Topic: Panda viewer
View Single Post
  #17  
Old April 16th, 2018, 04:56 PM
luzchurch luzchurch is offline
Senior Member
 
Join Date: Nov 2004
Posts: 341
This morning I tried again and it did finish the test. Here is the log file:

Fix result of Farbar Recovery Scan Tool (x86) Version: 15.04.2018
Ran by owner (16-04-2018 11:33:31) Run:4
Running from C:\Documents and Settings\owner\My Documents\Downloads
Loaded Profiles: owner & (Available Profiles: owner & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-507921405-1284227242-1417001333-1003\...\Run: [*rrzwvnyvrr<*>] => "C:\Documents and Settings\owner\Local Settings\Application Data\f003ad\9595f3.bat" <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-507921405-1284227242-1417001333-1003\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\.0\Reader\AdobeCollabSync.exe [746376 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-507921405-1284227242-1417001333-1003\...\MountPoints2: H - H:\LaunchU3.exe -a
HKU\S-1-5-21-507921405-1284227242-1417001333-1003\...\MountPoints2: {01048412-a396-11e2-999b-001d72aca64d} - H:\LaunchU3.exe -a
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796\...\Run: [*rrzwvnyvrr<*>] => "C:\Documents and Settings\owner\Local Settings\Application Data\f003ad\9595f3.bat" <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [746376 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796\...\MountPoints2: H - H:\LaunchU3.exe -a
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796\...\MountPoints2: {01048412-a396-11e2-999b-001d72aca64d} - H:\LaunchU3.exe -a
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609\...\Run: [*rrzwvnyvrr<*>] => "C:\Documents and Settings\owner\Local Settings\Application Data\f003ad\9595f3.bat" <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [746376 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609\...\MountPoints2: H - H:\LaunchU3.exe -a
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609\...\MountPoints2: {01048412-a396-11e2-999b-001d72aca64d} - H:\LaunchU3.exe -a
URLSearchHook: [S-1-5-21-507921405-1284227242-1417001333-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063621187] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-21-507921405-1284227242-1417001333-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063652656] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-507921405-1284227242-1417001333-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-1284227242-1417001333-1003 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-14] (Oracle Corporation)
FF ProfilePath: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\l0eutqyb.default-1494803957500 [not found] <==== ATTENTION
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CustomCLSID: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {1874A415-9468-D082-4334-05E985889A47} => No File
CustomCLSID: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {55F8EFAD-9468-D082-FB7F-89A485889A47} => No File
CustomCLSID: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {1874A415-9468-D082-4334-05E985889A47} => No File
CustomCLSID: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {55F8EFAD-9468-D082-FB7F-89A485889A47} => No File
CustomCLSID: HKU\S-1-5-21-507921405-1284227242-1417001333-1003_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {1874A415-9468-D082-4334-05E985889A47} => No File
CustomCLSID: HKU\S-1-5-21-507921405-1284227242-1417001333-1003_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {55F8EFAD-9468-D082-FB7F-89A485889A47} => No File
2018-04-09 17:24 - 2018-04-09 17:24 - 000503208 _____ (Piriform Ltd) C:\Documents and Settings\owner\Local Settings\Temp\ccupdate.exe
2018-04-09 09:49 - 2016-03-09 01:00 - 000718336 _____ (Microsoft Corporation) C:\Documents and Settings\owner\Local Settings\Temp\dllnt_dump.dll
2018-04-07 07:00 - 2018-04-07 06:59 - 000457016 _____ () C:\Documents and Settings\owner\Local Settings\Temp\DoubleClick.exe
2018-04-07 06:59 - 2018-04-07 07:00 - 002158592 _____ () C:\Documents and Settings\owner\Local Settings\Temp\installer_mi.exe
2018-04-07 06:58 - 2018-04-07 06:59 - 000860523 _____ ( ) C:\Documents and Settings\owner\Local Settings\Temp\setup.exe
2015-08-14 08:29 - 2015-07-29 16:08 - 000681097 _____ (SQLite Development Team) C:\Documents and Settings\owner\Local Settings\Temp\sqlite3.dll
2018-04-07 07:00 - 2018-04-07 07:00 - 004450288 _____ ( ) C:\Documents and Settings\owner\Local Settings\Temp\SystemHealer.exe
2018-04-07 06:59 - 2018-04-07 06:59 - 000457016 _____ () C:\Documents and Settings\owner\Local Settings\Temp\zdj.exe
C:\Documents and Settings\owner\Local Settings\Temp\dllnt_dump.dll
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMPDCCB2FA [306]
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063528750\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063637687\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063539718\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638125\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063528750\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063637687\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063539718\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638125\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-21-507921405-1284227242-1417001333-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Bliss.bmp
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Bliss.bmp
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Bliss.bmp
HKU\S-1-5-21-507921405-1284227242-1417001333-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063621187\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-21-507921405-1284227242-1417001333-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063652656\Control Panel\Desktop\\Wallpaper -> (None)
HKLM\...\regfile\shell\open\command: C:\WINDOWS\REGEDIT.EXE /M "%L" <==== ATTENTION
HKLM\...\batfile\shell\open\command: C:\WINDOWS\system32\CMD.EXE /C Call "%L" %* <==== ATTENTION
HKLM\...\cmdfile\shell\open\command: C:\WINDOWS\system32\CMD.EXE /C Call "%L" %* <==== ATTENTION
2018-04-07 07:36 - 2018-04-09 15:39 - 003072054 _____ C:\Documents and Settings\owner\.bmp
2018-04-07 07:36 - 2018-04-09 15:39 - 000000000 _____ C:\Documents and Settings\owner\mp
2018-04-07 07:04 - 2018-04-07 07:49 - 003072054 _____ C:\Documents and Settings\owner\Local Settings\Application Data\.bmp
2018-04-07 07:04 - 2018-04-07 07:49 - 000000000 _____ C:\Documents and Settings\owner\Local Settings\Application Data\mp
C:\Documents and Settings\owner\Local Settings\Application Data\.bmp
C:\Documents and Settings\owner\Local Settings\Application Data\mp
2018-03-30 16:38 - 2018-03-30 16:38 - 000276578 _____ C:\Documents and Settings\owner\My Documents\hamsanada.bmp
2018-03-30 16:33 - 2018-03-30 16:33 - 000115390 _____ C:\Documents and Settings\owner\My Documents\skandamanorama.bmp
1618-10-21 21:05 - 1618-10-21 21:05 - 000096256 ____N (Microsoft Corporation) C:\Program Files\NYqasgsZY.exe
CMD: ipconfig /flushdns
EMPTYTEMP:
*****************

Restore point was successfully created.
Processes closed successfully.
"HKU\S-1-5-21-507921405-1284227242-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Run \\*rrzwvnyvrr<*>" => not found
"HKU\S-1-5-21-507921405-1284227242-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Run \\Adobe Reader Synchronizer" => not found
HKU\S-1-5-21-507921405-1284227242-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\H => not found
HKU\S-1-5-21-507921405-1284227242-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{01048412-a396-11e2-999b-001d72aca64d} => not found
HKLM\Software\Classes\CLSID\{01048412-a396-11e2-999b-001d72aca64d} => not found
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796\...\Run: [*rrzwvnyvrr<*>] => "C:\Documents and Settings\owner\Local Settings\Application Data\f003ad\9595f3.bat" <==== ATTENTION (Value Name with invalid characters) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [746376 2014-05-08] (Adobe Systems Incorporated) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796\...\MountPoints2: H - H:\LaunchU3.exe -a => Error: No automatic fix found for this entry.
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796\...\MountPoints2: {01048412-a396-11e2-999b-001d72aca64d} - H:\LaunchU3.exe -a => Error: No automatic fix found for this entry.
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609\...\Run: [*rrzwvnyvrr<*>] => "C:\Documents and Settings\owner\Local Settings\Application Data\f003ad\9595f3.bat" <==== ATTENTION (Value Name with invalid characters) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [746376 2014-05-08] (Adobe Systems Incorporated) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609\...\MountPoints2: H - H:\LaunchU3.exe -a => Error: No automatic fix found for this entry.
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609\...\MountPoints2: {01048412-a396-11e2-999b-001d72aca64d} - H:\LaunchU3.exe -a => Error: No automatic fix found for this entry.
URLSearchHook: [S-1-5-21-507921405-1284227242-1417001333-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063621187] ATTENTION => Default URLSearchHook is missing => Error: No automatic fix found for this entry.
URLSearchHook: [S-1-5-21-507921405-1284227242-1417001333-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063652656] ATTENTION => Default URLSearchHook is missing => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-507921405-1284227242-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
HKU\S-1-5-21-507921405-1284227242-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => not found
HKLM\Software\Classes\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => not found
SearchScopes: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => not found
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => not found
HKLM\Software\MozillaPlugins\Adobe Reader => not found
"C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll" => not found
HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmj mplflapaojjnihcjkigck => not found
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlod glbbmalcneegieacbdmki => not found
CustomCLSID: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {1874A415-9468-D082-4334-05E985889A47} => No File => Error: No automatic fix found for this entry.
CustomCLSID: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {55F8EFAD-9468-D082-FB7F-89A485889A47} => No File => Error: No automatic fix found for this entry.
CustomCLSID: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {1874A415-9468-D082-4334-05E985889A47} => No File => Error: No automatic fix found for this entry.
CustomCLSID: HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {55F8EFAD-9468-D082-FB7F-89A485889A47} => No File => Error: No automatic fix found for this entry.
HKU\S-1-5-21-507921405-1284227242-1417001333-1003_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B} => not found
HKU\S-1-5-21-507921405-1284227242-1417001333-1003_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850} => not found
"C:\Documents and Settings\owner\Local Settings\Temp\ccupdate.exe" => not found
"C:\Documents and Settings\owner\Local Settings\Temp\dllnt_dump.dll" => not found
"C:\Documents and Settings\owner\Local Settings\Temp\DoubleClick.exe" => not found
"C:\Documents and Settings\owner\Local Settings\Temp\installer_mi.exe" => not found
"C:\Documents and Settings\owner\Local Settings\Temp\setup.exe" => not found
"C:\Documents and Settings\owner\Local Settings\Temp\sqlite3.dll" => not found
"C:\Documents and Settings\owner\Local Settings\Temp\SystemHealer.exe" => not found
"C:\Documents and Settings\owner\Local Settings\Temp\zdj.exe" => not found
"C:\Documents and Settings\owner\Local Settings\Temp\dllnt_dump.dll" => not found
"AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMPDCCB2FA [306]" => "AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMPDCCB2FA [306]" ADS not found.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063528750\Control Panel\Desktop\\Wallpaper -> (None) => Error: No automatic fix found for this entry.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063637687\Control Panel\Desktop\\Wallpaper -> (None) => Error: No automatic fix found for this entry.
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063539718\Control Panel\Desktop\\Wallpaper -> (None) => Error: No automatic fix found for this entry.
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638125\Control Panel\Desktop\\Wallpaper -> (None) => Error: No automatic fix found for this entry.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063528750\Control Panel\Desktop\\Wallpaper -> (None) => Error: No automatic fix found for this entry.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063637687\Control Panel\Desktop\\Wallpaper -> (None) => Error: No automatic fix found for this entry.
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063539718\Control Panel\Desktop\\Wallpaper -> (None) => Error: No automatic fix found for this entry.
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638125\Control Panel\Desktop\\Wallpaper -> (None) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-507921405-1284227242-1417001333-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Bliss.bmp => Error: No automatic fix found for this entry.
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063543796\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Bliss.bmp => Error: No automatic fix found for this entry.
HKU\S-1-5-21-507921405-1284227242-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063638609\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Bliss.bmp => Error: No automatic fix found for this entry.
HKU\S-1-5-21-507921405-1284227242-1417001333-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063621187\Control Panel\Desktop\\Wallpaper -> (None) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-507921405-1284227242-1417001333-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018063652656\Control Panel\Desktop\\Wallpaper -> (None) => Error: No automatic fix found for this entry.
HKLM\Software\Classes\regfile\shell\open\command\\ Default => value restored successfully
HKLM\Software\Classes\batfile\shell\open\command\\ Default => value restored successfully
HKLM\Software\Classes\cmdfile\shell\open\command\\ Default => value restored successfully
"C:\Documents and Settings\owner\.bmp" => not found
"C:\Documents and Settings\owner\mp" => not found
"C:\Documents and Settings\owner\Local Settings\Application Data\.bmp" => not found
"C:\Documents and Settings\owner\Local Settings\Application Data\mp" => not found
"C:\Documents and Settings\owner\Local Settings\Application Data\.bmp" => not found
"C:\Documents and Settings\owner\Local Settings\Application Data\mp" => not found
"C:\Documents and Settings\owner\My Documents\hamsanada.bmp" => not found
"C:\Documents and Settings\owner\My Documents\skandamanorama.bmp" => not found
"C:\Program Files\NYqasgsZY.exe" => not found

========= ipconfig /flushdns =========



Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9773 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 0 B
Java, Flash, Steam htmlcache => 1066 B
Windows/system/dllcache/drivers => 15216 B
Edge => 0 B
Chrome => 0 B
Firefox => 91825611 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 0 B
All Users => 0 B
systemprofile => 0 B
LocalService => 424 B
NetworkService => 648154 B
owner => 74746139 B
Administrator => 66228 B

RecycleBin => 220898 B
EmptyTemp: => 159.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:40:03 ====
Reply With Quote