Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Contents of flash/USB inside a shortcut


  • This topic is locked This topic is locked
13 replies to this topic

#1 amalsk

amalsk

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 27 July 2015 - 12:26 PM

Hey all....! I'm not sure as to how this happened. 

Well, I plugged my Imation 2GB USB/Flash onto my computer and now when I open it in windows explorer(the one by default), it just shows my flash name and then says that it's a shortcut. After I open that shortcut, the contents of my flash open up in another window.

Basically, the contents are buried inside a shortcut(made somehow) and the shortcut is what shows up first.

 

Is there any way to make it as it was before by deleting the shortcut or by bringing it back to original way it used to be?

 

Amal


Edited by hamluis, 27 July 2015 - 01:08 PM.
Moved from External Hardware to MRL - Hamluis.


BC AdBot (Login to Remove)

 


#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:08:57 AM

Posted 27 July 2015 - 12:43 PM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

STEP 1

 

 

Please download and run the following tool and follow the prompts to disable Autorun on the computer.

 

 

STEP 2

 

 

Next please download and install MCShield 3

Now plug-in your usb flash stick and wait to be scanned for malware remnants and repaired if needed.

A log file should appear when this is done. Please post the content of the log in your next reply.

 

 

STEP 3

 

 

Please download USBFix tool from here...make sure that your flash drive is still connected to the computer.

Run the tool and press the Clean and wait for the process to complete. This will clean your flash drive and will vaccinate all of the drives on the computer (including the flash drive) against autorun threats.

 

 

STEP 4

 

 

Now open My Computer, right click on the flash drive's letter from the context menu and scan it with your installed and updated antivirus software without open the USB stick yet until the scan guarantee the flash drive is completely clean

 

 

STEP 5

 

 

Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 

Regards,

Georgi


cXfZ4wS.png


#3 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:08:57 AM

Posted 01 August 2015 - 08:36 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

cXfZ4wS.png


#4 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:10:57 PM

Posted 03 August 2015 - 01:04 AM

This topic has been re-opened at the request of the person who originally posted.

#5 amalsk

amalsk
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 03 August 2015 - 06:16 AM

Thanks a lot Andrew! :)
Bboy - I'm trying your steps now and will soon get back to you.
 
In case you want a screenshot of what the issue is again, check 1 and 2.



#6 amalsk

amalsk
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 03 August 2015 - 06:18 AM

How to add screenshot?



#7 hamluis

hamluis

    Moderator


  • Moderator
  • 56,266 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:57 AM

Posted 03 August 2015 - 03:42 PM

Please...provide the requested info, in the form that is requested.  Thanks :).

 

Louis



#8 amalsk

amalsk
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 04 August 2015 - 02:41 AM

Ok....

Contents of the log the first scan using MC Shield:

 
 
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
 
>>> v 3.0.5.28 / DB: 2014.4.12.1 / Windows 7 <<<
 
 
03-Aug-15 6:21:15 PM > Drive C: - scan started (WINDOWS ~233 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
03-Aug-15 6:21:15 PM > Drive D: - scan started (Data ~232 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
03-Aug-15 6:21:15 PM > Drive G: - scan started (AMAL SK ~1906 MB, FAT32 flash drive )...
 
 
>>> G:\AMAL SK (2GB).lnk - Malware > Deleted. (15.08.03. 18.21 AMAL SK (2GB).lnk.72506; MD5: 16076fb247d2db5872e03455676ee8e8)
 
> Resetting attributes: G:\  < Successful.
 
 
=> Malicious files   : 1/1 deleted.
=> Hidden folders    : 1/1 unhidden.
 
____________________________________________
 
::::: Scan duration: 7sec ::::::::::::::::::
____________________________________________
 
 
Logfile Using USBFix tool:

############################## | UsbFix V 8.006 | [Clean]
 
User: AMAL (Administrator) # AMAL-TOSH
Updated 02/08/2015 by El Desaparecido - SosVirus
Started at 18:25:37 | 03/08/2015
 
Live detection : http://how-to-remove.us/
 
################## | System information |
 
MB: TOSHIBA (PWWAA) 
CPU: Intel® Core™ i3 CPU       M 380  @ 2.53GHz
GC: ATI Mobility Radeon HD 5470     
RAM -> [Total : 2995 Mo | Free : 1707 Mo]
Bios: TOSHIBA
Boot: Normal boot
 
OS: Microsoft™ Windows 7 Home Premium (6.1.7600 64-Bit) 
WB: Internet Explorer : 8.00.7600.16385
WB: Google Chrome : 44.0.2403.125
WB: Mozilla Firefox : 39.0
 
################## | Security Information |
 
AS: Windows Defender [Enabled |(!) Outdated]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
 
################## | Disk Information |
 
C:\ (%SystemDrive%) -> Fixed disk # 233 Gb (189 Gb free - 81%) [WINDOWS] # NTFS
D:\ -> Fixed disk # 232 Gb (225 Gb free - 97%) [Data] # NTFS
G:\ -> Removable disk # 2 Gb (2 Gb free - 85%) [AMAL SK] # FAT32
 
################## | Generic Research |
 
Deleted! C:\ProgramData\msbzvvduh.exe
Repaired ! HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows|load ("")
Restored! G:\ \KR5J2269.JPG -> G:\KR5J2269.JPG
Restored! G:\ \KR5J2266.JPG -> G:\KR5J2266.JPG
Restored! G:\ \LightscreenPortable\App\Lightscreen\QtCore4.dll -> G:\LightscreenPortable\App\Lightscreen\QtCore4.dll
Restored! G:\ \LightscreenPortable\App\Lightscreen\QtGui4.dll -> G:\LightscreenPortable\App\Lightscreen\QtGui4.dll
Restored! G:\ \LightscreenPortable\App\Lightscreen\QtNetwork4.dll -> G:\LightscreenPortable\App\Lightscreen\QtNetwork4.dll
Restored! G:\ \LightscreenPortable\App\Lightscreen\QtSql4.dll -> G:\LightscreenPortable\App\Lightscreen\QtSql4.dll
Restored! G:\ \LightscreenPortable\App\Lightscreen\QtXml4.dll -> G:\LightscreenPortable\App\Lightscreen\QtXml4.dll
Restored! G:\ \LightscreenPortable\App\Lightscreen\lightscreen.exe -> G:\LightscreenPortable\App\Lightscreen\lightscreen.exe
Restored! G:\ \LightscreenPortable\App\Lightscreen\msvcp100.dll -> G:\LightscreenPortable\App\Lightscreen\msvcp100.dll
Restored! G:\ \LightscreenPortable\App\Lightscreen\msvcr100.dll -> G:\LightscreenPortable\App\Lightscreen\msvcr100.dll
Restored! G:\ \LightscreenPortable\App\Lightscreen\optipng.exe -> G:\LightscreenPortable\App\Lightscreen\optipng.exe
Restored! G:\ \LightscreenPortable\App\Lightscreen\imageformats\qjpeg4.dll -> G:\LightscreenPortable\App\Lightscreen\imageformats\qjpeg4.dll
Restored! G:\ \LightscreenPortable\App\Lightscreen\imageformats\qsqlite4.dll -> G:\LightscreenPortable\App\Lightscreen\imageformats\qsqlite4.dll
Restored! G:\ \LightscreenPortable\App\Lightscreen\sounds\ls.screenshot.wav -> G:\LightscreenPortable\App\Lightscreen\sounds\ls.screenshot.wav
Restored! G:\ \LightscreenPortable\App\Lightscreen\sqldrivers\qsqlite4.dll -> G:\LightscreenPortable\App\Lightscreen\sqldrivers\qsqlite4.dll
Restored! G:\ \LightscreenPortable\App\readme.txt -> G:\LightscreenPortable\App\readme.txt
Restored! G:\ \LightscreenPortable\App\AppInfo\appicon.ico -> G:\LightscreenPortable\App\AppInfo\appicon.ico
Restored! G:\ \LightscreenPortable\App\AppInfo\appicon_128.png -> G:\LightscreenPortable\App\AppInfo\appicon_128.png
Restored! G:\ \LightscreenPortable\App\AppInfo\appicon_16.png -> G:\LightscreenPortable\App\AppInfo\appicon_16.png
Restored! G:\ \LightscreenPortable\App\AppInfo\appicon_32.png -> G:\LightscreenPortable\App\AppInfo\appicon_32.png
Restored! G:\ \LightscreenPortable\App\AppInfo\appinfo.ini -> G:\LightscreenPortable\App\AppInfo\appinfo.ini
Restored! G:\ \LightscreenPortable\App\AppInfo\installer.ini -> G:\LightscreenPortable\App\AppInfo\installer.ini
Restored! G:\ \LightscreenPortable\App\AppInfo\Launcher\LightscreenPortable.ini -> G:\LightscreenPortable\App\AppInfo\Launcher\LightscreenPortable.ini
Restored! G:\ \LightscreenPortable\App\AppInfo\Launcher\custom.nsh -> G:\LightscreenPortable\App\AppInfo\Launcher\custom.nsh
Restored! G:\ \LightscreenPortable\App\Bin\sqlite3.exe -> G:\LightscreenPortable\App\Bin\sqlite3.exe
Restored! G:\ \LightscreenPortable\App\DefaultData\settings\config.ini -> G:\LightscreenPortable\App\DefaultData\settings\config.ini
Restored! G:\ \LightscreenPortable\App\DefaultData\settings\settings_readme.txt -> G:\LightscreenPortable\App\DefaultData\settings\settings_readme.txt
Restored! G:\ \LightscreenPortable\LightscreenPortable.exe -> G:\LightscreenPortable\LightscreenPortable.exe
Restored! G:\ \LightscreenPortable\help.html -> G:\LightscreenPortable\help.html
Restored! G:\ \LightscreenPortable\Other\Help\images\donation_button.png -> G:\LightscreenPortable\Other\Help\images\donation_button.png
Restored! G:\ \LightscreenPortable\Other\Help\images\favicon.ico -> G:\LightscreenPortable\Other\Help\images\favicon.ico
Restored! G:\ \LightscreenPortable\Other\Help\images\help_background_footer.png -> G:\LightscreenPortable\Other\Help\images\help_background_footer.png
Restored! G:\ \LightscreenPortable\Other\Help\images\help_background_header.png -> G:\LightscreenPortable\Other\Help\images\help_background_header.png
Restored! G:\ \LightscreenPortable\Other\Help\images\help_logo_top.png -> G:\LightscreenPortable\Other\Help\images\help_logo_top.png
Restored! G:\ \LightscreenPortable\Other\Source\AppNamePortable.ini -> G:\LightscreenPortable\Other\Source\AppNamePortable.ini
Restored! G:\ \LightscreenPortable\Other\Source\LauncherLicense.txt -> G:\LightscreenPortable\Other\Source\LauncherLicense.txt
Restored! G:\ \LightscreenPortable\Other\Source\Readme.txt -> G:\LightscreenPortable\Other\Source\Readme.txt
Restored! G:\ \LightscreenPortable\Other\Source\PortableApps.comInstallerCustom.nsh -> G:\LightscreenPortable\Other\Source\PortableApps.comInstallerCustom.nsh
Restored! G:\ \LightscreenPortable\Data\settings\settings_readme.txt -> G:\LightscreenPortable\Data\settings\settings_readme.txt
Restored! G:\ \LightscreenPortable\Data\settings\LightscreenPortableSettings.ini -> G:\LightscreenPortable\Data\settings\LightscreenPortableSettings.ini
Restored! G:\ \LightscreenPortable\Data\settings\config.ini -> G:\LightscreenPortable\Data\settings\config.ini
Restored! G:\ \LightscreenPortable\Data\settings\history.sqlite -> G:\LightscreenPortable\Data\settings\history.sqlite
Restored! G:\ \LightscreenPortable\Data\Temp\qtsingleapp-lights-ccd6-0-lockfile -> G:\LightscreenPortable\Data\Temp\qtsingleapp-lights-ccd6-0-lockfile
Restored! G:\ \New Folder\Nonimmigrant Visa - Review Family Information.pdf -> G:\New Folder\Nonimmigrant Visa - Review Family Information.pdf
Restored! G:\ \New Folder\Nonimmigrant Visa - Review Work _ Education Information.pdf -> G:\New Folder\Nonimmigrant Visa - Review Work _ Education Information.pdf
Restored! G:\ \New Folder\Nonimmigrant Visa - Review Security Information.pdf -> G:\New Folder\Nonimmigrant Visa - Review Security Information.pdf
Restored! G:\ \New Folder\Non-Immigrant Visa - Review Location.pdf -> G:\New Folder\Non-Immigrant Visa - Review Location.pdf
Restored! G:\ \New Folder\address.txt -> G:\New Folder\address.txt
Restored! G:\ \New Folder\newappid.txt -> G:\New Folder\newappid.txt
Restored! G:\ \New Folder\Nonimmigrant Visa - Confirmation Page.pdf -> G:\New Folder\Nonimmigrant Visa - Confirmation Page.pdf
Restored! G:\ \New Folder\Top Contributor Summit Home.pdf -> G:\New Folder\Top Contributor Summit Home.pdf
Restored! G:\ \New Folder\Top Contributor Summit Home 2.pdf -> G:\New Folder\Top Contributor Summit Home 2.pdf
Restored! G:\ \New Folder\Top Contributor Summit Home 3.pdf -> G:\New Folder\Top Contributor Summit Home 3.pdf
Restored! G:\ \New Folder\Non-Immigrant Visa - Review Personal, Address, Phone, and Passport Information.pdf -> G:\New Folder\Non-Immigrant Visa - Review Personal, Address, Phone, and Passport Information.pdf
Restored! G:\ \New Folder\Non-Immigrant Visa - Review Travel Information.pdf -> G:\New Folder\Non-Immigrant Visa - Review Travel Information.pdf
Restored! G:\ \New Folder\Nonimmigrant Visa - Review US Contact Information.pdf -> G:\New Folder\Nonimmigrant Visa - Review US Contact Information.pdf
Restored! G:\ \photothumb.db -> G:\photothumb.db
Restored! G:\ \DJ Songs Hindi\Valentine Mashup (2014) - DJ Kiran Kamath [DJMaza.Info].mp3 -> G:\DJ Songs Hindi\Valentine Mashup (2014) - DJ Kiran Kamath [DJMaza.Info].mp3
Restored! G:\ \DJ Songs Hindi\Khiladi_786_(Mashup)_DJ_Kiran_Kamath-(DJmaza.in).mp3 -> G:\DJ Songs Hindi\Khiladi_786_(Mashup)_DJ_Kiran_Kamath-(DJmaza.in).mp3
Restored! G:\ \DJ Songs Hindi\07 - Mashup of the Year (Mixed by Kiran Kamath)-(InMaza.com).mp3 -> G:\DJ Songs Hindi\07 - Mashup of the Year (Mixed by Kiran Kamath)-(InMaza.com).mp3
Restored! G:\ \DJ Songs Hindi\The Valentines Mashup 2015 (DJ Notorious) [DJMaza.Info].mp3 -> G:\DJ Songs Hindi\The Valentines Mashup 2015 (DJ Notorious) [DJMaza.Info].mp3
Restored! G:\ \DJ Songs Hindi\Jeena Jeena (Badlapur) DJ Chetas Remix(jatt.cc).mp3 -> G:\DJ Songs Hindi\Jeena Jeena (Badlapur) DJ Chetas Remix(jatt.cc).mp3
Restored! G:\ \DJ Songs Hindi\Love Mash Up 2015 (DJ Chetas) [DJMaza.Info].mp3 -> G:\DJ Songs Hindi\Love Mash Up 2015 (DJ Chetas) [DJMaza.Info].mp3
Restored! G:\ \DJ Songs Hindi\Ek_Villain_(Mashup)_-_DJ_Kiran_Kamath(dailymaza.com).mp3 -> G:\DJ Songs Hindi\Ek_Villain_(Mashup)_-_DJ_Kiran_Kamath(dailymaza.com).mp3
Restored! G:\ \DJ Songs Hindi\Ghani Bawri (Remix) - DJ Chetas [www.djsmuzik.co.in].mp3 -> G:\DJ Songs Hindi\Ghani Bawri (Remix) - DJ Chetas [www.djsmuzik.co.in].mp3
Restored! G:\ \DJ Songs Hindi\Banno (Remix) - DJ Chetas [www.djsmuzik.co.in].mp3 -> G:\DJ Songs Hindi\Banno (Remix) - DJ Chetas [www.djsmuzik.co.in].mp3
Restored! G:\ \DJ Songs Hindi\Jee Karda (Remix) - DJ Chetas [www.djsmuzik.co.in].mp3 -> G:\DJ Songs Hindi\Jee Karda (Remix) - DJ Chetas [www.djsmuzik.co.in].mp3
Restored! G:\ \DJ Songs Hindi\Tanu Weds Manu Returns (Mashup) [320kbps] [Songspkmp3.me].mp3 -> G:\DJ Songs Hindi\Tanu Weds Manu Returns (Mashup) [320kbps] [Songspkmp3.me].mp3
Restored! G:\ \DJ Songs Hindi\Chittiyaan Kalaiyaan (Remix) - DJ Chetas [www.djsmuzik.co.in].mp3 -> G:\DJ Songs Hindi\Chittiyaan Kalaiyaan (Remix) - DJ Chetas [www.djsmuzik.co.in].mp3
Restored! G:\ \DJ Songs Hindi\Main_Tenu_Samjhawan_(Remix)_-_DJ_Chetas(DjHungama.Net).mp3 -> G:\DJ Songs Hindi\Main_Tenu_Samjhawan_(Remix)_-_DJ_Chetas(DjHungama.Net).mp3
Restored! G:\ \DJ Songs Hindi\Roy Mashup (DJ Kiran Kamath) -320Kbps [DJMaza.Info].mp3 -> G:\DJ Songs Hindi\Roy Mashup (DJ Kiran Kamath) -320Kbps [DJMaza.Info].mp3
Restored! G:\ \DJ Songs Hindi\Dj Chetas - Sooraj Dooba Hai (Remix) Feat. ARIJIT SINGH-(StarMirchi.com).mp3 -> G:\DJ Songs Hindi\Dj Chetas - Sooraj Dooba Hai (Remix) Feat. ARIJIT SINGH-(StarMirchi.com).mp3
Restored! G:\ \DJ Songs Hindi\Yaariyan_Mashup_-_DJ_Kiran_Kamath(freemaza.in).mp3 -> G:\DJ Songs Hindi\Yaariyan_Mashup_-_DJ_Kiran_Kamath(freemaza.in).mp3
Restored! G:\ \DJ Songs Hindi\Tu_Hai_Ki_Nahi_-_Roy_Ft._Ankit_Tiwari_(Remix)_-_DJ_Chetas(wapking.cc).mp3 -> G:\DJ Songs Hindi\Tu_Hai_Ki_Nahi_-_Roy_Ft._Ankit_Tiwari_(Remix)_-_DJ_Chetas(wapking.cc).mp3
Restored! G:\ \DJ Songs Hindi\Main_Dhoondne_Ko_Zamaane_Mein_(Remix)_-_DJ_Chetas(DjHungama.Net).mp3 -> G:\DJ Songs Hindi\Main_Dhoondne_Ko_Zamaane_Mein_(Remix)_-_DJ_Chetas(DjHungama.Net).mp3
Restored! G:\ \DJ Songs Hindi\Baby_Doll_-_Ragini_MMS_2_(Remix)_-_DJ_Chetas(DjHungama.Net).mp3 -> G:\DJ Songs Hindi\Baby_Doll_-_Ragini_MMS_2_(Remix)_-_DJ_Chetas(DjHungama.Net).mp3
Restored! G:\ \DJ Songs Hindi\Dj Chetas-Kabhi Jo Badal Barse (Remix) _ 320 Kbps-1.mp3 -> G:\DJ Songs Hindi\Dj Chetas-Kabhi Jo Badal Barse (Remix) _ 320 Kbps-1.mp3
Restored! G:\ \DJ Songs Hindi\Jhak-Maar-Ke_(webmusic.in).mp3 -> G:\DJ Songs Hindi\Jhak-Maar-Ke_(webmusic.in).mp3
Restored! G:\ \DJ Songs Hindi\Subha-Hone-Na-De-(Remix)_(webmusic.in).mp3 -> G:\DJ Songs Hindi\Subha-Hone-Na-De-(Remix)_(webmusic.in).mp3
Restored! G:\ \DJ Songs Hindi\Subha-Hone-Na-De_(webmusic.in).mp3 -> G:\DJ Songs Hindi\Subha-Hone-Na-De_(webmusic.in).mp3
Restored! G:\ \Malayalam Songs\01.Enne Thallendammaava - (worldtunez.com).mp3 -> G:\Malayalam Songs\01.Enne Thallendammaava - (worldtunez.com).mp3
Restored! G:\ \Malayalam Songs\02.Kaikkottum Kandittilla - (worldtunez.com).mp3 -> G:\Malayalam Songs\02.Kaikkottum Kandittilla - (worldtunez.com).mp3
Restored! G:\ \Malayalam Songs\05. Chennai Pattanam - (worldtunez.com).mp3 -> G:\Malayalam Songs\05. Chennai Pattanam - (worldtunez.com).mp3
Restored! G:\ \Malayalam Songs\Aaromale.mp3 -> G:\Malayalam Songs\Aaromale.mp3
Restored! G:\ \Malayalam Songs\Aluva Puzha.mp3 -> G:\Malayalam Songs\Aluva Puzha.mp3
Restored! G:\ \Malayalam Songs\Ambazham Thanal.mp3 -> G:\Malayalam Songs\Ambazham Thanal.mp3
Restored! G:\ \Malayalam Songs\Chayunnuvo.mp3 -> G:\Malayalam Songs\Chayunnuvo.mp3
Restored! G:\ \Malayalam Songs\Doore Doore (M).mp3 -> G:\Malayalam Songs\Doore Doore (M).mp3
Restored! G:\ \Malayalam Songs\Kalippu.mp3 -> G:\Malayalam Songs\Kalippu.mp3
Restored! G:\ \Malayalam Songs\Pathivaayi Njan.mp3 -> G:\Malayalam Songs\Pathivaayi Njan.mp3
Restored! G:\ \Malayalam Songs\Premam Malare Ninne Kaanathirunnal  Nivin PaulySai Pallavi Audio Song Official.mp3 -> G:\Malayalam Songs\Premam Malare Ninne Kaanathirunnal  Nivin PaulySai Pallavi Audio Song Official.mp3
Restored! G:\ \Malayalam Songs\Rockaankuthu.mp3 -> G:\Malayalam Songs\Rockaankuthu.mp3
Restored! G:\ \Malayalam Songs\Scene Contra.mp3 -> G:\Malayalam Songs\Scene Contra.mp3
Restored! G:\ \Imation\ImationLOCK.exe -> G:\Imation\ImationLOCK.exe
Restored! G:\ \Imation\ImationLOCKv20-D Manual.pdf -> G:\Imation\ImationLOCKv20-D Manual.pdf
Restored! G:\ \Documents\Gmail - You have accepted Google's Non-Disclosure Agreement.pdf -> G:\Documents\Gmail - You have accepted Google's Non-Disclosure Agreement.pdf
Restored! G:\ \Documents\Top Contributor Summit Home.pdf -> G:\Documents\Top Contributor Summit Home.pdf
Restored! G:\ \Documents\Capture.JPG -> G:\Documents\Capture.JPG
Restored! G:\ \Documents\About - Google Top Contributors.pdf -> G:\Documents\About - Google Top Contributors.pdf
Restored! G:\ \Documents\Benefits - Google Top Contributors.pdf -> G:\Documents\Benefits - Google Top Contributors.pdf
Restored! G:\ \Documents\TC website.docx -> G:\Documents\TC website.docx
Restored! G:\ \Documents\Gmail - Register for the 2015 Google Top Contributor Summit!.pdf -> G:\Documents\Gmail - Register for the 2015 Google Top Contributor Summit!.pdf
Restored! G:\ \IObitUnlockerPortable_1.1.paf.exe -> G:\IObitUnlockerPortable_1.1.paf.exe
Restored! G:\ \IObitUnlockerPortable\IObitUnlockerPortable.exe -> G:\IObitUnlockerPortable\IObitUnlockerPortable.exe
Restored! G:\ \IObitUnlockerPortable\help.html -> G:\IObitUnlockerPortable\help.html
Restored! G:\ \IObitUnlockerPortable\App\Readme.txt -> G:\IObitUnlockerPortable\App\Readme.txt
Restored! G:\ \IObitUnlockerPortable\App\AppInfo\EULA.txt -> G:\IObitUnlockerPortable\App\AppInfo\EULA.txt
Restored! G:\ \IObitUnlockerPortable\App\AppInfo\appicon.ico -> G:\IObitUnlockerPortable\App\AppInfo\appicon.ico
Restored! G:\ \IObitUnlockerPortable\App\AppInfo\appicon_128.png -> G:\IObitUnlockerPortable\App\AppInfo\appicon_128.png
Restored! G:\ \IObitUnlockerPortable\App\AppInfo\appicon_16.png -> G:\IObitUnlockerPortable\App\AppInfo\appicon_16.png
Restored! G:\ \IObitUnlockerPortable\App\AppInfo\appicon_32.png -> G:\IObitUnlockerPortable\App\AppInfo\appicon_32.png
Restored! G:\ \IObitUnlockerPortable\App\AppInfo\appinfo.ini -> G:\IObitUnlockerPortable\App\AppInfo\appinfo.ini
Restored! G:\ \IObitUnlockerPortable\App\AppInfo\Launcher\Custom.nsh -> G:\IObitUnlockerPortable\App\AppInfo\Launcher\Custom.nsh
Restored! G:\ \IObitUnlockerPortable\App\AppInfo\Launcher\IObitUnlockerPortable.ini -> G:\IObitUnlockerPortable\App\AppInfo\Launcher\IObitUnlockerPortable.ini
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\EULA.rtf -> G:\IObitUnlockerPortable\App\IObitUnlocker\EULA.rtf
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\IObitUnlocker.dll -> G:\IObitUnlockerPortable\App\IObitUnlocker\IObitUnlocker.dll
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\IObitUnlocker.exe -> G:\IObitUnlockerPortable\App\IObitUnlocker\IObitUnlocker.exe
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\SpecialDir.ini -> G:\IObitUnlockerPortable\App\IObitUnlocker\SpecialDir.ini
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\fav.ico -> G:\IObitUnlockerPortable\App\IObitUnlocker\fav.ico
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\update.ini -> G:\IObitUnlockerPortable\App\IObitUnlocker\update.ini
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\SysLegacy32\IObitUnlocker.sys -> G:\IObitUnlockerPortable\App\IObitUnlocker\SysLegacy32\IObitUnlocker.sys
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\SysLegacy32\IObitUnlockerExtension.dll -> G:\IObitUnlockerPortable\App\IObitUnlocker\SysLegacy32\IObitUnlockerExtension.dll
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\SysLegacy64\IObitUnlocker.sys -> G:\IObitUnlockerPortable\App\IObitUnlocker\SysLegacy64\IObitUnlocker.sys
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\SysLegacy64\IObitUnlockerExtension.dll -> G:\IObitUnlockerPortable\App\IObitUnlocker\SysLegacy64\IObitUnlockerExtension.dll
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\SysModern32\IObitUnlocker.sys -> G:\IObitUnlockerPortable\App\IObitUnlocker\SysModern32\IObitUnlocker.sys
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\SysModern32\IObitUnlockerExtension.dll -> G:\IObitUnlockerPortable\App\IObitUnlocker\SysModern32\IObitUnlockerExtension.dll
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\SysModern64\IObitUnlocker.sys -> G:\IObitUnlockerPortable\App\IObitUnlocker\SysModern64\IObitUnlocker.sys
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\SysModern64\IObitUnlockerExtension.dll -> G:\IObitUnlockerPortable\App\IObitUnlocker\SysModern64\IObitUnlockerExtension.dll
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\IObitUnlocker.sys -> G:\IObitUnlockerPortable\App\IObitUnlocker\IObitUnlocker.sys
Restored! G:\ \IObitUnlockerPortable\App\IObitUnlocker\IObitUnlockerExtension.dll -> G:\IObitUnlockerPortable\App\IObitUnlocker\IObitUnlockerExtension.dll
Restored! G:\ \IObitUnlockerPortable\Other\Help\Images\Donation_Button.png -> G:\IObitUnlockerPortable\Other\Help\Images\Donation_Button.png
Restored! G:\ \IObitUnlockerPortable\Other\Help\Images\Favicon.ico -> G:\IObitUnlockerPortable\Other\Help\Images\Favicon.ico
Restored! G:\ \IObitUnlockerPortable\Other\Help\Images\Help_Background_Footer.png -> G:\IObitUnlockerPortable\Other\Help\Images\Help_Background_Footer.png
Restored! G:\ \IObitUnlockerPortable\Other\Help\Images\Help_Background_Header.png -> G:\IObitUnlockerPortable\Other\Help\Images\Help_Background_Header.png
Restored! G:\ \IObitUnlockerPortable\Other\Help\Images\Help_Logo_Top.png -> G:\IObitUnlockerPortable\Other\Help\Images\Help_Logo_Top.png
Restored! G:\ \IObitUnlockerPortable\Other\Help\Images\OneNote Table Of Contents.onetoc2 -> G:\IObitUnlockerPortable\Other\Help\Images\OneNote Table Of Contents.onetoc2
Restored! G:\ \IObitUnlockerPortable\Other\Source\AppNamePortable.ini -> G:\IObitUnlockerPortable\Other\Source\AppNamePortable.ini
Restored! G:\ \IObitUnlockerPortable\Other\Source\LauncherLicense.txt -> G:\IObitUnlockerPortable\Other\Source\LauncherLicense.txt
Restored! G:\ \IObitUnlockerPortable\Other\Source\Readme.txt -> G:\IObitUnlockerPortable\Other\Source\Readme.txt
Restored! G:\ \IObitUnlockerPortable\Other\Source\Plugins\AccessControl.dll -> G:\IObitUnlockerPortable\Other\Source\Plugins\AccessControl.dll
Restored! G:\ \IObitUnlockerPortable\Other\Source\Plugins\AccessControl.zip -> G:\IObitUnlockerPortable\Other\Source\Plugins\AccessControl.zip
Restored! G:\ \IObitUnlockerPortable\Data\PortableApps.comInstaller\license.ini -> G:\IObitUnlockerPortable\Data\PortableApps.comInstaller\license.ini
Restored! G:\ \IObitUnlockerPortable\Data\settings\IObitUnlockerPortableSettings.ini -> G:\IObitUnlockerPortable\Data\settings\IObitUnlockerPortableSettings.ini
Restored! G:\ \IObitUnlockerPortable\Data\IObitUnlockerSettings\IObitUnlocker.ini -> G:\IObitUnlockerPortable\Data\IObitUnlockerSettings\IObitUnlocker.ini
Restored! G:\ \IObitUnlockerPortable\Data\IObitUnlockerSettings\Main.ini -> G:\IObitUnlockerPortable\Data\IObitUnlockerSettings\Main.ini
Restored! G:\ \New\SKMBT_C36015072617240.pdf -> G:\New\SKMBT_C36015072617240.pdf
Restored! G:\ \New\Google Groups.pdf -> G:\New\Google Groups.pdf
Restored! G:\ \pp -- 12    2  copy.jpg -> G:\pp -- 12    2  copy.jpg
Restored! G:\ \IMG_9674.JPG -> G:\IMG_9674.JPG
Restored! G:\ \zAk7ax.QkGa.pLbqMgCW.hsS6Q.Pjm.h6TeELR.Lels36I.Cm9KM -> G:\zAk7ax.QkGa.pLbqMgCW.hsS6Q.Pjm.h6TeELR.Lels36I.Cm9KM
Restored! G:\ \desktop.ini -> G:\desktop.ini
Restored! G:\ \IndexerVolumeGuid -> G:\IndexerVolumeGuid
 
(!) Temporary files deleted. (186.051712036133 MB)
 
################## | Startup |
 
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
04 - HKCU\..\Run : [Google Update] "C:\Users\AMAL\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
04 - HKLM\..\Run : [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
04 - HKLM\..\Run : [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
04 - HKLM\..\Run : [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
04 - HKLM\..\Run : [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
04 - HKLM\..\Run : [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\..\Run : [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
04 - [x64] HKLM\..\Run : [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
04 - [x64] HKLM\..\Run : [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
04 - [x64] HKLM\..\Run : [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
04 - [x64] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - [x64] HKLM\..\Run : [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 
04 - [x64] HKLM\..\Run : [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
04 - [x64] HKLM\..\Run : [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
04 - [x64] HKLM\..\Run : [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
04 - [x64] HKLM\..\Run : [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
04 - [x64] HKLM\..\Run : [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
04 - [x64] HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-3466450235-528134590-3365269368-1000\..\Run : [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
04 - HKU\S-1-5-21-3466450235-528134590-3365269368-1000\..\Run : [AdobeBridge] 
04 - HKU\S-1-5-21-3466450235-528134590-3365269368-1000\..\Run : [*LABAL*] 
04 - HKU\S-1-5-21-3466450235-528134590-3365269368-1000\..\Run : [Google Update] "C:\Users\AMAL\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-3466450235-528134590-3365269368-1000\..\Run : [MCShield Monitor] C:\Program Files (x86)\MCShield\mcshieldrtm.exe
04 - HKU\S-1-5-18\..\Run : [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04GS - TRDCReminder.lnk : C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
04GS - Bluetooth Manager.lnk : C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
 
################## | UsbFix - Information |
 
Live detection : http://how-to-remove.us/
 
################## | C:\ %SystemDrive% - Fixed drive (NTFS) |
 
[18/11/2010 - 16:57:13 | N | 0 Ko] - C:\SWSTAMP.TXT
[03/08/2015 - 14:48:41 | ASH | 2299908 Ko] - C:\hiberfil.sys
[03/08/2015 - 14:48:45 | ASH | 3066544 Ko] - C:\pagefile.sys
[22/04/2014 - 02:54:00 | A | 17 Ko] - C:\wceprv.dll
[25/07/2011 - 21:55:43 | SHD] - C:\$RECYCLE.BIN
[14/07/2009 - 08:50:08 | D] - C:\PerfLogs
[14/07/2009 - 10:38:56 | SHD] - C:\Documents and Settings
[22/07/2011 - 02:00:58 | RD] - C:\Users
[22/07/2011 - 02:03:06 | D] - C:\Toshiba
[22/07/2011 - 02:12:28 | RHD] - C:\MSOCache
[09/07/2014 - 16:06:39 | RD] - C:\Program Files
[24/12/2014 - 02:01:21 | D] - C:\Windows
[03/08/2015 - 18:20:59 | D] - C:\Program Files (x86)
[03/08/2015 - 18:24:53 | D] - C:\UsbFix
[03/08/2015 - 18:28:43 | HD] - C:\ProgramData
 
################## | D:\ - Fixed drive (NTFS) |
 
[24/11/2010 - 21:41:12 | A | 0 Ko] - D:\R14777A2.tag
[02/12/2006 - 01:07:14 | A | 884 Ko] - D:\msdia80.dll
[22/07/2011 - 02:03:10 | SHD] - D:\$RECYCLE.BIN
[22/07/2011 - 08:58:28 | D] - D:\HDDRecovery
 
################## | G:\ - Removable drive (FAT32) |
 
[11/04/2015 - 18:33:16 | N | 1655 Ko] - G:\KR5J2269.JPG
[11/04/2015 - 18:33:14 | N | 2692 Ko] - G:\KR5J2266.JPG
[03/08/2015 - 18:28:52 | D] - G:\LightscreenPortable
[03/08/2015 - 18:28:56 | D] - G:\New Folder
[23/07/2015 - 14:32:54 | D] - G:\ 
[21/06/2015 - 12:15:02 | N | 13 Ko] - G:\photothumb.db
[03/08/2015 - 18:28:56 | D] - G:\DJ Songs Hindi
[03/08/2015 - 18:28:56 | D] - G:\Malayalam Songs
[03/08/2015 - 18:28:58 | D] - G:\Imation
[03/08/2015 - 18:28:58 | D] - G:\Documents
[23/07/2015 - 15:22:30 | N | 1432 Ko] - G:\IObitUnlockerPortable_1.1.paf.exe
[03/08/2015 - 18:28:58 | D] - G:\IObitUnlockerPortable
[03/08/2015 - 18:29:02 | D] - G:\New
[29/06/2015 - 11:04:36 | N | 583 Ko] - G:\pp -- 12    2  copy.jpg
[27/07/2015 - 12:39:06 | N | 10414 Ko] - G:\IMG_9674.JPG
[03/08/2015 - 16:38:56 | N | 22107 Ko] - G:\zAk7ax.QkGa.pLbqMgCW.hsS6Q.Pjm.h6TeELR.Lels36I.Cm9KM
[03/08/2015 - 16:38:56 | N | 0 Ko] - G:\desktop.ini
[03/08/2015 - 16:38:56 | N | 566 Ko] - G:\IndexerVolumeGuid
[03/08/2015 - 18:28:52 | D] - G:\LightscreenPortable\App
[04/05/2014 - 18:21:08 | N | 158 Ko] - G:\LightscreenPortable\LightscreenPortable.exe
[04/05/2014 - 01:54:42 | N | 5 Ko] - G:\LightscreenPortable\help.html
[03/08/2015 - 18:28:54 | D] - G:\LightscreenPortable\Other
[03/08/2015 - 18:28:54 | D] - G:\LightscreenPortable\Data
[03/08/2015 - 18:28:52 | D] - G:\LightscreenPortable\App\Lightscreen
[10/04/2008 - 00:31:58 | N | 0 Ko] - G:\LightscreenPortable\App\readme.txt
[03/08/2015 - 18:28:54 | D] - G:\LightscreenPortable\App\AppInfo
[03/08/2015 - 18:28:54 | D] - G:\LightscreenPortable\App\Bin
[03/08/2015 - 18:28:54 | D] - G:\LightscreenPortable\App\DefaultData
[03/07/2013 - 04:21:38 | N | 2538 Ko] - G:\LightscreenPortable\App\Lightscreen\QtCore4.dll
[27/06/2013 - 11:16:40 | N | 8381 Ko] - G:\LightscreenPortable\App\Lightscreen\QtGui4.dll
[27/06/2013 - 11:10:40 | N | 1029 Ko] - G:\LightscreenPortable\App\Lightscreen\QtNetwork4.dll
[27/06/2013 - 11:10:46 | N | 197 Ko] - G:\LightscreenPortable\App\Lightscreen\QtSql4.dll
[27/06/2013 - 11:10:00 | N | 348 Ko] - G:\LightscreenPortable\App\Lightscreen\QtXml4.dll
[15/04/2014 - 10:18:30 | N | 558 Ko] - G:\LightscreenPortable\App\Lightscreen\lightscreen.exe
[03/11/2012 - 19:52:36 | N | 411 Ko] - G:\LightscreenPortable\App\Lightscreen\msvcp100.dll
[03/11/2012 - 19:52:36 | N | 752 Ko] - G:\LightscreenPortable\App\Lightscreen\msvcr100.dll
[24/03/2014 - 13:45:00 | N | 96 Ko] - G:\LightscreenPortable\App\Lightscreen\optipng.exe
[03/08/2015 - 18:28:52 | D] - G:\LightscreenPortable\App\Lightscreen\imageformats
[03/08/2015 - 18:28:54 | D] - G:\LightscreenPortable\App\Lightscreen\sounds
[03/08/2015 - 18:28:54 | D] - G:\LightscreenPortable\App\Lightscreen\sqldrivers
[27/06/2013 - 12:32:58 | N | 197 Ko] - G:\LightscreenPortable\App\Lightscreen\imageformats\qjpeg4.dll
[26/11/2012 - 12:31:20 | N | 460 Ko] - G:\LightscreenPortable\App\Lightscreen\imageformats\qsqlite4.dll
[25/12/2011 - 22:25:26 | N | 76 Ko] - G:\LightscreenPortable\App\Lightscreen\sounds\ls.screenshot.wav
[27/06/2013 - 12:32:34 | N | 460 Ko] - G:\LightscreenPortable\App\Lightscreen\sqldrivers\qsqlite4.dll
[04/05/2014 - 01:53:16 | N | 27 Ko] - G:\LightscreenPortable\App\AppInfo\appicon.ico
[04/05/2014 - 01:53:32 | N | 4 Ko] - G:\LightscreenPortable\App\AppInfo\appicon_128.png
[04/05/2014 - 01:50:30 | N | 0 Ko] - G:\LightscreenPortable\App\AppInfo\appicon_16.png
[04/05/2014 - 01:50:24 | N | 1 Ko] - G:\LightscreenPortable\App\AppInfo\appicon_32.png
[04/05/2014 - 01:51:50 | N | 1 Ko] - G:\LightscreenPortable\App\AppInfo\appinfo.ini
[04/05/2014 - 05:26:16 | N | 0 Ko] - G:\LightscreenPortable\App\AppInfo\installer.ini
[03/08/2015 - 18:28:54 | D] - G:\LightscreenPortable\App\AppInfo\Launcher
[04/05/2014 - 05:57:12 | N | 1 Ko] - G:\LightscreenPortable\App\AppInfo\Launcher\LightscreenPortable.ini
[04/05/2014 - 18:18:10 | N | 3 Ko] - G:\LightscreenPortable\App\AppInfo\Launcher\custom.nsh
[28/06/2011 - 21:10:06 | N | 444 Ko] - G:\LightscreenPortable\App\Bin\sqlite3.exe
[03/08/2015 - 18:28:54 | D] - G:\LightscreenPortable\App\DefaultData\settings
[04/05/2014 - 06:01:10 | N | 1 Ko] - G:\LightscreenPortable\App\DefaultData\settings\config.ini
[17/04/2008 - 16:14:20 | N | 0 Ko] - G:\LightscreenPortable\App\DefaultData\settings\settings_readme.txt
[03/08/2015 - 18:28:54 | D] - G:\LightscreenPortable\Other\Help
[03/08/2015 - 18:28:54 | D] - G:\LightscreenPortable\Other\Source
[03/08/2015 - 18:28:54 | D] - G:\LightscreenPortable\Other\Help\images
[07/04/2012 - 00:49:00 | N | 2 Ko] - G:\LightscreenPortable\Other\Help\images\donation_button.png
[06/04/2012 - 23:35:16 | N | 1 Ko] - G:\LightscreenPortable\Other\Help\images\favicon.ico
[06/04/2012 - 23:16:20 | N | 0 Ko] - G:\LightscreenPortable\Other\Help\images\help_background_footer.png
[06/04/2012 - 23:14:36 | N | 0 Ko] - G:\LightscreenPortable\Other\Help\images\help_background_header.png
[06/04/2012 - 23:31:40 | N | 3 Ko] - G:\LightscreenPortable\Other\Help\images\help_logo_top.png
[04/06/2010 - 02:53:28 | N | 0 Ko] - G:\LightscreenPortable\Other\Source\AppNamePortable.ini
[14/06/2011 - 03:31:06 | N | 18 Ko] - G:\LightscreenPortable\Other\Source\LauncherLicense.txt
[12/08/2011 - 03:20:14 | N | 2 Ko] - G:\LightscreenPortable\Other\Source\Readme.txt
[04/05/2014 - 05:52:32 | N | 0 Ko] - G:\LightscreenPortable\Other\Source\PortableApps.comInstallerCustom.nsh
[03/08/2015 - 18:28:54 | D] - G:\LightscreenPortable\Data\settings
[03/08/2015 - 18:28:56 | D] - G:\LightscreenPortable\Data\Temp
[17/04/2008 - 16:14:20 | N | 0 Ko] - G:\LightscreenPortable\Data\settings\settings_readme.txt
[30/06/2015 - 07:54:42 | N | 0 Ko] - G:\LightscreenPortable\Data\settings\LightscreenPortableSettings.ini
[30/06/2015 - 07:56:32 | N | 1 Ko] - G:\LightscreenPortable\Data\settings\config.ini
[17/06/2015 - 18:41:42 | N | 2 Ko] - G:\LightscreenPortable\Data\settings\history.sqlite
[30/06/2015 - 07:55:26 | N | 0 Ko] - G:\LightscreenPortable\Data\Temp\qtsingleapp-lights-ccd6-0-lockfile
[29/06/2015 - 12:35:42 | N | 101 Ko] - G:\New Folder\Nonimmigrant Visa - Review Family Information.pdf
[29/06/2015 - 12:36:18 | N | 113 Ko] - G:\New Folder\Nonimmigrant Visa - Review Work _ Education Information.pdf
[29/06/2015 - 12:36:46 | N | 115 Ko] - G:\New Folder\Nonimmigrant Visa - Review Security Information.pdf
[29/06/2015 - 12:37:06 | N | 94 Ko] - G:\New Folder\Non-Immigrant Visa - Review Location.pdf
[29/06/2015 - 13:08:50 | N | 0 Ko] - G:\New Folder\address.txt
[29/06/2015 - 12:50:14 | N | 0 Ko] - G:\New Folder\newappid.txt
[29/06/2015 - 12:38:22 | N | 125 Ko] - G:\New Folder\Nonimmigrant Visa - Confirmation Page.pdf
[29/06/2015 - 11:22:14 | N | 134 Ko] - G:\New Folder\Top Contributor Summit Home.pdf
[29/06/2015 - 11:22:58 | N | 134 Ko] - G:\New Folder\Top Contributor Summit Home 2.pdf
[29/06/2015 - 11:23:34 | N | 134 Ko] - G:\New Folder\Top Contributor Summit Home 3.pdf
[29/06/2015 - 12:34:26 | N | 119 Ko] - G:\New Folder\Non-Immigrant Visa - Review Personal, Address, Phone, and Passport Information.pdf
[29/06/2015 - 12:34:54 | N | 109 Ko] - G:\New Folder\Non-Immigrant Visa - Review Travel Information.pdf
[29/06/2015 - 12:35:20 | N | 100 Ko] - G:\New Folder\Nonimmigrant Visa - Review US Contact Information.pdf
[17/06/2015 - 18:35:50 | D] - G:\ \LightscreenPortable
[07/06/2015 - 13:52:16 | D] - G:\ \New Folder
[16/06/2015 - 17:27:34 | D] - G:\ \DJ Songs Hindi
[01/07/2015 - 09:33:22 | D] - G:\ \Malayalam Songs
[01/07/2015 - 09:21:44 | D] - G:\ \Imation
[23/07/2015 - 14:33:22 | D] - G:\ \Documents
[23/07/2015 - 15:23:30 | D] - G:\ \IObitUnlockerPortable
[27/07/2015 - 09:34:04 | D] - G:\ \New
[17/06/2015 - 18:35:50 | D] - G:\ \LightscreenPortable\App
[17/06/2015 - 18:36:18 | D] - G:\ \LightscreenPortable\Other
[17/06/2015 - 18:36:18 | D] - G:\ \LightscreenPortable\Data
[17/06/2015 - 18:35:50 | D] - G:\ \LightscreenPortable\App\Lightscreen
[17/06/2015 - 18:35:52 | D] - G:\ \LightscreenPortable\App\AppInfo
[17/06/2015 - 18:35:52 | D] - G:\ \LightscreenPortable\App\Bin
[17/06/2015 - 18:35:52 | D] - G:\ \LightscreenPortable\App\DefaultData
[17/06/2015 - 18:36:14 | D] - G:\ \LightscreenPortable\App\Lightscreen\imageformats
[17/06/2015 - 18:36:16 | D] - G:\ \LightscreenPortable\App\Lightscreen\sounds
[17/06/2015 - 18:36:16 | D] - G:\ \LightscreenPortable\App\Lightscreen\sqldrivers
[17/06/2015 - 18:35:52 | D] - G:\ \LightscreenPortable\App\AppInfo\Launcher
[17/06/2015 - 18:35:52 | D] - G:\ \LightscreenPortable\App\DefaultData\settings
[17/06/2015 - 18:36:18 | D] - G:\ \LightscreenPortable\Other\Help
[17/06/2015 - 18:36:18 | D] - G:\ \LightscreenPortable\Other\Source
[17/06/2015 - 18:36:18 | D] - G:\ \LightscreenPortable\Other\Help\images
[17/06/2015 - 18:37:34 | D] - G:\ \LightscreenPortable\Data\Screenshots
[17/06/2015 - 18:37:34 | D] - G:\ \LightscreenPortable\Data\settings
[30/06/2015 - 07:55:22 | D] - G:\ \LightscreenPortable\Data\Temp
[23/07/2015 - 15:23:30 | D] - G:\ \IObitUnlockerPortable\App
[23/07/2015 - 15:23:32 | D] - G:\ \IObitUnlockerPortable\Other
[23/07/2015 - 15:23:34 | D] - G:\ \IObitUnlockerPortable\Data
[23/07/2015 - 15:23:30 | D] - G:\ \IObitUnlockerPortable\App\AppInfo
[23/07/2015 - 15:23:30 | D] - G:\ \IObitUnlockerPortable\App\IObitUnlocker
[23/07/2015 - 15:23:30 | D] - G:\ \IObitUnlockerPortable\App\AppInfo\Launcher
[23/07/2015 - 15:23:32 | D] - G:\ \IObitUnlockerPortable\App\IObitUnlocker\SysLegacy32
[23/07/2015 - 15:23:32 | D] - G:\ \IObitUnlockerPortable\App\IObitUnlocker\SysLegacy64
[23/07/2015 - 15:23:32 | D] - G:\ \IObitUnlockerPortable\App\IObitUnlocker\SysModern32
[23/07/2015 - 15:23:32 | D] - G:\ \IObitUnlockerPortable\App\IObitUnlocker\SysModern64
[23/07/2015 - 15:23:32 | D] - G:\ \IObitUnlockerPortable\Other\Help
[23/07/2015 - 15:23:34 | D] - G:\ \IObitUnlockerPortable\Other\Source
[23/07/2015 - 15:23:32 | D] - G:\ \IObitUnlockerPortable\Other\Help\Images
[23/07/2015 - 15:23:34 | D] - G:\ \IObitUnlockerPortable\Other\Source\Plugins
[23/07/2015 - 15:23:34 | D] - G:\ \IObitUnlockerPortable\Data\PortableApps.comInstaller
[23/07/2015 - 15:24:04 | D] - G:\ \IObitUnlockerPortable\Data\settings
[23/07/2015 - 15:24:48 | D] - G:\ \IObitUnlockerPortable\Data\IObitUnlockerSettings
[06/06/2015 - 12:37:06 | N | 6590 Ko] - G:\DJ Songs Hindi\Valentine Mashup (2014) - DJ Kiran Kamath [DJMaza.Info].mp3
[07/05/2015 - 21:46:12 | N | 5534 Ko] - G:\DJ Songs Hindi\Khiladi_786_(Mashup)_DJ_Kiran_Kamath-(DJmaza.in).mp3
[25/04/2015 - 17:26:58 | N | 4041 Ko] - G:\DJ Songs Hindi\07 - Mashup of the Year (Mixed by Kiran Kamath)-(InMaza.com).mp3
[16/06/2015 - 19:39:06 | N | 7340 Ko] - G:\DJ Songs Hindi\The Valentines Mashup 2015 (DJ Notorious) [DJMaza.Info].mp3
[20/06/2015 - 13:03:12 | N | 4350 Ko] - G:\DJ Songs Hindi\Jeena Jeena (Badlapur) DJ Chetas Remix(jatt.cc).mp3
[16/06/2015 - 18:58:12 | N | 4598 Ko] - G:\DJ Songs Hindi\Love Mash Up 2015 (DJ Chetas) [DJMaza.Info].mp3
[16/06/2015 - 18:50:28 | N | 5268 Ko] - G:\DJ Songs Hindi\Ek_Villain_(Mashup)_-_DJ_Kiran_Kamath(dailymaza.com).mp3
[20/06/2015 - 14:15:40 | N | 8788 Ko] - G:\DJ Songs Hindi\Ghani Bawri (Remix) - DJ Chetas [www.djsmuzik.co.in].mp3
[20/06/2015 - 12:32:48 | N | 9103 Ko] - G:\DJ Songs Hindi\Banno (Remix) - DJ Chetas [www.djsmuzik.co.in].mp3
[20/06/2015 - 14:19:16 | N | 8553 Ko] - G:\DJ Songs Hindi\Jee Karda (Remix) - DJ Chetas [www.djsmuzik.co.in].mp3
[16/06/2015 - 19:05:32 | N | 7392 Ko] - G:\DJ Songs Hindi\Tanu Weds Manu Returns (Mashup) [320kbps] [Songspkmp3.me].mp3
[20/06/2015 - 12:36:30 | N | 9103 Ko] - G:\DJ Songs Hindi\Chittiyaan Kalaiyaan (Remix) - DJ Chetas [www.djsmuzik.co.in].mp3
[20/06/2015 - 13:14:10 | N | 8238 Ko] - G:\DJ Songs Hindi\Main_Tenu_Samjhawan_(Remix)_-_DJ_Chetas(DjHungama.Net).mp3
[16/06/2015 - 19:02:40 | N | 9653 Ko] - G:\DJ Songs Hindi\Roy Mashup (DJ Kiran Kamath) -320Kbps [DJMaza.Info].mp3
[20/06/2015 - 12:41:50 | N | 12619 Ko] - G:\DJ Songs Hindi\Dj Chetas - Sooraj Dooba Hai (Remix) Feat. ARIJIT SINGH-(StarMirchi.com).mp3
[16/06/2015 - 21:13:44 | N | 3883 Ko] - G:\DJ Songs Hindi\Yaariyan_Mashup_-_DJ_Kiran_Kamath(freemaza.in).mp3
[21/06/2015 - 08:47:54 | N | 4367 Ko] - G:\DJ Songs Hindi\Tu_Hai_Ki_Nahi_-_Roy_Ft._Ankit_Tiwari_(Remix)_-_DJ_Chetas(wapking.cc).mp3
[21/06/2015 - 08:32:32 | N | 11600 Ko] - G:\DJ Songs Hindi\Main_Dhoondne_Ko_Zamaane_Mein_(Remix)_-_DJ_Chetas(DjHungama.Net).mp3
[20/06/2015 - 13:49:22 | N | 7247 Ko] - G:\DJ Songs Hindi\Baby_Doll_-_Ragini_MMS_2_(Remix)_-_DJ_Chetas(DjHungama.Net).mp3
[20/06/2015 - 14:07:30 | N | 12083 Ko] - G:\DJ Songs Hindi\Dj Chetas-Kabhi Jo Badal Barse (Remix) _ 320 Kbps-1.mp3
[20/04/2015 - 21:20:16 | N | 5514 Ko] - G:\DJ Songs Hindi\Jhak-Maar-Ke_(webmusic.in).mp3
[06/06/2015 - 12:26:48 | N | 7074 Ko] - G:\DJ Songs Hindi\Subha-Hone-Na-De-(Remix)_(webmusic.in).mp3
[06/06/2015 - 12:31:40 | N | 6813 Ko] - G:\DJ Songs Hindi\Subha-Hone-Na-De_(webmusic.in).mp3
[07/06/2015 - 10:48:44 | N | 2969 Ko] - G:\Malayalam Songs\01.Enne Thallendammaava - (worldtunez.com).mp3
[07/06/2015 - 08:46:58 | N | 3096 Ko] - G:\Malayalam Songs\02.Kaikkottum Kandittilla - (worldtunez.com).mp3
[07/06/2015 - 08:49:38 | N | 2448 Ko] - G:\Malayalam Songs\05. Chennai Pattanam - (worldtunez.com).mp3
[07/06/2015 - 13:12:16 | N | 3725 Ko] - G:\Malayalam Songs\Aaromale.mp3
[07/06/2015 - 13:26:46 | N | 4929 Ko] - G:\Malayalam Songs\Aluva Puzha.mp3
[07/06/2015 - 10:48:46 | N | 6983 Ko] - G:\Malayalam Songs\Ambazham Thanal.mp3
[07/06/2015 - 13:17:18 | N | 4727 Ko] - G:\Malayalam Songs\Chayunnuvo.mp3
[07/06/2015 - 13:20:18 | N | 2910 Ko] - G:\Malayalam Songs\Doore Doore (M).mp3
[13/06/2015 - 13:03:36 | N | 4874 Ko] - G:\Malayalam Songs\Kalippu.mp3
[07/06/2015 - 13:04:36 | N | 5612 Ko] - G:\Malayalam Songs\Pathivaayi Njan.mp3
[14/06/2015 - 19:02:18 | N | 8994 Ko] - G:\Malayalam Songs\Premam Malare Ninne Kaanathirunnal  Nivin PaulySai Pallavi Audio Song Official.mp3
[13/06/2015 - 12:38:30 | N | 4901 Ko] - G:\Malayalam Songs\Rockaankuthu.mp3
[13/06/2015 - 12:40:52 | N | 3972 Ko] - G:\Malayalam Songs\Scene Contra.mp3
[15/03/2010 - 17:24:18 | N | 1872 Ko] - G:\Imation\ImationLOCK.exe
[15/12/2009 - 17:49:58 | N | 755 Ko] - G:\Imation\ImationLOCKv20-D Manual.pdf
[23/07/2015 - 14:38:18 | N | 96 Ko] - G:\Documents\Gmail - You have accepted Google's Non-Disclosure Agreement.pdf
[23/07/2015 - 14:48:06 | N | 145 Ko] - G:\Documents\Top Contributor Summit Home.pdf
[23/07/2015 - 14:56:10 | N | 56 Ko] - G:\Documents\Capture.JPG
[23/07/2015 - 15:07:44 | N | 1663 Ko] - G:\Documents\About - Google Top Contributors.pdf
[23/07/2015 - 15:09:18 | N | 2105 Ko] - G:\Documents\Benefits - Google Top Contributors.pdf
[23/07/2015 - 15:14:42 | N | 2838 Ko] - G:\Documents\TC website.docx
[23/07/2015 - 15:16:20 | N | 159 Ko] - G:\Documents\Gmail - Register for the 2015 Google Top Contributor Summit!.pdf
[31/12/2013 - 04:38:44 | N | 166 Ko] - G:\IObitUnlockerPortable\IObitUnlockerPortable.exe
[07/01/2013 - 09:37:24 | N | 5 Ko] - G:\IObitUnlockerPortable\help.html
[03/08/2015 - 18:28:58 | D] - G:\IObitUnlockerPortable\App
[03/08/2015 - 18:29:00 | D] - G:\IObitUnlockerPortable\Other
[03/08/2015 - 18:29:00 | D] - G:\IObitUnlockerPortable\Data
[22/07/2011 - 11:15:34 | N | 0 Ko] - G:\IObitUnlockerPortable\App\Readme.txt
[03/08/2015 - 18:28:58 | D] - G:\IObitUnlockerPortable\App\AppInfo
[03/08/2015 - 18:28:58 | D] - G:\IObitUnlockerPortable\App\IObitUnlocker
[07/01/2013 - 09:38:38 | N | 5 Ko] - G:\IObitUnlockerPortable\App\AppInfo\EULA.txt
[07/01/2013 - 09:18:12 | N | 40 Ko] - G:\IObitUnlockerPortable\App\AppInfo\appicon.ico
[07/01/2013 - 09:18:58 | N | 10 Ko] - G:\IObitUnlockerPortable\App\AppInfo\appicon_128.png
[07/01/2013 - 09:18:34 | N | 0 Ko] - G:\IObitUnlockerPortable\App\AppInfo\appicon_16.png
[07/01/2013 - 09:18:28 | N | 1 Ko] - G:\IObitUnlockerPortable\App\AppInfo\appicon_32.png
[31/12/2013 - 04:36:36 | N | 1 Ko] - G:\IObitUnlockerPortable\App\AppInfo\appinfo.ini
[03/08/2015 - 18:28:58 | D] - G:\IObitUnlockerPortable\App\AppInfo\Launcher
[31/12/2013 - 04:38:20 | N | 3 Ko] - G:\IObitUnlockerPortable\App\AppInfo\Launcher\Custom.nsh
[20/10/2013 - 10:10:04 | N | 1 Ko] - G:\IObitUnlockerPortable\App\AppInfo\Launcher\IObitUnlockerPortable.ini
[19/08/2011 - 03:22:10 | N | 14 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\EULA.rtf
[01/10/2013 - 06:48:58 | N | 71 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\IObitUnlocker.dll
[01/10/2013 - 06:48:58 | N | 2374 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\IObitUnlocker.exe
[09/03/2011 - 02:07:20 | N | 0 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\SpecialDir.ini
[10/02/2011 - 06:16:46 | N | 5 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\fav.ico
[23/07/2015 - 15:24:06 | N | 0 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\update.ini
[03/08/2015 - 18:28:58 | D] - G:\IObitUnlockerPortable\App\IObitUnlocker\SysLegacy32
[03/08/2015 - 18:29:00 | D] - G:\IObitUnlockerPortable\App\IObitUnlocker\SysLegacy64
[03/08/2015 - 18:29:00 | D] - G:\IObitUnlockerPortable\App\IObitUnlocker\SysModern32
[03/08/2015 - 18:29:00 | D] - G:\IObitUnlockerPortable\App\IObitUnlocker\SysModern64
[01/10/2013 - 03:35:58 | N | 36 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\IObitUnlocker.sys
[01/10/2013 - 06:48:54 | N | 105 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\IObitUnlockerExtension.dll
[01/10/2013 - 00:36:16 | N | 29 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\SysLegacy32\IObitUnlocker.sys
[01/10/2013 - 03:48:56 | N | 93 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\SysLegacy32\IObitUnlockerExtension.dll
[01/10/2013 - 00:36:10 | N | 36 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\SysLegacy64\IObitUnlocker.sys
[01/10/2013 - 03:48:54 | N | 105 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\SysLegacy64\IObitUnlockerExtension.dll
[01/10/2013 - 03:35:58 | N | 36 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\SysModern32\IObitUnlocker.sys
[01/10/2013 - 06:48:54 | N | 105 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\SysModern32\IObitUnlockerExtension.dll
[01/10/2013 - 00:35:58 | N | 36 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\SysModern64\IObitUnlocker.sys
[01/10/2013 - 03:48:54 | N | 105 Ko] - G:\IObitUnlockerPortable\App\IObitUnlocker\SysModern64\IObitUnlockerExtension.dll
[03/08/2015 - 18:29:00 | D] - G:\IObitUnlockerPortable\Other\Help
[03/08/2015 - 18:29:00 | D] - G:\IObitUnlockerPortable\Other\Source
[03/08/2015 - 18:29:00 | D] - G:\IObitUnlockerPortable\Other\Help\Images
[07/04/2012 - 04:19:02 | N | 2 Ko] - G:\IObitUnlockerPortable\Other\Help\Images\Donation_Button.png
[07/04/2012 - 03:05:18 | N | 1 Ko] - G:\IObitUnlockerPortable\Other\Help\Images\Favicon.ico
[07/04/2012 - 02:46:22 | N | 0 Ko] - G:\IObitUnlockerPortable\Other\Help\Images\Help_Background_Footer.png
[07/04/2012 - 02:44:38 | N | 0 Ko] - G:\IObitUnlockerPortable\Other\Help\Images\Help_Background_Header.png
[07/04/2012 - 03:01:42 | N | 3 Ko] - G:\IObitUnlockerPortable\Other\Help\Images\Help_Logo_Top.png
[08/01/2013 - 22:53:50 | N | 4 Ko] - G:\IObitUnlockerPortable\Other\Help\Images\OneNote Table Of Contents.onetoc2
[04/06/2010 - 06:23:28 | N | 0 Ko] - G:\IObitUnlockerPortable\Other\Source\AppNamePortable.ini
[14/06/2011 - 07:01:06 | N | 18 Ko] - G:\IObitUnlockerPortable\Other\Source\LauncherLicense.txt
[07/01/2013 - 09:37:48 | N | 2 Ko] - G:\IObitUnlockerPortable\Other\Source\Readme.txt
[03/08/2015 - 18:29:00 | D] - G:\IObitUnlockerPortable\Other\Source\Plugins
[26/02/2012 - 01:14:38 | N | 8 Ko] - G:\IObitUnlockerPortable\Other\Source\Plugins\AccessControl.dll
[26/02/2012 - 04:30:00 | N | 38 Ko] - G:\IObitUnlockerPortable\Other\Source\Plugins\AccessControl.zip
[03/08/2015 - 18:29:00 | D] - G:\IObitUnlockerPortable\Data\PortableApps.comInstaller
[03/08/2015 - 18:29:00 | D] - G:\IObitUnlockerPortable\Data\settings
[03/08/2015 - 18:29:02 | D] - G:\IObitUnlockerPortable\Data\IObitUnlockerSettings
[23/07/2015 - 15:23:34 | N | 0 Ko] - G:\IObitUnlockerPortable\Data\PortableApps.comInstaller\license.ini
[23/07/2015 - 15:24:04 | N | 0 Ko] - G:\IObitUnlockerPortable\Data\settings\IObitUnlockerPortableSettings.ini
[23/07/2015 - 15:24:04 | N | 0 Ko] - G:\IObitUnlockerPortable\Data\IObitUnlockerSettings\IObitUnlocker.ini
[23/07/2015 - 15:24:04 | N | 0 Ko] - G:\IObitUnlockerPortable\Data\IObitUnlockerSettings\Main.ini
[27/07/2015 - 09:39:54 | N | 1205 Ko] - G:\New\SKMBT_C36015072617240.pdf
[27/07/2015 - 09:38:00 | N | 90 Ko] - G:\New\Google Groups.pdf
 
################## | Vaccin |
 
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
 
################## | E.O.F | http://www.sosvirus.net/ | http://www.en.usbfix.net/ |
 
 

Log of Farbar Recovery scan tool:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by AMAL (administrator) on AMAL-TOSH (04-08-2015 13:08:21)
Running from C:\Users\AMAL\Downloads
Loaded Profiles: AMAL (Available Profiles: AMAL)
Platform: Windows 7 Home Premium (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
() C:\ProgramData\Idea Net Setter\OnlineUpdate\ouc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-10-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-03-04] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-3466450235-528134590-3365269368-1000\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\S-1-5-21-3466450235-528134590-3365269368-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3466450235-528134590-3365269368-1000\...\Run: [*LABAL*] => [X]
HKU\S-1-5-21-3466450235-528134590-3365269368-1000\...\Run: [Google Update] => C:\Users\AMAL\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-03-07] (Google Inc.)
HKU\S-1-5-21-3466450235-528134590-3365269368-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2011-09-03]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Users\AMAL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-07-22]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-11-18]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-11-18]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3466450235-528134590-3365269368-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba.msn.com
HKU\S-1-5-21-3466450235-528134590-3365269368-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
HKU\S-1-5-21-3466450235-528134590-3365269368-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-3466450235-528134590-3365269368-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {0AA6FEE4-6CE4-4783-BF8F-4152529532B3} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM -> {0AA6FEE4-6CE4-4783-BF8F-4152529532B3} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {DC8924A6-6B77-4DB0-B6CB-2396EDC4AC69} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {DC8924A6-6B77-4DB0-B6CB-2396EDC4AC69} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3466450235-528134590-3365269368-1000 -> {F3840D53-3726-4F92-AC58-945A29939F9C} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
SearchScopes: HKU\S-1-5-21-3466450235-528134590-3365269368-1000 -> {F8729515-37CA-4445-B958-7C74B52DC030} URL = http://rover.ebay.com/rover/1/710-71511-9400-6/4?satitle={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-07] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll [2010-03-04] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-07] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19] (<TOSHIBA>)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll [2010-03-04] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-06-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-06-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-06-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-06-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{18CBAB32-F294-4E83-A68B-0A1814DC4E52}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2EBBD1AF-DF83-4E46-B922-29AC7CE899FE}: [NameServer] 112.110.249.1 202.138.96.2
Tcpip\..\Interfaces\{9AE9EE29-C5FE-4F54-81C8-FDA1AA441447}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C8B93BB6-B5F3-40D9-942A-47D0426A534F}: [NameServer] 112.110.249.1 202.56.230.7
 
FireFox:
========
FF ProfilePath: C:\Users\AMAL\AppData\Roaming\Mozilla\Firefox\Profiles\ezzc2yxh.default
FF Keyword.URL: hxxp://www.google.co.uk/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-25] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-25] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll [2010-03-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3466450235-528134590-3365269368-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\AMAL\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3466450235-528134590-3365269368-1000: @talk.google.com/O1DPlugin -> C:\Users\AMAL\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3466450235-528134590-3365269368-1000: @tools.google.com/Google Update;version=3 -> C:\Users\AMAL\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3466450235-528134590-3365269368-1000: @tools.google.com/Google Update;version=9 -> C:\Users\AMAL\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\AMAL\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\AMAL\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\AMAL\AppData\Roaming\Mozilla\Firefox\Profiles\ezzc2yxh.default\searchplugins\googlecom-in-english.xml [2012-03-22]
FF SearchPlugin: C:\Users\AMAL\AppData\Roaming\Mozilla\Firefox\Profiles\ezzc2yxh.default\searchplugins\youtube.xml [2012-03-22]
FF Extension: Adblock Plus - C:\Users\AMAL\AppData\Roaming\Mozilla\Firefox\Profiles\ezzc2yxh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-04]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\Firefox
FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\Firefox [2010-11-18]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2011-08-03]
 
Chrome: 
=======
CHR Profile: C:\Users\AMAL\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\AMAL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-06]
CHR Extension: (YouTube) - C:\Users\AMAL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-06]
CHR Extension: (Google Search) - C:\Users\AMAL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-06]
CHR Extension: (No Name) - C:\Users\AMAL\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\AMAL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AMAL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-06]
CHR Extension: (Gmail) - C:\Users\AMAL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-06]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.) [File not signed]
S2 Idea Net Setter. RunOuc; C:\Program Files (x86)\Idea Net Setter\UpdateDog\ouc.exe [218624 2011-07-27] () [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-04 13:08 - 2015-08-04 13:08 - 00022498 _____ C:\Users\AMAL\Downloads\FRST.txt
2015-08-04 13:07 - 2015-08-04 13:08 - 00000000 ____D C:\FRST
2015-08-04 13:06 - 2015-08-04 13:06 - 02169856 _____ (Farbar) C:\Users\AMAL\Downloads\FRST64.exe
2015-08-03 18:28 - 2015-08-03 18:29 - 00048161 _____ C:\Users\AMAL\Desktop\UsbFix_Report.txt
2015-08-03 18:24 - 2015-08-03 18:24 - 00001455 _____ C:\Users\AMAL\Desktop\UsbFix.lnk
2015-08-03 18:24 - 2015-08-03 18:24 - 00000000 ____D C:\UsbFix
2015-08-03 18:22 - 2015-08-03 18:22 - 00001668 _____ C:\Users\AMAL\Documents\blpc.txt
2015-08-03 18:21 - 2015-08-04 13:07 - 00000000 ____D C:\ProgramData\MCShield
2015-08-03 18:21 - 2015-08-03 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2015-08-03 18:20 - 2015-08-03 18:21 - 00000000 ____D C:\Program Files (x86)\MCShield
2015-08-03 16:57 - 2015-08-03 16:57 - 00000000 ____D C:\Users\AMAL\AppData\Roaming\TeamViewer
2015-08-03 16:52 - 2015-08-03 16:52 - 00001010 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-08-03 16:52 - 2015-08-03 16:52 - 00000998 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-08-03 16:51 - 2015-08-03 16:52 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-08-03 16:30 - 2015-08-03 16:35 - 08096648 _____ (TeamViewer GmbH) C:\Users\AMAL\Downloads\TeamViewer_Setup_en.exe
2015-08-03 09:16 - 2015-08-03 09:17 - 03224504 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\AMAL\Downloads\UsbFix_2015_8.006.exe
2015-08-03 09:15 - 2015-08-03 09:16 - 02856736 _____ (MyCity) C:\Users\AMAL\Downloads\MCShield-Setup.exe
2015-08-03 09:09 - 2015-08-03 09:09 - 00655360 _____ C:\Users\AMAL\Downloads\MicrosoftFixit50471.msi
2015-07-31 18:56 - 2015-07-31 18:56 - 00001164 _____ C:\Users\AMAL\Documents\visa.txt
2015-07-05 01:09 - 2015-07-26 14:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-04 12:43 - 2014-10-08 09:03 - 00049536 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\agremove.exe
2015-08-04 12:42 - 2009-07-14 10:15 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-04 12:42 - 2009-07-14 10:15 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-04 12:40 - 2011-12-02 16:45 - 00017920 _____ C:\Windows\system32\rpcnetp.exe
2015-08-04 12:39 - 2011-07-23 03:05 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C15088FE-842D-4A21-A811-016C4E5ECB9B}
2015-08-04 12:39 - 2009-07-14 10:43 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-04 12:38 - 2011-04-29 12:55 - 01359137 _____ C:\Windows\WindowsUpdate.log
2015-08-04 12:37 - 2014-08-06 03:35 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-04 12:36 - 2012-04-08 14:27 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-04 12:35 - 2014-08-06 03:35 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-04 12:35 - 2011-07-22 02:04 - 00108840 _____ C:\Users\AMAL\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-04 12:35 - 2009-07-14 10:15 - 05036568 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-04 12:34 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-04 12:34 - 2009-07-14 10:21 - 00091913 _____ C:\Windows\setupact.log
2015-08-03 18:37 - 2011-08-18 09:54 - 00000000 ____D C:\Users\AMAL\AppData\Local\Windows Live
2015-08-03 18:29 - 2015-03-07 00:51 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3466450235-528134590-3365269368-1000UA.job
2015-08-02 13:29 - 2015-03-07 00:51 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3466450235-528134590-3365269368-1000Core.job
2015-07-31 16:47 - 2014-08-06 03:39 - 00002150 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-26 14:32 - 2014-07-01 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-26 14:32 - 2011-04-29 12:52 - 00013114 _____ C:\Windows\PFRO.log
2015-07-25 22:43 - 2012-04-08 14:27 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-25 22:43 - 2012-04-08 14:27 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-25 22:43 - 2011-07-23 03:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-17 13:32 - 2014-08-06 03:35 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-17 13:32 - 2014-08-06 03:35 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-17 13:24 - 2015-03-07 00:51 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3466450235-528134590-3365269368-1000UA
2015-07-17 13:24 - 2015-03-07 00:51 - 00003476 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3466450235-528134590-3365269368-1000Core
2015-07-15 21:53 - 2011-07-23 03:56 - 00000000 ____D C:\Users\AMAL\AppData\Roaming\vlc
2015-07-12 18:14 - 2014-07-31 18:36 - 00000000 ____D C:\Users\AMAL\AppData\Roaming\uTorrent
2015-07-10 00:13 - 2013-11-08 05:57 - 00048496 _____ (Absolute Software Corporation) C:\Windows\SysWOW64\identprv.dll
 
==================== Files in the root of some directories =======
 
2011-08-04 13:48 - 2011-08-04 13:50 - 0007601 _____ () C:\Users\AMAL\AppData\Local\resmon.resmoncfg
2011-07-29 18:53 - 2011-07-29 18:53 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-05 01:23
 
==================== End of log ============================
 
Log of addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
Ran by AMAL (2015-08-04 13:09:07)
Running from C:\Users\AMAL\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3466450235-528134590-3365269368-500 - Administrator - Disabled)
AMAL (S-1-5-21-3466450235-528134590-3365269368-1000 - Administrator - Enabled) => C:\Users\AMAL
Guest (S-1-5-21-3466450235-528134590-3365269368-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3466450235-528134590-3365269368-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.3 64-bit (HKLM\...\{D759947B-8C5A-4480-B0DB-FC391F061C85}) (Version: 4.3.1 - Adobe)
Adobe Reader X (10.1.2) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
Amazon.co.uk (HKLM-x32\...\{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}) (Version:  - Amazon EU S.a.r.L.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.0004 - Atheros Communications)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{A92CF2B1-6B11-49CE-66E4-0140C7F5784A}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 5.0.1401.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 5.0.1399.0 - Microsoft Corporation) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.12(T) - TOSHIBA CORPORATION)
ccc-core-static (x32 Version: 2010.1005.2139.36978 - ATI) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
eBay (HKLM-x32\...\{FDE58148-57E7-43BF-879A-29CCE818C078}) (Version: 1.1.9 - eBay Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Idea Net Setter (HKLM-x32\...\Idea Net Setter) (Version: 21.005.11.00.356 - Huawei Technologies Co.,Ltd)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.24700.31.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11300.14.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.12100.22.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.11400.15.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.14800.28.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{0FF68F26-416C-4954-ACA5-6AD5F9DE99C1}) (Version: 10.0.15000 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.11800.26.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.12300.27.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{2D99A593-C841-43A7-B7C9-D6F3AE70B756}) (Version: 7.1.45.0 - Nokia)
PC Connectivity Solution (HKLM-x32\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.21.0 - Nokia)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Service - powered by myphotobook (HKLM-x32\...\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.2.0-545 - myphotobook GmbH)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.01.00 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{E0FAA369-B0E3-48B8-9447-4873103B0012}) (Version: 8.0.33 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.11C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.30C - TOSHIBA CORPORATION)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.11 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.09.0001 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.5 x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.16.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.14 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.10C - TOSHIBA CORPORATION)
Toshiba TEMPRO (HKLM-x32\...\{DBB7021A-3437-446F-ACE5-7261644A972C}) (Version: 3.33 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.16 - TOSHIBA Corporation)
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version:  - )
TRORMCLauncher (Version: 1.0.0.10 - TOSHIBA) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Outlook 2007 Junk Email Filter (KB2586924) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}) (Version:  - Microsoft)
UsbFix (HKLM-x32\...\Usbfix) (Version: 8.006 - El Desaparecido - www.usbfix.net - www.sosvirus.net)
Utility Common Driver (x32 Version: 1.0.52.2C - TOSHIBA) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VoipConnect (HKLM-x32\...\VoipConnect_is1) (Version: 4.14 build 760 - Finarea S.A. Switzerland)
Windows Driver Package - ATI Technologies Inc. (amdkmdap) Display  (10/05/2010 8.783.0.0000) (HKLM\...\4F214B105BE2C47A7C10086525680BB7DCF7DEEB) (Version: 10/05/2010 8.783.0.0000 - ATI Technologies Inc.)
Windows Driver Package - ATI Technologies Inc. (amdkmdap) Display  (10/05/2010 8.783.0.0000) (HKLM\...\E8AD071510D6DB50A4A5327191F59F7569D3BB7F) (Version: 10/05/2010 8.783.0.0000 - ATI Technologies Inc.)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3466450235-528134590-3365269368-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\AMAL\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3466450235-528134590-3365269368-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\AMAL\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3466450235-528134590-3365269368-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\AMAL\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3466450235-528134590-3365269368-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\AMAL\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
 
==================== Restore Points =========================
 
09-07-2014 16:20:14 Installed Adobe Photoshop Lightroom 4.3 64-bit.
03-08-2014 09:42:47 Scheduled Checkpoint
17-10-2014 18:16:10 Removed Java 7 Update 11
01-03-2015 10:56:14 Installed TOSHIBA Service Station
07-05-2015 03:48:34 Scheduled Checkpoint
04-06-2015 20:41:42 Scheduled Checkpoint
12-07-2015 12:54:45 Scheduled Checkpoint
03-08-2015 09:10:09 Installed Microsoft Fix it 50471
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 08:04 - 2009-06-11 02:30 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {2F05870E-0E90-4EEA-BEB1-E9EC56FCEBA5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3466450235-528134590-3365269368-1000UA => C:\Users\AMAL\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {7FC68DBF-6D62-4C95-B483-B60C0FCA1D85} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-06-03] (TOSHIBA CORPORATION)
Task: {9CDE84CA-4E18-426C-A4C9-1AA341FBBD28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-06] (Google Inc.)
Task: {A84A78E4-B031-40A4-AFFD-9501B9397601} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3466450235-528134590-3365269368-1000Core => C:\Users\AMAL\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {B7668E75-7D81-4E04-8FF4-70CF7F23FE43} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-25] (Adobe Systems Incorporated)
Task: {D75C2F91-0C6F-496E-9569-70317188FA2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-06] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3466450235-528134590-3365269368-1000Core.job => C:\Users\AMAL\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3466450235-528134590-3365269368-1000UA.job => C:\Users\AMAL\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2010-11-16 19:08 - 2010-11-16 19:08 - 00339456 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2011-07-27 13:47 - 2011-07-27 13:46 - 00218624 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\ouc.exe
2010-04-07 17:37 - 2010-04-07 17:37 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 14:56 - 2009-11-03 14:56 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 15:45 - 2010-03-03 15:45 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 15:45 - 2010-03-03 15:45 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2010-11-18 16:19 - 2010-08-31 16:51 - 00017272 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2009-03-12 20:38 - 2009-03-12 20:38 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 18:08 - 2009-07-25 18:08 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2010-08-24 16:09 - 2010-08-24 16:09 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-10-05 23:07 - 2010-10-05 23:07 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-02-05 19:14 - 2010-02-05 19:14 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2011-07-27 13:47 - 2011-07-27 13:46 - 00011362 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\mingwm10.dll
2011-07-27 13:47 - 2011-07-27 13:46 - 00043008 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\libgcc_s_dw2-1.dll
2011-07-27 13:47 - 2011-07-27 13:46 - 02415104 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\QtCore4.dll
2011-07-27 13:47 - 2011-07-27 13:46 - 01148416 _____ () C:\ProgramData\Idea Net Setter\OnlineUpdate\QtNetwork4.dll
2015-07-31 16:47 - 2015-07-25 14:16 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-07-31 16:47 - 2015-07-25 14:16 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3466450235-528134590-3365269368-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\AMAL\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Bing Bar => "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe"
MSCONFIG\startupreg: ITSecMng => %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
MSCONFIG\startupreg: NBAgent => "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: VoipDiscount => "C:\Program Files (x86)\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{57EAB5AF-149C-44C0-9E49-A741E5C36BB9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2C6591CA-39BA-4E7C-A38D-B75A1CC45516}] => (Allow) LPort=2869
FirewallRules: [{FFC34602-A91E-438C-8A43-43657BBF320D}] => (Allow) LPort=1900
FirewallRules: [{CFCDD7AE-FC1E-45CB-B1BC-11201E6C3657}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5803F84D-FB97-4331-87B2-F775C216AF7E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{1692892D-F177-46A1-9F1E-BBB094E7A75A}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{BAC6AE95-A4D2-48A7-A17E-D3DF0269F193}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{7DDEE8CA-B939-4937-8929-57F5DF7FE7F1}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [UDP Query User{5BAF7619-2442-41E7-9C7F-167280BFB0BC}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [TCP Query User{25E86699-471D-4980-AF23-5AEBF4DDE664}F:\cs 1.6\hl.exe] => (Allow) F:\cs 1.6\hl.exe
FirewallRules: [UDP Query User{9C777BE3-845D-415B-A9C3-C37957E597B5}F:\cs 1.6\hl.exe] => (Allow) F:\cs 1.6\hl.exe
FirewallRules: [TCP Query User{5DE97374-18A3-4D7E-A16C-98EC7B5FB017}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{C1881E22-EE49-476F-8F8F-11CC8A4DB263}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{41D4FB42-9ECB-4569-ACE4-D74961467C2D}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
FirewallRules: [{06FC2702-461D-4201-BCF0-A865D78F0A8E}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop Lightroom 4.3\lightroom.exe
FirewallRules: [{CAD04599-8634-45F4-AF2E-138C8A83AF60}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop Lightroom 4.3\lightroom.exe
FirewallRules: [{72D0D15B-C206-40A8-814A-D0D79FB148BA}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
FirewallRules: [TCP Query User{9DEF8CE0-5947-4AD4-8152-C9B68EA4D1BD}C:\users\amal\downloads\utorrent.exe] => (Allow) C:\users\amal\downloads\utorrent.exe
FirewallRules: [UDP Query User{DA6CCF59-A24E-4891-AFE3-5EBA5D649771}C:\users\amal\downloads\utorrent.exe] => (Allow) C:\users\amal\downloads\utorrent.exe
FirewallRules: [{30A061EB-282C-4CFA-B3A7-BF810A6CF3F8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0A90DCFF-0CDF-4381-9511-E017B33AE49E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B60A0F17-E36F-40D5-9BD2-0D355DA0DBD6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{EF42A312-9409-4168-8791-FE2CF22DAAF8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{7AC4A6F4-73A4-4A82-BDC8-27B3F8300AEF}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [UDP Query User{E39EFE9C-E3A0-4781-92E9-4C25689FA11F}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [TCP Query User{FA4B8284-5AB5-4773-A84A-366DED054903}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Block) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [UDP Query User{4051FE84-9AE3-4315-9ECF-5C193530B517}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Block) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [TCP Query User{3721F87C-3B2D-42B7-94A4-80AC275D425C}E:\app\ditsvr.exe] => (Allow) E:\app\ditsvr.exe
FirewallRules: [UDP Query User{16DDFF33-3732-4E8B-9DA2-AEF1E215754A}E:\app\ditsvr.exe] => (Allow) E:\app\ditsvr.exe
FirewallRules: [{0AE9F5A5-4D50-42F6-8FC0-30AB57FEBDC6}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{8F8ACC62-6548-49DD-A350-511854A4D003}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{E2D701CF-D011-474E-8645-41B689F237E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6C47BFDE-4B26-4879-956A-08FB9CFC81D7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{85508FBD-015D-467B-945D-EDFBE7A35D92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{771B761C-405F-4A8F-96C2-DB62E764454D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{55CD4ABC-B6C8-43BA-A83B-2D57D60D1236}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/01/2015 10:43:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/F18B538D1BE903B6A6F056435B171589CAF36BF2.crt> with error: The specified server cannot perform the requested operation.
.
 
Error: (08/01/2015 10:43:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/F18B538D1BE903B6A6F056435B171589CAF36BF2.crt> with error: This operation returned because the timeout period expired.
.
 
Error: (06/10/2015 11:55:55 PM) (Source: SignInAssistant) (EventID: 0) (User: )
Description: InitializeSvcAPI failed with hr = 0x80048883
 
Error: (06/06/2015 02:09:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.1.5.0, time stamp: 0x00000000
Faulting module name: ntdll.dll, version: 6.1.7600.16695, time stamp: 0x4cc7b325
Exception code: 0xc0000005
Fault offset: 0x000000000004c8f4
Faulting process id: 0xc0c
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3
 
Error: (05/24/2015 07:08:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ACOMPC.EXE, version: 1.0.0.4, time stamp: 0x415044eb
Faulting module name: ole32.dll, version: 6.1.7600.16624, time stamp: 0x4c297c56
Exception code: 0xc0000005
Fault offset: 0x0001e5b4
Faulting process id: 0xf30
Faulting application start time: 0xACOMPC.EXE0
Faulting application path: ACOMPC.EXE1
Faulting module path: ACOMPC.EXE2
Report Id: ACOMPC.EXE3
 
Error: (05/24/2015 06:51:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ACOMPC.EXE, version: 1.0.0.4, time stamp: 0x415044eb
Faulting module name: ole32.dll, version: 6.1.7600.16624, time stamp: 0x4c297c56
Exception code: 0xc0000005
Fault offset: 0x0001e5b4
Faulting process id: 0xf1c
Faulting application start time: 0xACOMPC.EXE0
Faulting application path: ACOMPC.EXE1
Faulting module path: ACOMPC.EXE2
Report Id: ACOMPC.EXE3
 
Error: (05/15/2015 10:50:44 PM) (Source: SignInAssistant) (EventID: 0) (User: )
Description: InitializeSvcAPI failed with hr = 0x80048883
 
Error: (05/15/2015 09:03:48 PM) (Source: SignInAssistant) (EventID: 0) (User: )
Description: InitializeSvcAPI failed with hr = 0x80048883
 
Error: (05/13/2015 11:47:49 PM) (Source: SignInAssistant) (EventID: 0) (User: )
Description: InitializeSvcAPI failed with hr = 0x80048883
 
Error: (05/10/2015 10:31:20 PM) (Source: SignInAssistant) (EventID: 0) (User: )
Description: InitializeSvcAPI failed with hr = 0x80048883
 
 
System errors:
=============
Error: (08/04/2015 12:34:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Idea Net Setter. OUC service failed to start due to the following error: 
%%1053
 
Error: (08/04/2015 12:34:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Idea Net Setter. OUC service to connect.
 
Error: (08/03/2015 06:37:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\system32\athihvs.dll
 
Error: (08/03/2015 06:37:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\system32\athihvs.dll
 
Error: (08/03/2015 06:37:52 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\system32\athihvs.dll
 
Error: (08/03/2015 06:27:06 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume WINDOWS.
 
Error: (08/03/2015 06:27:06 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume WINDOWS.
 
Error: (08/03/2015 06:27:05 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume WINDOWS.
 
Error: (08/03/2015 06:27:05 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume WINDOWS.
 
Error: (08/03/2015 06:27:04 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume WINDOWS.
 
 
Microsoft Office:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 46%
Total physical RAM: 2994.67 MB
Available physical RAM: 1616.5 MB
Total Virtual: 5987.49 MB
Available Virtual: 4125.91 MB
 
==================== Drives ================================
 
Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:188.89 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:224.51 GB) NTFS
Drive g: (AMAL SK) (Removable) (Total:1.86 GB) (Free:1.57 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A537A22E)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 00C0A3BC)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=0B)
 
==================== End of log ============================
 
If you need anything more, feel free to ask.
 
Amal


#9 amalsk

amalsk
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 04 August 2015 - 02:48 AM

Also, I have 2-3 extra files on my USB now, which I'm not sure are necessary or not?



#10 amalsk

amalsk
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 04 August 2015 - 02:52 AM

Also, it seems that I inserted another flash drive and I have the same issue. And MCShield just scanned it and said there was virus in that too.

 

I don't have any antivirus installed.



#11 amalsk

amalsk
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 05 August 2015 - 12:37 PM

Any help guys?

@hamluis @B-boy/StyLe/



#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,310 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:08:57 AM

Posted 06 August 2015 - 01:27 PM

Hello amalsk,

Because bboy/style/ is currently unavailable, I'll help you with this issue.

 

I'd recommend to scan all usb drives like you did before and let it clean all found malware. Worm infections spread often via removable storage and even though your computer right now shows no sign of active infection, it can be reinfected by inserting an infected drive. For that reason I strongly recommend you to install an antivirus. A good free antivirus solution is Avast Free. Be careful during installation though, you may be asked to installed bundled offers (in case of Avast that is often DropBox), be sure to read carefully and uncheck any offer you don't want/need.

 

Do you have any other problem with your computer except for the issue with the infected flashdrives?


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#13 amalsk

amalsk
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:27 AM

Posted 07 August 2015 - 11:04 AM

Hello Elise. 

I am downloading Avast now and will update later on how it goes.

 

Is it ok if I also scan with multiple anti-viruses one at a time? I mean first Avast, then uninstalling it and scanning it with Kaspersky, ESET and so on?

 

Also, I'm not sure, but my computer startup seems slow and also I haven't plugged my flashdrives since.

 

Planning to clean them using your method and to format them, if you advise so?

 

Whatcha think?

 

Amal



#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,310 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:08:57 AM

Posted 07 August 2015 - 12:27 PM

I would install only one AV, but you can use ESET online or similar just fine alongside that, just make sure you use a portable/scan only tool (so don't install a kaspersky or eset trial version alongside avast).


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users