\Users\EleniAn\Desktop\FRST.txt
2016-05-03 19:28 - 2016-05-03 19:29 - 00000000 ____D C:\FRST
2016-05-03 19:27 - 2016-05-03 19:27 - 01728000 _____ (Farbar) C:\Users\EleniAn\Desktop\FRST.exe
2016-05-03 19:04 - 2016-05-03 19:04 - 00000000 ____D C:\Users\EleniAn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-03 18:49 - 2016-05-03 18:49 - 00000000 ____D C:\Users\EleniAn\AppData\Roaming\Moonchild Productions
2016-05-03 18:49 - 2016-05-03 18:49 - 00000000 ____D C:\Users\EleniAn\AppData\Local\Moonchild Productions
2016-05-03 18:45 - 2016-05-03 18:45 - 00000828 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pale Moon.lnk
2016-05-03 18:45 - 2016-05-03 18:45 - 00000000 ____D C:\Program Files\Pale Moon
2016-05-03 18:36 - 2016-05-03 18:36 - 00054156 ____H C:\Windows\QTFont.qfn
2016-05-03 18:12 - 2016-05-03 18:12 - 00800024 _____ C:\Users\EleniAn\Downloads\palemoon-websetup.exe
2016-04-18 00:56 - 2016-04-18 00:56 - 04490135 _____ C:\Users\EleniAn\Desktop\cutΣπύροÏ, γραμμένοÏ, & χορωδία _αγάπη ρε+_ Έπεσα απ' Ï,,α σύννεφα.wma
2016-04-03 22:29 - 2016-05-03 18:58 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-04-03 20:29 - 2016-04-03 20:29 - 00000000 ____D C:\Users\EleniAn\Desktop\Old Firefox Data

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-03 19:19 - 2013-05-12 11:25 - 00000000 ___RD C:\Users\EleniAn\Dropbox
2016-05-03 19:19 - 2010-10-09 12:46 - 00000000 ____D C:\Users\EleniAn\AppData\Roaming\Skype
2016-05-03 19:17 - 2015-06-17 19:05 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3284848731-2923227114-796928758-1000UA.job
2016-05-03 19:15 - 2010-07-31 17:06 - 00124808 _____ C:\Users\EleniAn\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-03 19:14 - 2010-08-16 21:37 - 00001168 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-03 19:14 - 2006-11-02 15:47 - 00453080 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-03 19:14 - 2006-11-02 15:47 - 00003552 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-03 19:14 - 2006-11-02 15:47 - 00003552 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-03 19:13 - 2011-01-31 18:15 - 00000000 ____D C:\Program Files\WinRAR
2016-05-03 19:13 - 2006-11-02 16:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-03 19:12 - 2006-11-02 16:01 - 00032612 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-03 19:10 - 2010-08-16 21:37 - 00001172 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-03 19:08 - 2013-05-12 11:16 - 00000000 ____D C:\Users\EleniAn\AppData\Roaming\Dropbox
2016-05-03 19:06 - 2015-06-17 19:05 - 00000000 ____D C:\Users\EleniAn\AppData\Local\Dropbox
2016-05-03 19:06 - 2006-11-02 14:18 - 00000000 ____D C:\Windows\inf
2016-05-03 18:58 - 2012-06-07 22:11 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-03 18:56 - 2010-10-15 10:39 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-05-03 18:56 - 2010-08-03 14:36 - 00000000 ____D C:\Users\EleniAn\AppData\Roaming\Adobe
2016-05-03 18:56 - 2006-12-23 17:07 - 00000000 ____D C:\Program Files\Adobe
2016-05-03 18:41 - 2010-09-05 18:34 - 00000000 ____D C:\Users\EleniAn\Desktop\Shortcuts
2016-05-03 18:41 - 2006-12-23 13:30 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-05-03 18:40 - 2006-12-23 17:08 - 00000000 ____D C:\ProgramData\Adobe
2016-05-03 18:39 - 2010-08-03 14:36 - 00000000 ____D C:\Users\EleniAn\AppData\Local\Adobe
2016-05-03 18:36 - 2012-11-28 23:43 - 00000000 ____D C:\Program Files\Common Files\PC Tools
2016-05-03 18:36 - 2012-10-14 22:20 - 00000000 ____D C:\ProgramData\TEMP
2016-05-03 18:36 - 2010-10-14 11:37 - 00000000 ____D C:\Program Files\QuickTime
2016-05-03 18:34 - 2006-12-23 13:13 - 00000000 ____D C:\Program Files\Java
2016-05-03 18:26 - 2010-08-16 21:37 - 00000000 ____D C:\Users\EleniAn\AppData\Local\Google
2016-05-03 18:26 - 2010-08-16 21:37 - 00000000 ____D C:\Program Files\Google
2016-05-03 18:24 - 2012-11-27 19:49 - 00000000 ____D C:\Users\EleniAn\AppData\LocalLow\Macromedia
2016-05-03 18:24 - 2010-10-15 12:58 - 00000000 ____D C:\Users\EleniAn\AppData\LocalLow\Adobe
2016-05-03 18:24 - 2006-12-23 16:45 - 00000000 ____D C:\Windows\system32\Macromed
2016-05-03 18:22 - 2011-05-29 10:46 - 00000000 ____D C:\Users\EleniAn\AppData\Roaming\go
2016-05-03 18:21 - 2011-02-07 19:48 - 00000000 ____D C:\Program Files\YouTube Downloader
2016-05-03 18:20 - 2011-07-25 08:17 - 00000000 ____D C:\Windows\system32\appmgmt
2016-05-03 18:20 - 2006-12-23 17:11 - 00000000 ____D C:\ProgramData\Symantec
2016-05-03 18:20 - 2006-12-23 17:10 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-05-03 18:18 - 2010-08-20 00:20 - 00000000 ____D C:\ProgramData\DivX
2016-05-03 18:17 - 2010-08-20 00:21 - 00000000 ____D C:\Program Files\DivX
2016-05-02 21:48 - 2006-11-02 13:33 - 00759582 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-02 21:05 - 2010-10-09 12:44 - 00000000 ___RD C:\Program Files\Skype
2016-05-02 21:05 - 2010-10-09 12:44 - 00000000 ____D C:\ProgramData\Skype
2016-04-20 22:49 - 2010-07-31 17:05 - 00005568 _____ C:\Users\EleniAn\AppData\Local\d3d9caps.dat
2016-04-17 16:15 - 2010-08-01 11:03 - 00037888 _____ C:\Users\EleniAn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Files in the root of some directories =======

2010-07-31 17:05 - 2016-04-20 22:49 - 0005568 _____ () C:\Users\EleniAn\AppData\Local\d3d9caps.dat
2010-08-01 11:03 - 2016-04-17 16:15 - 0037888 _____ () C:\Users\EleniAn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-19 22:16 - 2014-11-19 22:16 - 0004096 ____H () C:\Users\EleniAn\AppData\Local\keyfile3.drm
2011-07-06 23:59 - 2011-07-07 00:00 - 0000000 _____ () C:\Users\EleniAn\AppData\Local\{0582FB39-EEF7-4C2E-952B-4C1CB9C46D41}
2011-10-11 23:10 - 2011-10-11 23:10 - 0000000 _____ () C:\Users\EleniAn\AppData\Local\{2D08F7D8-B737-47A7-99E6-FB495EB52E02}
2010-10-09 12:47 - 2010-10-09 12:47 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-08-19 08:45 - 2014-07-01 11:56 - 0006523 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\EleniAn\AppData\Local\Temp\ApnStub.exe
C:\Users\EleniAn\AppData\Local\Temp\DefaultTabSetup2.exe
C:\Users\EleniAn\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpogcyog.dll
C:\Users\EleniAn\AppData\Local\Temp\setup.exe
C:\Users\EleniAn\AppData\Local\Temp\similarbundlegeneric.exe
C:\Users\EleniAn\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-03 19:26

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version:03-05-2016
Ran by EleniAn (2016-05-03 19:32:24)
Running from C:\Users\EleniAn\Desktop
Microsoft® Windows Vistaâ,,¢ Business  Service Pack 2 (X86) (2010-07-31 16:50:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3284848731-2923227114-796928758-500 - Administrator - Disabled)
EleniAn (S-1-5-21-3284848731-2923227114-796928758-1000 - Administrator - Enabled) => C:\Users\EleniAn
Guest (S-1-5-21-3284848731-2923227114-796928758-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
6200 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
6200_Help (Version: 82.0.242.000 - Hewlett-Packard) Hidden
6200Trb (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_ProductContext (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 82.0.173.000 - Hewlett-Packard) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v5.00.10(T) - )
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.00.02 - TOSHIBA)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (Version: 82.0.188.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.2.0287 - DT Soft Ltd)
Destinations (Version: 82.0.173.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocProc (Version: 8.1.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
DVD MovieFactory for TOSHIBA (HKLM\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.3 - Ulead Systems, Inc.)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Fax (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
HP Customer Participation Program 8.0 (HKLM\...\HPExtendedCapabilities) (Version: 8.0 - HP)
HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP)
HP OCR Software 8.0 (HKLM\...\HPOCR) (Version: 8.0 - HP)
HP Photosmart Essential (HKLM\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Solution Center 8.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 8.0 - HP)
HP Update (HKLM\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
HPProductAssistant (Version: 82.0.173.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}) (Version: 2.1.3.0000 - Hewlett Packard Development Company L.P.)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.2.0 - LIGHTNING UK!)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
MarketResearch (Version: 82.0.174.000 - Hewlett-Packard) Hidden
Math Resource Studio (HKLM\...\{DA0A12C2-D7F5-41AE-8D61-8CF29D6F2116}) (Version: 4.4.11.1 - Schoolhouse Technologies)
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM\...\{E30E7561-A466-4393-B8BF-FD93E733EF3C}) (Version: 8.0.6362.202 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Research AutoCollage 2008 Academic Edition (HKLM\...\{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}) (Version: 1.01.2008 - Microsoft Research)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Pale Moon 26.2.1 (x86 en-US) (HKLM\...\Pale Moon 26.2.1 (x86 en-US)) (Version: 26.2.1 - Moonchild Productions)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5322 - Realtek Semiconductor Corp.)
Scan (Version: 8.1.0.0 - Hewlett-Packard) Hidden
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skypeâ,,¢ 7.22 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SolutionCenter (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Status (Version: 82.0.173.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.00.01 - )
TOSHIBA ConfigFree (HKLM\...\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}) (Version: 7.00.22 - TOSHIBA)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.0.0 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.00.00 - Toshiba)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.0.0.2 - TOSHIBA Corporation)
TOSHIBA Manuals (HKLM\...\{0F4F4815-76AD-4B26-8763-72F3344041C2}) (Version: 7.10 - TOSHIBA)
Toshiba Online Product Information (HKLM\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 1.00.0002 - TOSHIBA)
TOSHIBA SD Memory Boot Utility (HKLM\...\{BBF5493A-05FB-4449-90DE-84A61EB78154}) (Version: 1.3.1.1A - TOSHIBA Corporation)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.7 - TOSHIBA)
TOSHIBA Security Assist (HKLM\...\{1E63ACB5-D45E-4856-8FC9-78F4B0D7BB80}) (Version: 2.0.2 - TOSHIBA)
TOSHIBA Software Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.0.8 - TOSHIBA Corporation)
TrayApp (Version: 82.0.188.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinDVD for TOSHIBA (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.108 - InterVideo Inc.)
WinDVD for TOSHIBA (Version: 8.0-B6.108 - InterVideo Inc.) Hidden
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}) (Version: 18.0.10661 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\EleniAn\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\EleniAn\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\EleniAn\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\EleniAn\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\EleniAn\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\EleniAn\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\EleniAn\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\EleniAn\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F99F196-9FEE-4A1B-8012-9CCB34F878FD} - System32\Tasks\{694A3E56-E6FC-4886-BA0D-6C08D75908F4} => C:\Program Files\Skype\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.)
Task: {2913B84F-D554-45CE-807E-B3ED67571016} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {4D0D0110-24CA-49B9-94BA-9D3B66D5CFFB} - System32\Tasks\{BFD91725-A059-4A5E-A914-BE03D3D950AD} => pcalua.exe -a F:\setup.exe -d F:\
Task: {58D04FBF-A434-48D5-89A6-DB7714EE8D8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {6A23F1FA-9BED-4A08-B52C-F22CE20C144A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3284848731-2923227114-796928758-1000UA => C:\Users\EleniAn\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {6BDE28D2-DACE-4EAA-95AB-C210900C265C} - System32\Tasks\{83CBB449-04C6-4063-8F8D-4303853195AB} => pcalua.exe -a C:\MMAPP\UNINSTAL.EXE -d C:\MMAPP
Task: {7BF3B325-EE47-47F9-9ABF-1AEF864AC632} - System32\Tasks\Microsoft\Windows\RestartManager\{788185C5-5391-4e18-A97A-7B10CFDB1805} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {E9B01BE3-C358-41CF-A4B2-608839C3E97A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3284848731-2923227114-796928758-1000Core => C:\Users\EleniAn\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3284848731-2923227114-796928758-1000Core.job => C:\Users\EleniAn\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3284848731-2923227114-796928758-1000UA.job => C:\Users\EleniAn\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2006-08-10 18:00 - 2006-08-10 18:00 - 00094208 ____N () C:\Windows\System32\TosBtHcrpAPI.dll
2006-12-23 13:34 - 2006-12-12 12:04 - 00061440 ____N () C:\Windows\system32\igfxTMM.dll
2006-12-23 13:34 - 2006-12-12 12:01 - 00077824 ____N () C:\Windows\system32\hccutils.DLL
2006-11-09 21:27 - 2006-11-09 21:27 - 00090112 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
2006-12-27 11:50 - 2006-10-10 13:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2006-11-07 19:49 - 2006-11-07 19:49 - 00011776 _____ () C:\Program Files\TOSHIBA\HDD Protection\NotifyThp.dll
2006-11-08 21:08 - 2006-11-08 21:08 - 00009216 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2006-12-23 16:01 - 2006-10-20 16:49 - 00009216 _____ () C:\Program Files\TOSHIBA\ConfigFree\NotifyCFF.dll
2006-10-07 14:57 - 2006-10-07 14:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2006-12-01 21:55 - 2006-12-01 21:55 - 00009216 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll
2006-12-23 13:34 - 2006-12-12 12:01 - 00077824 ____N () C:\Windows\System32\hccutils.DLL
2016-05-03 19:04 - 2016-03-22 00:50 - 00034768 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-05-03 19:03 - 2016-03-22 00:51 - 00019408 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-05-03 19:03 - 2016-03-22 00:50 - 00116688 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-05-03 19:04 - 2016-03-22 00:50 - 00093640 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-05-03 19:04 - 2016-03-22 00:50 - 00018376 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\select.pyd
2016-05-03 19:04 - 2016-04-08 21:20 - 00019760 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-05-03 19:04 - 2016-03-22 00:52 - 00105928 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-05-03 19:03 - 2016-03-22 00:50 - 00392144 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-05-03 19:04 - 2016-04-08 21:20 - 00381752 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-05-03 19:04 - 2016-03-22 00:50 - 00692688 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-05-03 19:03 - 2016-04-08 21:19 - 00020816 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-05-03 19:04 - 2016-03-22 00:51 - 00112592 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-05-03 19:03 - 2016-04-08 21:19 - 01682760 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-05-03 19:03 - 2016-04-08 21:19 - 00020808 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-05-03 19:04 - 2016-04-08 21:20 - 00021840 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-05-03 19:03 - 2016-04-08 21:19 - 00038696 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-05-03 19:03 - 2016-03-22 00:52 - 00020936 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-05-03 19:04 - 2016-03-22 00:52 - 00024528 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-05-03 19:04 - 2016-03-22 00:52 - 00114640 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-05-03 19:04 - 2016-03-22 00:52 - 00124880 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-05-03 19:04 - 2016-04-08 21:20 - 00021832 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-05-03 19:04 - 2016-03-22 00:52 - 00024016 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-05-03 19:04 - 2016-03-22 00:52 - 00175560 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-05-03 19:04 - 2016-03-22 00:52 - 00030160 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-05-03 19:04 - 2016-03-22 00:52 - 00043472 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-05-03 19:04 - 2016-03-22 00:52 - 00028616 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-05-03 19:04 - 2016-03-22 00:52 - 00048592 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-05-03 19:03 - 2016-04-08 21:19 - 00026456 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-05-03 19:04 - 2016-03-22 00:52 - 00057808 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-05-03 19:04 - 2016-03-22 00:52 - 00024016 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-05-03 19:03 - 2016-04-08 21:19 - 00117056 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-05-03 19:04 - 2016-04-08 21:20 - 00023376 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-05-03 19:04 - 2016-03-22 00:50 - 00134608 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-05-03 19:03 - 2016-03-22 00:50 - 00134088 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-05-03 19:03 - 2016-03-22 00:51 - 00240584 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-05-03 19:03 - 2016-04-08 21:19 - 00024392 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-05-03 19:03 - 2016-03-22 00:52 - 00036296 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\librsync.dll
2016-05-03 19:03 - 2016-04-08 21:19 - 00052024 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-05-03 19:04 - 2016-04-08 21:20 - 00020800 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-05-03 19:04 - 2016-04-08 21:20 - 00021824 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-05-03 19:04 - 2016-04-08 21:20 - 00019776 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-05-03 19:04 - 2016-04-08 21:20 - 00020800 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-05-03 19:03 - 2016-04-08 21:19 - 00020280 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-05-03 19:04 - 2016-03-22 00:52 - 00350152 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-05-03 19:04 - 2016-04-08 21:20 - 00022352 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-05-03 19:03 - 2016-04-08 21:19 - 00084280 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.dll
2016-05-03 19:03 - 2016-04-08 21:20 - 01826096 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-05-03 19:04 - 2016-03-22 00:51 - 00083912 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\sip.pyd
2016-05-03 19:03 - 2016-04-08 21:20 - 03928880 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-05-03 19:03 - 2016-04-08 21:20 - 01971504 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-05-03 19:03 - 2016-04-08 21:20 - 00531248 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-05-03 19:03 - 2016-04-08 21:20 - 00132912 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-05-03 19:03 - 2016-04-08 21:20 - 00223544 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-05-03 19:03 - 2016-04-08 21:20 - 00207672 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-05-03 19:03 - 2016-04-08 21:20 - 00158008 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-05-03 19:03 - 2016-04-08 21:20 - 00042808 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-05-03 19:03 - 2016-03-22 00:54 - 00017864 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-05-03 19:03 - 2016-03-22 00:54 - 01631184 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-05-03 19:04 - 2016-04-08 21:20 - 00024904 _____ () C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2006-12-10 21:51 - 2006-12-10 21:51 - 00065536 ____R () C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
2006-12-10 21:51 - 2006-12-10 21:51 - 00077824 ____R () C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
2016-05-03 18:45 - 2016-04-06 10:16 - 03060736 _____ () C:\Program Files\Pale Moon\mozjs.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\Users\EleniAn\Desktop\2015-01-01 00.10.55-1.jpg:com.dropbox.attributes [508]
AlternateDataStreams: C:\Users\EleniAn\Desktop\DSC_0072 (2) - Copy.JPG:com.dropbox.attributes [414]
AlternateDataStreams: C:\Users\EleniAn\Desktop\DSC_0072 (2).JPG:com.dropbox.attributes [414]
AlternateDataStreams: C:\Users\EleniAn\Desktop\ΣπύροÏ, γραμμένοÏ, & χορωδία _αγάπη ρε+_ Έπεσα απ' Ï,,α σύννεφα.mp3:TOC.WMV [130]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 13:23 - 2006-09-19 00:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\EleniAn\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{46A7ED7A-C965-49E2-87F3-10C365469C75}] => (Allow) LPort=80
FirewallRules: [{62091AC3-AF71-4373-B962-61530DF54696}] => (Allow) LPort=80
FirewallRules: [{5525CFC5-20F0-4173-818E-C03C4444FA78}] => (Allow) LPort=80
FirewallRules: [{12DD7ACF-CB24-4A28-A0F7-0A67E27CB75D}] => (Allow) C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [{58B516FA-6906-4DE6-B2A7-1E584C000CFE}] => (Allow) C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [{FE28C478-07C1-4E00-A7B0-32121E53A51B}] => (Allow) C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [{6AA9E0AD-2D70-42B2-A344-C13D9574C3BC}] => (Allow) C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe
FirewallRules: [TCP Query User{CEEF3D5D-FE05-4C0E-A6D9-850F1CA66491}C:\program files\microsoft office\live meeting 8\console\pwconsole.exe] => (Block) C:\program files\microsoft office\live meeting 8\console\pwconsole.exe
FirewallRules: [UDP Query User{5E3CDA47-81BD-4527-AC3F-1ADDB5FA2CF8}C:\program files\microsoft office\live meeting 8\console\pwconsole.exe] => (Block) C:\program files\microsoft office\live meeting 8\console\pwconsole.exe
FirewallRules: [{C9D1CEC5-9E48-4898-A3B4-A7FE090DB5FE}] => (Allow) C:\Program Files\Pinnacle\Studio 15\Programs\RM.exe
FirewallRules: [{45217268-AC50-41C5-AC76-8D27A796C620}] => (Allow) C:\Program Files\Pinnacle\Studio 15\Programs\RM.exe
FirewallRules: [{3E42471D-0DD1-47BA-B464-69EE0DE7F174}] => (Allow) C:\Program Files\Pinnacle\Studio 15\Programs\Studio.exe
FirewallRules: [{0518FF9C-7032-49BA-A734-8D9FD7BC5439}] => (Allow) C:\Program Files\Pinnacle\Studio 15\Programs\Studio.exe
FirewallRules: [{E82A54FB-D69E-491D-9713-2EA307E4CF42}] => (Allow) C:\Program Files\Pinnacle\Studio 15\Programs\umi.exe
FirewallRules: [{28D8FBC2-85B8-4A68-9443-E665DAD1C7F3}] => (Allow) C:\Program Files\Pinnacle\Studio 15\Programs\umi.exe
FirewallRules: [{B50ADF6E-4258-4AA7-BB46-30EB1D821656}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AE92D52D-FBAE-4065-A263-80F7B766DF76}] => (Allow) LPort=2869
FirewallRules: [{1B5F1929-E200-41C4-B713-E0DCA67C40C0}] => (Allow) LPort=1900
FirewallRules: [{22BBE9C1-CA20-4921-983B-D4B31F62BB00}] => (Allow) C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9DA83098-B2C8-46F2-B613-1A08F991054C}] => (Allow) C:\Users\EleniAn\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0AC79411-D068-49E0-814E-874D2BA936CC}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AB7AAA89-C3C5-4D99-BE1C-3CADE658E685}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{9702E16C-9224-4A6B-863E-BB28684BDF9D}C:\users\elenian\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\elenian\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{91DEE08E-23F1-490A-8DD7-1A753662DE17}C:\users\elenian\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\elenian\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{23CAF3B0-8140-4721-BA0A-97BB7AF73FAA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{62580AED-9D0A-404D-9DAD-DBC5F8DAADDF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D4BF0391-F417-474F-93D5-9206419B55A9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/03/2016 07:11:20 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ELENIAN\DROPBOX\.DROPBOX.CACHE\E9M8MVJGB-SRGOKI28LUL93X9GCEEIQZ_NOI0ZFV1ZW> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)

Error: (05/03/2016 07:11:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ELENIAN\DROPBOX\.DROPBOX.CACHE\HA9ZBIIULOG52MRYRJEYX50THDWNJL8WVZTKJHDADFM> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)

Error: (05/03/2016 07:11:18 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ELENIAN\DROPBOX\.DROPBOX.CACHE\8JEGLP9EDDLDBZGU8HTFRIZHPPZDYM1LAI-FPXOW-AC> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)

Error: (05/03/2016 07:11:17 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ELENIAN\DROPBOX\.DROPBOX.CACHE\EC62GW9BU9ZYM-2MMTB6GB_DBEAGVEIIW34FXG3MUQ4> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)

Error: (05/03/2016 06:42:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application setup.exe_InstallShield, version 14.0.0.162, time stamp 0x4626b2f4, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x6e341e60,
process id 0x854, application start time 0xsetup.exe_InstallShield0.

Error: (05/03/2016 06:39:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ELENIAN\DROPBOX\.DROPBOX.CACHE\FOJIBMPUJNKB6EIDI5ZXQNCU_BBVEPKNOPMMQPVNCIE&g
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

DR M

#1
May 03, 2016, 05:02:02 PM
And the rest of the log:

Error: (05/03/2016 06:39:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ELENIAN\DROPBOX\.DROPBOX.CACHE\FOJIBMPUJNKB6EIDI5ZXQNCU_BBVEPKNOPMMQPVNCIE> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)

Error: (05/03/2016 06:39:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ELENIAN\DROPBOX\.DROPBOX.CACHE\C_DUUWFBFUEF0ZIDCKSBJ0WOEFTMSLLL7V-JWYK7YYY> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)

Error: (05/03/2016 06:39:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ELENIAN\DROPBOX\.DROPBOX.CACHE\_OYZ-MJVFWWOKWYBIJ6C9KXR2GS6GVV6SGU9UQWVZWW> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)

Error: (05/03/2016 06:39:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ELENIAN\DROPBOX\.DROPBOX.CACHE\JU9G6B9IIAQ5YXB8LYSD_CZ0XMP8B75HY5K6JD8UULU> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)

Error: (05/03/2016 06:39:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ELENIAN\DROPBOX\.DROPBOX.CACHE\W2FKN_6OZOGA5E1WH0LDOMWAJHA12AYYTZL4SFOOTBG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============
Error: (05/03/2016 07:15:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Tosrfcom

Error: (05/03/2016 07:15:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (05/03/2016 06:59:19 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (05/03/2016 06:40:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (05/03/2016 06:40:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (05/03/2016 06:40:20 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/03/2016 06:05:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Tosrfcom

Error: (05/03/2016 06:05:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (05/03/2016 05:03:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Background Intelligent Transfer Service

Error: (05/03/2016 05:00:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Tosrfcom


==================== Memory info ===========================

Processor: Genuine Intel(R) CPU T2080 @ 1.73GHz
Percentage of memory in use: 79%
Total physical RAM: 3062.45 MB
Available physical RAM: 620.81 MB
Total Virtual: 6341.16 MB
Available Virtual: 3915.37 MB

==================== Drives ================================

Drive c: (Vista) (Fixed) (Total:55.89 GB) (Free:1.61 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (Data) (Fixed) (Total:54.43 GB) (Free:7.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 111.8 GB) (Disk ID: DE5CDE5C)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=55.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=54.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


THANK YOU.  :)
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

Corrine

#2
May 03, 2016, 07:48:14 PM
Hi, Panos.

Have you tried an external keyboard?

Please do the following to run FRST:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Open Notepad (Start =>All Programs => Accessories => Notepad).
  • Copy/Paste the entire contents of the code box below into Notepad.
Code Select

start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\MountPoints2: {0ddbb88e-548d-11e0-a6f1-0015b76389e7} - I:\Startme.exe
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\MountPoints2: {191bfcd0-53f9-11e1-942c-001b77226924} - G:\Setup.exe -auto
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\MountPoints2: {29ecbf58-ae3c-11e5-9499-0015b76389e7} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\MountPoints2: {a8c26a2a-9e50-11df-a876-0015b76389e7} - D:\LaunchU3.exe -a
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.search.ask.com/?tpid=SGT&o=APN10374&pf=V5&trgb=ALL&p2=%5EAHO%5EYYYYYY%5EYY%5ECY&gct=hp&apn_ptnrs=%5EAHO&apn_dtid=%5EYYYYYY%5EYY%5ECY&apn_dbr=ff_13.0.1&apn_uid=89b4d772-b6d9-4b8c-b0af-6800347f7173&itbv=12.10.2.4202&doi=2013-08-02&psv=
URLSearchHook: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
SearchScopes: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 -> {E54276C4-1D6E-4D42-9DC9-35ED1B4F6BCD} URL = hxxp://www.search.ask.com/web?tpid=SGT&o=APN10374&pf=V7&p2=%5EAHO%5EYYYYYY%5EYY%5ECY&gct=&itbv=12.10.2.4202&apn_uid=89b4d772-b6d9-4b8c-b0af-6800347f7173&apn_ptnrs=%5EAHO&apn_dtid=%5EYYYYYY%5EYY%5ECY&apn_dbr=ff_13.0.1&doi=2013-08-02&trgb=ALL&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 -> {F56BAF00-990D-4213-B33F-AE5B06BEEBC4} URL = hxxp://www.mysearchresults.com/search?c=3513&t=07&q={searchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.6.0\bin\jp2ssv.dll => No File
Toolbar: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
CHR HKU\S-1-5-21-3284848731-2923227114-796928758-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\EleniAn\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\EleniAn\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => No File
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\Users\EleniAn\Desktop\2015-01-01 00.10.55-1.jpg:com.dropbox.attributes [508]
AlternateDataStreams: C:\Users\EleniAn\Desktop\DSC_0072 (2) - Copy.JPG:com.dropbox.attributes [414]
AlternateDataStreams: C:\Users\EleniAn\Desktop\DSC_0072 (2).JPG:com.dropbox.attributes [414]
AlternateDataStreams: C:\Users\EleniAn\Desktop\ΣπύροÏ, γραμμένοÏ, & χορωδία _αγάπη ρε+_ Έπεσα απ' Ï,,α σύννεφα.mp3:TOC.WMV [130]
EmptyTemp:
end

  • Click Format and ensure Wordwrap is unchecked.
  • Important:  Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....

    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post the log in your next reply.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

DR M

#3
May 03, 2016, 08:23:10 PM
Hi, Corrine.

I haven't got another keyboard to try it. It's very difficult for me to do a single movement on that computer. I can't enter numbers (so I can't enter the forum with my password), some letters are being produced as caps locks when the caps lock button is off and vice-verse, I can't select a file because everything is being selected... Also, Pale moon starts in safe mode every time, and every time I click on a link in Pale moon, it opens in a different window instead of tab. And the most important for me: I'm trying to transfer files with my memory stick, and just now, MCShield found a malware file and deleted it.

Here is the log from the FRST fix:

Fix result of Farbar Recovery Scan Tool (x86) Version:03-05-2016
Ran by EleniAn (2016-05-03 22:59:28) Run:1
Running from C:\Users\EleniAn\Desktop
Loaded Profiles: EleniAn (Available Profiles: EleniAn)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\MountPoints2: {0ddbb88e-548d-11e0-a6f1-0015b76389e7} - I:\Startme.exe
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\MountPoints2: {191bfcd0-53f9-11e1-942c-001b77226924} - G:\Setup.exe -auto
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\MountPoints2: {29ecbf58-ae3c-11e5-9499-0015b76389e7} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\...\MountPoints2: {a8c26a2a-9e50-11df-a876-0015b76389e7} - D:\LaunchU3.exe -a
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.search.ask.com/?tpid=SGT&o=APN10374&pf=V5&trgb=ALL&p2=%5EAHO%5EYYYYYY%5EYY%5ECY&gct=hp&apn_ptnrs=%5EAHO&apn_dtid=%5EYYYYYY%5EYY%5ECY&apn_dbr=ff_13.0.1&apn_uid=89b4d772-b6d9-4b8c-b0af-6800347f7173&itbv=12.10.2.4202&doi=2013-08-02&psv=
URLSearchHook: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
SearchScopes: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 -> {E54276C4-1D6E-4D42-9DC9-35ED1B4F6BCD} URL = hxxp://www.search.ask.com/web?tpid=SGT&o=APN10374&pf=V7&p2=%5EAHO%5EYYYYYY%5EYY%5ECY&gct=&itbv=12.10.2.4202&apn_uid=89b4d772-b6d9-4b8c-b0af-6800347f7173&apn_ptnrs=%5EAHO&apn_dtid=%5EYYYYYY%5EYY%5ECY&apn_dbr=ff_13.0.1&doi=2013-08-02&trgb=ALL&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 -> {F56BAF00-990D-4213-B33F-AE5B06BEEBC4} URL = hxxp://www.mysearchresults.com/search?c=3513&t=07&q={searchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.6.0\bin\jp2ssv.dll => No File
Toolbar: HKU\S-1-5-21-3284848731-2923227114-796928758-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
CHR HKU\S-1-5-21-3284848731-2923227114-796928758-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\EleniAn\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
CustomCLSID: HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\EleniAn\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => No File
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\Users\EleniAn\Desktop\2015-01-01 00.10.55-1.jpg:com.dropbox.attributes [508]
AlternateDataStreams: C:\Users\EleniAn\Desktop\DSC_0072 (2) - Copy.JPG:com.dropbox.attributes [414]
AlternateDataStreams: C:\Users\EleniAn\Desktop\DSC_0072 (2).JPG:com.dropbox.attributes [414]
AlternateDataStreams: C:\Users\EleniAn\Desktop\ΣπύροÏ, γραμμένοÏ, & χορωδία _αγάπη ρε+_ Έπεσα απ' Ï,,α σύννεφα.mp3:TOC.WMV [130]
EmptyTemp:
end
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value not found.
"HKU\S-1-5-21-3284848731-2923227114-796928758-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ddbb88e-548d-11e0-a6f1-0015b76389e7}" => key removed successfully.
HKCR\CLSID\{0ddbb88e-548d-11e0-a6f1-0015b76389e7} => key not found.
"HKU\S-1-5-21-3284848731-2923227114-796928758-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{191bfcd0-53f9-11e1-942c-001b77226924}" => key removed successfully.
HKCR\CLSID\{191bfcd0-53f9-11e1-942c-001b77226924} => key not found.
"HKU\S-1-5-21-3284848731-2923227114-796928758-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{29ecbf58-ae3c-11e5-9499-0015b76389e7}" => key removed successfully.
HKCR\CLSID\{29ecbf58-ae3c-11e5-9499-0015b76389e7} => key not found.
"HKU\S-1-5-21-3284848731-2923227114-796928758-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a8c26a2a-9e50-11df-a876-0015b76389e7}" => key removed successfully.
HKCR\CLSID\{a8c26a2a-9e50-11df-a876-0015b76389e7} => key not found.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe" => key removed successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully.
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value removed successfully.
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} => value removed successfully.
"HKU\S-1-5-21-3284848731-2923227114-796928758-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E54276C4-1D6E-4D42-9DC9-35ED1B4F6BCD}" => key removed successfully.
HKCR\CLSID\{E54276C4-1D6E-4D42-9DC9-35ED1B4F6BCD} => key not found.
"HKU\S-1-5-21-3284848731-2923227114-796928758-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F56BAF00-990D-4213-B33F-AE5B06BEEBC4}" => key removed successfully.
HKCR\CLSID\{F56BAF00-990D-4213-B33F-AE5B06BEEBC4} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully.
HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value removed successfully.
"HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}" => key removed successfully.
"HKCR\PROTOCOLS\Handler\livecall" => key removed successfully.
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => key not found.
"HKCR\PROTOCOLS\Handler\msnim" => key removed successfully.
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => key not found.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully.
"HKU\S-1-5-21-3284848731-2923227114-796928758-1000\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf" => key removed successfully.
blbdrive => service removed successfully.
IpInIp => service removed successfully.
NwlnkFlt => service removed successfully.
NwlnkFwd => service removed successfully.
"HKU\S-1-5-21-3284848731-2923227114-796928758-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}" => key removed successfully.
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully..
"C:\Users\EleniAn\Desktop\2015-01-01 00.10.55-1.jpg" => ":com.dropbox.attributes" ADS not found.
"C:\Users\EleniAn\Desktop\DSC_0072 (2) - Copy.JPG" => ":com.dropbox.attributes" ADS not found.
"C:\Users\EleniAn\Desktop\DSC_0072 (2).JPG" => ":com.dropbox.attributes" ADS not found.
"C:\Users\EleniAn\Desktop\ΣπύροÏ, γραμμένοÏ, & χορωδία _αγάπη ρε+_ Έπεσα απ' Ï,,α σύννεφα.mp3" => ":TOC.WMV" ADS not found.
EmptyTemp: => 5.5 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 23:04:29 ====
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

Corrine

#4
May 03, 2016, 08:37:21 PM
You may need to go to the Toshiba website and see if you can get replacement/updated drivers for the keyboard.

Considering McShield's findings, please follow the instructions below to run an on-line scan from ESET.

  • Note: It is easiest if you use Internet explorer for this scan.  (If you use an alternate browser, it will be necessary to download the ESET Smart Installer)

    • Hold down Control and click on this link to open ESET OnlineScan in a new window so you can refer to these instructions.
    • Click the green ESET Online Scanner box.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the Eset Smart Installer icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:

      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.



Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

DR M

#5
May 03, 2016, 08:52:25 PM
Corrine,

Internet explorer failed to open Eset online scanner, so I tried with PM, following your instructions for other browsers.

I will leave it working, and post back in the morning (it's 23:51 right now :)  ).

Thank you, and have a nice day.  :)
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

Corrine

#6
May 03, 2016, 09:49:52 PM
No problem, Panos.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

DR M

#7
May 04, 2016, 08:29:26 AM
Good morning, Corrine.

ESET found 11 threats. I have the log ready on the desktop, but I can't select it, I can't open it, I can't move it. Every click I make selects everything. I went to TOSHIBA drivers, but I don't know what exactly I'm looking for. And for Windows Vista there is not much...

EDITED:

I copied everything from her desktop in my stick!!!  >:(

Here is the ESET log:

C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5   a variant of Win32/Toolbar.Widgi potentially unwanted application   cleaned by deleting
C:\Program Files\Settings Manager\systemk\Internet Explorer Settings.exe   a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application   cleaned by deleting
C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg   Win32/AdWare.Bandoo.AF application   cleaned by deleting
C:\Users\EleniAn\AppData\Local\Popajar\UpdateChecker\UpdateCheckerApp.exe   MSIL/AdGazelle.A potentially unwanted application   cleaned by deleting
C:\Users\EleniAn\AppData\Local\Popajar\UpdateChecker\UpdaterLibrary.dll   a variant of MSIL/Toolbar.SmileysLove.E potentially unwanted application   cleaned by deleting
C:\Users\EleniAn\AppData\Roaming\OpenCandy\1AF8FAC04E004D68B323C23CAC2420CF\dlm.exe   a variant of Win32/OpenCandy.A potentially unsafe application   cleaned by deleting
C:\Users\EleniAn\AppData\Roaming\OpenCandy\1AF8FAC04E004D68B323C23CAC2420CF\Linkey_p1v3.exe   a variant of Win32/Toolbar.SearchSuite.U potentially unwanted application   deleted
C:\Users\EleniAn\AppData\Roaming\OpenCandy\1AF8FAC04E004D68B323C23CAC2420CF\SettingsManagerSetup.exe   a variant of Win32/Toolbar.SearchSuite.U potentially unwanted application   cleaned by deleting
C:\Users\EleniAn\AppData\Roaming\OpenCandy\562BFF6DC4D64C09A513D63111306E4E\dlm.exe   a variant of Win32/OpenCandy.A potentially unsafe application   cleaned by deleting
C:\Users\EleniAn\AppData\Roaming\OpenCandy\A2D7ED4A9F5841E5B51ACE0C075C44FE\winzip180mul-32.msi   a variant of Win32/Systweak.L potentially unwanted application   deleted
C:\Users\EleniAn\Documents\ApnStub.exe   a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application   cleaned by deleting




Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

DR M

#8
May 04, 2016, 10:08:28 AM
Also MBAM found 65 threads (mainly PUP) but I don't know what it did with them, as the finish button was not responsive.
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

DR M

#9
May 04, 2016, 10:37:54 AM
One more info:

I found out that when the letter A is pressed, then everything gets back to normal.

With A pressed, I manage to enter On-screen keyboard (I couldn't enter it without pressing A), and see that Shift is on and cannot get into off. It's stuck on.

Any ideas??

Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

Corrine

#10
May 04, 2016, 01:08:48 PM
The MBAM log will be under History.  As to the keyboard, do you have any canned air?  It very well could be that there is debris in the keyboard which is causing problems.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

DR M

#11
May 04, 2016, 03:43:49 PM
Hi, Corrine.

MBAM history scan log shows everything cleaned. The PUPS went to quarantine and I deleted them, when trying to read them.

No, I haven't got canned air, so I will return the computer if you thing there is nothing more to be done (talking about malware).

Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

DR M

#12
May 04, 2016, 05:30:12 PM
Quote from: DR M on May 04, 2016, 03:43:49 PM
Hi, Corrine.

MBAM history scan log shows everything cleaned. The PUPS went to quarantine and I deleted them, when trying to read them.

No, I haven't got canned air, so I will return the computer if you thing there is nothing more to be done (talking about malware).

Well, this is strange, but turning on sticky keys, solved the problem. Just to update the previous post.
Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

Corrine

#13
May 04, 2016, 08:07:33 PM
That is strange but glad sticky keys solved the strange issue.

If you haven't returned the computer yet, it wouldn't hurt to run AdwCleaner and JRT.

Please download AdwCleaner by Xplode and save to your Desktop.

  • Right-click on AdwCleaner.exe and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin.  Please be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Please download Junkware Removal Tool to your desktop.

  • Disable your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it.  If you are using Windows Vista or Seven, right-mouse click it and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Notes

1.  If you decide not to run AdwCleaner and JRT, it would be a good idea to remove the tools we used with Delfix.

Please download Delfix from here.

Ensure the following boxes are checked:
  • Remove disinfection tools
  • Create registry backup
  • Purge system restore

  • Click Run
The program will run for a few moments and then notepad will open with a log.   Please paste the log in your next reply.

2.  The SecurityCheck log shows that IE hasn't been updated to IE9.  If you don't wish to do the update, please advise the computer owner to do so, regardless of whether or not the person uses IE as the default browser.  Download Internet Explorer 9


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

DR M

#14
May 04, 2016, 08:29:49 PM
Hi, Corrine!

It's the first time I'm writing from Eleni's computer! Everything regarding the keyboard seems to be ok now, with sticky keys on!  :o

I will return the computer early in the morning. Waiting for your reply, I did these:

1. Let the computer download many many updates. Among them was IE update to v9.
2. Installed Sumatra, Microsoft Security Essentials, as part of the updates, Win Patrol, since the start up programs were ... 15 or more!, VLC, 7-zip, flash player plugin and active x.
3. Installed some add-ons on PM, for downloading videos, without installing any program, and Adblock Latitude.
4. Ran cleanmgr to free some space, as well as TFC. Now the free space is 5,5gb (it was only 190mb before).
5. Ran Adware Cleaner and JRT, and I attach the logs:

# AdwCleaner v5.115 - Logfile created 04/05/2016 at 20:40:23
# Updated 01/05/2016 by Xplode
# Database : 2016-05-04.2 [Server]
# Operating system : Windows Vista (TM) Business Service Pack 2 (X86)
# Username : EleniAn - ELENIAN-PC
# Running from : C:\Users\EleniAn\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Users\EleniAn\AppData\Roaming\OpenCandy
Folder Found : C:\Users\EleniAn\AppData\Roaming\SimilarSites
Folder Found : C:\Users\EleniAn\Documents\Add-in Express

***** [ Files ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\PIP
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\APN PIP
Key Found : HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\PIP
Key Found : HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\Softonic
Key Found : HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKU\S-1-5-21-3284848731-2923227114-796928758-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3284848731-2923227114-796928758-1000\Software\AskPartnerNetwork

***** [ Web browsers ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [948 bytes] - [04/05/2016 20:37:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [3676 bytes] - [04/05/2016 20:35:28]
C:\AdwCleaner\AdwCleaner[S2].txt - [3191 bytes] - [04/05/2016 20:40:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [3264 bytes] ##########



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows Vista (TM) Business x86
Ran by EleniAn (Administrator) on ’œ« 04/05/2016 at 20:51:04,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 359

Successfully deleted: C:\Users\EleniAn\AppData\Local\{0137A19D-88C6-4CE4-91D1-583ADB4B19D8} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{02031666-3E1B-4704-949C-2D52406A004C} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0396E320-D516-4620-9991-C300062DEF45} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{03B94429-D49E-4108-A73C-BA38AA61042A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0450B970-4D31-4D6D-A39F-8BC7CA77A5E9} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{04883D52-EF73-4C8E-817A-56DB6205876A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{048ADCC5-2532-4627-BFBE-8195F2125205} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{04AAB792-3ED0-4C21-AAC1-2A143AD355E5} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{04EB36A3-AA7D-47EE-8A9F-7F3227D7C471} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0571C6E9-B4DC-4AB2-96EB-E1A93CC618FB} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0579778F-A21A-40EC-937F-A96797F0CE6B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{058CEB65-5BD0-423A-8B76-6EA3D83E7EF0} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{06DBFD1D-F8F1-43DC-8C0F-35649F31D473} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{070DC800-98A5-47F2-B876-0ABC378E39BB} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{07D95521-A853-423B-BD00-E39CC3812F35} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{07DDBB0F-035C-42AA-A5BF-6E151AD037E4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{081B2CF3-15F3-46B0-BA82-A93F5C1C0446} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{082AE489-65E5-4448-B7B9-605C1D60647E} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0839F3C3-54F0-4D33-82C8-B3E2EC3DA9C5} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{09CE4F9F-A0A7-4934-B9B2-BDFBC9CD11AA} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0A1CF18B-B39D-43D4-A876-50D165D7B1A0} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0B2E8A8C-E213-401F-BA84-83189B9A18E1} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0B7EDB86-6993-4EFA-9414-213EF65CCA08} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0B8BDC98-AF8C-49FD-8624-3458427D2DF3} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0C677928-BC9C-4F4D-AB91-10271D17F47E} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0CC458A8-C5BD-41CE-8DFA-60D2F8318FAE} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0CC6FBB8-1348-4FE8-818F-572540E82D76} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0CF15044-0BD1-44D7-8B4B-7E85266F5C26} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0D5B0E2A-7370-42E3-8BE2-408601CE014C} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0DA30914-92A3-42DD-966D-0FEB58BD62CD} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0DE6D497-BAF7-4C2B-A656-044699A1634F} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{0F42DEE0-5F46-4846-98A0-CCDEDE6CD172} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{10CE25E1-2D2C-4CB5-931C-C8B93880200D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{10EA236B-C150-452E-9730-09DFC72050F4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{12BB14DC-AD00-4111-84B9-2DA307ACB856} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{12D4C83F-353E-4291-B9C0-5D53654EFDE4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{13D8BF5A-D4BD-4DF9-BE2D-2315633C5B13} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{13F23268-1429-46FC-8ECA-8765F90AAF93} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{15BA3BD1-592B-4574-8B43-EA469A359280} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{16DBEDFE-9544-466F-A60E-2DDB46A3C3FB} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{171F3922-1DEF-49ED-BA2C-DB7DCB772B1F} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{1777122E-85CF-4FB6-B59D-5F8876CCB748} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{17F196A2-0C13-4370-93C5-9D4199CC589F} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{1892A025-1C9A-46CD-87AB-290EF88CA220} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{19BBD365-9CB4-4FA5-916E-C890112D3906} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{1C531233-2D22-425B-BDBC-3FE35F4879F8} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{1C846B7E-8DA5-4D8B-B769-484A3AA076DB} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{1D593598-8E7A-496B-AACD-70ECC5209001} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{1D635B7A-6CF4-4F03-9751-80C908CE7666} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{1D91FD3C-495A-401F-8C71-E208037281BD} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{1DD9C959-AC45-4D72-812C-A28181C40D43} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{211DE8A3-949D-494F-AF5D-BE390D9800A4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{22033F14-F15A-4A70-8DF9-51D6B090D683} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{23179394-BE63-4B26-94A6-F376731316B3} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{254341D5-FD77-4F3E-8408-CC0FD2A415EB} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{2576D751-10CF-4D9D-8764-154C825062C7} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{2577D91D-1C6A-451D-95C0-28C7385C803E} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{25F59A66-704A-4D67-972E-6F62D6880C2A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{261D7598-0C1D-4537-B3A5-3804B1AE31FC} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{2659B974-518C-42A4-A581-325A78756052} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{26D31DAF-8DC0-45A6-A3D7-F937C290ABA1} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{27E682A5-6FAC-4159-8D5B-639E70958DD8} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{28708CA0-C104-4F94-81E9-5878EC4AD45A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{287CE5D4-7C72-4FFF-BD27-87799D71C9AC} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{28E24936-4FA7-4F92-88E4-8BD9037D1590} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{2AAC19E7-460A-48FF-8B34-37CC3E6561B1} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{2AF084C1-A1F8-42B0-AC90-7A859EBCAAAD} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{2AF2EE77-B22C-4E6E-A930-50D9D8681DD6} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{2C9FD87C-8A93-481C-8FD3-811CBC1E5DB5} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{2D997524-65E1-415B-A0A7-68B8B39AA14B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{2DAC81DF-BF37-46F5-8F9A-6C0190C384C5} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{2DE77DCF-408C-4AF6-A7ED-B3D0C4FCF873} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{2DFF3E19-E5F3-47F5-AC8D-CD75FC239473} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{2ECD4772-7CF0-4AE6-8A1E-FA2C776BBD7A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{300A3D2A-57BB-4A4D-9C20-2404CA57A396} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{315CAD0E-92FE-4C67-9C4C-A41D44403990} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{316351F9-E2C7-4DB2-8ED7-CA43E00391CD} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{31E95E04-21F6-4BD0-9996-AA2404D7BE69} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{322BCEA9-39EB-46FC-9391-58B03A7D4AC3} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{32423888-4F2D-484A-861F-5FD98F72A0B5} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{334A6D02-7CDF-48FF-8EC4-C028D51CF576} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{3432E3D4-3A1C-47B8-91AB-BBD64D3131AD} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{3554B938-AB3B-40D4-B13A-50C17FCD62E5} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{3574D7C8-6738-4358-AEA9-780B0301E2C3} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{3635A25C-7E0C-4184-BAFC-EF79C7D5B462} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{36CE07A6-2B2F-4478-96DD-AA1B6C894188} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{36E5D4E3-19C3-4999-84BF-39EAE6C81362} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{372E0938-459F-44F7-8DD1-06BC06B4E6D2} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{372EEA36-7123-4DF2-8693-759FC5580BFF} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{37ABDB95-7833-45DF-9E0A-B99E13494D86} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{395D3BC4-A647-4864-A7CA-132FF51318D4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{3BF42D66-6FFA-44EA-BD3C-9BAE5B3DCCE2} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{3C806851-9D32-4FC4-B682-735726E35840} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{3D007E71-B312-4D5C-BF17-17602DD689D5} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{3D65113E-12CD-4058-898B-BDD9016E48AF} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{3D914356-4255-4D8E-9687-A6C0E2D3C8BF} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{3E3AD344-99E5-4C5C-97F7-794E48377789} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{3EE13AD1-5AA2-4491-8A55-8B05756B7393} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{3FDE75F9-1A87-4F80-AD15-F7CA95E3E77F} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{400A371F-A803-4444-8C1B-12E88B65CD98} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{4028813D-91CE-414B-907E-DC74035B786E} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{413F6E6E-34B5-4ED0-BB74-56F230AB57CC} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{414C5022-29FE-49FD-9161-77A6B75B7DCE} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{41516465-5D84-45F8-A58E-9DB42FA40361} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{415E03B7-9FED-4197-B13B-A4BE156223AD} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{4204C419-6F28-4939-8C6A-63147BDD0BBF} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{42F2E39D-2653-466C-BB06-7402839ACFBA} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{442ACA62-68D3-4AC5-B688-A6ACD28787CB} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{450B4704-F89A-4A17-91AE-0D1698CA96B6} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{461FBD33-FA2E-4FDD-AD2C-7FBB859FB74E} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{463E1240-46AC-4E8D-8ED6-C89B9A2042C1} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{47BB848D-00D1-4603-A4C0-355EE194A03A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{47EEEFA6-E5B5-47EE-90D2-AD17D9E1731F} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{4802436C-8EAA-4D72-9F3D-41819B2F18EF} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{48130209-B1E7-4F9D-9FFA-6B4A43317782} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{481ECEB0-D091-4424-8CED-97FE285ECFBE} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{48490629-F72C-444E-9B44-AFCF1317EE0D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{493E42D2-5ED4-4BE4-A5DE-104980C35235} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{49993A55-2A52-4030-9A43-ADD3C7DF340E} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{4B253BE6-0748-4EB2-908E-650031075BC4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{4C7125DE-0E9D-4429-8365-38FF9F1D9203} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{4C7771AD-5CD4-4FD3-B501-9F81D0A4A386} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{4CF9A470-7357-4DFB-B8F1-EB55E114663B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{4D08EECC-FA48-4259-B101-AEDD17D14E92} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{4FA0A7F9-093D-4A64-B88F-89AF2488DB73} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{4FD2CFBB-ED16-4EC9-A577-638BEB9ED6D1} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{4FF9C4F8-16FF-4E4A-803C-E6A895DCC762} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{5049DF5E-89D9-4B3D-8FF6-ECAD0B9D33AC} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{506C4A98-4066-47A7-8370-410C795BAAA5} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{50D21ADB-8A0E-4EE8-8B0B-0127C6AAC25F} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{50E681C1-20D3-4FBB-B3A6-894F26CB8EFC} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{515631BF-BCC7-4126-B4F0-A898D80E20AE} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{52201512-4E2D-4F18-852B-55B825B2650E} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{522E5EF9-31E1-4834-B1EF-133D2CE20BA1} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{5326E8BA-60CB-46E8-9C85-D528507EF019} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{538E8B4E-E79E-4044-A58B-84D11213B695} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{542CD91D-D1D1-455C-B03C-F6329A463B95} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{5482CCDB-E425-45E8-A43C-945BE55AD507} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{54E77B9F-F755-47DB-8547-B92C5D7E3A5E} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{557C0EB9-F65D-4E18-B531-AB5FB425CE20} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{55B97F4C-234D-464D-87A1-7A0256C55232} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{55D25C74-94B8-48B6-BD11-428831784D18} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{56D60A46-B901-47EA-9610-A34C2C396AF4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{57043599-A0B3-44BE-8E87-F75432772AA1} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{570BE92E-96A3-4792-A401-7D44CAA6B5A4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{58616BAE-1872-44B9-9A0E-E8C3D729BCB4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{5D647FA8-DBC6-40C2-A027-274514E346AA} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{5DAF1A50-B02A-4E9A-8E96-B1F4F9CCB7DB} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{5E7B62EB-3822-4315-85DD-FF42F7F0E4E7} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{5F509410-92B4-440D-8974-D3A19CB0DF67} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{6057CBF5-607C-4EF2-ACD8-7699D834BD19} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{63661873-582B-430E-AFCD-BC0D4504F5E6} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{646124D0-934F-4718-8D88-F9F03D4DE1BD} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{6570D4C8-17EE-4C27-862C-A0C93A4A3573} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{673DD360-9AB6-4245-AD0A-9D1BF204D1A3} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{684D1EA5-5C18-4F0D-9240-B56097CF7435} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{68A74EB5-70EF-499D-B719-0AC94C60B239} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{68E15AC3-116E-43A0-9E3A-1704ECCFF180} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{6A2DDCBD-6851-44DF-8252-789A5F253A3F} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{6B0981C5-7C08-4FDF-A136-8CE381E57C9B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{6B21A271-5996-48D5-8AD5-FA436C62442F} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{6B52ECCE-5E2E-4E4D-9CFA-6E5EFD5108D2} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{6B5D14FA-96A2-4569-83F5-DAFEDF1D2C54} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{6ED08DAD-E0A6-4F65-8CB1-9FDDC0B97FC8} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{6FF66362-AF9A-43BB-8F9C-0A23A5A8CCD4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{704AD3EE-81A4-4866-8E1D-D7902D8E6227} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{70F4B822-FD4D-435B-B262-99BE59A17627} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{71458A6F-2B3C-4638-951E-D5523B497489} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{720AE10A-DE31-4D3A-AEDE-06B7BC9D61E4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{74630ECC-979C-44A6-B72B-03F28078B3C0} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{747FC0A5-5CA5-4A61-ABAE-ACDB75D3FC2A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{74AEBF6B-0BB9-44C2-B4A2-EE59ECF8BE47} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{7528E631-83CB-42F2-9546-9511296A802B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{75A4F33C-ACA2-4205-A881-FD30F4A2DAE4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{7743794C-DA70-4E17-9CCB-700A47B85B90} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{78111538-8E6E-492D-AA7A-3C75B6B752B1} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{782A1CD1-FD53-4DC9-AC96-F05B80AF4B72} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{784A0F68-A527-4D7B-B871-4261698BD665} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{78970A6E-78DE-40A9-AB3C-EA6BE4D0E2E5} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{792DE1C5-77E3-4A92-864C-FD905EA09B13} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{792F12E8-9FF0-4D12-8720-C624C0FB3492} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{7A56E6FB-96F0-4987-9F0E-F547588C3D46} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{7DE3AD27-0BF0-44EB-BFA9-4537E38259EF} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{7E261CCB-F50D-497D-9E0C-0B156D744ABA} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{7F33D3AD-50A0-4FBC-A683-50DD8FFA572B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{80850E35-80A5-4FB9-91A1-1382D339D161} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8130D772-BFDA-4C4F-A960-88674ECCAE34} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{82A1A82D-BF17-4E82-B8C1-805CE9C63310} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{82F3C2C5-3457-4777-A9E6-0A656105E00F} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{835D04AB-8131-4A20-B07E-C5D39BDB7D03} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{84217791-C3AE-4DF8-96EC-4B313FFB3A0E} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{84B185AB-3E57-4EFB-BCA8-B768C2F81102} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{84EC619D-C0DE-4E13-B91B-639D2E125FF9} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{857E604D-11A5-48EE-B9C5-53066F23422F} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{85802DC9-6DFC-46D5-90EC-74DC029B03E8} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8653036E-E4A6-4C5E-952C-3A2BFED50440} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8671AF18-B0FB-466B-86FC-6EE4ADEB435C} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{89AF4DE5-14E9-4698-B53B-808816C23C89} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{89B70800-40B3-41B5-B74A-9468E02CDA1A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8A227999-9753-48A7-8753-CD0E1FDAD65A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8A85B765-B8CF-4FAA-9914-C1F2800F9699} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8AFE04CA-C620-42AD-AF15-2542EE9F3F52} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8BFD5E3E-F9EE-440E-8976-C9B2B9298C46} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8C3FE0AB-E35F-4E31-B18D-3CD3D2B00E15} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8D02F275-22D1-421B-9255-9F2EB4C5DD10} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8D1A709A-0340-4CD7-811E-AAA9D8EC4B1A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8D403723-6D76-42ED-9EC1-766D9A1155DA} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8DB841D6-7EA4-4B11-9572-88A8B47AF977} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8EA9603D-5E29-40E7-98A1-0D0F40491698} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8F13DB1D-BE11-4970-BC9C-D432BD6C3040} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{8F88C3E7-4A48-46C2-8141-70C91678CE73} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{9031B29A-CEEA-4697-87DB-341110C1283D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{90A6E557-D225-415F-9885-B622713D9B92} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{91E7075B-A795-47B8-9C97-C61502E5F03D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{93E81F2A-33AA-4067-88E5-9946542313E2} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{9454CD7B-055F-4BFF-B725-0D6C59192034} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{959C05BD-385A-4E3A-9AD6-B4A90BC3F4C2} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{95EAFA79-20C0-45EC-B07F-7BB370C859AB} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{960E94F9-1C46-4007-9FFA-46E238A79B2D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{979A6196-E95D-4822-9DE6-C37E58748BDE} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{9BDA481E-DCC7-43DB-A2E8-23F165CE1946} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{9C117A01-DB91-4247-8097-3E34D504BE40} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{9C57278D-D7D0-4A71-9DAE-6745BB97E6FD} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{9CCC68DA-DC12-468C-9BC9-F1AA9DCDF31C} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{9D4596C4-6F69-492E-9105-32BF76462BD8} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{9EEBA0C9-9644-4EC7-AB72-95D47FD843A9} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{A0689739-DC61-448F-B8AF-F29FCC116E59} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{A12C2E47-AEBE-4E17-98A3-695BAF02850D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{A16A3BB5-6AD0-4EBB-A2CF-49FF6ED752BC} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{A1E2F3D9-D1FC-4770-879B-B5DA4916B304} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{A383C2FD-A37E-4750-B87A-BEA4DB444B73} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{A4AAFBAB-725C-4B1F-876E-8D2BDC06D1BE} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{A549D132-40E9-4268-99EE-780D8C44451A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{A5B2E1F7-11B7-4864-A31D-0CDEBC68CDD3} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{A6919089-43F5-4821-9405-F794742C0B8E} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{A9043D40-B710-490A-B593-573EBC449395} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{A9B0B45E-7225-4A55-A5D5-C969C014E50C} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{AADB88BD-845B-4B19-93B4-D718EC864A9D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{AC1661E2-68B8-43C6-BBB9-388FB21418C4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{ADC1E4B8-5A13-4E71-9B44-25FD5C844B29} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{ADEFC53E-33E7-4CB5-8824-25183286D4E5} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{AE1A7E4A-3F39-4836-B2C3-44B4494A6EDB} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{AF68056A-197C-4774-BBA3-5E20134D9A14} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{AFA52846-D03B-4439-BEB2-83DEB5EB5483} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B02B2D49-7292-4BD0-A029-0F6A7A51207D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B04A629E-717C-4DBE-B238-EB21449850AD} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B074EBF3-FB9C-4FBF-A2BA-B540274F4CE2} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B0CB77D6-C03A-4262-AA4F-C1C640D57CE8} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B0E38906-8730-45F0-A5F9-2E25D8047539} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B30471B9-6B48-4E72-A577-8A7C6DD1AC6E} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B36E5135-E507-4C8D-B06B-817C97D6577B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B51B8B28-1BAC-42F8-8667-782C06D6DFE1} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B587A6D9-5583-454D-9C71-EAFC11BECBF3} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B604CAFD-213C-425E-96B7-7869A5F51982} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B64173AF-B3BA-4C84-B5CF-B0EFF8A9F31B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B68E73DC-833C-491F-878F-C03D570BC293} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B72776AB-866B-44B7-A65E-4E7A046F71AC} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{B90943B1-7C8B-4369-B82A-D933F04FE0E7} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{BB14F625-C153-4783-8D51-FF5D9708C49A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{BC0FC4CD-0384-405C-BE75-DDEDC0C23907} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{BD08533D-0E48-4737-981D-A9387BD86BB0} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{BE8792F2-AFDA-411F-94DC-34F662F31C39} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{BED71912-49DA-4D09-B8E2-FAE24DB7F712} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{C0B7EAE3-D673-492C-8085-DE36EE568241} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{C1AA9672-7E76-47B9-A1DF-3D14803400BD} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{C452BEE9-A82C-4003-B6A7-29297C2208BE} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{C5AD43F0-9C40-4F3C-9419-41BEB68802E7} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{C6874E92-F92A-4483-9ED8-FD774EF2779E} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{C69F1A75-48ED-4618-9106-7D699C817C13} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{C77CB40C-DDA2-4A20-8223-CD9D24D282A3} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{C7E37208-CB50-4E89-AB79-239E7E929B72} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{C8C1C024-E8C3-4724-BD3C-59054E9A1373} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{C8E78DC6-4A6D-424D-9050-C08FE5A51C9B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{C9DC19B9-766F-4954-BA78-DD411266F909} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{CA535276-6195-4E6F-AC2F-D9D3401333BF} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{CAB985AB-2255-443B-8227-E7CFA7394B4D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{CB129956-6C47-407C-A910-A962FEB0D119} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{CBCAAA9A-0687-4975-9A12-87C1496A13C2} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{CC4D3AAA-8340-41B8-8C27-9471E304F2D3} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{CCB30316-8A2C-4C01-84C8-FA704FCE5C59} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{CD09BDA8-20FC-4084-8279-0D0D2780DDD2} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{CD1FEED5-7A17-4D15-A925-AAD7E37F1247} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{CD2F8F00-C65F-447C-BAA0-955FA7576A29} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{CD9BD6EC-4DB5-4E40-83B5-6397117D2ED1} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{CDEF027C-DFD7-4E96-BA15-C53139655E28} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{CF67C499-A47F-4726-A1D6-DF32CAF0ACBE} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D01AEB04-4A70-4516-A09F-AE209D138EE9} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D07825A5-2437-4D07-ADDB-D58F45AE242D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D1980EAE-A1BA-43AC-A601-3F49903E6093} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D1DC0969-354A-4F18-806B-AE0100C98007} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D2F6CC93-BECA-4CC8-933D-A46EA2EA8AFA} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D394CD1C-FDF4-4224-BC6C-5CBA18F0A9C6} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D56EA7D2-BA25-460D-8B38-E10536FDF27D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D6AFCDE8-32E9-47A3-BB2B-30C08489EEF1} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D6E4DDD9-DC70-4295-B4F4-6F5F38365C42} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D79D9EE0-AB9C-4CF7-B3C5-D4BE70913DDE} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D7AF3F59-546A-462C-9B48-386BE24515BC} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D84DAE65-1FC3-4B03-8A81-0E1F3A5FAC79} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D8CEA72A-48D7-4F0C-8478-19E61884F391} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D8EA47A6-AC04-4A2F-B8F8-88288B3E3209} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{D9227535-5119-4491-B2AF-F2A209DD088A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{DBCC9742-44D6-49DE-9894-4372FF2FC7B5} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{DC0736E5-6696-45C6-A3F5-59F36B31B9CF} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{DD1A6FCB-F07F-4BF6-8750-4FFEB7B7781F} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{DD67ECD1-5E13-4A9F-946F-98217DDB5FE7} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{DE6D3314-8A16-4D92-A4B6-34260E4EA107} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{DE6D9B04-E5FA-409A-96A4-1A4A91CB93F6} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{DEBBCF0E-0FF7-4F1D-BCF5-DBB497B8ADD2} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{DEEEAEEE-FC6B-4195-83A2-C40A4CB2B5DD} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{DF558DD0-7F3D-4AAB-99C5-273143CAA0BA} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{DFC85166-35AA-4CF4-B005-BF885C198808} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{E00A758C-7D60-4795-B5D2-BBB061832B7B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{E08F2587-10CB-481A-9550-9DED171F2F79} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{E2896F4A-160A-4FDF-97D6-F257A4BB2A48} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{E3199360-258E-48AF-A1D9-68376E5FDF0B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{E3C38C4A-6581-49F5-B04B-DE4C5993E575} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{E422FCAB-73B4-4459-AC3A-77AF786DE163} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{E49B2FE8-DF87-4E9B-9AB0-5D25CA0DCB93} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{E652D80E-FEB9-4A51-B6A8-360949ED289F} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{E711DD9C-EBCF-4DDE-9E6F-DDE12164F08D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{E8C4FF5D-BEC2-446E-BBB1-A5D9A2948D31} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{E949AF10-0481-41EE-B34E-5F92756E33EE} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{E9BAFCCA-8CC4-48FD-971F-7EA7097EC5B7} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{EA97DB81-EADC-448B-9AEC-739CB0EEE1CE} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{EAD09D01-E623-4838-B963-B6BFB860DA5B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{EB282E2B-9A2C-4D77-B39D-23FC5231A944} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{EB67DA2A-74F9-40DE-87FB-FE9D8B10CE3B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{EC78D7F5-7C18-4D5F-93D7-EADDD420286F} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{ED2ABD73-6026-4C9F-85EA-0F321A663A27} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{ED3B9783-8582-47AC-BD2C-7454A024FD2D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{EFD3D75B-EA84-4913-BD4B-D5DCD62EF7C4} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{F013CE35-B3B3-491D-AFEC-5C4B7CE6AF09} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{F17E1A08-C68B-4E39-B438-3BD011D03B03} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{F1DF39D7-575A-4BD3-A8FD-17206E9DAA22} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{F20DF7F3-14DE-4DA1-9A11-DB74DB75827A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{F6F4FD8C-ED4E-4384-8A5B-3258D5A1277A} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{F6F561CB-4618-4956-910B-5260A893B492} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{F731610D-0578-4B52-A712-5DEFCA6DB53E} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{F772408F-4762-420E-ADC6-A06CF49C2243} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{F83978B0-8DA7-4F17-BA28-449D488C9F3C} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{F86D9E23-3092-419A-9694-745B20EBD64D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{F922E2E4-B91B-4EF8-852C-6ED172C1F6F9} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{F9D31F2A-7415-477E-A3CF-D8679EC9F3BC} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{FA5FE47C-FCAB-47D2-AFA6-EF71B3CEB8F9} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{FC63C299-0768-44B5-BED1-317DBE4EA2A1} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{FC6B9A97-C360-4DDC-BD18-2557159F264B} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{FD0D853E-0C6A-47BB-8509-3D5400137580} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{FD2E4F4B-1BDE-4DE5-97DE-A880B7F1015D} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{FD3AC86A-EB50-4BE8-BD8C-A1AC064220DC} (Empty Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\{FDAEA679-9326-42C4-AE61-D305A3C8CBA9} (Empty Folder)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\EleniAn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\47TYGWYY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7A9YXXAN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JD64Y7XT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\EleniAn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KAA16WJ1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\47TYGWYY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7A9YXXAN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JD64Y7XT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KAA16WJ1 (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ’œ« 04/05/2016 at 20:54:48,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



I hope that I didn't mess any things, by doing these without waiting... I'll check early in the morning if there is a new instruction from you, and I will return the computer.

THANK YOU!!!


Grecian Geek

"Count your blessings, remember your prayers..."

"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."
Print
Go Up Pages1 2
User actions