Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random Clicking, Zooming and moving..


  • This topic is locked This topic is locked
11 replies to this topic

#1 MistyC

MistyC

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:08:13 AM

Posted 19 April 2015 - 10:34 AM

Hi Everyone! I have a Sony Vaio Model Number PCG-71913L. Running Windows 7 Home Premium. 

Untitled.png

 

I can sit here without touching my Pc.. Touch pad turned off and mouse turned off.. and my screen will zoom in and out by itself. It will randomly click things.. I do not even have to be touching it.

 

I have ran Avg Virus Scanner and cleared out everything it found.. 

I have ran Malawarebytes and cleared it out and reran it until it was clear..

 

I even ran the one that Microsoft windows website has and it found 2 Trojans. Claimed to clear it out as well. 

 

I am at a loss. Ty so much for helping me. This message alone took forever to write. 

Misty



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:13 AM

Posted 19 April 2015 - 04:19 PM

Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.

 

Step 2: ZHP Cleaner.

 

Download and save ZHP Cleaner to your desktop.

http://www.nicolascoolman.fr/download/zhpcleaner-2/

Right Click and run as administrator.

Click on the Repair button.

At the end of the process you will be asked to reboot your machine.

After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 

Step 3: Security Check.

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

 

 

 

Step 4: Minitoolbox.

 

Please download [b]MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Eset Scan
 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

 
 
 esetonlinebtn.png
 

  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.


#3 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:08:13 AM

Posted 20 April 2015 - 10:23 AM

ok here are all my reports.. Ty for your quick response and all your help!!

 

~ ZHPCleaner v2015.4.19.175 by Nicolas Coolman (20/04/2015)
~ Run by ST0114 (Administrator)  (20/04/2015 06:52:43)
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\ST0114\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\ST0114\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)
 
 
---\\  Services (0)
~ No malicious items found.
 
 
---\\  Browser internet (3)
REPLACED Proxy: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyHttp1.1 ( 1 )
REPLACED Proxy: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride ( <-loopback> )
REPLACED Proxy: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyHttp1.1 ( 1 )
 
 
---\\  Hosts file (0)
~ No malicious items found.
 
 
---\\  Scheduled automatic tasks. (0)
~ No malicious items found.
 
 
---\\  Explorer ( File, Folder) (77)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\about.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\active-threats18.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\AVG SafeGuard toolbar [AVG Technologies - AVG SafeGuard toolbar] (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0215tb.exe [Copyright © 2015 .  All rights reserved. - ] (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\AvgComponents.manifest   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\avgMozXPCOM.js   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\BundleInstall.exe [AVG Secure Search - BundleInstall Application] (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\BundleInstaller.ini   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\CleanHistory.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\configuration.xml   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\crash.avgdx   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\current.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\currently-safe18.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\data.zip   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\EULA.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\Facebook.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\favicon.ico   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\feedback.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\FireFoxSearchXml.tmp   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\help.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\icon18.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\labs.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\lip.exe [AVG Secure Search - LowInteg] (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\privacy.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\remote_configuration.xml   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\search.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\setup.bmp   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\surf-with-caution18.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\Uninstall.exe [AVG Technologies - AVG Uninstaller] (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\uninstall.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\updating18.gif   (Toolbar.AVGSafeGuard)
MOVED file: C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [Copyright © 2012 - VProtect Application] (Toolbar.AVGSafeGuard)
MOVED file**: C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_1114tb.exe [Copyright © 2011 .  All rights reserved. - ] (Toolbar.AVGSearch)
MOVED folder*: C:\Program Files (x86)\AVG SafeGuard toolbar\18.3.0.885 (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Program Files (x86)\AVG SafeGuard toolbar\Chrome (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Program Files (x86)\AVG SafeGuard toolbar\ChromeGuardRes (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Program Files (x86)\AVG SafeGuard toolbar\ChromeRes (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Program Files (x86)\AVG SafeGuard toolbar\DSPDlg_IE (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Program Files (x86)\AVG SafeGuard toolbar\EnableHelperRes (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Program Files (x86)\AVG SafeGuard toolbar\IeDspHelperRes (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Program Files (x86)\AVG SafeGuard toolbar\Licenses (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Program Files (x86)\AVG SafeGuard toolbar\UninstallRes (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Program Files (x86)\globalUpdate\CrashReports (PUP.GlobalUpdate)
MOVED folder*: C:\Program Files\Enigma Software Group\SpyHunter (PUP.EnigmaSoftware)
MOVED file**: C:\Program Files (x86)\Common Files\AVG Secure Search\InstalledProducts.ini   (Toolbar.AVGSearch)
MOVED folder*: C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller (Toolbar.AVGSearch)
MOVED folder*: C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi (Toolbar.AVGSearch)
MOVED folder*: C:\Program Files (x86)\Common Files\AVG Secure Search\RewardsInstaller (Toolbar.AVGSearch)
MOVED folder*: C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller (Toolbar.AVGSearch)
MOVED folder*: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller (Toolbar.AVGSearch)
MOVED folder*: C:\Program Files (x86)\Common Files\AVG Secure Search\ToolBandTlb (Toolbar.AVGSearch)
MOVED folder*: C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller (Toolbar.AVGSearch)
MOVED folder*: C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater (Toolbar.AVGSearch)
MOVED file**: C:\ProgramData\BrOwwsae2saevEe\51492ba64a9f1.tlb   (Adware.Multiplug)
MOVED file**: C:\ProgramData\iolo\LicenseLoad.xml   (PUP.SafePCRepair)
MOVED folder*: C:\ProgramData\AVG SafeGuard toolbar\ChromeExt (Toolbar.AVGSafeGuard)
MOVED folder*: C:\ProgramData\AVG SafeGuard toolbar\CrashReport (Toolbar.AVGSafeGuard)
MOVED folder*: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt (Toolbar.AVGSafeGuard)
MOVED folder*: C:\ProgramData\AVG SafeGuard toolbar\FirefoxSaps (Toolbar.AVGSafeGuard)
MOVED folder*: C:\ProgramData\AVG SafeGuard toolbar\Logger (Toolbar.AVGSafeGuard)
MOVED folder*: C:\ProgramData\AVG SafeGuard toolbar\Toolbar (Toolbar.AVGSafeGuard)
MOVED folder*: C:\ProgramData\AVG Secure Search\Logger (Toolbar.AVGSearch)
MOVED folder*: C:\ProgramData\BrOwwsae2saevEe\data (Adware.Multiplug)
MOVED folder*: C:\ProgramData\InstallMate\{B6A8C1EA-6F72-488F-AA64-27506D4BE31C} (PUP.Tarma)
MOVED folder*: C:\Windows\System32\AI_RecycleBin\{51ED8F33-B1D5-4BE4-9E30-A49D23D79139} (Adware.Agent)
MOVED folder*: C:\Windows\System32\AI_RecycleBin\{90ACD86B-94BE-47EB-A0F3-9B4963DF9A50} (Adware.Agent)
MOVED folder*: C:\Windows\System32\AI_RecycleBin\{994C314A-D6F7-4A01-BF49-A661EE893D87} (Adware.Agent)
MOVED folder*: C:\Windows\System32\AI_RecycleBin\{9B931941-72B5-4C99-A74C-484ACD5F386C} (Adware.Agent)
MOVED folder*: C:\Windows\System32\SearchProtect\Logs (Adware.Sambreel)
MOVED folder*: C:\Users\ST0114\AppData\LocalLow\AVG SafeGuard toolbar\cache (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Users\ST0114\AppData\LocalLow\Toolbar4\{8660E5B3-6C41-44DE-8503-98D99BBECD41} (Adware.SocialSkinz)
MOVED folder*: C:\Users\ST0114\AppData\Local\AVG SafeGuard toolbar\Chrome (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Users\ST0114\AppData\Local\AVG SafeGuard toolbar\DNT (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Users\ST0114\AppData\Local\AVG SafeGuard toolbar\SiteSafety (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Users\ST0114\AppData\Local\AVG SafeGuard toolbar\Statistics (Toolbar.AVGSafeGuard)
MOVED folder*: C:\Users\ST0114\AppData\Local\globalUpdate\CrashReports (PUP.GlobalUpdate)
 
 
---\\  Registry ( Key, Value, Data) (0)
~ No malicious items found.
 
 
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
 
 
---\\ Statistics
~ Items scanned : 72246
~ Items found : 0
~ Items repaired : 80
 
 
End of clean at 06:59:17
===================
ZHPCleaner-[R]-20042015-06_59_17.txt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 Results of screen317's Security Check version 1.00  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials      
AVG Anti-Virus Free Edition 2012   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 JavaFX 2.1.1    
 Java 7 Update 67  
 Java version 32-bit out of Date! 
 Adobe Flash Player 17.0.0.169  
 Adobe Reader XI  
 Mozilla Firefox 36.0.4 Firefox out of Date!  
 Mozilla Thunderbird (31.5.0) 
 Google Chrome (41.0.2272.118) 
 Google Chrome (42.0.2311.90) 
 Google Chrome (plugins...) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 AVG avgwdsvc.exe 
 AVG avgtray.exe 
 Sony VAIOCA~1 Iolo IOLOTO~1.EXE 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log`````````````````````` 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 MiniToolBox by Farbar  Version: 14-04-2015
Ran by ST0114 (administrator) on 20-04-2015 at 07:11:01
Running from "C:\Users\ST0114\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: VPCEH15FX Manufacturer: Sony Corporation
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
Hosts file not detected in the default directory
========================= IP Configuration: ================================
 
Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add address name="ethernet_11" address=192.168.177.1 mask=255.255.255.0
add address name="ethernet_12" address=192.168.146.1 mask=255.255.255.0
add address name="Wireless Network Connection 3" address=192.168.16.2 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Momma
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 8C-A9-82-A5-FA-FD
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 8C-A9-82-A5-FA-FD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
   Physical Address. . . . . . . . . : 8C-A9-82-A5-FA-FC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4581:20e7:4a3f:651b%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.27(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, April 19, 2015 4:33:20 PM
   Lease Expires . . . . . . . . . . : Tuesday, April 21, 2015 4:17:26 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 311208322
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A5-5A-A2-78-84-3C-E6-19-24
   DNS Servers . . . . . . . . . . . : 192.168.0.1
                                       205.171.3.26
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 78-84-3C-E6-19-24
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 9:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:8c9:348:3f57:ffe4(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::8c9:348:3f57:ffe4%21(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.Home:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{C2137551-F7BE-4938-AB0C-E1A4729B140E}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{0520123C-AFC0-4959-9686-A8BBBB04C9C0}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  modem
Address:  192.168.0.1
 
Name:    google.com
Addresses:  2607:f8b0:4002:c09::64
 64.233.185.138
 64.233.185.113
 64.233.185.101
 64.233.185.139
 64.233.185.100
 64.233.185.102
 
 
Pinging google.com [64.233.185.100] with 32 bytes of data:
Reply from 64.233.185.100: bytes=32 time=20ms TTL=43
Reply from 64.233.185.100: bytes=32 time=20ms TTL=43
 
Ping statistics for 64.233.185.100:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 20ms, Maximum = 20ms, Average = 20ms
Server:  modem
Address:  192.168.0.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=49ms TTL=49
Reply from 98.139.183.24: bytes=32 time=49ms TTL=49
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 49ms, Maximum = 49ms, Average = 49ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...8c a9 82 a5 fa fd ......Microsoft Virtual WiFi Miniport Adapter #2
 14...8c a9 82 a5 fa fd ......Microsoft Virtual WiFi Miniport Adapter
 12...8c a9 82 a5 fa fc ......Intel® WiFi Link 1000 BGN
 11...78 84 3c e6 19 24 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 21...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.27     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.27    281
     192.168.0.27  255.255.255.255         On-link      192.168.0.27    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.27    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.27    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.27    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 21     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 21     58 2001::/32                On-link
 21    306 2001:0:9d38:6ab8:8c9:348:3f57:ffe4/128
                                    On-link
 12    281 fe80::/64                On-link
 21    306 fe80::/64                On-link
 21    306 fe80::8c9:348:3f57:ffe4/128
                                    On-link
 12    281 fe80::4581:20e7:4a3f:651b/128
                                    On-link
  1    306 ff00::/8                 On-link
 21    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 mswsock.dll [] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
 
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
 
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/20/2015 06:40:55 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.
 
Error: (04/20/2015 06:35:30 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.
 
Error: (04/20/2015 06:30:00 AM) (Source: MsiInstaller) (User: MOMMA)
Description: Product: Media Gallery -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.
 
Error: (04/19/2015 06:13:58 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.
 
Error: (04/19/2015 06:08:18 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.
 
Error: (04/19/2015 06:03:37 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.
 
Error: (04/19/2015 05:56:21 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Media Gallery -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.
 
Error: (04/19/2015 05:50:36 PM) (Source: MsiInstaller) (User: MOMMA)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.
 
Error: (04/19/2015 05:45:58 PM) (Source: MsiInstaller) (User: MOMMA)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.
 
Error: (04/19/2015 05:40:50 PM) (Source: MsiInstaller) (User: MOMMA)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.
 
 
System errors:
=============
Error: (04/20/2015 06:48:56 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (04/20/2015 06:48:46 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (04/20/2015 06:36:02 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SOHDs service.
 
Error: (04/20/2015 06:30:47 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SOHDs service.
 
Error: (04/19/2015 05:51:06 PM) (Source: DCOM) (User: )
Description: {47E02AAE-CBD7-4F63-858E-15AFD6CDB8BB}
 
Error: (04/19/2015 05:22:12 PM) (Source: DCOM) (User: )
Description: {1D67956B-CA3C-44B0-B942-A0393463363D}
 
Error: (04/19/2015 05:12:26 PM) (Source: DCOM) (User: )
Description: {7BC716AD-8F37-4E5B-933A-2E7D84842078}
 
Error: (04/19/2015 04:48:16 PM) (Source: Service Control Manager) (User: )
Description: The VAIO Content Metadata Intelligent Analyzing Manager service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/19/2015 04:37:48 PM) (Source: DCOM) (User: )
Description: {47E02AAE-CBD7-4F63-858E-15AFD6CDB8BB}
 
Error: (04/19/2015 04:37:18 PM) (Source: DCOM) (User: )
Description: {1D67956B-CA3C-44B0-B942-A0393463363D}
 
 
Microsoft Office Sessions:
=========================
Error: (04/20/2015 06:40:55 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/20/2015 06:35:30 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/20/2015 06:30:00 AM) (Source: MsiInstaller)(User: MOMMA)
Description: Product: Media Gallery -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/19/2015 06:13:58 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/19/2015 06:08:18 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/19/2015 06:03:37 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/19/2015 05:56:21 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Media Gallery -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/19/2015 05:50:36 PM) (Source: MsiInstaller)(User: MOMMA)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/19/2015 05:45:58 PM) (Source: MsiInstaller)(User: MOMMA)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/19/2015 05:40:50 PM) (Source: MsiInstaller)(User: MOMMA)
Description: Product: PMB VAIO Edition Plug-in -- Error 1921.Service VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) could not be stopped.  Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL)
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-09 13:00:12.455
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\Motive\pcContextHook_DSR.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-09 12:44:34.496
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\Motive\pcContextHook_DSR.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-05 12:35:41.423
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\Motive\pcContextHook_DSR.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-04 23:10:46.829
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\Motive\pcContextHook_DSR.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-04 23:10:46.379
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\Motive\pcContextHook_DSR.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-04 21:51:16.163
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\Motive\pcContextHook_DSR.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-04 21:50:42.002
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\Motive\pcContextHook_DSR.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-04 11:16:20.522
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\Motive\pcContextHook_DSR.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-04 11:16:19.232
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\Motive\pcContextHook_DSR.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-02-03 23:11:52.177
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\Motive\pcContextHook_DSR.dll because the set of per-page image hashes could not be found on the system.
 
 
 
=========================== Installed Programs ============================
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Connect 9 Add-in (HKCU\...\Adobe Connect 9 Add-in) (Version: 11,9,966,0 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Refresh Manager (x32 Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.485 - ArcSoft)
AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2250 - AVG Technologies)
AVG 2012 (Version: 12.0.4311 - AVG Technologies) Hidden
AVG 2012 (Version: 12.1.2250 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.3.0.885 - AVG Technologies)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.18.51 - Conexant)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.5) (Version: 5.0.1.5 - Coupons.com Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolphin Futures XPS Viewer version 1.1.0 (HKLM-x32\...\{75480068-162F-4D6B-B38E-76606A4E5320}_is1) (Version: 1.1.0 - Dolphin Futures Limited)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.2.0 - SEIKO EPSON CORPORATION)
Epson E-Web Print (HKLM-x32\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-2530 Series Printer Uninstall (HKLM\...\EPSON WF-2530 Series) (Version:  - SEIKO EPSON Corporation)
Google Chrome (HKCU\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 29342) (Version: 35228 - Intel)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel® Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Jarte 5.3 (HKLM-x32\...\Jarte_is1) (Version: 5.3 - Carolina Road Software L.L.C.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Logitech Flow Scroll 4.0 (HKLM\...\Sn1) (Version: 4.00.33 - Logitech)
LTCM Client (HKLM-x32\...\{B38E9B55-7136-4E66-A084-320512FF3F6F}) (Version: 1.20.3792 - Leader Technologies Inc)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.7.0205.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 en-US)) (Version: 31.5.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero 11 Kwik Themes 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes 2 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 9 Essentials (HKLM-x32\...\{59184d95-12f7-481b-83e9-55fc52f5a457}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.12.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Next Stop (HKLM-x32\...\BFG-Next Stop) (Version:  - )
OOBE (x32 Version: 11.2.1.10 - Sony Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PMB (x32 Version: 5.8.01.09211 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.01.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
QuickShare (HKLM-x32\...\{81BFDC6A-7574-424C-AA2E-0A19FE2B1A3F}) (Version: 1.62.60.11333 - Linkury Inc.)
RealNetworks - Microsoft Visual C++ 2005 Runtime (x32 Version: 8.0 - RealNetworks) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION)
Software Updater (HKLM-x32\...\Software Updater) (Version: 1.0.0.4 - Auto-Update.me)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VAIO - Media Gallery (x32 Version: 1.5.0.16020 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.5.01.04060 - Sony Corporation) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO - Remote Play with PlayStation®3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{D9FFE40D-1A85-4541-992C-5EF505F391A4}) (Version: 8.4.2.12041 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (x32 Version: 4.5.0.03040 - Sony Corporation) Hidden
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (x32 Version: 5.5.0.03040 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 2.4.2.02200 - Sony Corporation) Hidden
VAIO Gate Default (x32 Version: 2.4.0.03240 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Help and Support (HKLM-x32\...\{F5248E24-F52C-4FD1-B76F-102460BAFD6B}) (Version: 14.00.0125 - Sony Corporation)
VAIO Improvement (x32 Version: 1.0.0.14150 - Sony Corporation) Hidden
VAIO Manual (x32 Version: 2.0.0.02250 - Sony Corporation) Hidden
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (x32 Version: 1.4.0.09010 - Sony Corporation) Hidden
VAIO Satisfaction Survey. (x32 Version: 3.0 - Sony Electronics Inc.) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Transfer Support (x32 Version: 1.4.0.14230 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUDU To Go (HKLM-x32\...\com.vudu.air.Downloader) (Version: 2.1.7 - Vudu)
VUDU To Go (x32 Version: 2.1.7 - Vudu) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WinCachebox (HKLM-x32\...\{C73036E9-47FA-4E0F-84C4-967E7DDFB9F6}) (Version: 1.1.254 - Ging-Buh)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
XnView 1.98.5 (HKLM-x32\...\XnView_is1) (Version: 1.98.5 - Gougelet Pierre-e)
XnView Shell Extension 3.1.0 (64bits) (HKLM-x32\...\XnView Shell Extension_is1) (Version: 3.1.0 - Gougelet Pierre-e)
 
========================= Devices: ================================
 
Name: SBMNTR
Description: SBMNTR
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: sbmntr
Device ID: ROOT\LEGACY_SBMNTR\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: X5XSEx
Description: X5XSEx
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: X5XSEx
Device ID: ROOT\LEGACY_X5XSEX\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 53%
Total physical RAM: 4043.86 MB
Available physical RAM: 1868.11 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 4904.18 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.19 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:455.16 GB) (Free:337.81 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\MOMMA
 
Administrator            Guest                    Mcx1-MOMMA               
ST0114                   
 
 
**** End of log ****
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

C:\$Recycle.Bin\S-1-5-21-2749176277-1097856338-3472885861-1005\$RQO9LY9.exe a variant of Win32/InstallCore.YW potentially unwanted application
C:\Users\All Users\MAgeIl\dat\sgNNDMH.dll a variant of MSIL/Adware.PullUpdate.C application
C:\Program Files\Adware-Removal-Tool\ARTP3.exe MSIL/FakeTool.PS trojan cleaned by deleting - quarantined
C:\ProgramData\MAgeIl\dat\sgNNDMH.dll a variant of MSIL/Adware.PullUpdate.C application cleaned by deleting - quarantined
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll a variant of Win32/Toolbar.Linkury.G potentially unwanted application deleted - quarantined
C:\Windows\Installer\9986f5c.msi a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
 


#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:13 AM

Posted 20 April 2015 - 10:27 AM

You are running two antivirus applications.

 

Microsoft Security Essentials      
AVG Anti-Virus Free Edition 2012 
 
Uninstall one!!
 
 

 

Step 1: eScanAV.

 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Download the eScanAV Anti-Virus Toolkit (MWAV)
http://www.escanav.com/english/content/products/downloadlink/downloadcounter.asp?pcode=MWAV&src=english_dwn&type=alter
Save the file to your desktop.
Right click run as administrator.
A new icon will appear on your desktop.
Right click run as administrator on new icon.
Click on the update tab.
ZCDJtZN.png
Once you have updated the program, make sure the settings are the same as the picture below.
7DUFn5c.png
Once you have made sure the settings match the picture, hit the Scan & Clean button.
Upon scan completion, click View Log.
ApSVXsQ.png
Copy and paste entire log into your next reply.
Note: Reboot if needed to remove infections.

 

Step 2: Zemana

 

Run a full scan with Zemana antimalware.

http://www.zemana.us/product/zemana-antimalware/default.aspx

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.

 

 

Step 3: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 4: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


#5 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:08:13 AM

Posted 20 April 2015 - 02:24 PM

20 Apr 2015 12:22:48 [1298] - **********************************************************
20 Apr 2015 12:22:48 [1298] - MWAV - eScanAV AntiVirus Toolkit.
20 Apr 2015 12:22:48 [1298] - Copyright © MicroWorld Technologies
20 Apr 2015 12:22:48 [1298] - **********************************************************
20 Apr 2015 12:22:48 [1298] - Source: C:\Users\ST0114\Desktop\mwav.exe
20 Apr 2015 12:22:48 [1298] - Version 14.0.178 (C:\USERS\ST0114\APPDATA\LOCAL\TEMP\MEXE.COM)
20 Apr 2015 12:22:48 [1298] - Log File: C:\Users\ST0114\AppData\Local\Temp\MWAV.LOG
20 Apr 2015 12:22:48 [1298] - MWAV Registered: TRUE
20 Apr 2015 12:22:48 [1298] - User Account: ST0114 (Administrator Mode)
20 Apr 2015 12:22:48 [1298] - OS Type: Windows Workstation [InstallType: Client]
20 Apr 2015 12:22:48 [1298] - OS: Windows 7 64-Bit [OS Install Date: 04 Oct 2011 13:12:12]
20 Apr 2015 12:22:48 [1298] - Ver: Personal Service Pack 1 (Build 7601)
20 Apr 2015 12:22:48 [1298] - System Up Time: 27 Minutes, 1 Second
 
 
20 Apr 2015 12:22:48 [1298] - Parent Process Name : C:\Users\ST0114\Desktop\mwav.exe
20 Apr 2015 12:22:48 [1298] - Windows Root  Folder: C:\Windows
20 Apr 2015 12:22:48 [1298] - Windows Sys32 Folder: C:\Windows\system32
20 Apr 2015 12:22:48 [1298] - DHCP NameServer: 192.168.0.1 205.171.3.26
20 Apr 2015 12:22:48 [1298] - Interface0 DHCPNameServer: 192.168.0.1 205.171.3.26
20 Apr 2015 12:22:48 [1298] - Interface1 DHCPNameServer: 192.168.0.1 205.171.3.26
20 Apr 2015 12:22:48 [1298] - Local Fixed Drives: c:\
20 Apr 2015 12:22:48 [1298] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
20 Apr 2015 12:22:48 [1298] - [CREATED ZIP FILE: C:\Users\ST0114\AppData\Local\Temp\pinfect.zip]
20 Apr 2015 12:22:48 [1298] - Latest Date of files inside MWAV: Mon Mar  2 17:13:53 2015.
20 Apr 2015 12:22:51 [1298] - ** Changed Value of "Path"
20 Apr 2015 12:22:51 [1298] - ** Changed Value of "HKEY_CLASSES_ROOT\.htm" from "ChromeHTML.MUNAP54JSLCWOVNMRSKP2ZQPD4" to "htmlfile"
20 Apr 2015 12:22:51 [1298] - ** Changed Value of "HKEY_CLASSES_ROOT\.html" from "ChromeHTML.MUNAP54JSLCWOVNMRSKP2ZQPD4" to "htmlfile"
20 Apr 2015 12:22:51 [1298] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\ST0114\AppData\Local\Temp\ESCANDB.LOG]
20 Apr 2015 12:22:52 [1298] - Loaded/Created FileScan Cache Database...
20 Apr 2015 12:22:52 [1298] - Loading AV Library [DB]...
20 Apr 2015 12:23:28 [1298] - ArchiveScan: DISABLED
20 Apr 2015 12:23:29 [1298] - AV Library Loaded - MultiThreaded - 8 : [DB-DIRECT].
20 Apr 2015 12:23:29 [1298] - MWAV doing self scanning...
20 Apr 2015 12:23:29 [1298] - MWAV files are clean.
20 Apr 2015 12:23:53 [1298] - ArchiveScan: DISABLED
20 Apr 2015 12:23:53 [1298] - Virus Database Date: 02 Mar 2015
20 Apr 2015 12:23:53 [1298] - Virus Database Count: 6701505
20 Apr 2015 12:23:53 [1298] - Sign Version: 7.59505 [518257]
20 Apr 2015 12:23:58 [1298] - Downloading AntiVirus and Anti-Spyware Databases...
20 Apr 2015 12:28:26 [1298] - Update Successful...
20 Apr 2015 12:29:32 [1298] - Indexed Spyware Databases Successfully Created...
20 Apr 2015 12:29:32 [1298] - Old Sign Version: 7.59505 New Sign Version: 7.60210
20 Apr 2015 12:29:45 [1298] - Reload of AntiVirus Signatures successfully done.
20 Apr 2015 12:29:45 [1298] - Virus Database Date: 20 Apr 2015
20 Apr 2015 12:29:45 [1298] - Virus Database Count: 5644837
20 Apr 2015 12:29:45 [1298] - Sign Version: 7.60210 [518962]
 
20 Apr 2015 12:30:22 [1298] - **********************************************************
20 Apr 2015 12:30:22 [1298] - MWAV - eScanAV AntiVirus Toolkit.
20 Apr 2015 12:30:22 [1298] - Copyright © MicroWorld Technologies
20 Apr 2015 12:30:22 [1298] - 
20 Apr 2015 12:30:22 [1298] - Support: support@escanav.com
20 Apr 2015 12:30:22 [1298] - Web: http://www.escanav.com
20 Apr 2015 12:30:22 [1298] - **********************************************************
20 Apr 2015 12:30:22 [1298] - Version 14.0.178[DB] (C:\USERS\ST0114\APPDATA\LOCAL\TEMP\MEXE.COM)
20 Apr 2015 12:30:22 [1298] - Log File: C:\Users\ST0114\AppData\Local\Temp\MWAV.LOG
20 Apr 2015 12:30:22 [1298] - User Account: ST0114 (Administrator Mode)
20 Apr 2015 12:30:22 [1298] - Parent Process Name : C:\Users\ST0114\Desktop\mwav.exe
20 Apr 2015 12:30:22 [1298] - Windows Root  Folder: C:\Windows
20 Apr 2015 12:30:22 [1298] - Windows Sys32 Folder: C:\Windows\system32
20 Apr 2015 12:30:22 [1298] - OS: Windows 7 64-Bit [OS Install Date: 04 Oct 2011 13:12:12]
20 Apr 2015 12:30:22 [1298] - Ver: Personal Service Pack 1 (Build 7601)
20 Apr 2015 12:30:22 [1298] - Latest Date of files inside MWAV: Mon Mar  2 17:13:53 2015.
 
20 Apr 2015 12:30:22 [188c] - Options Selected by User:
20 Apr 2015 12:30:22 [188c] - Memory Check: Enabled
20 Apr 2015 12:30:22 [188c] - Registry Check: Enabled
20 Apr 2015 12:30:22 [188c] - StartUp Folder Check: Enabled
20 Apr 2015 12:30:22 [188c] - System Folder Check: Enabled
20 Apr 2015 12:30:22 [188c] - Services Check: Enabled
20 Apr 2015 12:30:22 [188c] - Scan Spyware: Enabled
20 Apr 2015 12:30:22 [188c] - Scan Archives: Disabled
20 Apr 2015 12:30:22 [188c] - Drive Check: Enabled
20 Apr 2015 12:30:22 [188c] - All Drive Check :Disabled
20 Apr 2015 12:30:22 [188c] - Drive Selected = C:\
20 Apr 2015 12:30:22 [188c] - Folder Check: Disabled
20 Apr 2015 12:30:22 [188c] - SCAN: All_Files [ANSI]
20 Apr 2015 12:30:22 [188c] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
 
20 Apr 2015 12:30:22 [188c] - Scanning DNS Records...
20 Apr 2015 12:30:22 [188c] - Scanning Master Boot Record (User)...
20 Apr 2015 12:30:22 [188c] - Scanning Logical Boot Records...
20 Apr 2015 12:30:22 [188c] - ***** Scanning For Hidden Rootkit Processes *****
20 Apr 2015 12:30:22 [188c] - ***** Scanning For Hidden Rootkit Services *****
20 Apr 2015 12:30:27 [188c] - Walk through registry failed!
 
20 Apr 2015 12:30:27 [188c] - ***** Scanning Memory Files *****
 
20 Apr 2015 12:30:41 [188c] - ***** Scanning Registry Files *****
20 Apr 2015 12:30:41 [188c] - ERROR(3)!!! Invalid Entry {95B7759C-8C7F-4BF1-B163-73684A933233} = C:\Program Files (x86)\AVG SafeGuard toolbar\18.3.0.885\AVG SafeGuard toolbar_toolbar.dll (in key HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar). Action Taken: Removing it.
20 Apr 2015 12:31:55 [188c] - ERROR(3)!!! Invalid Entry CLSID = C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll (in key HKCR\Protocols\Handler\viprotocol). Action Taken: Removing it.
20 Apr 2015 12:31:57 [188c] - ERROR(3)!!! Invalid Entry vProt = "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe" (in key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). Action Taken: Removing it.
20 Apr 2015 12:31:57 [188c] - ERROR(3)!!! Invalid Entry GarminExpressTrayApp = "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (in key HKU64\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). Action Taken: Removing it.
20 Apr 2015 12:31:57 [188c] - ERROR(3)!!! Invalid Entry FlashPlayerUpdate = C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_ActiveX.exe -update activex (in key HKU64\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce). Action Taken: Removing it.
 
20 Apr 2015 12:31:57 [188c] - ***** Scanning StartUp Folders *****
 
20 Apr 2015 12:39:15 [188c] - ***** Scanning Service Files *****
20 Apr 2015 12:39:18 [188c] - ERROR(2)!!! Invalid Entry system32\DRIVERS\lgandbus64.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\Andbus.
20 Apr 2015 12:39:18 [188c] - ERROR(2)!!! Invalid Entry system32\DRIVERS\lganddiag64.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\AndDiag.
20 Apr 2015 12:39:18 [188c] - ERROR(2)!!! Invalid Entry system32\DRIVERS\lgandgps64.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\AndGps.
20 Apr 2015 12:39:18 [188c] - ERROR(2)!!! Invalid Entry system32\DRIVERS\lgandmodem64.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\ANDModem.
20 Apr 2015 12:39:20 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\defragsvc].
20 Apr 2015 12:39:22 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\DfsC].
20 Apr 2015 12:39:23 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Dhcp].
20 Apr 2015 12:39:23 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\discache].
20 Apr 2015 12:39:24 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Disk].
20 Apr 2015 12:39:24 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Dnscache].
20 Apr 2015 12:39:24 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\dot3svc].
20 Apr 2015 12:39:25 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\drmkaud].
20 Apr 2015 12:39:25 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\DXGKrnl].
20 Apr 2015 12:39:25 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\e1yexpress].
20 Apr 2015 12:39:26 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\EapHost].
20 Apr 2015 12:39:26 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ebdrv].
20 Apr 2015 12:39:27 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\EFS].
20 Apr 2015 12:39:27 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ehRecvr].
20 Apr 2015 12:39:27 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ehSched].
20 Apr 2015 12:39:28 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\elxstor].
20 Apr 2015 12:39:28 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ErrDev].
20 Apr 2015 12:39:29 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ESENT].
20 Apr 2015 12:39:29 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\EventSystem].
20 Apr 2015 12:39:30 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\EvtEng].
20 Apr 2015 12:39:30 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\exfat].
20 Apr 2015 12:39:31 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\fastfat].
20 Apr 2015 12:39:31 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Fax].
20 Apr 2015 12:39:31 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\fdc].
20 Apr 2015 12:39:32 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\fdPHost].
20 Apr 2015 12:39:32 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\FDResPub].
20 Apr 2015 12:39:33 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\FileInfo].
20 Apr 2015 12:39:33 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Filetrace].
20 Apr 2015 12:39:33 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\flpydisk].
20 Apr 2015 12:39:34 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\FltMgr].
20 Apr 2015 12:39:34 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\FontCache].
20 Apr 2015 12:39:35 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\FontCache3.0.0.0].
20 Apr 2015 12:39:35 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\FsDepends].
20 Apr 2015 12:39:36 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\fssfltr].
20 Apr 2015 12:39:36 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\fsssvc].
20 Apr 2015 12:39:36 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Fs_Rec].
20 Apr 2015 12:39:37 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\fvevol].
20 Apr 2015 12:39:37 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\gagp30kx].
20 Apr 2015 12:39:37 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\GEARAspiWDM].
20 Apr 2015 12:39:38 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\hcw85cir].
20 Apr 2015 12:39:38 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\HdAudAddService].
20 Apr 2015 12:39:39 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\HDAudBus].
20 Apr 2015 12:39:39 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\HidBatt].
20 Apr 2015 12:39:40 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\HidBth].
20 Apr 2015 12:39:40 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\HidIr].
20 Apr 2015 12:39:40 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\hidserv].
20 Apr 2015 12:39:41 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\HidUsb].
20 Apr 2015 12:39:41 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\hkmsvc].
20 Apr 2015 12:39:42 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\HpSAMD].
20 Apr 2015 12:39:42 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\HTTP].
20 Apr 2015 12:39:43 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\hwpolicy].
20 Apr 2015 12:39:43 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\i8042prt].
20 Apr 2015 12:39:43 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ialm].
20 Apr 2015 12:39:44 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\iaStor].
20 Apr 2015 12:39:44 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\IAStorDataMgrSvc].
20 Apr 2015 12:39:44 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\iaStorV].
20 Apr 2015 12:39:45 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\idsvc].
20 Apr 2015 12:39:45 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\igfx].
20 Apr 2015 12:39:45 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\iirsp].
20 Apr 2015 12:39:46 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\IKEEXT].
20 Apr 2015 12:39:46 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\inetaccs].
20 Apr 2015 12:39:46 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\IntcDAud].
20 Apr 2015 12:39:47 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\intelide].
20 Apr 2015 12:39:47 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\intelppm].
20 Apr 2015 12:39:48 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\IPBusEnum].
20 Apr 2015 12:39:48 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\IpFilterDriver].
20 Apr 2015 12:39:48 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\iphlpsvc].
20 Apr 2015 12:39:49 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\IPMIDRV].
20 Apr 2015 12:39:49 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\IPNAT].
20 Apr 2015 12:39:49 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\IRENUM].
20 Apr 2015 12:39:50 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\isapnp].
20 Apr 2015 12:39:50 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\iScsiPrt].
20 Apr 2015 12:39:51 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\kbdclass].
20 Apr 2015 12:39:51 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\kbdhid].
20 Apr 2015 12:39:51 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\KeyIso].
20 Apr 2015 12:39:52 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\KSecDD].
20 Apr 2015 12:39:52 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\KSecPkg].
20 Apr 2015 12:39:52 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ksthunk].
20 Apr 2015 12:39:53 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\KtmRm].
20 Apr 2015 12:39:53 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\LanmanServer].
20 Apr 2015 12:39:53 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\LanmanWorkstation].
20 Apr 2015 12:39:54 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ldap].
20 Apr 2015 12:39:54 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\lltdio].
20 Apr 2015 12:39:54 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\lltdsvc].
20 Apr 2015 12:39:55 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\lmhosts].
20 Apr 2015 12:39:55 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\LMS].
20 Apr 2015 12:39:56 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Lsa].
20 Apr 2015 12:39:56 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\LSI_FC].
20 Apr 2015 12:39:57 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\LSI_SAS].
20 Apr 2015 12:39:57 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\LSI_SAS2].
20 Apr 2015 12:39:57 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\LSI_SCSI].
20 Apr 2015 12:39:58 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\luafv].
20 Apr 2015 12:39:58 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Mcx2Svc].
20 Apr 2015 12:39:59 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\megasas].
20 Apr 2015 12:39:59 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MegaSR].
20 Apr 2015 12:39:59 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MEIx64].
20 Apr 2015 12:40:00 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MMCSS].
20 Apr 2015 12:40:00 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Modem].
20 Apr 2015 12:40:01 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\monitor].
20 Apr 2015 12:40:01 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\mouclass].
20 Apr 2015 12:40:01 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\mouhid].
20 Apr 2015 12:40:02 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\mountmgr].
20 Apr 2015 12:40:02 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\mpio].
20 Apr 2015 12:40:03 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\mpsdrv].
20 Apr 2015 12:40:03 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MpsSvc].
20 Apr 2015 12:40:03 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MREMP50].
20 Apr 2015 12:40:04 [188c] - ERROR(2)!!! Invalid Entry \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\MREMP50.
20 Apr 2015 12:40:04 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MREMP50a64].
20 Apr 2015 12:40:04 [188c] - ERROR(2)!!! Invalid Entry \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\MREMP50a64.
20 Apr 2015 12:40:04 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MREMPR5].
20 Apr 2015 12:40:05 [188c] - ERROR(2)!!! Invalid Entry \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\MREMPR5.
20 Apr 2015 12:40:05 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MRENDIS5].
20 Apr 2015 12:40:05 [188c] - ERROR(2)!!! Invalid Entry \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\MRENDIS5.
20 Apr 2015 12:40:05 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MRESP50].
20 Apr 2015 12:40:05 [188c] - ERROR(2)!!! Invalid Entry \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\MRESP50.
20 Apr 2015 12:40:05 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MRESP50a64].
20 Apr 2015 12:40:06 [188c] - ERROR(2)!!! Invalid Entry \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\MRESP50a64.
20 Apr 2015 12:40:06 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MRxDAV].
20 Apr 2015 12:40:06 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\mrxsmb].
20 Apr 2015 12:40:07 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\mrxsmb10].
20 Apr 2015 12:40:07 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\mrxsmb20].
20 Apr 2015 12:40:07 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\msahci].
20 Apr 2015 12:40:08 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\msdsm].
20 Apr 2015 12:40:08 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MSDTC].
20 Apr 2015 12:40:09 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MSDTC Bridge 3.0.0.0].
20 Apr 2015 12:40:09 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MSDTC Bridge 4.0.0.0].
20 Apr 2015 12:40:09 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Msfs].
20 Apr 2015 12:40:10 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\mshidkmdf].
20 Apr 2015 12:40:10 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\msisadrv].
20 Apr 2015 12:40:10 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MSiSCSI].
20 Apr 2015 12:40:11 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\msiserver].
20 Apr 2015 12:40:11 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MSKSSRV].
20 Apr 2015 12:40:12 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MSPCLOCK].
20 Apr 2015 12:40:12 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MSPQM].
20 Apr 2015 12:40:13 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MsRPC].
20 Apr 2015 12:40:13 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MSSCNTRS].
20 Apr 2015 12:40:13 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\mssmbios].
20 Apr 2015 12:40:14 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MSTEE].
20 Apr 2015 12:40:14 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\msvad_simple].
20 Apr 2015 12:40:14 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MTConfig].
20 Apr 2015 12:40:15 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Mup].
20 Apr 2015 12:40:15 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\MyWiFiDHCPDNS].
20 Apr 2015 12:40:16 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NativeWifiP].
20 Apr 2015 12:40:17 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NDIS].
20 Apr 2015 12:40:17 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NdisCap].
20 Apr 2015 12:40:17 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NdisTapi].
20 Apr 2015 12:40:18 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Ndisuio].
20 Apr 2015 12:40:18 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NdisWan].
20 Apr 2015 12:40:19 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NDProxy].
20 Apr 2015 12:40:19 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Nero BackItUp Scheduler 4.0].
20 Apr 2015 12:40:19 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NetBIOS].
20 Apr 2015 12:40:20 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NetBT].
20 Apr 2015 12:40:20 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Netlogon].
20 Apr 2015 12:40:21 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Netman].
20 Apr 2015 12:40:21 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NetMsmqActivator].
20 Apr 2015 12:40:22 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NetPipeActivator].
20 Apr 2015 12:40:23 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\netprofm].
20 Apr 2015 12:40:23 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NetTcpActivator].
20 Apr 2015 12:40:24 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NetTcpPortSharing].
20 Apr 2015 12:40:24 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NETwNs64].
20 Apr 2015 12:40:24 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\nfrd960].
20 Apr 2015 12:40:25 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NlaSvc].
20 Apr 2015 12:40:25 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Npfs].
20 Apr 2015 12:40:25 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\nsi].
20 Apr 2015 12:40:26 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\nsiproxy].
20 Apr 2015 12:40:26 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\NTDS].
20 Apr 2015 12:40:26 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Ntfs].
20 Apr 2015 12:40:27 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Null].
20 Apr 2015 12:40:27 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\nvlddmkm].
20 Apr 2015 12:40:28 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\nvraid].
20 Apr 2015 12:40:28 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\nvstor].
20 Apr 2015 12:40:28 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\nv_agp].
20 Apr 2015 12:40:29 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ohci1394].
20 Apr 2015 12:40:29 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ose].
20 Apr 2015 12:40:30 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\p2pimsvc].
20 Apr 2015 12:40:30 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\p2psvc].
20 Apr 2015 12:40:31 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Parport].
20 Apr 2015 12:40:31 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\partmgr].
20 Apr 2015 12:40:32 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PcaSvc].
20 Apr 2015 12:40:32 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\pci].
20 Apr 2015 12:40:33 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\pciide].
20 Apr 2015 12:40:33 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\pcmcia].
20 Apr 2015 12:40:33 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\pcw].
20 Apr 2015 12:40:34 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PEAUTH].
20 Apr 2015 12:40:34 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PerfDisk].
20 Apr 2015 12:40:35 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PerfHost].
20 Apr 2015 12:40:35 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PerfNet].
20 Apr 2015 12:40:36 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PerfOS].
20 Apr 2015 12:40:36 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PerfProc].
20 Apr 2015 12:40:36 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\pla].
20 Apr 2015 12:40:37 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PlugPlay].
20 Apr 2015 12:40:37 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PMBDeviceInfoProvider].
20 Apr 2015 12:40:38 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PNRPAutoReg].
20 Apr 2015 12:40:38 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PNRPsvc].
20 Apr 2015 12:40:38 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PolicyAgent].
20 Apr 2015 12:40:39 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PortProxy].
20 Apr 2015 12:40:39 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Power].
20 Apr 2015 12:40:39 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\PptpMiniport].
20 Apr 2015 12:40:40 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Processor].
20 Apr 2015 12:40:40 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ProfSvc].
20 Apr 2015 12:40:41 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ProtectedStorage].
20 Apr 2015 12:40:41 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Psched].
20 Apr 2015 12:40:41 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ql2300].
20 Apr 2015 12:40:42 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ql40xx].
20 Apr 2015 12:40:42 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\QWAVE].
20 Apr 2015 12:40:43 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\QWAVEdrv].
20 Apr 2015 12:40:43 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RasAcd].
20 Apr 2015 12:40:44 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RasAgileVpn].
20 Apr 2015 12:40:44 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RasAuto].
20 Apr 2015 12:40:44 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Rasl2tp].
20 Apr 2015 12:40:45 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RasMan].
20 Apr 2015 12:40:45 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RasPppoe].
20 Apr 2015 12:40:45 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RasSstp].
20 Apr 2015 12:40:46 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\rdbss].
20 Apr 2015 12:40:46 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\rdpbus].
20 Apr 2015 12:40:47 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RDPDD].
20 Apr 2015 12:40:47 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RDPWD].
20 Apr 2015 12:40:47 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\rdyboost].
20 Apr 2015 12:40:48 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RegSrvc].
20 Apr 2015 12:40:48 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RemoteRegistry].
20 Apr 2015 12:40:49 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RFCOMM].
20 Apr 2015 12:40:49 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RpcEptMapper].
20 Apr 2015 12:40:50 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RpcLocator].
20 Apr 2015 12:40:50 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RSPCIESTOR].
20 Apr 2015 12:40:50 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RSPCIESTOR\Enum].
20 Apr 2015 12:40:51 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\rspndr].
20 Apr 2015 12:40:51 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\RTL8167].
20 Apr 2015 12:40:52 [188c] - ERROR(2)!!! Invalid Entry \??\C:\PROGRA~2\YTDOWN~1\sbmntr.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\sbmntr.
20 Apr 2015 12:40:52 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\sbp2port].
20 Apr 2015 12:40:52 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SCardSvr].
20 Apr 2015 12:40:52 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\scfilter].
20 Apr 2015 12:40:53 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Schedule].
20 Apr 2015 12:40:53 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SCPolicySvc].
20 Apr 2015 12:40:54 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\sdbus].
20 Apr 2015 12:40:54 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SDRSVC].
20 Apr 2015 12:40:54 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\secdrv].
20 Apr 2015 12:40:55 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\seclogon].
20 Apr 2015 12:40:55 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SENS].
20 Apr 2015 12:40:56 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SensrSvc].
20 Apr 2015 12:40:56 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Serenum].
20 Apr 2015 12:40:56 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Serial].
20 Apr 2015 12:40:57 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\sermouse].
20 Apr 2015 12:40:57 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ServiceModelEndpoint 3.0.0.0].
20 Apr 2015 12:40:57 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ServiceModelOperation 3.0.0.0].
20 Apr 2015 12:40:58 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ServiceModelService 3.0.0.0].
20 Apr 2015 12:40:58 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SessionEnv].
20 Apr 2015 12:40:59 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SFEP].
20 Apr 2015 12:40:59 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\sffdisk].
20 Apr 2015 12:41:00 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\sffp_mmc].
20 Apr 2015 12:41:00 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\sffp_sd].
20 Apr 2015 12:41:00 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\sfloppy].
20 Apr 2015 12:41:01 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SharedAccess].
20 Apr 2015 12:41:01 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ShellHWDetection].
20 Apr 2015 12:41:02 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SiSRaid2].
20 Apr 2015 12:41:02 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SiSRaid4].
20 Apr 2015 12:41:03 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Smb].
20 Apr 2015 12:41:03 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SMSvcHost 3.0.0.0].
20 Apr 2015 12:41:03 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SMSvcHost 4.0.0.0].
20 Apr 2015 12:41:04 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SNMPTRAP].
20 Apr 2015 12:41:04 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SOHCImp].
20 Apr 2015 12:41:04 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SOHDs].
20 Apr 2015 12:41:05 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SpfService].
20 Apr 2015 12:41:06 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\spldr].
20 Apr 2015 12:41:06 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Spooler].
20 Apr 2015 12:41:06 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\sppsvc].
20 Apr 2015 12:41:07 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\sppuinotify].
20 Apr 2015 12:41:07 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\srv].
20 Apr 2015 12:41:07 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\srv2].
20 Apr 2015 12:41:08 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\srvnet].
20 Apr 2015 12:41:08 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SSDPSRV].
20 Apr 2015 12:41:09 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SstpSvc].
20 Apr 2015 12:41:09 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\stexstor].
20 Apr 2015 12:41:09 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\stisvc].
20 Apr 2015 12:41:10 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\swenum].
20 Apr 2015 12:41:10 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\swprv].
20 Apr 2015 12:41:11 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\SysMain].
20 Apr 2015 12:41:11 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TabletInputService].
20 Apr 2015 12:41:12 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TapiSrv].
20 Apr 2015 12:41:12 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TBS].
20 Apr 2015 12:41:12 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Tcpip].
20 Apr 2015 12:41:13 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TCPIP6].
20 Apr 2015 12:41:13 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TCPIP6TUNNEL].
20 Apr 2015 12:41:14 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\tcpipreg].
20 Apr 2015 12:41:14 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TCPIPTUNNEL].
20 Apr 2015 12:41:14 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TDPIPE].
20 Apr 2015 12:41:15 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TDTCP].
20 Apr 2015 12:41:15 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\tdx].
20 Apr 2015 12:41:16 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TermDD].
20 Apr 2015 12:41:16 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TermService].
20 Apr 2015 12:41:17 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Themes].
20 Apr 2015 12:41:17 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\THREADORDER].
20 Apr 2015 12:41:17 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TrkWks].
20 Apr 2015 12:41:18 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TSDDD].
20 Apr 2015 12:41:18 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\tssecsrv].
20 Apr 2015 12:41:19 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TsUsbFlt].
20 Apr 2015 12:41:19 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TsUsbGD].
20 Apr 2015 12:41:19 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\tunnel].
20 Apr 2015 12:41:20 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\uagp35].
20 Apr 2015 12:41:20 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\uCamMonitor].
20 Apr 2015 12:41:21 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\udfs].
20 Apr 2015 12:41:21 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\UGatherer].
20 Apr 2015 12:41:22 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\UGTHRSVC].
20 Apr 2015 12:41:22 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\UI0Detect].
20 Apr 2015 12:41:22 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\uliagpkx].
20 Apr 2015 12:41:23 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\umbus].
20 Apr 2015 12:41:23 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\UmPass].
20 Apr 2015 12:41:24 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\UNS].
20 Apr 2015 12:41:24 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\upnphost].
20 Apr 2015 12:41:24 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\USBAAPL64].
20 Apr 2015 12:41:25 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\usbccgp].
20 Apr 2015 12:41:25 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\usbcir].
20 Apr 2015 12:41:26 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\usbehci].
20 Apr 2015 12:41:26 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\usbhub].
20 Apr 2015 12:41:27 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\usbhub\hubg].
20 Apr 2015 12:41:27 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\usbhub\Enum].
20 Apr 2015 12:41:28 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\usbohci].
20 Apr 2015 12:41:28 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\usbprint].
20 Apr 2015 12:41:28 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\usbscan].
20 Apr 2015 12:41:29 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\USBSTOR].
20 Apr 2015 12:41:29 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\usbuhci].
20 Apr 2015 12:41:30 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\usbvideo].
20 Apr 2015 12:41:30 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\UxSms].
20 Apr 2015 12:41:31 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\VAIO Event Service].
20 Apr 2015 12:41:31 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\VaultSvc].
20 Apr 2015 12:41:31 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\VCFw].
20 Apr 2015 12:41:32 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\VcmIAlzMgr].
20 Apr 2015 12:41:32 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\VcmINSMgr].
20 Apr 2015 12:41:33 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\VcmXmlIfHelper].
20 Apr 2015 12:41:33 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\vdrvroot].
20 Apr 2015 12:41:34 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\vds].
20 Apr 2015 12:41:34 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\vga].
20 Apr 2015 12:41:35 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\vhdmp].
20 Apr 2015 12:41:35 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\viaide].
20 Apr 2015 12:41:36 [188c] - ERROR(2)!!! Invalid Entry \SystemRoot\system32\DRIVERS\vmci.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\vmci.
20 Apr 2015 12:41:36 [188c] - ERROR(2)!!! Invalid Entry system32\DRIVERS\vmnetadapter.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\VMnetAdapter.
20 Apr 2015 12:41:36 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\volmgr].
20 Apr 2015 12:41:36 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\volmgrx].
20 Apr 2015 12:41:36 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\volsnap].
20 Apr 2015 12:41:37 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\vsmraid].
20 Apr 2015 12:41:37 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\VSNService].
20 Apr 2015 12:41:38 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\VSS].
20 Apr 2015 12:41:38 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\vwifibus].
20 Apr 2015 12:41:38 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\vwififlt].
20 Apr 2015 12:41:39 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\vwifimp].
20 Apr 2015 12:41:39 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\W32Time].
20 Apr 2015 12:41:40 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\W3SVC].
20 Apr 2015 12:41:40 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WacomPen].
20 Apr 2015 12:41:41 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WANARP].
20 Apr 2015 12:41:41 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Wanarpv6].
20 Apr 2015 12:41:41 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WatAdminSvc].
20 Apr 2015 12:41:42 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\wbengine].
20 Apr 2015 12:41:42 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WbioSrvc].
20 Apr 2015 12:41:42 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\wcncsvc].
20 Apr 2015 12:41:43 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WcsPlugInService].
20 Apr 2015 12:41:44 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Wd].
20 Apr 2015 12:41:44 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Wdf01000].
20 Apr 2015 12:41:45 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\wdkmd].
20 Apr 2015 12:41:45 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WebClient].
20 Apr 2015 12:41:46 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Wecsvc].
20 Apr 2015 12:41:46 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\wercplsupport].
20 Apr 2015 12:41:46 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WerSvc].
20 Apr 2015 12:41:47 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WfpLwf].
20 Apr 2015 12:41:47 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WIMMount].
20 Apr 2015 12:41:48 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WinDefend].
20 Apr 2015 12:41:48 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Windows Workflow Foundation 3.0.0.0].
20 Apr 2015 12:41:48 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Windows Workflow Foundation 4.0.0.0].
20 Apr 2015 12:41:49 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WinHttpAutoProxySvc].
20 Apr 2015 12:41:49 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Winmgmt].
20 Apr 2015 12:41:50 [188c] - ERROR(2)!!! Invalid Entry \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\WinRing0_1_2_0.
20 Apr 2015 12:41:50 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WinRM].
20 Apr 2015 12:41:50 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Winsock].
20 Apr 2015 12:41:50 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Winsock\Setup Migration].
20 Apr 2015 12:41:51 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Winsock\Setup Migration\Well Known Guids].
20 Apr 2015 12:41:51 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WinSock2].
20 Apr 2015 12:41:52 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WinUsb].
20 Apr 2015 12:41:52 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\Wlansvc].
20 Apr 2015 12:41:52 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\wlidsvc].
20 Apr 2015 12:41:53 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WmiAcpi].
20 Apr 2015 12:41:53 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WmiApRpl].
20 Apr 2015 12:41:53 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\wmiApSrv].
20 Apr 2015 12:41:54 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WMPNetworkSvc].
20 Apr 2015 12:41:54 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WPCSvc].
20 Apr 2015 12:41:55 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WPDBusEnum].
20 Apr 2015 12:41:55 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\ws2ifsl].
20 Apr 2015 12:41:55 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\wscsvc].
20 Apr 2015 12:41:56 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WSearch].
20 Apr 2015 12:41:56 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WSearchIdxPi].
20 Apr 2015 12:41:56 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\wuauserv].
20 Apr 2015 12:41:57 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WudfPf].
20 Apr 2015 12:41:57 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WUDFRd].
20 Apr 2015 12:41:58 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\wudfsvc].
20 Apr 2015 12:41:58 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\WwanSvc].
20 Apr 2015 12:41:59 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\X5XSEx].
20 Apr 2015 12:41:59 [188c] - ERROR(2)!!! Invalid Entry \??\C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\X5XSEx.
20 Apr 2015 12:41:59 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\xmlprov].
20 Apr 2015 12:41:59 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\{0520123C-AFC0-4959-9686-A8BBBB04C9C0}].
20 Apr 2015 12:42:00 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\{065E33EA-CEFB-4FBA-BF31-9079D1C62B51}].
20 Apr 2015 12:42:00 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\{07171AC2-0D2A-427d-BCE5-B6C2D6C7058B}].
20 Apr 2015 12:42:00 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\{1E5EE293-7D79-4011-8519-7BDAE557732A}].
20 Apr 2015 12:42:01 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\{AD44BBA1-3D82-4052-B25F-EB204DDB27B0}].
20 Apr 2015 12:42:01 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\{BA737F3A-0638-46CF-870C-BA9FB24EB45B}].
20 Apr 2015 12:42:01 [188c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\{C2137551-F7BE-4938-AB0C-E1A4729B140E}].
 
20 Apr 2015 12:42:02 [188c] - ***** Scanning Registry and File system for Adware/Spyware *****
20 Apr 2015 12:42:02 [188c] - Loading Spyware Signatures from new External Database [Name: C:\Users\ST0114\AppData\Local\Temp\spydb.avs, Size: 464724]...
20 Apr 2015 12:42:02 [188c] - Indexed Spyware Databases Successfully Created...
 
20 Apr 2015 12:42:02 [188c] - Offending file found: C:\Users\ST0114\AppData\Roaming\Mozilla\Firefox\Profiles\t6lojzkz.default\extensions\netvideohunter@netvideohunter.com\chrome\content\player.html
20 Apr 2015 12:42:02 [188c] - System found infected with ClipGenie Spyware/Adware (player.html)! Action taken: File Deleted.
20 Apr 2015 12:42:02 [188c] - Object "ClipGenie Spyware/Adware" found in File System! Action Taken: File Deleted.
 
20 Apr 2015 12:43:15 [188c] - Offending file found: C:\ProgramData\Sony Corporation\VAIO Care\DiagnosticsAssets\bad.png
20 Apr 2015 12:43:15 [188c] - System found infected with Fix Tool Corrupted Adware/Spyware (bad.png)! Action taken: File Deleted.
20 Apr 2015 12:43:15 [188c] - Object "Fix Tool Corrupted Adware/Spyware" found in File System! Action Taken: File Deleted.
 
 
20 Apr 2015 12:43:15 [188c] - ***** Scanning Registry Files *****
20 Apr 2015 12:43:16 [188c] - ** C:\Windows\system32\drivers\etc\hosts Not Present! Created New One.
20 Apr 2015 12:43:16 [188c] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com
20 Apr 2015 12:43:16 [188c] - ** Deleted Value of "NoActiveDesktop" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer". Its value was DWORD:1.
20 Apr 2015 12:43:16 [188c] - ** Deleted Value of "ForceActiveDesktopOn" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer". Its value was DWORD:0.
20 Apr 2015 12:43:16 [188c] - ** Deleted Value of "NoChangingWallPaper" in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop". Its value was DWORD:0.
20 Apr 2015 12:43:16 [188c] - ** Value in 64-bit HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
20 Apr 2015 12:43:16 [188c] - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com
20 Apr 2015 12:43:16 [188c] - ** Value in 64-bit HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com
 
20 Apr 2015 12:43:16 [188c] - ***** Scanning System32 Folders *****
20 Apr 2015 12:43:50 [1b48] - ScanFile (C:\Windows\SysWOW64\MRT.exe) took 12402 ms
 
 
20 Apr 2015 12:44:50 [188c] - ***** Scanning Drive C:\ *****
20 Apr 2015 12:49:51 [18d0] - ScanFile (C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe) took 7863 ms
20 Apr 2015 12:50:03 [0a24] - ScanFile (C:\Program Files (x86)\Jarte\Jarte.exe) took 5725 ms
20 Apr 2015 12:51:17 [18d0] - ScanFile (C:\Program Files (x86)\Next Stop\NextStop.exe) took 5788 ms
20 Apr 2015 12:51:43 [1b48] - ScanFile (C:\Program Files (x86)\Sony\Media Gallery\PrtpResource.dll) took 5975 ms
20 Apr 2015 12:53:09 [1838] - Scanning File C:\System Volume Information\{2cf99871-e6d3-11e4-8604-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [03ac] - Scanning File C:\System Volume Information\{2cf99854-e6d3-11e4-8604-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [1b48] - Scanning File C:\System Volume Information\{2cf9986c-e6d3-11e4-8604-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [0eac] - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [03ac] - Scanning File C:\System Volume Information\{70906e10-e153-11e4-9383-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [05ac] - Scanning File C:\System Volume Information\{6cd3d5e6-e068-11e4-b1cb-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [1b48] - Scanning File C:\System Volume Information\{70906fa9-e153-11e4-9383-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [1838] - Scanning File C:\System Volume Information\{70906ccc-e153-11e4-9383-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [0eac] - Scanning File C:\System Volume Information\{bec09587-e486-11e4-9303-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [18d0] - Scanning File C:\System Volume Information\{b5e8a609-d95f-11e4-93d1-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [03a0] - Scanning File C:\System Volume Information\{c07622d5-d73a-11e4-b601-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [03ac] - Scanning File C:\System Volume Information\{c07622cd-d73a-11e4-b601-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [1b48] - Scanning File C:\System Volume Information\{c07622e8-d73a-11e4-b601-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [05ac] - Scanning File C:\System Volume Information\{c07622d1-d73a-11e4-b601-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [1838] - Scanning File C:\System Volume Information\{c4f10a02-d73f-11e4-946a-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [0eac] - Scanning File C:\System Volume Information\{c4f10a06-d73f-11e4-946a-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [18d0] - Scanning File C:\System Volume Information\{c4f10a0a-d73f-11e4-946a-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [03a0] - Scanning File C:\System Volume Information\{c4f10a0e-d73f-11e4-946a-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [03ac] - Scanning File C:\System Volume Information\{c4f10a12-d73f-11e4-946a-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [1b48] - Scanning File C:\System Volume Information\{c4f10a1e-d73f-11e4-946a-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [05ac] - Scanning File C:\System Volume Information\{c4f10a22-d73f-11e4-946a-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [1838] - Scanning File C:\System Volume Information\{c4f10a26-d73f-11e4-946a-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [0a24] - Scanning File C:\System Volume Information\{c4f10a2a-d73f-11e4-946a-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [18d0] - Scanning File C:\System Volume Information\{c4f10a32-d73f-11e4-946a-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [03a0] - Scanning File C:\System Volume Information\{c4f10a6b-d73f-11e4-946a-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:09 [0eac] - Scanning File C:\System Volume Information\{c4f10a2e-d73f-11e4-946a-78843ce61924}{3808876b-c176-4e48-b7ae-04046e6cc752}
20 Apr 2015 12:53:16 [1838] - ScanFile (C:\Update\SOAVUD-00279742-10F0\SOAVUD-00279742-10F0.EXE) took 5039 ms
20 Apr 2015 12:53:17 [03a0] - ScanFile (C:\Update\CODAUD-00255519-1042\CODAUD-00255519-1042.EXE) took 7239 ms
20 Apr 2015 12:53:18 [0eac] - ScanFile (C:\Update\ALDOTH-00260372-1042\ALDOTH-00260372-1042.EXE) took 8315 ms
20 Apr 2015 12:53:18 [03ac] - ScanFile (C:\Update\SOAVCA-00280235-10C0\SOAVCA-00280235-10C0.EXE) took 8752 ms
20 Apr 2015 12:53:18 [0a24] - ScanFile (C:\Update\SOAVAG-00253294-1040\SOAVAG-00253294-1040.EXE) took 8955 ms
20 Apr 2015 12:53:19 [05ac] - ScanFile (C:\Update\ISBSYS-00268721-1042\ISBSYS-00268721-1042.EXE) took 9220 ms
20 Apr 2015 12:53:19 [18d0] - ScanFile (C:\Update\SOAVCA-00987888-10E0\SOAVCA-00987888-10E0.EXE) took 9173 ms
20 Apr 2015 12:53:19 [1b48] - ScanFile (C:\Update\SOAVUD-00285975-10F0\SOAVUD-00285975-10F0.EXE) took 5335 ms
20 Apr 2015 12:54:33 [03ac] - ScanFile (C:\Users\ST0114\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J6MX9F34\update[1]) took 12512 ms
20 Apr 2015 12:58:09 [1b48] - Scanning File C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
20 Apr 2015 12:58:09 [1b48] - ScanFile (C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll) took 5960 ms
20 Apr 2015 12:58:10 [1b48] - File C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll infected by "Adware.Linkury.B (DB)" Virus! Action Taken: File Renamed.
 
20 Apr 2015 13:09:21 [1838] - Scanning File C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\jar_cache580422142545232748.tmp
20 Apr 2015 13:09:21 [03ac] - Scanning File C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\jar_cache640796351827801777.tmp
20 Apr 2015 13:09:21 [1838] - File C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\jar_cache580422142545232748.tmp infected by "Java.Exploit.CVE-2010-0840.AH[ZP] (DB)" Virus! Action Taken: File Deleted.
 
20 Apr 2015 13:09:21 [03ac] - File C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\jar_cache640796351827801777.tmp infected by "Java.Exploit.CVE-2010-0840.AH[ZP] (DB)" Virus! Action Taken: File Deleted.
 
20 Apr 2015 13:24:45 [05ac] - ScanFile (C:\Windows\System32\MRT.exe) took 30779 ms
20 Apr 2015 13:24:45 [05ac] - Scanning of C:\Windows\System32\MRT.exe Timed out!!!
20 Apr 2015 13:32:57 [03ac] - ScanFile (C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18044_none_ca35d705cadb185a\ntoskrnl.exe) took 5194 ms
20 Apr 2015 13:36:31 [05ac] - ScanFile (C:\Windows\winsxs\amd64_oxpsconverter_31bf3856ad364e35_6.1.7601.17933_none_0804e1f7c5c64bf1\OxpsConverter.exe) took 9703 ms
20 Apr 2015 13:36:31 [18d0] - ScanFile (C:\Windows\winsxs\amd64_oxpsconverter_31bf3856ad364e35_6.1.7601.22091_none_084b74e2df1696ce\OxpsConverter.exe) took 9111 ms
20 Apr 2015 13:46:52 [18d0] - ScanFile (C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18044_none_6e173b82127da724\ntoskrnl.exe) took 7379 ms
 
20 Apr 2015 13:48:21 [188c] - ***** Checking for specific ITW Viruses *****
 
20 Apr 2015 13:48:21 [188c] - ***** Scanning complete. *****
 
20 Apr 2015 13:48:21 [188c] - Total Objects Scanned: 405367
20 Apr 2015 13:48:21 [188c] - Total Critical Objects: 5
20 Apr 2015 13:48:21 [188c] - Total Disinfected Objects: 0
20 Apr 2015 13:48:21 [188c] - Total Objects Renamed: 1
20 Apr 2015 13:48:21 [188c] - Total Deleted Objects: 4
20 Apr 2015 13:48:21 [188c] - Total Errors: 20
20 Apr 2015 13:48:21 [188c] - Time Elapsed: 01:16:54
20 Apr 2015 13:48:21 [188c] - Virus Database Date: 20 Apr 2015
20 Apr 2015 13:48:21 [188c] - Virus Database Count: 5644837
20 Apr 2015 13:48:21 [188c] - Sign Version: 7.60210 [518962]
 
20 Apr 2015 13:48:21 [188c] - Scan Completed.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Zemana AntiMalware 2.10.2.18 (Installed)
-------------------------------------------------------
Scan Result           : Completed
Scan Date             : 2015/4/20
Operating System      : Windows 7 64-bit
Processor             : 4X Intel® Core™ i5-2410M CPU @ 2.30GHz
BIOS Mode             : Legacy
CUID                  : 00349CE5CCD3D343686BB2
Scan Type             : Deep Scan
Duration              : 31m 29s
Scanned Objects       : 60288
Detected Objects      : 28
Excluded Objects      : 0
Read Level            : SCSI
Auto Upload           : Yes
Show All Extensions   : No
Scan Documents        : Yes
Engines               : Zemana, Avira, Eset, Bitdefender, AVG, Kaspersky
 
 
Detected Objects
-------------------------------------------------------
DO_NOT_TRUST_FiddlerRoot
   Status             : Scanned
   Object             : HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7C8E30A98395B6DEC474541BFB5846E67DAE5463\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7C8E30A98395B6DEC474541BFB5846E67DAE5463\Blob
 
AOL Time Warner Root Certification Authority 2
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\FC219A76112F76C1C508833C9A2FA2BA84AC087A\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\FC219A76112F76C1C508833C9A2FA2BA84AC087A\Blob
 
SCEI DNAS Root 05
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F22923F218BAB9CD966A1FDEA3C0F434B8663A22\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F22923F218BAB9CD966A1FDEA3C0F434B8663A22\Blob
 
beTRUSTed Root CA-Baltimore Implementation
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\DCBB9EB7194BC47205C111752986835B53CAE4F8\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\DCBB9EB7194BC47205C111752986835B53CAE4F8\Blob
 
SCEI DNAS Root 03
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\DC0C237577A13AF039F6A11984F9EC85E9982B3A\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\DC0C237577A13AF039F6A11984F9EC85E9982B3A\Blob
 
Entrust.net Client Certification Authority
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\DA79C1711150C23439AA2B0B0C62FD55B2F9F580\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\DA79C1711150C23439AA2B0B0C62FD55B2F9F580\Blob
 
Entrust.net Client Certification Authority
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CF74BFFF9B86815B08335440363E87B6B6F0BF73\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CF74BFFF9B86815B08335440363E87B6B6F0BF73\Blob
 
IPS CA Chained CAs Certification Authority
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\C8C25F169EF85074D5BEE8CDA2D43CAEE75FD257\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\C8C25F169EF85074D5BEE8CDA2D43CAEE75FD257\Blob
 
DigiNotar Root CA
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C\Blob
 
SCEI DNAS Root 02
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B126C61396D1D125E885B1EF2973688A42A9136A\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B126C61396D1D125E885B1EF2973688A42A9136A\Blob
 
Primary Certificate Authority (2009)
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A5E5B1C25FA60664AAB4835C06253515078CD221\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A5E5B1C25FA60664AAB4835C06253515078CD221\Blob
 
IPS CA Timestamping Certification Authority
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\96995C7711E8E52DF9E34BECEC67D3CBF1B6C4D2\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\96995C7711E8E52DF9E34BECEC67D3CBF1B6C4D2\Blob
 
Wells Fargo Root Certificate Authority
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\93E6AB220303B52328DCDA569EBAE4D1D1CCFB65\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\93E6AB220303B52328DCDA569EBAE4D1D1CCFB65\Blob
 
Entrust.net Secure Server Certification Authority
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8939576E178DF705780FCC5EC84F84F6253A4893\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8939576E178DF705780FCC5EC84F84F6253A4893\Blob
 
AOL Time Warner Root Certification Authority 1
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7454535C24A3A758207E3E3ED324F816FB211649\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\7454535C24A3A758207E3E3ED324F816FB211649\Blob
 
beTRUSTed Root CA - Entrust Implementation
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\72997913EC9B0DAE65D1B6D7B24A76A3AEC2EE16\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\72997913EC9B0DAE65D1B6D7B24A76A3AEC2EE16\Blob
 
Equifax Secure Global eBusiness CA-1
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\6423137E5C53D64AA66485ED3654F5AB055A8B8A\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\6423137E5C53D64AA66485ED3654F5AB055A8B8A\Blob
 
beTRUSTed Root CA
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5BCDCDCC66F6DCE4441FE37D5CC3134C46F47038\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5BCDCDCC66F6DCE4441FE37D5CC3134C46F47038\Blob
 
internet.sony.tv Root CA
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\468387DE44D951914B707F91EADEDB1E20829E1E\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\468387DE44D951914B707F91EADEDB1E20829E1E\Blob
 
IPS CA CLASE1 Certification Authority
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\439E525F5A6A47C32CEBC45C63ED39317CE5F4DF\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\439E525F5A6A47C32CEBC45C63ED39317CE5F4DF\Blob
 
IPS CA CLASE3 Certification Authority
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\4178AB4CBFCE7B4102ACDAC4933E6FF50DCF715C\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\4178AB4CBFCE7B4102ACDAC4933E6FF50DCF715C\Blob
 
SCEI DNAS Root 04
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\37F3C94DCC386CC1EA795F7695CF56D1D98C9124\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\37F3C94DCC386CC1EA795F7695CF56D1D98C9124\Blob
 
IPS CA CLASEA1 Certification Authority
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\33A335C23CE8034B04E13DE5C48E791AEB8C3204\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\33A335C23CE8034B04E13DE5C48E791AEB8C3204\Blob
 
SCEI DNAS Root 01
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\285FFD5FC987321F0E908D934CBD3917AD78EEAA\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\285FFD5FC987321F0E908D934CBD3917AD78EEAA\Blob
 
beTRUSTed Root CA - RSA Implementation
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\1D8259CA2127C3CBC16CD932F62C65298CA88712\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\1D8259CA2127C3CBC16CD932F62C65298CA88712\Blob
 
IPS CA CLASEA3 Certification Authority
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\16D424FE9610E17519AF232BB68774E24144BE6E\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\16D424FE9610E17519AF232BB68774E24144BE6E\Blob
 
Firefox Search
   Status             : Scanned
   Object             : AVG Secure Search - http://mysearch.avg.com
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Browser Setting
   Cleaning Action    : Repair
   Traces             :
                Browser Setting - Firefox Search
 
Firefox Search
   Status             : Scanned
   Object             : AVG Secure Search - http://mysearch.avg.com
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Browser Setting
   Cleaning Action    : Repair
   Traces             :
                Browser Setting - Firefox Search
 
 
Cleaning Result
-------------------------------------------------------
Cleaned               : 28
Reported as safe      : 0
Failed                : 0
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.9 (04.19.2015:1)
OS: Windows 7 Home Premium x64
Ran by ST0114 on Mon 04/20/2015 at 15:10:14.58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully deleted: [Service] antispywareservice
Successfully deleted: [Service] couponprinterservice
Successfully stopped: [Service] antispywareservice
Successfully stopped: [Service] couponprinterservice
 
 
 
~~~ Tasks
 
Failed to delete: [Task] C:\Windows\system32\tasks\Western Digital
Successfully deleted: [Task] C:\Windows\system32\tasks\DSite
Successfully deleted: [Task] C:\Windows\system32\tasks\Scheduled Update for Ask Toolbar
Successfully deleted: [Task] C:\Windows\system32\tasks\SMupdate1
Successfully deleted: [Task] C:\Windows\tasks\DSite.job
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] hkey_current_user\software\apn pip
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\couponprinter.ocx
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\ST0114\appdata\local\{17967ECD-5D55-44A8-BC03-3397533DF807}
Successfully deleted: [Empty Folder] C:\Users\ST0114\appdata\local\{23D0FE9F-A5AC-4A5D-84D4-D537B0C1A69A}
Successfully deleted: [Empty Folder] C:\Users\ST0114\appdata\local\{3AB6670D-D6B6-43F4-850E-A70D1E716C40}
Successfully deleted: [Empty Folder] C:\Users\ST0114\appdata\local\{515FB389-BBF3-4A85-B0BD-2D85964874F5}
Successfully deleted: [Empty Folder] C:\Users\ST0114\appdata\local\{ABFAB838-49A5-4914-9AD6-48159A61C15B}
Successfully deleted: [Empty Folder] C:\Users\ST0114\appdata\local\{BBA17C7F-8F75-48B4-B1E6-1D678F8F853D}
Successfully deleted: [Folder] C:\Program Files (x86)\comcasttb
Successfully deleted: [Folder] C:\Program Files (x86)\coupons
Successfully deleted: [Folder] C:\Program Files (x86)\globalupdate
Successfully deleted: [Folder] C:\Program Files (x86)\max uninstaller
Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
Successfully deleted: [Folder] C:\Users\ST0114\appdata\local\globalupdate
Successfully deleted: [Folder] C:\Users\ST0114\appdata\locallow\comcasttb
Successfully deleted: [Folder] C:\Users\ST0114\AppData\Roaming\software updater
Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin
Successfully deleted: [Folder] C:\ProgramData\AlawarEntertainment
Successfully deleted: [Folder] C:\ProgramData\AlawarWrapper
Successfully deleted: [Folder] C:\ProgramData\BrOwwsae2saevEe
Successfully deleted: [Folder] C:\ProgramData\Operation Mania
Successfully deleted: [Folder] C:\ProgramData\SoftSafe
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\Users\ST0114\AppData\Roaming\mozilla\firefox\profiles\t6lojzkz.default\user.js
Successfully deleted: [File] C:\Users\ST0114\AppData\Roaming\mozilla\firefox\profiles\t6lojzkz.default\invalidprefs.js
Successfully deleted: [Folder] C:\Users\ST0114\AppData\Roaming\mozilla\firefox\profiles\t6lojzkz.default\fctb
Emptied folder: C:\Users\ST0114\AppData\Roaming\mozilla\firefox\profiles\t6lojzkz.default\minidumps [1535 files]
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 04/20/2015 at 15:13:01.67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v4.201 - Logfile created 20/04/2015 at 15:18:27
# Updated 08/04/2015 by Xplode
# Database : 2015-04-20.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : ST0114 - MOMMA
# Running from : C:\Users\ST0114\Desktop\adwcleaner_4.201.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : sbmntr
[#] Service Deleted : vToolbarUpdater18.3.0
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\PackageAware
Folder Deleted : C:\Program Files\Shop For Rewards
Folder Deleted : C:\Users\ST0114\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\ST0114\AppData\Local\PackageAware
Folder Deleted : C:\Users\ST0114\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\ST0114\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\ST0114\AppData\Roaming\NCdownloader
Folder Deleted : C:\Users\ST0114\AppData\Roaming\serv
Folder Deleted : C:\Users\ST0114\AppData\Roaming\Mozilla\Firefox\Profiles\t6lojzkz.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File Deleted : C:\Users\ST0114\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_boipimhfjpakfgckhbljjengakjhkcbp_0.localstorage
File Deleted : C:\END
 
***** [ Scheduled tasks ] *****
 
Task Deleted : BackgroundContainer Startup Task
Task Deleted : Dealply
Task Deleted : DealPlyUpdate
Task Deleted : IHUninstallTrackingTASK
Task Deleted : RunAsStdUser Task
Task Deleted : Scheduled Update for Ask Toolbar
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : SPDriver
Task Deleted : YTDownloader
Task Deleted : YTDownloaderUpd
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\KeyDownload.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\ilivid
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt
Key Deleted : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C2178B36-2955-479B-818C-A2AE8E500454}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D52F7CE0-A4BA-4220-A907-444CB6158A09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5075DFCC-F3F5-4B15-B364-270BC7C585AD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{895F78F3-9620-49AD-8AA8-E6802E5AC64E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A11A6BD-7880-49BD-92D4-6F09D0BD3250}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{68DE31F7-43FF-4EE2-B88B-10665016970D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0902EBD9-C5B4-4400-8CF1-7ACA8E8805D9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D52F7CE0-A4BA-4220-A907-444CB6158A09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5075DFCC-F3F5-4B15-B364-270BC7C585AD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{895F78F3-9620-49AD-8AA8-E6802E5AC64E}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\PrivitizeVPNInstallDates
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\StormWatch
Key Deleted : HKCU\Software\SpeedBit
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\Object Browser
Key Deleted : HKCU\Software\AppDataLow\Software\TubeSaver
Key Deleted : HKCU\Software\AppDataLow\Software\xfin_portal
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\SearchModule
Key Deleted : HKLM\SOFTWARE\Spyware Clear
Key Deleted : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Key Deleted : HKU\.DEFAULT\Software\SpeedBit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{81BFDC6A-7574-424C-AA2E-0A19FE2B1A3F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.1.5
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\SearchModule
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17728
 
 
-\\ Mozilla Firefox v36.0.4 (x86 en-US)
 
 
-\\ Google Chrome v
 
[C:\Users\ST0114\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\ST0114\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\ST0114\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\ST0114\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\ST0114\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Default_Search_Provider_Data] : 
 
*************************
 
AdwCleaner[R0].txt - [42721 bytes] - [20/04/2015 15:15:57]
AdwCleaner[S0].txt - [25286 bytes] - [20/04/2015 15:18:27]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25346  bytes] ##########
 


#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:13 AM

Posted 20 April 2015 - 02:32 PM

Your version of malwarebytes is outdated, please unisntall it then reboot.

 

 

Download Malwrebytes from the link below.
https://www.malwarebytes.org/
Select update.
jBVKBI0.png
Then Select Scan Now.
js1M2HF.png
Once the scan is completed.
Remove anything found.
Then go to the History tab.
Then go to the application logs.
Then go to scan log.
Export.
Copy to clipboard.
Post it here in your next reply.

 



#7 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:08:13 AM

Posted 20 April 2015 - 03:28 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 4/20/2015
Scan Time: 3:38:46 PM
Logfile: 
Administrator: Yes
 
Version: 2.01.4.1018
Malware Database: v2015.04.20.05
Rootkit Database: v2015.04.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ST0114
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 401871
Time Elapsed: 27 min, 26 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 2
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\KDFKPPFHNGOFDIOLJAHLBCJNDIAGMHPK, Quarantined, [e2f35a14206a3402c531a01f03008779], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2749176277-1097856338-3472885861-1005\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\KDFKPPFHNGOFDIOLJAHLBCJNDIAGMHPK, Quarantined, [e7eee886325887af589f3b841ee508f8], 
 
Registry Values: 2
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kdfkppfhngofdioljahlbcjndiagmhpk|path, C:\Users\ST0114\AppData\Local\CRE\kdfkppfhngofdioljahlbcjndiagmhpk.crx, Quarantined, [e2f35a14206a3402c531a01f03008779]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2749176277-1097856338-3472885861-1005\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\kdfkppfhngofdioljahlbcjndiagmhpk|path, C:\Users\ST0114\AppData\Local\CRE\kdfkppfhngofdioljahlbcjndiagmhpk.crx, Quarantined, [e7eee886325887af589f3b841ee508f8]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:13 AM

Posted 20 April 2015 - 03:35 PM

Anymore issues?



#9 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:08:13 AM

Posted 20 April 2015 - 03:48 PM

Yes it is still zooming in and out... randomly clicking things. I left the pc and came back and my desktop icons were huge and I had about 7 things opened.. Mind you I wasnt at the pc lol. Fixed the icons,.. closed the windows.. and came back here!


I should add that my touch pad is turned off and I have totally turned off & unplugged my mouse..and it still does it.



#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:13 AM

Posted 20 April 2015 - 03:49 PM

Follow the instructions in the link below, create a new thread in the virus and spyware removal area. 

http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

Good Luck. :thumbup2:



#11 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:08:13 AM

Posted 20 April 2015 - 03:59 PM

ok ty



#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,281 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:13 AM

Posted 20 April 2015 - 04:25 PM

Your new topic is posted here.

Now that your new topic is posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Response Team member...nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show in the information or any log(s) you already posted. Further, any modifications you make on your own may cause confusion for the member assisting you and could complicate the malware removal process or make things worst which would extend the time it takes to clean your computer.

From this point on the Malware Response Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take several days to get a response because the Malware Response Team members are very busy working logs posted before yours. They are volunteers but your topic will be reviewed and answered as soon as possible. Once you have posted your log and are waiting, please DO NOT "bump" your post or make another reply until it has been responded to by a member of the Malware Response Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another Malware Response Team member is already assisting you and not open the thread to respond.

I advise checking your new topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, please follow Step One and CLICK the link so it will report your topic to the team members.

To avoid confusion, I am closing this topic.

Good luck.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users