Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-11-2014 Ran by Gabriel at 2014-11-06 12:09:18 Run:1 Running from C:\Users\Gabriel\Downloads Loaded Profile: Gabriel (Available profiles: Gabriel & Guest) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.only-search.com/?babsrc=HP_ss&mntrId=822120107A4A93AE&affID=129300&tsp=5302 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=822120107A4A93AE&affID=121284&tt=240913_238&tsp=5016 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-2635464121-2190165053-1944712122-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.only-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=822120107A4A93AE&affID=129300&tsp=5302 SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - 45973938820B49DC844205652E7235BB URL = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=822120107A4A93AE&affID=119357&tt=070813_wt4&tsp=4969 SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.only-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=822120107A4A93AE&affID=129300&tsp=5302 SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKCU - {9BF870E1-0FD9-4895-9409-F02C845F90D6} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=995FC42B-8DB6-4146-A4FB-95F8789A71B1&apn_sauid=20ED4317-2CB4-4D09-BB00-A0F091C7CDE5 BHO-x32: Torntv V9.0 -> {11111111-1111-1111-1111-110511131190} -> C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll (installdaddy) BHO-x32: DefaultTab Browser Helper -> {7F6AFBF1-E065-4627-A2FD-810366367D01} -> C:\Users\Gabriel\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll No File Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File CHR HKLM-x32\...\Chrome\Extension: [bgnnidmnbdkmhfkjgdnngciimpdgohok] - C:\Program Files (x86)\LSHunter.TV\stv12.crx [] CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx [] Task: {6811688E-37B3-434F-8F78-1CC68DF2F918} - System32\Tasks\4875 => Wscript.exe C:\Users\Gabriel\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION Task: {826EAE6C-8749-43D1-BFB0-FDE50BBDC80C} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION Task: {86BC176D-2AC9-4B46-B24E-F9B3C9E369F9} - System32\Tasks\{9D289EB4-D5B4-4510-BB8A-F01B8F19CFC7} => Chrome.exe http://ui.skype.com/ui/0/6.0.0.126/en/abandoninstall?page=tsProgressBar Task: {A35DBD1B-D4AE-4107-B24E-C1157F342C8E} - System32\Tasks\{0FCDEEF9-451D-4433-AD6E-8D17C9968876} => Chrome.exe http://ui.skype.com/ui/0/6.0.0.126/en/abandoninstall?page=tsProgressBar Task: {B1E42D74-BBE9-44A5-B2DB-C45CEA96A1E2} - System32\Tasks\{C690FFA7-D168-4ACF-8F6D-AC71D2D3D72D} => C:\Program Files (x86)\O2\Connection Manager\EMMSN.exe Task: C:\Windows\Tasks\0414bUpdateInfo.job => C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe Task: C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-1.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-11.job => C:\Program Files (x86)\Torntv V9.0\9d8245d0-27bc-4ae3-8587-495f11625470-11.exe <==== ATTENTION Task: C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-2.job => C:\Program Files (x86)\Torntv V9.0\9d8245d0-27bc-4ae3-8587-495f11625470-2.exe <==== ATTENTION Task: C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-4.job => C:\Program Files (x86)\Torntv V9.0\9d8245d0-27bc-4ae3-8587-495f11625470-4.exe <==== ATTENTION Task: C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-5.job => C:\Program Files (x86)\Torntv V9.0\9d8245d0-27bc-4ae3-8587-495f11625470-5.exe <==== ATTENTION Task: C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-5_user.job => C:\Program Files (x86)\Torntv V9.0\9d8245d0-27bc-4ae3-8587-495f11625470-5.exe <==== ATTENTION Task: C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-6.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-novainstaller.exe <==== ATTENTION Task: C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-7.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-nova.exe <==== ATTENTION Task: C:\Windows\Tasks\AVG_REG_0214c.job => C:\ProgramData\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe Task: C:\Windows\Tasks\AVG_SYS_TASK_DELETE.job => C:\ProgramData\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe Task: C:\Windows\Tasks\EPUpdater.job => C:\Users\Gabriel\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\HDvid Codec V6.0-chromeinstaller.job => C:\Program Files (x86)\HDvid Codec V6.0\HDvid Codec V6.0-chromeinstaller.exe <==== ATTENTION S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-08] (globalUpdate) [File not signed] U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" C:\Program Files (x86)\globalUpdate C:\Program Files (x86)\HDPlayer C:\Program Files (x86)\HDvid Codec V6.0 C:\Program Files (x86)\Torntv V9.0 C:\ProgramData\AVG 0214c Campaign C:\ProgramData\DSearchLink C:\ProgramData\Mozilla C:\ProgramData\Temp C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Preferences C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjmlfbfnpdbaghgldginlcfgaeggfhj C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* C:\Users\Gabriel\AppData\Local\Mozilla C:\Users\Gabriel\AppData\Roaming\defaulttab C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDPlayer C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com C:\Users\Gabriel\AppData\Roaming\Mozilla C:\Users\Gabriel\Desktop\Search.lnk C:\Users\Gabriel\Desktop\TornTV.lnk Reg: reg delete HKCU\Software\Mozilla /f Reg: reg delete HKCU\Software\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\Mozilla /f Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BA8B8ADA-084F-4F79-A0CA-6E58A0808794} /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload /f Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller" /f Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HDvid Codec V6.0" /f Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Only Chrome Toolbar" /f Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Torntv V9.0" /f CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\Gabriel\AppData\Local CMD: dir /a C:\Users\Gabriel\AppData\LocalLow CMD: dir /a C:\Users\Gabriel\AppData\Roaming Hosts: EmptyTemp: ***************** Processes closed successfully. "HKCU\SOFTWARE\Policies\Google" => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => value deleted successfully. "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\S-1-5-21-2635464121-2190165053-1944712122-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key deleted successfully. "HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => value deleted successfully. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\45973938820B49DC844205652E7235BB" => Key deleted successfully. "HKCR\CLSID\45973938820B49DC844205652E7235BB" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully. "HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully. "HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key deleted successfully. "HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BF870E1-0FD9-4895-9409-F02C845F90D6}" => Key deleted successfully. "HKCR\CLSID\{9BF870E1-0FD9-4895-9409-F02C845F90D6}" => Key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110511131190}" => Key deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}" => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully. "HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully. "HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully. "HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => Key deleted successfully. "HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" => Key not found. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok" => Key deleted successfully. "C:\Program Files (x86)\LSHunter.TV\stv12.crx" => File/Directory not found. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc" => Key deleted successfully. "C:\Program Files (x86)\DefaultTab\DefaultTab.crx" => File/Directory not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6811688E-37B3-434F-8F78-1CC68DF2F918}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6811688E-37B3-434F-8F78-1CC68DF2F918}" => Key deleted successfully. C:\Windows\System32\Tasks\4875 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4875" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{826EAE6C-8749-43D1-BFB0-FDE50BBDC80C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{826EAE6C-8749-43D1-BFB0-FDE50BBDC80C}" => Key deleted successfully. C:\Windows\System32\Tasks\0 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86BC176D-2AC9-4B46-B24E-F9B3C9E369F9}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86BC176D-2AC9-4B46-B24E-F9B3C9E369F9}" => Key deleted successfully. C:\Windows\System32\Tasks\{9D289EB4-D5B4-4510-BB8A-F01B8F19CFC7} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9D289EB4-D5B4-4510-BB8A-F01B8F19CFC7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A35DBD1B-D4AE-4107-B24E-C1157F342C8E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35DBD1B-D4AE-4107-B24E-C1157F342C8E}" => Key deleted successfully. C:\Windows\System32\Tasks\{0FCDEEF9-451D-4433-AD6E-8D17C9968876} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0FCDEEF9-451D-4433-AD6E-8D17C9968876}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1E42D74-BBE9-44A5-B2DB-C45CEA96A1E2}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1E42D74-BBE9-44A5-B2DB-C45CEA96A1E2}" => Key deleted successfully. C:\Windows\System32\Tasks\{C690FFA7-D168-4ACF-8F6D-AC71D2D3D72D} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C690FFA7-D168-4ACF-8F6D-AC71D2D3D72D}" => Key deleted successfully. C:\Windows\Tasks\0414bUpdateInfo.job => Moved successfully. C:\Windows\Tasks\0814avUpdateInfo.job => Moved successfully. C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-1.job => Moved successfully. C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-11.job => Moved successfully. C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-2.job => Moved successfully. C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-4.job => Moved successfully. C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-5.job => Moved successfully. C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-5_user.job => Moved successfully. C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-6.job => Moved successfully. C:\Windows\Tasks\9d8245d0-27bc-4ae3-8587-495f11625470-7.job => Moved successfully. C:\Windows\Tasks\AVG_REG_0214c.job => Moved successfully. C:\Windows\Tasks\AVG_SYS_TASK_DELETE.job => Moved successfully. C:\Windows\Tasks\EPUpdater.job => Moved successfully. C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => Moved successfully. C:\Windows\Tasks\HDvid Codec V6.0-chromeinstaller.job not found. globalUpdatem => Service deleted successfully. AppMgmt => Service deleted successfully. catchme => Service deleted successfully. ewusbnet => Service deleted successfully. ew_hwusbdev => Service deleted successfully. huawei_enumerator => Service deleted successfully. hwdatacard => Service deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys" => Key deleted successfully. C:\Program Files (x86)\globalUpdate => Moved successfully. C:\Program Files (x86)\HDPlayer => Moved successfully. "C:\Program Files (x86)\HDvid Codec V6.0" => File/Directory not found. C:\Program Files (x86)\Torntv V9.0 => Moved successfully. C:\ProgramData\AVG 0214c Campaign => Moved successfully. C:\ProgramData\DSearchLink => Moved successfully. "C:\ProgramData\Mozilla" => File/Directory not found. C:\ProgramData\Temp => Moved successfully. C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Preferences => Moved successfully. C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjmlfbfnpdbaghgldginlcfgaeggfhj => Moved successfully. C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* => Moved successfully. "C:\Users\Gabriel\AppData\Local\Mozilla" => File/Directory not found. C:\Users\Gabriel\AppData\Roaming\defaulttab => Moved successfully. C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDPlayer => Moved successfully. "C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" => File/Directory not found. C:\Users\Gabriel\AppData\Roaming\Mozilla => Moved successfully. C:\Users\Gabriel\Desktop\Search.lnk => Moved successfully. "C:\Users\Gabriel\Desktop\TornTV.lnk" => File/Directory not found. ========= reg delete HKCU\Software\Mozilla /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete HKCU\Software\MozillaPlugins /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Mozilla /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\MozillaPlugins /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BA8B8ADA-084F-4F79-A0CA-6E58A0808794} /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HDvid Codec V6.0" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Only Chrome Toolbar" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Torntv V9.0" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= dir /a "C:\Program Files" ========= Volume in drive C has no label. Volume Serial Number is 8221-8006 Directory of C:\Program Files 05/11/2014 17:04 . 05/11/2014 17:04 .. 20/03/2012 09:05 AMD 20/03/2012 09:03 ATI 20/03/2012 09:04 ATI Technologies 25/10/2014 15:52 Common Files 14/07/2009 04:54 174 desktop.ini 20/03/2012 09:46 DVD Maker 25/04/2013 05:07 Google 25/07/2012 14:06 Hewlett-Packard 20/03/2012 09:09 IDT 17/10/2014 07:02 Internet Explorer 28/10/2013 08:10 Lavasoft 20/03/2012 09:46 Microsoft Games 06/09/2012 11:04 Microsoft Office 25/07/2014 16:04 Microsoft Silverlight 14/07/2009 05:32 MSBuild 07/06/2012 14:38 Online Services 14/07/2009 05:32 Reference Assemblies 20/03/2012 09:05 Synaptics 14/07/2009 05:09 Uninstall Information 11/07/2013 05:52 Windows Defender 11/05/2013 14:53 Windows Live 21/11/2010 07:06 Windows Mail 12/12/2013 07:12 Windows Media Player 14/07/2009 05:32 Windows NT 21/11/2010 07:06 Windows Photo Viewer 21/11/2010 03:31 Windows Portable Devices 07/06/2012 14:38 Windows Sidebar 1 File(s) 174 bytes 28 Dir(s) 625,688,264,704 bytes free ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Volume in drive C has no label. Volume Serial Number is 8221-8006 Directory of C:\Program Files (x86) 06/11/2014 12:11 . 06/11/2014 12:11 .. 20/03/2012 09:05 AMD 20/03/2012 09:05 AMD APP 20/03/2012 09:04 ATI Technologies 10/10/2014 21:05 AVG 20/03/2012 09:07 Cisco 05/11/2014 17:18 Common Files 20/03/2012 09:15 CyberLink 14/07/2009 04:54 174 desktop.ini 29/07/2014 12:17 EasyBits For Kids 15/10/2011 06:08 Evernote 25/09/2013 19:38 ffdshow 25/09/2013 20:53 Google 17/11/2012 13:41 Hewlett-Packard 15/10/2011 06:18 HP Games 12/12/2013 07:13 Iminent 09/12/2013 18:58 IminentToolbar 11/10/2014 06:45 InstallShield Installation Information 17/10/2014 07:02 Internet Explorer 24/01/2014 16:54 Java 15/10/2011 06:07 K-NFB Reading Technology Inc 20/05/2013 08:15 LiveUpload 11/10/2013 11:32 LSHunter.TV 24/03/2013 08:48 Microsoft 27/05/2014 15:59 Microsoft Analysis Services 11/09/2013 14:20 Microsoft Application Virtualization Client 06/09/2012 11:04 Microsoft Office 25/07/2014 16:04 Microsoft Silverlight 08/05/2013 17:44 Microsoft SkyDrive 15/10/2011 06:23 Microsoft SQL Server Compact Edition 27/05/2014 15:59 Microsoft.NET 14/03/2013 20:00 Mozilla Firefox 14/07/2009 05:32 MSBuild 15/11/2013 14:42 MyPC Backup 07/06/2012 14:38 Online Services 15/10/2011 06:07 PlayReady 25/07/2012 14:07 Realtek 14/07/2009 05:32 Reference Assemblies 06/11/2013 15:33 Sony 20/03/2012 09:22 SymSilent 14/07/2009 04:57 Uninstall Information 20/08/2013 08:08 VTech 29/05/2014 19:19 WildTangent Games 11/07/2013 05:52 Windows Defender 11/05/2013 14:53 Windows Live 21/11/2010 07:06 Windows Mail 12/12/2013 07:12 Windows Media Player 14/07/2009 05:32 Windows NT 21/11/2010 07:06 Windows Photo Viewer 21/11/2010 03:31 Windows Portable Devices 07/06/2012 14:38 Windows Sidebar 1 File(s) 174 bytes 51 Dir(s) 625,688,260,608 bytes free ========= End of CMD: ========= ========= dir /a C:\ProgramData ========= Volume in drive C has no label. Volume Serial Number is 8221-8006 Directory of C:\ProgramData 06/11/2014 12:11 . 06/11/2014 12:11 .. 05/11/2014 17:15 Adobe 09/03/2013 12:59 AMD 22/10/2013 18:03 APN 14/07/2009 05:08 Application Data [C:\ProgramData] 24/04/2013 07:36 Ask 20/03/2012 09:30 ATI 13/02/2014 22:01 AVAST Software 10/10/2014 20:55 Avg 10/10/2014 21:03 AVG2015 18/04/2014 16:59 Avg_Update_0414b 29/08/2014 17:02 Avg_Update_0814av 11/10/2013 11:34 Avira 14/03/2013 20:00 Babylon 28/10/2013 08:17 BitDefender 25/11/2013 10:58 BitGuard 20/06/2014 06:23 BlueStacks 11/10/2013 12:37 Common Files 21/07/2012 07:49 CyberLink 14/07/2009 05:08 Desktop [C:\Users\Public\Desktop] 14/07/2009 05:08 Documents [C:\Users\Public\Documents] 16/06/2012 07:10 Farm Frenzy 14/07/2009 05:08 Favorites [C:\Users\Public\Favorites] 24/04/2013 09:47 Google 07/06/2013 16:19 Hewlett-Packard 25/09/2013 19:37 IBUpdaterService 08/07/2012 11:28 iWing 28/10/2013 08:08 Lavasoft 24/04/2013 07:34 McAfee 06/11/2014 12:10 MFAData 27/02/2014 22:22 Microsoft 27/05/2014 16:02 Microsoft Help 08/05/2013 17:44 Microsoft SkyDrive 10/06/2012 18:58 MumboJumbo 02/11/2012 13:49 Norton 02/11/2012 13:48 NortonInstaller 24/01/2014 16:55 Oracle 16/06/2012 16:45 Playrix Entertainment 12/06/2013 08:19 RoboForm 05/11/2014 17:18 Skype 06/11/2013 15:33 Sony 23/03/2013 13:08 Sony Ericsson 14/07/2009 05:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 01/04/2013 18:35 Sun 16/05/2013 16:50 Synaptics 11/10/2013 11:33 Tarma Installer 02/07/2012 16:46 Telefónica 14/07/2009 05:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 06/09/2012 14:07 VirtualizedApplications 20/08/2013 08:08 VTech 10/06/2012 19:41 Wild Tangent 05/04/2014 08:15 WildTangent 17/11/2012 13:39 {9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} 0 File(s) 0 bytes 54 Dir(s) 625,688,256,512 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Gabriel\AppData\Local ========= Volume in drive C has no label. Volume Serial Number is 8221-8006 Directory of C:\Users\Gabriel\AppData\Local 05/11/2014 07:11 . 05/11/2014 07:11 .. 26/09/2013 15:31 Adobe 07/06/2012 14:45 AMD 07/06/2012 14:36 Application Data [C:\Users\Gabriel\AppData\Local] 16/05/2013 16:54 Apps 07/06/2012 14:45 ATI 10/10/2014 21:05 Avg 11/10/2014 09:33 Avg2015 14/09/2013 08:33 avgchrome 10/10/2014 20:55 AvgSetupLog 20/08/2013 08:09 cache 25/08/2013 09:10 938 cookies.ini 14/10/2014 08:57 CrashDumps 07/06/2012 14:52 CyberLink 13/03/2013 16:09 Diagnostics 11/10/2013 12:32 ElevatedDiagnostics 16/05/2014 11:08 EmieSiteList 16/05/2014 11:08 EmieUserList 11/09/2012 11:12 Facebook 13/04/2013 07:11 58,016 GDIPFONTCACHEV1.DAT 08/07/2014 16:41 globalUpdate 25/09/2013 20:53 Google 06/07/2012 18:20 Hewlett-Packard 07/06/2012 14:43 Hewlett-Packard_Company 07/06/2012 14:36 History [C:\Users\Gabriel\AppData\Local\Microsoft\Windows\History] 04/11/2014 12:09 6,684,871 IconCache.db 20/05/2013 08:57 LiveUpload 11/10/2013 12:37 MFAData 13/11/2013 08:26 Microsoft 03/03/2013 12:44 Microsoft Games 21/06/2012 16:09 MigWiz 15/03/2013 19:03 PackageAware 25/09/2013 19:38 Programs 07/06/2012 14:38 RemEngine 08/03/2014 10:09 Skype 06/09/2012 11:05 SoftGrid Client 02/05/2013 14:37 Supreme Savings 06/11/2014 12:11 Temp 07/06/2012 14:36 Temporary Internet Files [C:\Users\Gabriel\AppData\Local\Microsoft\Windows\Temporary Internet Files] 25/07/2014 16:04 Unity 21/10/2012 14:10 VirtualStore 31/07/2012 10:31 Wild Tangent 16/03/2014 15:51 Windows Live 04/10/2012 14:24 Windows Live Writer 12/12/2012 10:49 {5C5754EA-F4DF-4073-928F-ACF87456F035} 17/10/2012 11:49 {8140C752-9B65-4B75-81B3-3C9700038895} 22/03/2013 08:59 {8828F600-A71B-4F01-AEB8-5A997AE203FE} 31/10/2012 16:24 {93A375C0-FA5C-4D4F-BB60-C160FCC21FC7} 16/04/2013 13:37 {A962CA66-B288-41C7-9D9C-89AF67EF59CF} 04/10/2012 14:25 {E51B3BEA-2813-4C13-B7FE-61ADEF52CFE3} 12/10/2012 08:09 {FBE0950C-BF45-40C0-9DFF-780041601F40} 3 File(s) 6,743,825 bytes 49 Dir(s) 625,688,256,512 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Gabriel\AppData\LocalLow ========= Volume in drive C has no label. Volume Serial Number is 8221-8006 Directory of C:\Users\Gabriel\AppData\LocalLow 24/07/2014 14:11 . 24/07/2014 14:11 .. 24/07/2014 14:26 Adobe 30/03/2013 15:00 Delta 08/05/2013 17:42 Microsoft 30/03/2013 15:00 mixidj 12/06/2013 08:19 Siber Systems 01/04/2013 18:32 Sun 24/02/2013 17:29 Temp 24/07/2014 14:25 Unity 0 File(s) 0 bytes 10 Dir(s) 625,688,252,416 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Gabriel\AppData\Roaming ========= Volume in drive C has no label. Volume Serial Number is 8221-8006 Directory of C:\Users\Gabriel\AppData\Roaming 06/11/2014 12:11 . 06/11/2014 12:11 .. 10/07/2012 12:35 Adobe 23/06/2012 09:31 Atari 07/06/2012 14:45 ATI 10/10/2014 21:05 AVG2015 28/07/2012 19:50 Awem 08/07/2014 16:43 BabSolution 14/03/2013 20:00 Babylon 07/06/2012 14:52 CyberLink 28/07/2012 19:42 funkitron 19/08/2012 10:53 Google 07/06/2012 19:54 Hewlett-Packard 27/01/2013 14:55 Hoyle Card Games 27/01/2013 13:56 Hoyle FaceCreator 25/07/2012 14:02 hpqlog 07/06/2012 14:43 Identities 07/12/2013 22:01 IminentToolbar 08/07/2012 11:28 iWing 30/07/2012 12:45 Jewel Match 3 28/10/2013 08:27 LavasoftStatistics 07/06/2012 14:44 Macromedia 20/03/2012 09:45 Media Center Programs 25/09/2013 20:45 Microsoft 30/10/2013 19:23 OpenCandy 25/09/2013 20:48 PerformerSoft 05/11/2014 17:03 player 12/06/2013 08:21 RoboForm 19/07/2012 12:52 runic games 25/09/2013 19:37 SeeSimilar02 05/11/2014 17:18 Skype 07/10/2014 20:18 SoftGrid Client 25/09/2013 19:37 30,894 speedanalysis.ico 25/09/2013 19:38 SpeedAnalysis2 07/06/2012 14:44 Synaptics 30/11/2013 17:55 Systweak 02/07/2012 16:46 Telefónica 01/07/2012 12:15 TOMI3 06/09/2012 11:05 TP 11/10/2013 12:59 TuneUp Software 26/10/2014 07:48 Unity 12/08/2014 13:42 uTorrent 20/07/2012 11:27 WildTangent 22/03/2013 08:59 Windows Live Writer 29/07/2014 12:08 _MDLogs 1 File(s) 30,894 bytes 44 Dir(s) 625,688,252,416 bytes free ========= End of CMD: ========= C:\Windows\System32\Drivers\etc\hosts => Moved successfully. Hosts was reset successfully. EmptyTemp: => Removed 784.5 MB temporary data. The system needed a reboot. ==== End of Fixlog ====