PDA

View Full Version : Something happened, need help please



beuford23
2014-10-09, 22:09
It's been many years now since I came here looking for help. Once again, something has happened and my laptop is now infected by something. Lots of pop-ups and re-directions. The top right of Firefox or Chrome has a corner that "peels down", clicking on it to close opens up other windows etc. System crashed once last night, unstable Netflix etc.

As per instructions, here are the logs,

frst.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Brassington (administrator) on BRASSINGTON on 09-10-2014 10:16:07
Running from C:\Users\Brassington\Desktop
Loaded Profile: Brassington (Available profiles: Brassington)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2283816 2010-11-18] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel(R) Corporation)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673168 2010-11-17] (Sony Corporation)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-12-07] (cyberlink)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-09-11] ()
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-09-10] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [AdobeBridge] => "C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe" -stealth
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [83344 2010-11-30] (Sony Corporation)
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [VRLPHelper] => C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [186768 2010-11-30] (Sony Corporation)
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\MountPoints2: {550e0f97-b181-11e0-a296-f0bf9717eb0a} - D:\LaunchU3.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restartsdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.search.yahoo.com/?type=994519&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.sonystyle.ca/vaio
URLSearchHook: HKLM-x32 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
URLSearchHook: HKCU - Vuze Remote Toolbar - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\9.6\vuzeToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - Vuze Remote Toolbar - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\9.6\vuzeToolbarIE.dll (Spigot, Inc.)
URLSearchHook: HKCU - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
SearchScopes: HKLM-x32 - {0A89EC6C-1016-4FDB-A001-51E61D7163C4} URL = http://startsear.ch/?aff=1&src=sp&cf=a1107abb-f2db-11e0-bc13-f0bf9717eb0a&q={searchTerms}
SearchScopes: HKCU - DefaultScope {EB3A11D5-9F87-44FC-A2B2-AD0735BF3915} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0A89EC6C-1016-4FDB-A001-51E61D7163C4} URL = http://startsear.ch/?aff=1&src=sp&cf=a1107abb-f2db-11e0-bc13-f0bf9717eb0a&q={searchTerms}
SearchScopes: HKCU - {451746CE-E390-4804-905A-AFDBE610F4AA} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={BFE06E46-7905-4230-AD39-D905797D146D}&mid=827a0ed2890f47d181ab4149087f7746-1ac21e85a59e0d819fcb68fe1f4b8824a81d7909&lang=us&ds=AVG&pr=fr&d=2012-01-12 07:37:04&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {EB3A11D5-9F87-44FC-A2B2-AD0735BF3915} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Vuze Remote Toolbar -> {05478A66-EDB6-4A22-A870-A5987F80A7DA} -> C:\Program Files (x86)\Vuze Remote Toolbar\IE\9.6\vuzeToolbarIE.dll (Spigot, Inc.)
BHO-x32: Conduit Engine -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Vuze Remote Toolbar -> {ba14329e-9550-4989-b3f2-9732e92d17cc} -> C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Vuze Remote Toolbar - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\9.6\vuzeToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM-x32 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - Vuze Remote Toolbar - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\9.6\vuzeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 64.178.142.10 24.207.0.167

FireFox:
========
FF ProfilePath: C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\cwams0dh.default-1398958773303
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: skip_compatibility_checksdrockingcom - C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\cwams0dh.default-1398958773303\Extensions\skip_compatibility_check@sdrocking.com [2014-10-08]
FF Extension: skip_compatibility_checksdrockingcom - C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\kztrwi7h.default-1406780185987\Extensions\skip_compatibility_check@sdrocking.com [2014-10-08]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-28]
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4 [2012-06-15]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-09-11]

Chrome:
=======
CHR Profile: C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-07]
CHR Extension: (Google Docs) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-07]
CHR Extension: (Google Drive) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-08]
CHR Extension: (YouTube) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-07]
CHR Extension: (Google Search) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-07]
CHR Extension: (Google Sheets) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-07]
CHR Extension: (Hola Better Internet) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-10-07]
CHR Extension: (Slick Savings) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2014-10-07]
CHR Extension: (nioihlfoddilijjjeknopfcbglallkce) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\nioihlfoddilijjjeknopfcbglallkce [2014-10-08]
CHR Extension: (Google Wallet) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-07]
CHR Extension: (Gmail) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-07]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx []
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx []
CHR HKLM-x32\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx [2012-07-26]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\Brassington\AppData\Local\Slick Savings\coupons.crx [2014-02-15]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-02-15]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2014-02-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-15] (ArcSoft Inc.)
S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [248304 2012-01-19] (CyberLink)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-12] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
R2 risdsnpe; C:\Windows\system32\drivers\risdsnxc64.sys [98816 2010-12-26] (REDC)
U2 MSSQL$DDNI; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-09 10:16 - 2014-10-09 10:16 - 04751360 _____ () C:\Users\Brassington\Downloads\aswMBR.exe.part
2014-10-09 10:16 - 2014-10-09 10:16 - 00028749 _____ () C:\Users\Brassington\Desktop\FRST.txt
2014-10-09 10:16 - 2014-10-09 10:16 - 00000000 _____ () C:\Users\Brassington\Downloads\aswMBR.exe
2014-10-09 10:15 - 2014-10-09 10:16 - 00000000 ____D () C:\FRST
2014-10-09 10:13 - 2014-10-09 10:14 - 02109952 _____ (Farbar) C:\Users\Brassington\Desktop\FRST64.exe
2014-10-09 09:45 - 2014-10-09 09:45 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BRASSINGTON-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-10-09 09:44 - 2014-10-09 09:44 - 00000000 ____D () C:\RegBackup
2014-10-09 09:43 - 2014-10-09 09:43 - 00002239 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-10-09 09:43 - 2014-10-09 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-10-09 09:43 - 2014-10-09 09:43 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-10-09 09:42 - 2014-10-09 09:42 - 04215184 _____ () C:\Users\Brassington\Downloads\tweaking.com_registry_backup_setup.exe
2014-10-09 05:06 - 2014-10-09 05:06 - 00000000 ____D () C:\Users\Brassington\AppData\Local\{63E9E4D8-01EE-4CA2-897B-32021A7161C0}
2014-10-09 05:02 - 2014-10-09 05:03 - 00376896 _____ () C:\Windows\Minidump\100914-57689-01.dmp
2014-10-07 20:28 - 2014-10-07 20:28 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-07 20:28 - 2014-10-07 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-05 23:43 - 2014-10-05 23:43 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-10-05 23:43 - 2014-10-05 23:43 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-05 23:43 - 2014-10-05 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-10-05 23:43 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-10-05 23:42 - 2014-10-05 23:46 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-05 12:15 - 2014-10-05 12:16 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Brassington\Downloads\spybot-2.4.exe
2014-10-04 21:59 - 2014-10-04 22:09 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-04 21:59 - 2014-10-04 21:59 - 00000000 ____D () C:\Users\Brassington\AppData\Local\globalUpdate
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 ____D () C:\3467cf07-ac61-4a99-8ec5-94d8391322dd
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL458E.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL458D.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL458C.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL457E.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL457D.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL457C.tmp
2014-10-04 21:50 - 2014-10-04 21:50 - 00349760 _____ () C:\Users\Brassington\Downloads\Setup.exe
2014-10-02 23:25 - 2014-10-02 23:26 - 00000000 ____D () C:\Users\Brassington\AppData\Local\{9F89BAB7-7496-4DC4-AA49-446A5DEB3C16}
2014-09-30 15:47 - 2014-09-24 20:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 15:47 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 19:54 - 2014-09-28 19:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-23 15:44 - 2014-09-09 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 15:44 - 2014-09-09 15:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-11 03:33 - 2014-09-11 15:34 - 00000000 ____D () C:\Users\Brassington\AppData\Local\{ECE5F347-AC04-4092-9F05-3CBB84DEA888}
2014-09-11 03:08 - 2014-08-19 12:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:08 - 2014-08-19 11:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:08 - 2014-08-18 17:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:08 - 2014-08-18 16:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:08 - 2014-08-18 16:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 03:08 - 2014-08-18 16:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:08 - 2014-08-18 16:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:08 - 2014-08-18 16:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:08 - 2014-08-18 16:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:08 - 2014-08-18 16:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:08 - 2014-08-18 16:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 03:08 - 2014-08-18 16:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 03:08 - 2014-08-18 16:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:08 - 2014-08-18 16:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:08 - 2014-08-18 16:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:08 - 2014-08-18 16:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:08 - 2014-08-18 16:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 03:08 - 2014-08-18 16:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:08 - 2014-08-18 16:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 03:08 - 2014-08-18 15:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:08 - 2014-08-18 15:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:08 - 2014-08-18 15:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:08 - 2014-08-18 15:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 03:08 - 2014-08-18 15:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:08 - 2014-08-18 15:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:08 - 2014-08-18 15:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 03:08 - 2014-08-18 15:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 03:08 - 2014-08-18 15:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:08 - 2014-08-18 15:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:08 - 2014-08-18 15:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:08 - 2014-08-18 15:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:08 - 2014-08-18 15:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:08 - 2014-08-18 15:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:08 - 2014-08-18 15:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:08 - 2014-08-18 15:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 03:08 - 2014-08-18 15:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 03:08 - 2014-08-18 15:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:08 - 2014-08-18 15:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:08 - 2014-08-18 15:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:08 - 2014-08-18 15:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:08 - 2014-08-18 15:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 03:08 - 2014-08-18 15:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 03:08 - 2014-08-18 15:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:08 - 2014-08-18 15:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:08 - 2014-08-18 15:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:08 - 2014-08-18 15:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:08 - 2014-08-18 15:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:08 - 2014-08-18 15:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:08 - 2014-08-18 15:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:08 - 2014-08-18 15:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:08 - 2014-08-18 15:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 03:08 - 2014-08-18 14:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:08 - 2014-08-18 14:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:08 - 2014-08-18 14:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:08 - 2014-08-18 14:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 03:08 - 2014-08-18 14:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 03:02 - 2014-06-26 20:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:02 - 2014-06-26 19:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 20:47 - 2014-08-01 05:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 20:47 - 2014-08-01 05:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 20:46 - 2014-09-04 20:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 20:46 - 2014-09-04 20:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 20:46 - 2014-07-06 20:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 20:46 - 2014-07-06 20:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 20:46 - 2014-07-06 19:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 20:46 - 2014-07-06 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 20:46 - 2014-07-06 19:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 20:46 - 2014-06-23 21:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 20:46 - 2014-06-23 20:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-09 09:43 - 2012-04-22 11:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-09 09:30 - 2011-06-14 20:07 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-10-09 06:23 - 2011-10-15 18:24 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-09 05:57 - 2011-04-09 15:38 - 01503108 _____ () C:\Windows\WindowsUpdate.log
2014-10-09 05:43 - 2012-04-22 11:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-09 05:43 - 2012-04-22 11:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-09 05:43 - 2012-04-22 11:17 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-09 05:38 - 2011-06-14 19:01 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{CFF740F3-2E3C-4916-9B51-B06DC6402A0B}
2014-10-09 05:16 - 2009-07-13 22:45 - 00022704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-09 05:16 - 2009-07-13 22:45 - 00022704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-09 05:03 - 2013-06-02 22:13 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-10-09 05:03 - 2012-02-14 15:48 - 00000212 _____ () C:\Windows\Tasks\AutoKMS.job
2014-10-09 05:03 - 2009-07-13 22:51 - 00196893 _____ () C:\Windows\setupact.log
2014-10-09 05:02 - 2011-11-20 10:35 - 569954366 _____ () C:\Windows\MEMORY.DMP
2014-10-09 05:02 - 2011-11-20 10:35 - 00000000 ____D () C:\Windows\Minidump
2014-10-09 05:02 - 2011-03-03 19:13 - 00511756 _____ () C:\Windows\PFRO.log
2014-10-09 05:02 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-08 22:04 - 2011-06-22 17:30 - 00000000 ____D () C:\Users\Brassington\AppData\Local\CrashDumps
2014-10-08 17:48 - 2012-02-14 15:48 - 00000212 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-10-07 20:28 - 2011-10-15 18:24 - 00000000 ____D () C:\Users\Brassington\AppData\Local\Google
2014-10-07 20:27 - 2011-10-15 18:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-07 06:26 - 2014-07-30 22:58 - 00040399 _____ () C:\Windows\wininit.ini
2014-10-07 06:26 - 2011-08-14 18:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-06 00:14 - 2009-07-13 20:34 - 00450811 ____R () C:\Windows\system32\Drivers\etc\hosts.20141008-222417.backup
2014-10-05 23:42 - 2011-08-14 18:30 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-10-03 16:03 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-10-03 13:59 - 2011-07-18 16:08 - 00074426 _____ () C:\test.xml
2014-10-02 23:22 - 2012-08-27 21:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-01 10:45 - 2011-06-22 17:30 - 00000000 ____D () C:\Users\Brassington\AppData\Roaming\Azureus
2014-09-30 15:36 - 2014-04-25 10:06 - 00138752 ___SH () C:\Users\Brassington\Desktop\Thumbs.db
2014-09-11 06:30 - 2012-01-12 09:37 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2014-09-11 03:08 - 2012-02-14 15:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 03:06 - 2013-08-12 02:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:03 - 2011-11-13 21:08 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:02 - 2014-05-06 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 04:13 - 2014-08-31 18:19 - 00000348 _____ () C:\Windows\Tasks\0814tbUpdateInfo.job
2014-09-10 04:13 - 2014-08-31 18:19 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-29 22:58

==================== End Of Log ============================



addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by Brassington at 2014-10-09 10:17:11
Running from C:\Users\Brassington\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.5 64-bit (HKLM\...\{44713725-8CC8-4710-B727-DC13A3665F9C}) (Version: 3.5.1 - Adobe)
Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.134 - ArcSoft)
ArcSoft MediaConverter 7.5 (HKLM-x32\...\{69039A13-9ABB-4264-A570-0023FB2D4F18}) (Version: 7.5.0.114 - ArcSoft, Inc.)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.369 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{A8F6C30C-65C0-C71A-9844-93BC37BDE1FE}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2247 - AVG Technologies)
AVG 2012 (Version: 12.0.4031 - AVG Technologies) Hidden
AVG 2012 (Version: 12.1.2247 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
Brother MFL-Pro Suite MFC-J415W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
Canon MX860 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX860_series) (Version: - )
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0127.629.11510 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0127.629.11510 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0127.629.11510 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help English (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help French (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help German (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0127.0628.11510 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0127.629.11510 - ATI) Hidden
ccc-utility64 (Version: 2011.0127.629.11510 - ATI) Hidden
Conduit Engine (HKLM-x32\...\conduitEngine) (Version: - Conduit Ltd.) <==== ATTENTION
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5009.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.5009.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version: - Microsoft)
Evernote (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 3.5.7.2910 - Evernote Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 3.1.5 - Kobo Inc.)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 2.0.181.2 - McAfee, Inc.)
Media Gallery (Version: 1.4.0.11300 - Your Company Name) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
OOBE (HKLM-x32\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 3.20.1018 - Sony Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.00.11260 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.4.00.10090 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.4.00.11290 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.4.00.09190 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.4.00.11300 - Sony Corporation) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.0.12170 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden
Remote Play with PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8312 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.8.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.10.0 - Tweaking.com)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
VAIO - Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.4.0.11300 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{FF1FC66F-536F-46BD-98E3-D8DA127A810E}) (Version: 1.4.00.10090 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.4.00.11300 - Sony Corporation)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.0.12170 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.1.05290 - Sony Corporation)
VAIO Care (x32 Version: 6.4.1.05290 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.4.0.11260 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.5.0.10140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.5.0.10140 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.3.0.11090 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.3.0.11220 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.1.0.10120 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{884A242B-BE5C-4F9F-9177-F44156A5D081}) (Version: 13.00.0927 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.2.0.11040 - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.23300 - Sony Corporation)
VAIO Media plus (Version: 2.1.0.23300 - Your Company Name) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}) (Version: 2.1.0.14080 - Sony Corporation)
VAIO Messenger (HKLM-x32\...\VAIO Messenger) (Version: 2.0.291.0 - DDNi)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.4.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.4.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.0.09010 - Sony Corporation)
VAIO Satisfaction Survey. (HKLM-x32\...\VAIO Satisfaction Survey.3.0) (Version: 3.0 - Sony Electronics Inc.)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.4.0.12090 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.3.0.11250 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.6.1.02150 - Sony Corporation)
VAIO Update Merge Module x64 (Version: 5.6.10270 - Sony Corporation) Hidden
VAIO Update Merge Module x64 (Version: 5.7.13130 - Sony Corporation) Hidden
VAIO Wireless Wizard (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 4.0.0.02180 - Sony)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
Vuze Remote Toolbar (HKLM-x32\...\Vuze_Remote Toolbar) (Version: 6.3.3.3 - Vuze Remote) <==== ATTENTION
Vuze Remote Toolbar v9.6 (HKLM-x32\...\{873B2B61-0363-42EB-A573-52D1CE9996F0}) (Version: 9.6 - Spigot, Inc.) <==== ATTENTION
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

18-09-2014 10:23:04 Scheduled Checkpoint
24-09-2014 09:00:14 Windows Update
01-10-2014 09:00:14 Windows Update
05-10-2014 03:57:25 Speed Cleaner
05-10-2014 04:05:06 Speed Cleaner

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2014-10-08 22:24 - 00450875 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00919217-D341-4884-9707-328D7F8B43A9} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {094BF456-5D32-451A-ADB6-CC4516178DFD} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{2AEE5DB7-EE78-4E41-AC99-BCAA3AE9F18D}.exe
Task: {0AEE235D-D6D8-41C7-B7DB-7B6F072308E5} - System32\Tasks\SONY\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {0F078AB3-C3A0-4A10-9313-FA7584E352EF} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Brassington => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2010-11-05] (Sony Corporation)
Task: {15CC5B59-A206-4257-BC8E-33215B3D67C3} - System32\Tasks\dd061bac => C:\Users\BRASSI~1\AppData\Local\Temp\\setup3183765036.exe <==== ATTENTION
Task: {16B5F230-DCE4-4194-9F25-B795400AA7ED} - System32\Tasks\68a2d7bc => C:\Users\BRASSI~1\AppData\Local\Temp\\setup4057634452.exe <==== ATTENTION
Task: {2088B15F-140E-4C31-86E7-557ED3F0D3B5} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {3E618079-877C-40C5-A640-45B202F4F8D9} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe
Task: {4078A2C0-56FA-4949-9D28-5CFF4FDCE1AA} - System32\Tasks\170ff18 => C:\Users\BRASSI~1\AppData\Local\Temp\\setup24182552.exe <==== ATTENTION
Task: {4C9D9EE0-368A-4767-A855-8EDF25D5F47D} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2011-03-04] (Sony Corporation)
Task: {4E7EF08B-01DB-471B-B9CF-7A12E5EC2DCA} - System32\Tasks\b3e77c40 => C:\Users\BRASSI~1\AppData\Local\Temp\\setup2493892288.exe <==== ATTENTION
Task: {4EB6AC92-0CD3-4466-AF4F-9072784391E0} - System32\Tasks\4c3ad18 => C:\Users\BRASSI~1\AppData\Local\Temp\\setup3556835992.exe <==== ATTENTION
Task: {5B4BA378-35A6-4B8D-822B-EF81BEAE3DB7} - System32\Tasks\4d065a8c => C:\Users\BRASSI~1\AppData\Local\Temp\\setup1292262028.exe <==== ATTENTION
Task: {63EDF59C-FA36-4213-81F7-541EC586C966} - System32\Tasks\0814tbUpdateInfo => C:\ProgramData\Avg_Update_0814tb\0814tb_{EB09082A-896A-4226-A6DD-C1B92C88E005}.exe [2014-08-31] ()
Task: {64DAADF1-D81E-449C-90E1-7989AE9F0E50} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation)
Task: {744475B8-7D30-48CD-B4CE-390BA16F8E0E} - System32\Tasks\Sony\ATI Catalyst => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-27] (Advanced Micro Devices, Inc.)
Task: {786E4473-4958-4096-9EFE-99278E12D45A} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation)
Task: {7F7E6A8A-AC40-4E8E-B00D-087932784072} - System32\Tasks\d5aaf7c => C:\Users\BRASSI~1\AppData\Local\Temp\\setup224046972.exe <==== ATTENTION
Task: {812EF9BC-CCEC-4CE2-A7CB-461AF82297EB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {81A7EB67-4C54-45D6-ABD1-A7EF4E308476} - System32\Tasks\998e0174 => C:\Users\BRASSI~1\AppData\Local\Temp\\setup940087288.exe <==== ATTENTION
Task: {8D009563-56CF-45A9-87C7-776410EF2273} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-15] (Google Inc.)
Task: {9015928F-178A-46DD-B3E3-36ABF4F918E6} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {909D569F-9B1F-43C3-83AA-F28E6B7255D6} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {90FBD0BB-BCD8-4814-ABFE-6B4C83421D4A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {9974F2FF-FBCE-4A0D-BD32-F3A40BBA80BC} - System32\Tasks\e31830ec => C:\Users\BRASSI~1\AppData\Local\Temp\\setup2991949420.exe <==== ATTENTION
Task: {AAE1EAF2-EB5F-438C-8EDD-7B3BBAE7B456} - System32\Tasks\9c7a215c => C:\Users\BRASSI~1\AppData\Local\Temp\\setup989121628.exe <==== ATTENTION
Task: {B2738E54-1A7F-4B36-B05F-64B5C8E93B00} - System32\Tasks\ec945e64 => C:\Users\BRASSI~1\AppData\Local\Temp\\setup3444746468.exe <==== ATTENTION
Task: {B5CD221A-ECE0-4E60-B45E-E0331A84E79B} - System32\Tasks\3753ee4c => C:\Users\BRASSI~1\AppData\Local\Temp\\setup928247372.exe <==== ATTENTION
Task: {B7FB2A9F-D766-487D-98CC-0F7742D20294} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {BBE8C191-2EBB-4104-BEE8-BA841F501147} - System32\Tasks\bfdaba88 => C:\Users\BRASSI~1\AppData\Local\Temp\\setup3218782856.exe <==== ATTENTION
Task: {C14C7B9B-D697-4C4A-A3A6-EF662A2CDDD4} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update Common\ShellExeProxy.exe [2012-01-13] (Sony Corporation)
Task: {C8E4D1E4-35AA-4F2B-AC13-16C84F183048} - System32\Tasks\217100a4 => C:\Users\BRASSI~1\AppData\Local\Temp\\setup4037957156.exe <==== ATTENTION
Task: {CBEFFAC3-2C64-4077-B31C-8CB842FBB14E} - System32\Tasks\70c19cb0 => C:\Users\BRASSI~1\AppData\Local\Temp\\setup1073667508.exe <==== ATTENTION
Task: {D0BA0CFE-1572-4486-A845-E57BCDF90713} - System32\Tasks\VAIO® Messenger (Brassington) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
Task: {D7302D5E-5832-45DB-A0CC-532B4A58462E} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2011-03-04] (Sony Corporation)
Task: {E456D98C-5C8C-4132-9FEE-0787C1E61D0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-15] (Google Inc.)
Task: {E7E106CD-DDFD-4802-96EA-E17E9069C763} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {F00EBDE9-06F7-42B8-AF65-0B919E512E40} - System32\Tasks\49362f24 => C:\Users\BRASSI~1\AppData\Local\Temp\\setup1228287780.exe <==== ATTENTION
Task: {F42AC765-0049-4A27-A44E-4F76B50CF458} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2012-01-17] (Sony Corporation)
Task: {F7126705-A907-414E-8F47-DA715E818474} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {FB426CC3-D90C-49EF-B6DE-2C71DF1294EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-09] (Adobe Systems Incorporated)
Task: {FC1F2EA9-940B-4A2E-B024-5047A4BE89E9} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: C:\Windows\Tasks\0814tbUpdateInfo.job => C:\ProgramData\Avg_Update_0814tb\0814tb_{EB09082A-896A-4226-A6DD-C1B92C88E005}.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{2AEE5DB7-EE78-4E41-AC99-BCAA3AE9F18D}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-11-02 11:58 - 2010-11-02 11:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-02-14 17:27 - 2012-01-09 17:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2012-02-17 11:22 - 2005-04-21 22:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2014-08-12 00:13 - 2014-08-12 00:13 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2010-11-02 11:58 - 2010-11-02 11:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-01-12 09:37 - 2014-09-11 06:30 - 02640408 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2011-06-15 10:32 - 2011-02-25 15:14 - 00297472 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2011-06-15 10:32 - 2011-02-25 15:14 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2011-06-15 10:32 - 2011-02-25 15:14 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2011-06-15 10:32 - 2011-02-25 15:14 - 00063488 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2011-06-15 10:32 - 2011-02-25 15:14 - 00215040 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2011-06-15 10:32 - 2011-02-25 15:14 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2011-06-15 10:32 - 2011-02-25 15:14 - 00260608 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2011-06-15 10:32 - 2011-02-25 15:14 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2011-06-15 10:32 - 2011-02-25 15:14 - 00059904 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2011-06-15 10:32 - 2011-02-25 15:14 - 00157696 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2011-06-15 10:32 - 2011-02-25 15:14 - 00138752 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2011-06-15 10:32 - 2011-02-25 15:14 - 00025600 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2014-10-05 23:43 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-05 23:43 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-05 23:43 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2010-09-10 07:47 - 2010-09-10 07:47 - 00135168 _____ () C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\Extension\MrsMpegParser.dll
2011-03-03 18:26 - 2010-12-23 15:24 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-08-12 00:13 - 2014-08-12 00:13 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2012-02-17 11:22 - 2009-02-27 14:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-09-11 03:43 - 2014-09-11 03:43 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\e39f250f44c042610b447ddce43d1aa2\IsdiInterop.ni.dll
2011-03-03 18:04 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-09-28 19:54 - 2014-09-28 19:54 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4272480943-3451767055-1814136413-500 - Administrator - Disabled)
Brassington (S-1-5-21-4272480943-3451767055-1814136413 - Administrator - Enabled)
Guest (S-1-5-21-4272480943-3451767055-1814136413-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4272480943-3451767055-1814136413-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Canon MX860 ser Network
Description: Canon MX860 ser Network
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Canon
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: udfs
Description: udfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: udfs
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/09/2014 05:09:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (10/09/2014 05:09:48 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (10/09/2014 05:06:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (10/09/2014 00:06:47 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.

Error: (10/08/2014 11:15:21 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (10/08/2014 11:15:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (10/08/2014 11:15:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (10/08/2014 10:04:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 32.0.3.5379, time stamp: 0x54224e6b
Faulting module name: mozalloc.dll, version: 32.0.3.5379, time stamp: 0x54221b67
Exception code: 0x80000003
Fault offset: 0x0000141b
Faulting process id: 0x1588
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (10/08/2014 03:11:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (10/08/2014 03:11:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.


System errors:
=============
Error: (10/09/2014 09:43:08 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "BRASSINGTON :0" could not be registered on the interface with IP address 192.168.0.13.
The computer with the IP address 192.168.0.4 did not allow the name to be claimed by
this computer.

Error: (10/09/2014 05:10:45 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (10/09/2014 05:09:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error:
%%-2147467259

Error: (10/09/2014 05:09:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error:
%%-2147467259

Error: (10/09/2014 05:06:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error:
%%-2147467259

Error: (10/09/2014 05:04:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (10/09/2014 05:04:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (10/09/2014 05:04:14 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "BRASSINGTON :20" could not be registered on the interface with IP address 192.168.0.13.
The computer with the IP address 192.168.0.4 did not allow the name to be claimed by
this computer.

Error: (10/09/2014 05:04:14 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A6A9CD57-31C8-474B-A6BE-561C58D1BC2B} because another computer on the network has the same name. The server could not start.

Error: (10/09/2014 05:03:56 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000116 (0xfffffa8009c2d010, 0xfffff880045392ec, 0x0000000000000000, 0x0000000000000002)C:\Windows\MEMORY.DMP100914-57689-01


Microsoft Office Sessions:
=========================
Error: (10/09/2014 05:09:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 1600000000194B0000194B0000980B0000

Error: (10/09/2014 05:09:48 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 1600000000194B0000194B0000980B0000

Error: (10/09/2014 05:06:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 1600000000194B0000194B0000980B0000

Error: (10/09/2014 00:06:47 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (10/08/2014 11:15:21 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 1600000000194B0000194B0000980B0000

Error: (10/08/2014 11:15:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 1600000000194B0000194B0000980B0000

Error: (10/08/2014 11:15:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 1600000000194B0000194B0000980B0000

Error: (10/08/2014 10:04:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b158801cfe357aa664676C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll4e85fa64-4f69-11e4-a4d2-f0bf9717eb0a

Error: (10/08/2014 03:11:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 1600000000194B0000194B0000980B0000

Error: (10/08/2014 03:11:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 1600000000194B0000194B0000980B0000


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 55%
Total physical RAM: 4077.28 MB
Available physical RAM: 1811.04 MB
Total Pagefile: 8152.74 MB
Available Pagefile: 5159.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:585.17 GB) (Free:204.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 07AF376D)
Partition 1: (Not Active) - (Size=10.9 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=585.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================


aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-10-09 12:39:10
-----------------------------
12:39:10.054 OS Version: Windows x64 6.1.7601 Service Pack 1
12:39:10.054 Number of processors: 4 586 0x2A07
12:39:10.055 ComputerName: BRASSINGTON UserName: Brassington
12:39:12.431 Initialze error C000010E - driver not loaded
12:41:18.140 AVAST engine defs: 14100900
12:41:20.667 Service scanning
12:41:53.817 Modules scanning
12:41:53.826 Disk 0 trace - called modules:
12:41:53.831
12:41:57.693 AVAST engine scan C:\Windows
12:42:01.535 AVAST engine scan C:\Windows\system32
12:46:51.607 AVAST engine scan C:\Windows\system32\drivers
12:47:06.152 AVAST engine scan C:\Users\Brassington
12:54:03.378 The log file has been saved successfully to "C:\Users\Brassington\Desktop\aswMBR.txt"

OCD
2014-10-10, 05:31
Hi beuford23,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) AdwCleaner v3: Scan & Clean (http://www.bleepingcomputer.com/download/adwcleaner/)

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
Click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Junkware Removal Tool

Download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Shut down your protection software now to avoid potential conflicts.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Malwarebytes Anti-Rootkit

Download Malwarebytes Anti-Rootkit (http://downloads.malwarebytes.org/file/mbar)
Once the file has been downloaded, right click on the downloaded file and select the Extract all menu option.
Follow the instructions to extract the ZIP file to a folder called mbar-versionnumber on your desktop.
Once the ZIP file has been extracted, open the folder and when that folder opens, double-click on the mbar folder.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Double-click on the mbar.exe file to launch Malwarebytes Anti-Rootkit.
After you double-click on the mbar.exe file, you may receive a User Account Control (UAC) message if you are sure you wish to allow the program to run. Please allow to start Malwarebytes Anti-Rootkit correctly.
Malwarebytes Anti-Rootkit will now install necessary drivers that are required for the program to operate correctly.
If you receive a DDA driver message like could not load DDA driver, click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer and will start automatically.

http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMAnti-Rootkit1_zps4613be8c.png (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMAnti-Rootkit1_zps4613be8c.png.html)

Please click by the introduction screen on the Next button to continue.

http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMAnti-Rootkit2update_zpsf85fca28.png (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMAnti-Rootkit2update_zpsf85fca28.png.html)

Next you will see the Update Database screen.
Click on the Update button so Malwarebytes Anti-Rootkit can download the latest definition updates.

http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMAnti-Rootkitupdatecomplete_zpscf9f4cdb.png (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMAnti-Rootkitupdatecomplete_zpscf9f4cdb.png.html)

When the update has finished, click on the Next button.

http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMAnti-Rootkitscan_zps9b346fe7.png (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMAnti-Rootkitscan_zps9b346fe7.png.html)

Next you can select some basic scanning options. Make sure the Drivers, Sectors, and System scan targets are selected before you click on the Scan button.
Malwarebytes Anti-Rootkit will now start scanning your computer for rootkits. This scan can take some time, so please be patient.

http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMAnti-Rootkitscan-results_zps9f0fdf8e.png (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMAnti-Rootkitscan-results_zps9f0fdf8e.png.html)

When the scan with Malwarebytes Anti-Rootkit is finished, the program will display a screen with the results from the scan.
Make sure everything is selected and that the option to create a restore point is checked.
Next click on the Cleanup button. Malwarebytes Anti-Rootkit will then prompt you to reboot your computer.
Click on Yes button to restart your computer.

There will now be two log files created in the mbar folder called system-log.txt and one that starts with mbar-log.
The mbar-log file will always start with mbar-log, but the rest will be named using a timestamp indicating the time it was run.
For example, mbar-log-2012-11-12 (19-13-32).txt corresponds to mbar-log-year-month-day (hour-minute-second).txt.
The system-log.txt contains information about each time you have run MBAR and contains diagnostic information from the program.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Reboot

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

AdwCleaner[S0].txt
JRT.txt
system-log.txt
mbar-log
New FRST.txt

beuford23
2014-10-10, 08:53
# AdwCleaner v3.311 - Report created 09/10/2014 at 22:00:00
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brassington - BRASSINGTON
# Running from : C:\Users\Brassington\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\cwams0dh.default-1398958773303\prefs.js ]


[ File : C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\kztrwi7h.default-1406780185987\prefs.js ]


-\\ Google Chrome v38.0.2125.101

[ File : C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [18602 octets] - [09/10/2014 21:21:57]
AdwCleaner[R1].txt - [1349 octets] - [09/10/2014 21:59:08]
AdwCleaner[S0].txt - [16698 octets] - [09/10/2014 21:32:24]
AdwCleaner[S1].txt - [1272 octets] - [09/10/2014 22:00:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1332 octets] ##########




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 7 Home Premium x64
Ran by Brassington on 09/10/2014 at 22:18:24.58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0A89EC6C-1016-4FDB-A001-51E61D7163C4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0A89EC6C-1016-4FDB-A001-51E61D7163C4}



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{000EAAA1-E577-4D4C-BFF4-474DB21C5F35}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{00839F23-3150-4264-B5C5-0CCE24C4FE48}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{0108F4B4-D273-47A4-B45A-88AC0F55199C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{010B895B-0415-4428-962C-F9AFEF0D1812}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{020F7C9C-3022-4006-A831-9AA47A373D8B}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{036608C5-1807-450E-9478-3D6FD51FAB92}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{03F386CF-BF1F-4E11-9853-4EC587198533}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{046E5FAA-2558-4EA2-BFCB-06269F9735EB}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{04C65E81-0F48-4B4C-9644-BF0EFC38C27C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{05CFEF47-8712-45A4-921C-4BC5B634AE5A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{067EA3D8-EED6-4AFF-851F-59E6691BC2A9}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{07622AE7-8F5F-46FE-8FB7-4F045E3015FC}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{079D609D-9BF0-421C-BCAB-141D7BCDA537}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{07BF8B88-2115-490E-B73A-38784A8B46A1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{07CF76F7-37F4-4366-B6AA-51D218D2D45E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{08366F53-7753-47CF-8D23-4B0A17A8A3A5}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{089560AD-075D-464F-818B-424E3CA8F2D0}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{08EDFE34-997B-4C52-AA10-50E94E84556C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{09F793BC-997E-4B92-BE49-0D9E0B8A9DB2}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{0D65CBC3-3B17-4F2A-A94A-954ADFDB3A25}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{0E44C43C-0E66-47AD-8496-9490DBF04272}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{0E462913-460D-4D7B-B148-35AAB31A3A30}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1168A918-468A-4218-9B4C-E124154292F2}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1341A1DE-A340-407D-8FD1-63D6271327A8}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{13B7FAFD-DC62-4660-91B6-082FB7E298A8}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1405718B-E1ED-4A78-B0E8-D3C8B4CE608D}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{14B0DCFD-6DA5-4E0F-869D-75DACEA97C56}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{14D2393B-9111-446E-AC4F-5A616963A8CC}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{158E011C-6ACD-4D39-AF80-6AE273782F36}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1603BD67-C963-41CE-B492-BC8A6DF01221}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{160F5A66-0D3D-43BA-ADDE-11CFE05BE21E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{16B9D779-AC12-4D63-8C3F-53582835F2AF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{179F5516-CA6F-44F6-9878-3DC0158DB12A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1860D2F0-F286-4DAA-931F-D436458F1063}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{18BBBB84-C1EE-47E2-9817-5A2883BDA1B2}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{19AD35D8-A641-4BC5-81F3-3921B00600C4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1A82BD83-5CDB-49DC-8C50-CAB816A92553}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1AA563B7-105B-42F0-965D-DD41A95851B4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1B9EFA6E-54A1-46FB-B6A8-708FF60F6B31}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1BA212DF-C71E-44A8-A677-1B6EC5388320}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1C4586E9-91BB-4FE8-8008-EA2747A416D4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1D756423-817E-4A1C-B849-37AD6693E4BF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1E1408B7-69DB-4D8E-9525-8BA1D121B958}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1E45A426-58F3-460E-BAB9-5DC112738C92}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1E58FFB9-65EE-46D9-933C-1D9DD4BFFE26}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1E878967-C18F-4E66-B14C-801BC14BB11C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1F096A1B-9AD7-44DA-BDCF-D1ADF53E65C9}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{1F74AC82-D860-4B51-8F32-E8DAA527EE02}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{20E05987-7F96-4EE5-A890-3C61EACA7321}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{20E4AE86-C24E-4DC8-9768-258CE79D0043}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2114BCCC-377A-4F03-BC01-01022ACA45D2}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2131817D-3B5F-476F-86F3-C52607C18730}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{224FCE96-AAD1-46EE-9C09-1F1BB7652DD3}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{243C5B61-D92A-4E3A-98A0-87AAA98419D1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{24F3FB9D-2F6E-4751-8FC9-489FE168EE62}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{267E8885-6AC1-4D85-8AD8-F6CD6FEFB575}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{26BD9D02-63DE-4B1D-ABBC-2C995B1610C1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2706E6F5-4B7B-496D-86CE-47D9E28FC4C1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2783042A-D43E-4A01-B397-983E503FEE39}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{27B4FF7E-94E4-43CC-8340-68CE10009877}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{27D7FCBE-7A23-4941-9054-CBB58B1C1562}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{281775B8-0B35-4199-83F1-2F3644148FE1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{284A7145-F2AB-4F10-BBD3-45A343028C97}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{28583EA9-6768-499C-BF2F-59597BAD1156}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{29AE0937-5351-4278-9147-4EE4424F2713}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2A7035D2-575D-444F-86C5-524CB6A78C4A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2B5E8E86-A055-4FE2-99CC-1E0B34FF4645}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2BD391A9-8A51-40DC-808C-A913E77BB4B3}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2C1EF740-4B12-49E4-B5CA-521FCEFEABF1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2C406810-B56B-4A8C-823F-207347250D4A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2C5C7CC1-7E5E-4CEB-90B3-8EE433D4078F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2CE0A41F-CBDA-4BB6-8790-EC59BFA638DB}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2E546164-3810-4B08-A01D-700353117628}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2F042B69-D9AF-475B-817D-EC5DCD253D9C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2F76D08D-F779-411A-87F2-7905423BDDB8}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2F7AB179-1DCD-486B-9A25-722FD028D008}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2F887008-3706-4694-B326-A47B629E12F8}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{2FA14D4C-9744-4BFA-B6D6-1557F4A51983}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{302F00C9-5CCD-410E-8500-AB88C71600E6}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{3097D400-CCE2-40C5-AE13-A317738DB733}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{30F43D20-2301-41D0-941C-89513533AD0E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{312B7C88-0A97-436C-8607-CBD1AF3C340F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{313D1981-72D1-4A2E-862E-CCEF988B99E9}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{3162B650-DBA3-4EEC-97FF-ABB6BE2D642F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{318AD1DA-91BF-4208-848A-D6A03DFEF1D2}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{31FDD9DA-0CA1-48E2-A358-E0BC4E49FE25}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{32EAE9DE-25AF-489F-94E7-718B9FE9E676}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{3452C174-78E1-4F4A-92D7-E506387B0DE2}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{35EBE906-72E7-41FE-AD3D-00D89ED86472}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{36C33784-6796-45D0-839F-E759387E2943}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{375DF251-B11F-468E-8C3A-82FB6EEF0838}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{380F0F9A-6CA9-488F-A7EA-206D6AE37B44}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{38AB84F9-A695-45EF-87ED-652CEAC40B34}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{38D4D1FB-D415-4B49-A025-419223930B57}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{38DD5BD8-B9A6-4555-ABFA-A86D1FBA8D75}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{394FB997-93A1-46DE-95C1-3CAAB3EA8C40}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{39C78BFA-BFC2-4428-A9FA-D275AAACE386}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{39CD7B25-3020-4F96-BC1C-BFF2259EA339}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{3BE43044-DE0F-478D-8AE5-2BDF106D5CDA}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{3CFA82DC-E521-40B3-B2BB-422FA20FCCA9}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{3DE3F664-9AD4-49FD-8A15-4BADA7492C5A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{3EC0FE99-4CDC-454E-828B-98265202BC10}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{40042F8B-12E0-4288-A16C-B8E86D67C18A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{40401D12-747D-4332-9795-5A8D1AA83196}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{40C23006-D7F8-41B4-97E8-13669A9DD63E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{411A623F-A24A-4C29-9FAE-E9E9C22A893D}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{411DCC05-8735-4096-99F7-3E7D3CB0A31D}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{412D7311-ACEA-4302-82E5-0E5651412E0B}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{415AE143-494C-4E54-8848-13BCF1280059}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{41C4ECA0-0F1F-420C-BE9A-77C5FD7D5C06}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{41DAB78E-A029-45BD-942F-655831EF1E6F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{41DC9C93-2F4E-4A85-9BB4-F6D9651866C0}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4214E1F7-4442-444D-B760-60BF8C767DC2}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{429AA0CB-3F51-4F66-89C1-845FBE5DDDD3}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4469902F-9827-49D5-BF08-5D928C8E0CDE}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{452F4D96-F44F-41B8-85C0-989FE5AACCEC}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{453065DF-A26E-471D-A60C-439CEC81C321}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{45D3D370-006A-4CFD-B12C-B0FF0B614B48}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{45D48977-0913-41CA-AD53-A88C4410FE68}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4623D294-AC13-45B2-9AB1-91251A2558A1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{46D60431-69BE-4BF6-AEA0-814111A69541}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{47141F87-9A32-4755-9E54-070DEA2DBA32}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{472610FE-A59C-4A55-AC30-908BEA46826F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{480787A1-1C28-4B7F-8E55-12DC146EE225}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{480A1150-D081-41A9-9BE3-458D94F97F08}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4823A99F-13A4-4662-AA2A-4483AEC431A1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4850422E-1B36-48F4-877B-E177E255E686}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{49083321-1CCB-480E-83DF-4F60FA42E73C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4ACD6816-E9A4-4C8D-BF1B-A515DD0861D2}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4AD0B882-1BF9-4387-9471-66EC3938905D}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4AD4860C-40B1-443E-AC89-4EBB4245CA23}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4C14CAA6-FA6D-4DC1-AEC8-696CDB86FCD2}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4C507178-C130-45B4-81AA-65BDB8CA70C6}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4C87DACF-8075-49D9-AD65-E92AB321952A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4D5DE67B-21CD-4E7F-8ADD-9D4DE79FE27D}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4E744B6B-A908-4538-BB54-0714CCC5F4FA}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4E90E850-0AFF-4BD2-84BC-B9F4E478F2DF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4EA009F9-3C12-432B-8CC9-91A0E30E13B5}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4F032CDB-D7E8-4721-B4C3-110CD956763A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{4FF869CF-56BE-4485-96F7-D7DED1D57829}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{5134DDF3-74B4-4E1F-B36B-0A7F8B43BC44}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{521142F8-497D-4D58-B725-340F2A1C3420}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{5331FDD4-0816-47B2-BCBE-4A4036DB17D4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{534C48A8-D6A3-4B43-8AAA-517B79F75777}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{53A871BE-9B46-4F1D-B480-45563BBCE3E7}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{542B264A-2C51-475F-8E39-0F420AA9EC78}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{548A1DCF-F067-4E45-856D-A8A676802D71}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{54EAB25C-09BB-4F2D-A259-35938421F0FB}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{563D5FC4-643C-4E4E-A206-45B8A111C669}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{5763600B-D4A5-4D4D-B492-3ABC323599B9}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{57E0B54E-3946-4A41-BAF5-F1AB914F2693}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{589C9B5D-0FCF-4851-886F-0C576C0F0B26}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{599E2363-D8BC-4249-B4EA-FE9C25CA1B56}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{59CA2965-3EF9-4E71-B75F-C01B7237184F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{5A1B32CA-4841-41DA-A6AE-8816F3B42FBF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{5B58FA8E-D793-4A14-847E-17CDA4BF6AAF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{5B6E9DBD-D374-430D-ACF5-7454FE1557D5}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{5BE222E9-A81B-484A-A961-F206E9FD1A4B}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{5C3D3700-5A42-465B-8009-A543BB18CD17}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{5C930329-3C0C-489D-B939-3A3FA1F72F32}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{5CE4D517-CECD-49DA-9865-BD080BED057C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{5DB2F9AC-1E81-4DE5-8F06-24F901E4F1AB}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{5EB0DCEC-3BDA-4AB6-9FD9-152F3E0B14DB}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{5F2FD867-D777-4767-AB43-A55957CBD44B}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{60761CD0-086E-4158-B325-65581CE9C541}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{607A7BED-AF20-4F74-974A-C614D38A3027}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{60F172E1-FD48-4EC1-9647-F350657312F6}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{611B2400-A8CF-4A04-A6B5-37A59899D34A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{62565F88-7626-4DCA-98BC-C062AB068893}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6264275E-BB5C-495B-AABC-D37D90ACE18E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{62776502-BBE8-4CA8-9755-A28E6CB539E3}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6345B291-5835-440E-9552-8A2745B7AD1B}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{63627CAC-10C0-4EE2-99B7-1E51B00FC716}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{63E9E4D8-01EE-4CA2-897B-32021A7161C0}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{64E0D5BD-C239-43B7-8B2C-1D923974876E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{66416B0C-87BF-42E3-B735-FFC3AA81202D}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{665C8013-E2CC-4BF8-BFB7-75A139727CFC}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6712A8F7-C79A-4375-9AC2-DE7DEEBA79BC}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6746A9E9-3327-4741-B3B6-3C198CE1A2A7}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{684B6403-553B-46D4-A60B-D6A16A545649}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6854DCAD-14F6-434A-BE8D-2C0D88685AC2}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{69DB23A8-F8D2-4EE7-8592-FE9A5BD07AE4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{69E0CCA3-0E02-43F0-B89C-CAF4ADEA0CDC}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6A46AF63-FECC-449A-907C-0440428ADBF4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6A99696F-B0A3-4C69-B30B-EB3478971265}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6B1B2BF4-E085-4D29-AF4D-2842507DC96C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6B80D58E-8451-4592-8AC3-665F8DCA03F4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6C4E0C0B-AD9C-4854-BE8C-9A462453418C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6C7E0BAC-9EE1-4DC8-BE7B-63E72E4E6296}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6D390FEC-8BED-4896-90FC-CFFA1D8071E3}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6E5751CC-F330-49FA-9A83-E92E663DAAA4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6E6D3F29-0525-4E47-8632-3A02B081B13A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{6F3F5DC0-C191-4CC0-90D0-F9B56801A2D3}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{70D1CFFC-8900-46E7-AC9D-9794D002EECF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{71BE6F96-3057-4966-8896-ABC7F880B3E7}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{7225DCA0-4E9E-4B1B-97B0-6BD2DD101B3A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{75E9A2FC-71C9-4708-9733-E8A1AFFE1A87}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{774ED2B9-00E1-4788-8DE6-BF064602D09A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{776CD0DA-5E0E-45C9-B8ED-5A6FCF5FEB59}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{77DFB4CF-26BA-4C0D-851E-39F89CA1D40F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{77F46D11-013A-42CE-B1C1-6DFB1E91CFDC}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{78AF05FC-C0B8-429C-9A2C-DB95601F5F12}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{78F71C11-535C-4DB8-86A0-2A4CABC7BE22}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{793C20F8-37FE-484A-BD56-05589956EE3E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{7965468D-71B6-42BF-8686-35288311609E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{7965C9AC-04F9-4F45-A43D-03838A2B7DE4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{79782B9A-5388-47EB-9298-0295D82C5812}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{79B99EB7-1C48-4CDF-A411-3FF0250510F0}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{79EA5830-8E82-4300-AA2E-8B65B0855696}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{79F6D598-7784-4A70-8BF8-19A92B991988}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{7AE7293D-647F-4664-B137-9E9DE5B22EAB}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{7AEE8488-8311-4F73-BA4D-9FBAF23B2E55}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{7B286796-814D-46F1-B407-05AA0E2B02EF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{7B743312-D389-4BAD-8347-B8374F21A5E8}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{7BA7A979-1130-48A1-969A-3FB77BD22F58}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{7C4AEF7D-426E-4113-826F-A1191E4399D8}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{7D404A01-7CE8-4F77-A63A-E2FC3A091293}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{7FA54243-74F9-4B80-93CB-66C890DBE6B4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{7FD92CFA-D6E2-4BDA-928B-D3E8BBFE72C4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{800630D8-E1B6-4724-A2ED-AE1D42DCDC67}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{80F2C9E7-7336-4CC6-A231-7C22E961D679}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{81EC3FE9-DE2C-444F-A20E-FB049107C284}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{8314C86F-0181-4D5B-A2AB-74420C8BAB5C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{8357607D-68BF-47A9-BF42-88BD6EEF9F83}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{83A2759A-8374-4C99-8663-8B4D8E5F6331}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{83F2ADEE-2F18-432A-A141-8FA87DE8FC4C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{8422035B-0214-4B55-A682-C9FA1D1264C7}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{84F2D742-AF4E-4FC0-8A72-C28BEE449F3E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{851210A1-46E7-429E-AFA9-133AFA23AB55}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{85C7D5B1-5D46-4713-83B2-7A6E33D72F49}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{86C294D3-2842-4526-B9CE-97C8BB380CBB}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{87E67419-C194-40C6-ACD5-1AACE10DDC75}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{884080DD-6A3D-4258-8755-43474168D215}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{88BD8AF8-BEB1-4621-9D63-11AF7D8FEEDF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{8B24A40B-2B64-41AB-9C46-3B840E48D3B5}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{8B77E573-C7F0-41F7-9492-D89C70324CA9}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{8C65E3E7-FBB9-4835-A4A7-2E612B7DFB03}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{8E1BD71D-0113-4F32-929B-03F9BA406F96}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{8E2016EE-7AE1-4927-97AE-4F0F3D0DF43A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{8E7FF779-3571-4B7C-950D-66D35E9BD25F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{8EF39923-6E09-4065-87A8-402BEC8388FB}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{8F9E5EB2-04FE-4DF3-A55E-994D08E9D492}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{91064AE4-241D-45D2-84A4-430679870912}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9169D721-DAA0-4EA4-B956-FB79F207E710}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{91B4F302-5BA2-4F67-9271-AE180C61D56D}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{91D01208-4B5A-497D-BFA8-6EA19720A9B5}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{93A5C524-AA43-4A08-94BA-1F8488527D84}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{94A0417B-D264-42E7-BD1A-B85E277DBBE7}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{94CB93DE-28D8-4E08-AD8B-1E9246E4E9B1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{95C62141-290F-4C1A-B74C-509AEA0ADD18}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{95F19820-F2A2-4D0F-B6FD-229A842AC2B3}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{97373A60-B0C2-4F26-AE14-FD163C8BFE0A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9814928E-C876-4009-A86F-6A7A550C16D3}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9933E2B6-7C38-4738-B70D-775457EE94E4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{99D73550-C6A7-4305-8E67-CB342CC1A986}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{99E0EEB8-9C7E-441A-9EDC-72C71C1C3FC4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9A669C2F-245B-48B0-82F9-EE794B0B82C5}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9AC3D89D-88B3-4407-8DF2-6287703799CF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9D5CC932-B090-4B11-9DE9-909083124E4D}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9D9A40B1-0608-4B33-93BA-338951839789}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9DA11182-BFBF-4E7A-A0DA-0D66DB9A9490}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9E49A17F-214C-432E-B4C3-C9B6F54C2471}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9E5BE167-FDB4-4C39-81E6-104AD7821F1A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9ECECB68-5A8C-467E-9EF8-34B55019284D}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9F07C5E4-1B70-44D8-9E65-C317839976B5}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9F28CCE6-1F97-4972-B491-CDBE8AF7EA51}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9F89BAB7-7496-4DC4-AA49-446A5DEB3C16}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{9FC7F9D5-0BBD-4B4A-826F-516A4090C216}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{A139B61E-4C24-472D-B471-8CA45A3A0B85}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{A18D5894-8A59-4026-A06C-919A664E1652}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{A2AB492A-8A65-424E-9D3E-8911FAC3E726}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{A2D43AC5-0638-4631-B554-C5193A7175B6}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{A31E0AFF-D15B-4F0B-B571-BEABB24AE23C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{A487F3D8-FCF0-4F84-9CA6-B35E4924F45A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{A5DF63A3-6DE7-4855-BB37-379EB82961A4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{A6EF5BCF-D5ED-4116-AA9E-33A3748063CF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{A7A5B1D5-813E-47C2-B8D6-304835DADDAF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{A880243E-85C6-42B8-936B-1095C90C9241}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{A95B7332-FB38-4BCF-B5E0-5B074EFF8F19}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{A976A4E2-F5C8-4F48-8C94-393B5958911E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{A9B5722D-8DCD-4F05-8E23-4E63E3C866A9}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{AA99E3CD-1AC5-4830-843B-384A08586084}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{AAF72D84-63AC-414C-A14E-10BB435662E8}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{AB5F4816-688B-4E28-93E7-99B4E022AB76}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{ABBB3EDB-365D-432E-A55E-BF64091E9CBF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{AD5703BF-B469-4914-A414-054E10FA6A81}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{AD9BC95C-6C57-4B8B-B4D4-FFB7C5E92DC7}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{ADBF2997-344E-4D00-AE27-18B47E58FF3C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{AEBD908C-0193-4FC5-A2F3-7890E1518DB1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{AEC7F37B-53FA-4222-A04F-869BDACEFB50}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{AF6CE519-9381-4665-8356-3717625055A2}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{AF7DDCA9-52ED-4A2F-9F86-7F1FBAD745FD}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B0D7DD38-02D5-42B8-846D-29A3A5A03A4F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B1062C20-C561-467F-BB9E-3461CF8F44F5}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B1E28E27-337D-4CF5-A03A-90A3C5FF7E71}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B3ED3361-31B8-415F-9FF5-0A72FDC93DD7}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B4350009-1057-414D-B297-28C29745B08F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B440D049-8438-4636-A5E5-7595BCC1B4CB}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B4B36054-9412-4F75-A751-CC50B3FF70D6}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B4F54C14-5E41-4216-9165-C60A64E05631}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B6168AD4-D37B-4028-8A5E-D9AD2E91F1D4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B6E4B07C-332A-4F5E-8189-D52F1932671F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B7038F41-88B8-4163-AA5A-B9DBC6067301}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B7B137CA-F017-43F9-948A-EE1298951F95}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B7D2033C-7B24-4386-A476-C4373AC5792E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B93B1203-D20B-4CAD-AA81-B5A63DA51A8D}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B93FD2D3-B722-4ECC-BA88-F9CDABC2681F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B9D467FE-AB01-423D-BD83-430F0154FC68}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{B9ED5C97-7946-4102-8BC8-AD64A0AB9FDE}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{BA8083E9-2345-45F6-86B3-A4118A3B7572}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{BC31BF94-25C9-4E2D-86C5-1EA9E0C7ACEC}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{BD6F2D0D-3C40-44F5-9710-116D66BF0DAF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{C0372DBF-E4C1-46E1-A1FE-BE9BEF126758}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{C0D48D2D-10C7-4E35-A46E-3AE86342FE39}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{C1592AA8-3168-49FC-8A76-DFD9051775EE}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{C21A2722-28AD-4FD2-902B-E03909D82282}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{C4CB45C3-CFDF-4011-82EE-51E167DDCC40}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{C4E57C47-BCE9-438E-A0A1-84DC9DB8E9E8}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{C5217E1E-4F55-4B83-824C-EF8FA66D23BC}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{C5F001E3-4873-400D-B9E3-F3D5B3597C42}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{C60D6DB1-A65B-4C13-AB75-2DEFA569E832}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{C6E0F003-9E5A-4604-A845-BCD2431DB466}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{C740CC79-3505-487B-A9F4-A52811D97EAF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{C8C52BF0-0D5B-4F04-8806-1E93202E25C8}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{C900341D-0930-476D-8E71-CB5F8B09DE40}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{CA41A7BB-5D18-4E05-9FBE-5D839F549E68}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{CA8E00F3-4D21-4B15-B55B-ABB4839719A1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{CAB05F03-DA72-4EAB-BE98-2C92E2109B7B}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{CBEBB1AB-8395-48B5-9FB2-8EBC41395A63}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{CC76FD0A-66B5-4681-8C07-0FE023FB04B8}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{CC99800B-3D4B-4E8C-8B33-F4ED66CB06E6}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{CD84ECBD-2558-4ACC-A5DF-CC7D8962EE0E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{D0106638-C71D-4270-AFE3-D82C4002C63A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{D0526573-47EC-4000-9BFD-3502BC166143}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{D0C1438A-49B7-43CD-881C-DF0696655B1F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{D3C13F31-8791-49EF-83D6-17B04910366B}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{D3E908E8-F157-4FC5-9EC1-A96BAAFDB365}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{D46BD8DC-7C78-4FA8-965D-EF84AEED61AD}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{D4AA230B-E30C-444C-A822-C540F76A64C9}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{D4F3378D-A703-4C30-932B-9E5E8D729CCF}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{D542E09A-7FAF-4187-A903-084CB189D37E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{D6FD684A-0C30-4440-96FE-F13230552ACC}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{D7478DFF-AEEB-4B5F-93DB-16AA3E19D439}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{D79A77FA-1109-4CCD-8462-4C75C5666EE9}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{D85D5894-B523-4FBD-A0B8-D7D64F3E0FB1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{DB026CF4-1CD3-46DF-B5E9-8882A1FDFEB6}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{DBA575AC-74EE-4C21-BAE5-D50003384CF8}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{DC12B49A-BFBF-4C2E-BED2-1D6B5CF6BE9C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{DCD38C34-536E-4F2D-9E9F-B9FB262C8C15}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{DDC2F301-4D1A-45FA-A2C4-0F129B047C19}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{DFA09B5D-0195-46C1-A198-39342FD13156}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{DFDB50AF-CEA9-470C-AB7B-1945DBB72C8F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{DFFCA440-DA6C-41AA-9113-C69BF97355E1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{E0B5B333-35A1-4B4E-9996-B04AC01D672E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{E0B8ED41-FAF6-4B82-BD2D-A8B058E5A0B1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{E0DE9CE6-ACBE-4CC8-A0BD-851EBA520A0D}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{E162044A-FEFA-4E26-9E51-0D2075CCBE7F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{E25579F3-EF7D-424E-BE7A-521ED01C659A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{E29FD8C9-30D7-4941-B237-05B633BFFE01}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{E577F7B4-25D7-46AB-BC6C-691D145643A6}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{E5C27D2D-540E-496A-9EF7-9EEB78274F03}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{E7EB8C53-ACAB-4EFE-BB57-E8C92646A052}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{E9609695-6452-42AF-B52E-4130932F92C0}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{E9A05F5A-30B1-4851-902C-40CE6393B0A5}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{E9D739C2-00FA-4127-9EB4-793E8269D937}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{EADA6983-91BC-4B53-A9ED-869B13D6DB63}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{EB205AD2-060A-44D7-9D6D-124126925FFB}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{EB482536-125D-45BD-9519-4D3ACF9086D1}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{EBE32FB4-537D-4E51-927A-5700B75EE28B}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{ECC30214-0632-471F-B257-6C5D081928C3}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{ECE5F347-AC04-4092-9F05-3CBB84DEA888}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{ED916B3D-B9E7-4BE5-B12F-9DD6AADF05F4}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{EE98B61C-9745-4FF8-AA0B-A8130A81BC97}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{EFB66C5E-1F05-4157-A52F-7735E4FDF63C}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{EFFFA623-6317-4C6F-95C6-603EE8C51A41}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F0707958-2826-4BE0-9CBE-713BC453BEA3}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F074EC0A-C154-4EA7-82A6-3863243B7BB2}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F0C8C0DA-CB66-4AA7-AE78-45CE0685485B}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F16D1D86-4951-403E-85B5-EED6E968764A}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F2B9A2C4-A417-4DBC-923C-B3FB871E88E9}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F2F1D609-9D07-4765-9290-9803AF53EE3B}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F38BD045-B26F-4A60-8549-E776A365BD7E}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F3C08C28-97E4-482A-BB61-8367E0DBBBB6}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F3DD00E4-6292-42EC-ADFE-52F815313528}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F5AA5B81-CC4D-4260-847C-DE4E49BDC00F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F5E14BA2-FCE5-4D78-A2CB-2C01248D0042}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F60D8604-1D66-4E08-B57A-0FAB17D980FC}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F8A8BB9A-6EAA-40DA-955E-136577C9118F}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{F9F2ED15-3BE2-4C91-B952-A75D514882CD}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{FAF00477-66AD-4142-ABDA-924461901796}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{FB03ADCC-9FD8-4636-AF54-4EF82871201D}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{FB46CED6-A667-4F58-9DE6-18F925876720}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{FBF0728D-954C-484D-9FFD-B6782B77E1FB}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{FC1C5698-F685-4249-99B1-A8E0FE57DFC0}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{FC8019CC-2919-49B2-93CD-FBFC11BDDC8D}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{FC995C70-27CE-462F-8867-C954A65CAEEB}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{FCEF5FFF-B24F-476E-86C2-BC641E4AA9FB}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{FDDF5371-DB88-4C2D-BEA6-9EB853690922}
Successfully deleted: [Empty Folder] C:\Users\Brassington\appdata\local\{FF448F1D-C43F-466D-A636-78F4E3240B91}



~~~ FireFox

Emptied folder: C:\Users\Brassington\AppData\Roaming\mozilla\firefox\profiles\cwams0dh.default-1398958773303\minidumps [16 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09/10/2014 at 22:21:06.51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17280

Java version: 1.6.0_22

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 4275339264, free: 2217750528

Downloaded database version: v2014.10.10.03
Downloaded database version: v2014.10.08.01
=======================================
Initializing...
------------ Kernel report ------------
10/09/2014 22:55:00
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx64.sys
\SystemRoot\system32\DRIVERS\avgidsha.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\avgmfx64.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx64.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdia.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\drivers\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\NETwNs64.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\risdsnxc64.sys
\SystemRoot\system32\drivers\rimssne64.sys
\SystemRoot\system32\drivers\nusb3xhc.sys
\SystemRoot\system32\drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\drivers\SynTP.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\SFEP.sys
\SystemRoot\system32\drivers\intelppm.sys
\SystemRoot\system32\drivers\CmBatt.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\drivers\serscan.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\drivers\nusb3hub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RtHDMIVX.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\Sftvollh.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\avgidsfiltera.sys
\??\C:\Windows\system32\Drivers\rikvm_9EC60124.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\Sftfslh.sys
\SystemRoot\system32\DRIVERS\Sftplaylh.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\avgidsdrivera.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\DRIVERS\Sftredirlh.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8005ff0060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8004203050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8005ff0060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005ff0b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005ff0060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80041ff5c0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004203050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7AF376D

Partition information:

Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 22861824

Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 22863872 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 23068672 Numsec = 1227193008

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 640135028736 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1250243728-1250263728)...
Done!
Infected: C:\Users\Brassington\AppData\Roaming\Adobe\plugs\mmc137888191.txt --> [Trojan.FakeAlert]
Infected: C:\Windows\KMSEmulator.exe --> [RiskWare.Tool.CK]
Infected: C:\Users\Brassington\AppData\Roaming\Adobe\shed\thr1.chm --> [Malware.Trace]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-22863872-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished



Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.10.10.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17280
Brassington :: BRASSINGTON [administrator]

09/10/2014 10:55:09 PM
mbar-log-2014-10-09 (22-55-09).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 321279
Time elapsed: 11 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\Brassington\AppData\Roaming\Adobe\plugs\mmc137888191.txt (Trojan.FakeAlert) -> Delete on reboot. [a6a2c2503f3df93d8444384725dbc43c]
C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> Delete on reboot. [96b270a2611bb0863d05a18d09f9b050]
C:\Users\Brassington\AppData\Roaming\Adobe\shed\thr1.chm (Malware.Trace) -> Delete on reboot. [113759b956263cfa1b6db43e877c32ce]

Physical Sectors Detected: 0
(No malicious items detected)

(end)





Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Brassington (administrator) on BRASSINGTON on 09-10-2014 23:45:14
Running from C:\Users\Brassington\Desktop
Loaded Profile: Brassington (Available profiles: Brassington)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESGfxMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2283816 2010-11-18] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel(R) Corporation)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673168 2010-11-17] (Sony Corporation)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-12-07] (cyberlink)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-09-10] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [AdobeBridge] => "C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe" -stealth
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [83344 2010-11-30] (Sony Corporation)
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [VRLPHelper] => C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [186768 2010-11-30] (Sony Corporation)
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\MountPoints2: {550e0f97-b181-11e0-a296-f0bf9717eb0a} - D:\LaunchU3.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restartsdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.sonystyle.ca/vaio
SearchScopes: HKCU - {451746CE-E390-4804-905A-AFDBE610F4AA} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {EB3A11D5-9F87-44FC-A2B2-AD0735BF3915} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 64.178.142.10 24.207.0.167

FireFox:
========
FF ProfilePath: C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\cwams0dh.default-1398958773303
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: skip_compatibility_checksdrockingcom - C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\cwams0dh.default-1398958773303\Extensions\skip_compatibility_check@sdrocking.com [2014-10-08]
FF Extension: skip_compatibility_checksdrockingcom - C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\kztrwi7h.default-1406780185987\Extensions\skip_compatibility_check@sdrocking.com [2014-10-08]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-28]
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4 [2012-06-15]

Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-07]
CHR Extension: (Google Docs) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-07]
CHR Extension: (Google Drive) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-08]
CHR Extension: (YouTube) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-07]
CHR Extension: (Google Search) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-07]
CHR Extension: (Google Sheets) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-07]
CHR Extension: (nioihlfoddilijjjeknopfcbglallkce) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\nioihlfoddilijjjeknopfcbglallkce [2014-10-08]
CHR Extension: (Google Wallet) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-07]
CHR Extension: (Gmail) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-15] (ArcSoft Inc.)
S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [248304 2012-01-19] (CyberLink)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation)
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
R2 risdsnpe; C:\Windows\system32\drivers\risdsnxc64.sys [98816 2010-12-26] (REDC)
U2 MSSQL$DDNI; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-09 22:55 - 2014-10-09 23:33 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-09 22:55 - 2014-10-09 22:55 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-09 22:55 - 2014-10-09 22:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-09 22:53 - 2014-10-09 22:53 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-09 22:52 - 2014-10-09 22:52 - 00000000 ____D () C:\Users\Brassington\Desktop\mbar-1.07.0.1012
2014-10-09 22:50 - 2014-10-09 22:50 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Brassington\Desktop\mbar-1.07.0.1012.exe
2014-10-09 22:49 - 2014-10-09 22:49 - 00045823 _____ () C:\Users\Brassington\Desktop\JRT1.txt
2014-10-09 22:21 - 2014-10-09 22:21 - 00045823 _____ () C:\Users\Brassington\Desktop\JRT.txt
2014-10-09 22:18 - 2014-10-09 22:18 - 00000000 ____D () C:\Windows\ERUNT
2014-10-09 22:17 - 2014-10-09 22:17 - 01705755 _____ (Thisisu) C:\Users\Brassington\Desktop\JRT.exe
2014-10-09 22:16 - 2014-10-09 22:16 - 00001412 _____ () C:\Users\Brassington\Desktop\AdwCleaner[S1].txt
2014-10-09 21:22 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-10-09 21:21 - 2014-10-09 22:00 - 00000000 ____D () C:\AdwCleaner
2014-10-09 21:21 - 2014-10-09 21:21 - 01375089 _____ () C:\Users\Brassington\Desktop\AdwCleaner.exe
2014-10-09 12:54 - 2014-10-09 12:54 - 00000872 _____ () C:\Users\Brassington\Desktop\aswMBR.txt
2014-10-09 10:17 - 2014-10-09 10:18 - 00053112 _____ () C:\Users\Brassington\Desktop\Addition.txt
2014-10-09 10:16 - 2014-10-09 23:45 - 00022707 _____ () C:\Users\Brassington\Desktop\FRST.txt
2014-10-09 10:16 - 2014-10-09 10:17 - 05185536 _____ (AVAST Software) C:\Users\Brassington\Desktop\aswMBR.exe
2014-10-09 10:15 - 2014-10-09 23:45 - 00000000 ____D () C:\FRST
2014-10-09 10:13 - 2014-10-09 10:14 - 02109952 _____ (Farbar) C:\Users\Brassington\Desktop\FRST64.exe
2014-10-09 09:45 - 2014-10-09 09:45 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BRASSINGTON-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-10-09 09:44 - 2014-10-09 09:44 - 00000000 ____D () C:\RegBackup
2014-10-09 09:43 - 2014-10-09 09:43 - 00002239 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-10-09 09:43 - 2014-10-09 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-10-09 09:43 - 2014-10-09 09:43 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-10-09 09:42 - 2014-10-09 09:42 - 04215184 _____ () C:\Users\Brassington\Downloads\tweaking.com_registry_backup_setup.exe
2014-10-09 05:02 - 2014-10-09 05:03 - 00376896 _____ () C:\Windows\Minidump\100914-57689-01.dmp
2014-10-07 20:28 - 2014-10-07 20:28 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-07 20:28 - 2014-10-07 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-05 23:43 - 2014-10-05 23:43 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-10-05 23:43 - 2014-10-05 23:43 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-05 23:43 - 2014-10-05 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-10-05 23:43 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-10-05 23:42 - 2014-10-05 23:46 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-05 12:15 - 2014-10-05 12:16 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Brassington\Downloads\spybot-2.4.exe
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 ____D () C:\3467cf07-ac61-4a99-8ec5-94d8391322dd
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL458E.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL458D.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL458C.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL457E.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL457D.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL457C.tmp
2014-10-04 21:50 - 2014-10-04 21:50 - 00349760 _____ () C:\Users\Brassington\Downloads\Setup.exe
2014-09-30 15:47 - 2014-09-24 20:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 15:47 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 19:54 - 2014-09-28 19:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-23 15:44 - 2014-09-09 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 15:44 - 2014-09-09 15:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-11 03:08 - 2014-08-19 12:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:08 - 2014-08-19 11:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:08 - 2014-08-18 17:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:08 - 2014-08-18 16:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:08 - 2014-08-18 16:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 03:08 - 2014-08-18 16:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:08 - 2014-08-18 16:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:08 - 2014-08-18 16:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:08 - 2014-08-18 16:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:08 - 2014-08-18 16:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:08 - 2014-08-18 16:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 03:08 - 2014-08-18 16:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 03:08 - 2014-08-18 16:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:08 - 2014-08-18 16:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:08 - 2014-08-18 16:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:08 - 2014-08-18 16:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:08 - 2014-08-18 16:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 03:08 - 2014-08-18 16:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:08 - 2014-08-18 16:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 03:08 - 2014-08-18 15:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:08 - 2014-08-18 15:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:08 - 2014-08-18 15:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:08 - 2014-08-18 15:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 03:08 - 2014-08-18 15:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:08 - 2014-08-18 15:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:08 - 2014-08-18 15:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 03:08 - 2014-08-18 15:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 03:08 - 2014-08-18 15:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:08 - 2014-08-18 15:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:08 - 2014-08-18 15:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:08 - 2014-08-18 15:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:08 - 2014-08-18 15:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:08 - 2014-08-18 15:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:08 - 2014-08-18 15:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:08 - 2014-08-18 15:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 03:08 - 2014-08-18 15:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 03:08 - 2014-08-18 15:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:08 - 2014-08-18 15:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:08 - 2014-08-18 15:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:08 - 2014-08-18 15:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:08 - 2014-08-18 15:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 03:08 - 2014-08-18 15:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 03:08 - 2014-08-18 15:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:08 - 2014-08-18 15:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:08 - 2014-08-18 15:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:08 - 2014-08-18 15:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:08 - 2014-08-18 15:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:08 - 2014-08-18 15:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:08 - 2014-08-18 15:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:08 - 2014-08-18 15:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:08 - 2014-08-18 15:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 03:08 - 2014-08-18 14:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:08 - 2014-08-18 14:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:08 - 2014-08-18 14:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:08 - 2014-08-18 14:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 03:08 - 2014-08-18 14:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 03:02 - 2014-06-26 20:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:02 - 2014-06-26 19:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 20:47 - 2014-08-01 05:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 20:47 - 2014-08-01 05:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 20:46 - 2014-09-04 20:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 20:46 - 2014-09-04 20:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 20:46 - 2014-07-06 20:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 20:46 - 2014-07-06 20:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 20:46 - 2014-07-06 19:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 20:46 - 2014-07-06 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 20:46 - 2014-07-06 19:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 20:46 - 2014-06-23 21:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 20:46 - 2014-06-23 20:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-09 23:42 - 2009-07-13 22:45 - 00022704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-09 23:42 - 2009-07-13 22:45 - 00022704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-09 23:40 - 2011-04-09 15:38 - 01524187 _____ () C:\Windows\WindowsUpdate.log
2014-10-09 23:36 - 2011-06-14 19:01 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{CFF740F3-2E3C-4916-9B51-B06DC6402A0B}
2014-10-09 23:32 - 2013-06-02 22:13 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-10-09 23:32 - 2012-02-14 15:48 - 00000212 _____ () C:\Windows\Tasks\AutoKMS.job
2014-10-09 23:32 - 2011-10-15 18:24 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-09 23:32 - 2011-03-03 19:13 - 00513580 _____ () C:\Windows\PFRO.log
2014-10-09 23:32 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-09 23:32 - 2009-07-13 22:51 - 00197677 _____ () C:\Windows\setupact.log
2014-10-09 22:19 - 2011-06-22 17:30 - 00000000 ____D () C:\Users\Brassington\AppData\Local\CrashDumps
2014-10-09 20:43 - 2012-04-22 11:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-09 17:48 - 2012-02-14 15:48 - 00000212 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-10-09 09:30 - 2011-06-14 20:07 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-10-09 05:43 - 2012-04-22 11:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-09 05:43 - 2012-04-22 11:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-09 05:43 - 2012-04-22 11:17 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-09 05:02 - 2011-11-20 10:35 - 569954366 _____ () C:\Windows\MEMORY.DMP
2014-10-09 05:02 - 2011-11-20 10:35 - 00000000 ____D () C:\Windows\Minidump
2014-10-07 20:28 - 2011-10-15 18:24 - 00000000 ____D () C:\Users\Brassington\AppData\Local\Google
2014-10-07 20:27 - 2011-10-15 18:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-07 06:26 - 2011-08-14 18:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-06 00:14 - 2009-07-13 20:34 - 00450811 ____R () C:\Windows\system32\Drivers\etc\hosts.20141008-222417.backup
2014-10-05 23:42 - 2011-08-14 18:30 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-10-03 16:03 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-10-03 13:59 - 2011-07-18 16:08 - 00074426 _____ () C:\test.xml
2014-10-02 23:22 - 2012-08-27 21:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-01 10:45 - 2011-06-22 17:30 - 00000000 ____D () C:\Users\Brassington\AppData\Roaming\Azureus
2014-09-30 15:36 - 2014-04-25 10:06 - 00138752 ___SH () C:\Users\Brassington\Desktop\Thumbs.db
2014-09-11 03:08 - 2012-02-14 15:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 03:06 - 2013-08-12 02:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:03 - 2011-11-13 21:08 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:02 - 2014-05-06 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 04:13 - 2014-08-31 18:19 - 00000348 _____ () C:\Windows\Tasks\0814tbUpdateInfo.job
2014-09-10 04:13 - 2014-08-31 18:19 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb

Some content of TEMP:
====================
C:\Users\Brassington\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-29 22:58

==================== End Of Log ============================


Hope this is all correct

B

OCD
2014-10-10, 09:54
Hi beuford23,

I need to see this AdwCleaner log - AdwCleaner[S0].txt - [16698 octets] - [09/10/2014 21:32:24]

beuford23
2014-10-10, 14:14
# AdwCleaner v3.311 - Report created 09/10/2014 at 22:00:00
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brassington - BRASSINGTON
# Running from : C:\Users\Brassington\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\cwams0dh.default-1398958773303\prefs.js ]


[ File : C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\kztrwi7h.default-1406780185987\prefs.js ]


-\\ Google Chrome v38.0.2125.101

[ File : C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [18602 octets] - [09/10/2014 21:21:57]
AdwCleaner[R1].txt - [1349 octets] - [09/10/2014 21:59:08]
AdwCleaner[S0].txt - [16698 octets] - [09/10/2014 21:32:24]
AdwCleaner[S1].txt - [1272 octets] - [09/10/2014 22:00:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1332 octets] ##########

OCD
2014-10-10, 17:24
Hi beuford32,

Did you run AdwCleaner twice? The log you posted is from the second scan.

EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1332 octets] [09/10/2014 22:00:00]

Please try and locate the log from the first scan. It should be located here: C:\AdwCleaner. The octets also show a larger file was generated on the first scan

AdwCleaner[S0].txt - [16698 octets] - [09/10/2014 21:32:24]

The numbers change sequentially with each scan, starting at "0"

beuford23
2014-10-10, 18:13
Sorry about that, just off to take my son for his vaccine boosts. Be back shortly

# AdwCleaner v3.311 - Report created 09/10/2014 at 21:32:24
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brassington - BRASSINGTON
# Running from : C:\Users\Brassington\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\Vuze Remote toolbar
Folder Deleted : C:\Program Files (x86)\Vuze_Remote
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Brassington\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Brassington\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Brassington\AppData\Local\PackageAware
Folder Deleted : C:\Users\Brassington\AppData\Local\Slick Savings
Folder Deleted : C:\Users\BRASSI~1\AppData\Local\Temp\Spigot
Folder Deleted : C:\Users\Brassington\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Brassington\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Brassington\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Brassington\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Brassington\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Brassington\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
Folder Deleted : C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
[!] Folder Deleted : C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kmplayer[1]_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kmplayer[1]_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8119043A-B100-4280-A8D4-711765581712}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8119043A-B100-4280-A8D4-711765581712}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0B3F0D45-63ED-422D-AA04-298B8F8404FB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{217773AB-5BF8-429E-9E88-729245E3331B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EC3CBB0-476D-4C23-8469-B86C62F859E7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{05478A66-EDB6-4A22-A870-A5987F80A7DA}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{05478A66-EDB6-4A22-A870-A5987F80A7DA}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{05478A66-EDB6-4A22-A870-A5987F80A7DA}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\vShare.tv
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Vuze_Remote
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\EZ Software Updater
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Search Settings
Key Deleted : HKLM\SOFTWARE\Vuze_Remote
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\cwams0dh.default-1398958773303\prefs.js ]

Line Deleted : user_pref("extensions.crossrider.bic", "148de7be6902a9531a142a76b2cee867");

[ File : C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\kztrwi7h.default-1406780185987\prefs.js ]


-\\ Google Chrome v38.0.2125.101

[ File : C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [18602 octets] - [09/10/2014 21:21:57]
AdwCleaner[S0].txt - [16504 octets] - [09/10/2014 21:32:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16565 octets] ##########

beuford23
2014-10-11, 04:15
Just trying to read CNN news article today and the computer crashed (blue screen followed by a reboot)

OCD
2014-10-11, 04:36
Hi beuford23,


Just trying to read CNN news article today and the computer crashed (blue screen followed by a reboot)
What browser were you using?
Did you receive an type of error code?

If it happens again try and write down any information that might be displayed.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) P2P - (Peer to Peer)

I see you have/had P2P software Vuze / Azureus installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections and possibly Identity Theft. It likely contributed to your current situation. This page (http://malwareremoval.com/p2pindex.php) will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall this now.

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:

Vuze
If you choose to not remove this programs please refrain from using it until we have finished cleaning your computer.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Security Check

Download Security Check by screen317 from here (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or here (http://screen317.changelog.fr/SecurityCheck.exe).
Save it to your Desktop.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt



Start
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\MountPoints2: {550e0f97-b181-11e0-a296-f0bf9717eb0a} - D:\LaunchU3.exe
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4 [2012-06-15]
S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL458E.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL458D.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL458C.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL457E.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL457D.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL457C.tmp
2014-10-09 23:32 - 2013-06-02 22:13 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-10-01 10:45 - 2011-06-22 17:30 - 00000000 ____D () C:\Users\Brassington\AppData\Roaming\Azureus
CMD: ipconfig /flushdns
Hosts:
EmptyTemp:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Reboot

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

checkup.txt
Fixlog.txt
new FRST.txt
How is the computer running at the moment?

beuford23
2014-10-11, 05:41
Uninstalled Vuze. There's still an ad pop up on this screen as I type citing "Your download manager might be outdated. Click here to download the upgrade" (Yeah, I don't think so)

Results of screen317's Security Check version 0.99.88
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free Edition 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
Java(TM) 6 Update 22
Java version out of Date!
Adobe Flash Player 15.0.0.152
Adobe Reader XI
Mozilla Firefox (32.0.3)
Google Chrome 38.0.2125.101
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
AVG avgwdsvc.exe
AVG avgtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````




Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014 01
Ran by Brassington at 2014-10-10 20:24:48 Run:1
Running from C:\Users\Brassington\Desktop
Loaded Profile: Brassington (Available profiles: Brassington)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\MountPoints2: {550e0f97-b181-11e0-a296-f0bf9717eb0a} - D:\LaunchU3.exe
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4 [2012-06-15]
S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL458E.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL458D.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL458C.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL457E.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL457D.tmp
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 _____ () C:\LIL457C.tmp
2014-10-09 23:32 - 2013-06-02 22:13 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-10-01 10:45 - 2011-06-22 17:30 - 00000000 ____D () C:\Users\Brassington\AppData\Roaming\Azureus
CMD: ipconfig /flushdns
Hosts:
EmptyTemp:
End
*****************

"HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{550e0f97-b181-11e0-a296-f0bf9717eb0a}" => Key deleted successfully.
"HKCR\CLSID\{550e0f97-b181-11e0-a296-f0bf9717eb0a}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
C:\Program Files (x86)\AVG\AVG2012\Firefox4 => Moved successfully.
AVG Security Toolbar Service => Service deleted successfully.
vToolbarUpdater18.1.9 => Service deleted successfully.
C:\LIL458E.tmp => Moved successfully.
C:\LIL458D.tmp => Moved successfully.
C:\LIL458C.tmp => Moved successfully.
C:\LIL457E.tmp => Moved successfully.
C:\LIL457D.tmp => Moved successfully.
C:\LIL457C.tmp => Moved successfully.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => Moved successfully.
C:\Users\Brassington\AppData\Roaming\Azureus => Moved successfully.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 873.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Brassington (administrator) on BRASSINGTON on 10-10-2014 20:35:06
Running from C:\Users\Brassington\Desktop
Loaded Profile: Brassington (Available profiles: Brassington)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESGfxMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2283816 2010-11-18] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel(R) Corporation)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673168 2010-11-17] (Sony Corporation)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-12-07] (cyberlink)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-09-10] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [AdobeBridge] => "C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe" -stealth
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [83344 2010-11-30] (Sony Corporation)
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [VRLPHelper] => C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [186768 2010-11-30] (Sony Corporation)
HKU\S-1-5-21-4272480943-3451767055-1814136413-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restartsdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.sonystyle.ca/vaio
SearchScopes: HKCU - {451746CE-E390-4804-905A-AFDBE610F4AA} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {EB3A11D5-9F87-44FC-A2B2-AD0735BF3915} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 64.178.142.10 24.207.0.167

FireFox:
========
FF ProfilePath: C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\cwams0dh.default-1398958773303
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: skip_compatibility_checksdrockingcom - C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\cwams0dh.default-1398958773303\Extensions\skip_compatibility_check@sdrocking.com [2014-10-08]
FF Extension: skip_compatibility_checksdrockingcom - C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\kztrwi7h.default-1406780185987\Extensions\skip_compatibility_check@sdrocking.com [2014-10-08]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-28]
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4

Chrome:
=======
CHR Profile: C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-07]
CHR Extension: (Google Docs) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-07]
CHR Extension: (Google Drive) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-08]
CHR Extension: (YouTube) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-07]
CHR Extension: (Google Search) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-07]
CHR Extension: (Google Sheets) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-07]
CHR Extension: (nioihlfoddilijjjeknopfcbglallkce) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\nioihlfoddilijjjeknopfcbglallkce [2014-10-08]
CHR Extension: (Google Wallet) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-07]
CHR Extension: (Gmail) - C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-15] (ArcSoft Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [248304 2012-01-19] (CyberLink)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
R2 risdsnpe; C:\Windows\system32\drivers\risdsnxc64.sys [98816 2010-12-26] (REDC)
U2 MSSQL$DDNI; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 20:35 - 2014-10-10 20:35 - 00022264 _____ () C:\Users\Brassington\Desktop\FRST.txt
2014-10-10 20:22 - 2014-10-10 20:22 - 00000959 _____ () C:\Users\Brassington\Desktop\checkup.txt
2014-10-10 20:21 - 2014-10-10 20:22 - 00000000 ____D () C:\Users\Brassington\Desktop\first fix day
2014-10-10 20:18 - 2014-10-10 20:18 - 00854436 _____ () C:\Users\Brassington\Desktop\SecurityCheck.exe
2014-10-10 17:12 - 2014-10-10 17:12 - 00000000 ____D () C:\Users\Brassington\AppData\Local\{D7711BB9-1621-45D5-BD0B-61658C768D3F}
2014-10-10 17:08 - 2014-10-10 17:08 - 01704184 _____ () C:\Windows\Minidump\101014-44241-01.dmp
2014-10-09 22:55 - 2014-10-10 17:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-09 22:55 - 2014-10-09 22:55 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-09 22:55 - 2014-10-09 22:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-09 22:53 - 2014-10-09 22:53 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-09 22:52 - 2014-10-09 22:52 - 00000000 ____D () C:\Users\Brassington\Desktop\mbar-1.07.0.1012
2014-10-09 22:50 - 2014-10-09 22:50 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Brassington\Desktop\mbar-1.07.0.1012.exe
2014-10-09 22:18 - 2014-10-09 22:18 - 00000000 ____D () C:\Windows\ERUNT
2014-10-09 22:17 - 2014-10-09 22:17 - 01705755 _____ (Thisisu) C:\Users\Brassington\Desktop\JRT.exe
2014-10-09 21:22 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-10-09 21:21 - 2014-10-09 22:00 - 00000000 ____D () C:\AdwCleaner
2014-10-09 21:21 - 2014-10-09 21:21 - 01375089 _____ () C:\Users\Brassington\Desktop\AdwCleaner.exe
2014-10-09 10:16 - 2014-10-09 10:17 - 05185536 _____ (AVAST Software) C:\Users\Brassington\Desktop\aswMBR.exe
2014-10-09 10:15 - 2014-10-10 20:35 - 00000000 ____D () C:\FRST
2014-10-09 10:13 - 2014-10-09 10:14 - 02109952 _____ (Farbar) C:\Users\Brassington\Desktop\FRST64.exe
2014-10-09 09:45 - 2014-10-09 09:45 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BRASSINGTON-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-10-09 09:44 - 2014-10-09 09:44 - 00000000 ____D () C:\RegBackup
2014-10-09 09:43 - 2014-10-09 09:43 - 00002239 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-10-09 09:43 - 2014-10-09 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-10-09 09:43 - 2014-10-09 09:43 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-10-09 09:42 - 2014-10-09 09:42 - 04215184 _____ () C:\Users\Brassington\Downloads\tweaking.com_registry_backup_setup.exe
2014-10-09 05:02 - 2014-10-09 05:03 - 00376896 _____ () C:\Windows\Minidump\100914-57689-01.dmp
2014-10-07 20:28 - 2014-10-07 20:28 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-07 20:28 - 2014-10-07 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-05 23:43 - 2014-10-05 23:43 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-10-05 23:43 - 2014-10-05 23:43 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-05 23:43 - 2014-10-05 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-10-05 23:43 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-10-05 23:42 - 2014-10-05 23:46 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-05 12:15 - 2014-10-05 12:16 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Brassington\Downloads\spybot-2.4.exe
2014-10-04 21:51 - 2014-10-04 21:51 - 00000000 ____D () C:\3467cf07-ac61-4a99-8ec5-94d8391322dd
2014-10-04 21:50 - 2014-10-04 21:50 - 00349760 _____ () C:\Users\Brassington\Downloads\Setup.exe
2014-09-30 15:47 - 2014-09-24 20:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 15:47 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 19:54 - 2014-09-28 19:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-23 15:44 - 2014-09-09 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 15:44 - 2014-09-09 15:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-11 03:08 - 2014-08-19 12:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:08 - 2014-08-19 11:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:08 - 2014-08-18 17:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:08 - 2014-08-18 16:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:08 - 2014-08-18 16:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 03:08 - 2014-08-18 16:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:08 - 2014-08-18 16:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:08 - 2014-08-18 16:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:08 - 2014-08-18 16:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:08 - 2014-08-18 16:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:08 - 2014-08-18 16:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 03:08 - 2014-08-18 16:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 03:08 - 2014-08-18 16:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:08 - 2014-08-18 16:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:08 - 2014-08-18 16:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:08 - 2014-08-18 16:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:08 - 2014-08-18 16:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 03:08 - 2014-08-18 16:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:08 - 2014-08-18 16:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 03:08 - 2014-08-18 15:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:08 - 2014-08-18 15:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:08 - 2014-08-18 15:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:08 - 2014-08-18 15:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 03:08 - 2014-08-18 15:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:08 - 2014-08-18 15:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:08 - 2014-08-18 15:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 03:08 - 2014-08-18 15:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 03:08 - 2014-08-18 15:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:08 - 2014-08-18 15:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:08 - 2014-08-18 15:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:08 - 2014-08-18 15:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:08 - 2014-08-18 15:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:08 - 2014-08-18 15:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:08 - 2014-08-18 15:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:08 - 2014-08-18 15:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 03:08 - 2014-08-18 15:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 03:08 - 2014-08-18 15:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:08 - 2014-08-18 15:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:08 - 2014-08-18 15:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:08 - 2014-08-18 15:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:08 - 2014-08-18 15:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 03:08 - 2014-08-18 15:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 03:08 - 2014-08-18 15:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:08 - 2014-08-18 15:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:08 - 2014-08-18 15:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:08 - 2014-08-18 15:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:08 - 2014-08-18 15:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:08 - 2014-08-18 15:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:08 - 2014-08-18 15:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:08 - 2014-08-18 15:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:08 - 2014-08-18 15:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 03:08 - 2014-08-18 14:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:08 - 2014-08-18 14:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:08 - 2014-08-18 14:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:08 - 2014-08-18 14:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 03:08 - 2014-08-18 14:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 03:02 - 2014-06-26 20:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:02 - 2014-06-26 19:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 20:47 - 2014-08-01 05:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 20:47 - 2014-08-01 05:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 20:46 - 2014-09-04 20:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 20:46 - 2014-09-04 20:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 20:46 - 2014-07-06 20:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 20:46 - 2014-07-06 20:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 20:46 - 2014-07-06 19:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 20:46 - 2014-07-06 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 20:46 - 2014-07-06 19:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 20:46 - 2014-06-23 21:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 20:46 - 2014-06-23 20:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 20:35 - 2009-07-13 22:45 - 00022704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-10 20:35 - 2009-07-13 22:45 - 00022704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-10 20:31 - 2011-04-09 15:38 - 01550073 _____ () C:\Windows\WindowsUpdate.log
2014-10-10 20:27 - 2012-02-14 15:48 - 00000212 _____ () C:\Windows\Tasks\AutoKMS.job
2014-10-10 20:27 - 2011-10-15 18:24 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-10 20:27 - 2011-06-14 19:01 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{CFF740F3-2E3C-4916-9B51-B06DC6402A0B}
2014-10-10 20:27 - 2011-03-03 19:13 - 00526200 _____ () C:\Windows\PFRO.log
2014-10-10 20:27 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-10 20:27 - 2009-07-13 22:51 - 00198349 _____ () C:\Windows\setupact.log
2014-10-10 20:24 - 2011-06-22 17:30 - 00000000 ____D () C:\Users\Brassington\AppData\Local\CrashDumps
2014-10-10 20:18 - 2011-06-22 17:28 - 00000000 ____D () C:\Program Files (x86)\Vuze
2014-10-10 17:48 - 2012-02-14 15:48 - 00000212 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-10-10 17:08 - 2011-11-20 10:35 - 598905074 _____ () C:\Windows\MEMORY.DMP
2014-10-10 17:08 - 2011-11-20 10:35 - 00000000 ____D () C:\Windows\Minidump
2014-10-10 15:53 - 2011-10-09 12:23 - 00007594 _____ () C:\Users\Brassington\AppData\Local\Resmon.ResmonCfg
2014-10-10 09:26 - 2011-06-14 20:07 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-10-09 20:43 - 2012-04-22 11:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-09 05:43 - 2012-04-22 11:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-09 05:43 - 2012-04-22 11:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-09 05:43 - 2012-04-22 11:17 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-07 20:28 - 2011-10-15 18:24 - 00000000 ____D () C:\Users\Brassington\AppData\Local\Google
2014-10-07 20:27 - 2011-10-15 18:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-07 06:26 - 2011-08-14 18:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-06 00:14 - 2009-07-13 20:34 - 00450811 ____R () C:\Windows\system32\Drivers\etc\hosts.20141008-222417.backup
2014-10-05 23:42 - 2011-08-14 18:30 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-10-03 16:03 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-10-03 13:59 - 2011-07-18 16:08 - 00074426 _____ () C:\test.xml
2014-10-02 23:22 - 2012-08-27 21:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-30 15:36 - 2014-04-25 10:06 - 00138752 ___SH () C:\Users\Brassington\Desktop\Thumbs.db
2014-09-11 03:08 - 2012-02-14 15:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 03:06 - 2013-08-12 02:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:03 - 2011-11-13 21:08 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:02 - 2014-05-06 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 04:13 - 2014-08-31 18:19 - 00000348 _____ () C:\Windows\Tasks\0814tbUpdateInfo.job
2014-09-10 04:13 - 2014-08-31 18:19 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-29 22:58

==================== End Of Log ============================

beuford23
2014-10-11, 05:47
All these pop ups seem to be courtesy of "Ads by info"

OCD
2014-10-11, 06:26
All these pop ups seem to be courtesy of "Ads by info"

Which browser do the pop ups occur in?

OCD
2014-10-11, 06:35
Hi beuford23,

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Reset Internet Explorer

Go to the Start menu > Control Panel > Look in the upper right hand corner and make sure the "Category" drop down menu says Small or Large Icons
Locate Internet Options > Advanced tab > Reset button at the bottom of the menu.

http://i1269.photobucket.com/albums/jj590/OCD-WTT/IEInternetProperties_zpsc88d70d4.gif (http://s1269.photobucket.com/user/OCD-WTT/media/IEInternetProperties_zpsc88d70d4.gif.html)

Next you will be presented with the following window. Please read what changes will take place if you choose to reset. If you would like to remove all personal settings tick the small box before clicking Reset.

http://i1269.photobucket.com/albums/jj590/OCD-WTT/IEResetSettings_zpsdffc342d.gif (http://s1269.photobucket.com/user/OCD-WTT/media/IEResetSettings_zpsdffc342d.gif.html)


=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Reset Firefox to its default state

At the top of the Firefox window, click the Firefox button, go over to the Help sub-menu
(on Windows XP, click the Help menu at the top of the Firefox window) and select Troubleshooting Information.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/restfirefox1.png


Click the Reset Firefox button in the upper-right corner of the Troubleshooting Information page.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/resetfirefox2.png


To continue, click Reset Firefox in the confirmation window that opens.
Firefox will close and be reset. When it's done, a window will list the information that was imported. Click Finish and Firefox will open.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Disable Plug-ins in Google Chrome


Click the Chrome menu http://i1269.photobucket.com/albums/jj590/OCD-WTT/chromebrowsertoolbar.png on the browser toolbar.
Select Settings
Locate the Extensions
Locate the following extension and select the mini garbage can (Remove from Chrome):

Ads by Information

Exit Chrome settings menu.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re- run AdwCleaner

It should be on your desktop

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
This time, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S2].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.

=========================

Download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) to your desktop.


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"




http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMDashboard_zpsddef9b5f.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMDashboard_zpsddef9b5f.gif.html)



On the Dashboard click on Update Now
Go to the Setting Tab
Under Setting go to Detection and Protection
Under PUP and PUM make sure both are set to show Treat Detections as Malware
Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
Then on the Dashboard click on Scan
Make sure to select THREAT SCAN
Then click on Scan
When the scan is finished and the log pops up...select Copy to Clipboard
Please paste the log back into this thread for review
Exit Malwarebytes

In your next post please provide the following:

AdwCleaner[S2].txt
MBAM log

beuford23
2014-10-11, 08:50
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/10/2014
Scan Time: 11:46:34 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.11.01
Rootkit Database: v2014.10.08.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Brassington

Scan Type: Threat Scan
Result: Cancelled
Objects Scanned: 0
(No malicious items detected)
Time Elapsed: 0 min, 28 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



# AdwCleaner v3.311 - Report created 10/10/2014 at 23:38:09
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brassington - BRASSINGTON
# Running from : C:\Users\Brassington\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\342130he.default-1413005485820\prefs.js ]


[ File : C:\Users\Brassington\AppData\Roaming\Mozilla\Firefox\Profiles\kztrwi7h.default-1406780185987\prefs.js ]


-\\ Google Chrome v38.0.2125.101

[ File : C:\Users\Brassington\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [18602 octets] - [09/10/2014 21:21:57]
AdwCleaner[R1].txt - [1349 octets] - [09/10/2014 21:59:08]
AdwCleaner[R2].txt - [1627 octets] - [10/10/2014 23:34:00]
AdwCleaner[R3].txt - [1687 octets] - [10/10/2014 23:37:42]
AdwCleaner[S0].txt - [16698 octets] - [09/10/2014 21:32:24]
AdwCleaner[S1].txt - [1412 octets] - [09/10/2014 22:00:00]
AdwCleaner[S2].txt - [1612 octets] - [10/10/2014 23:38:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1672 octets] ##########




I noticed that there was no "Ad info" in Chrome settings. I did however see the "Hola" add on and since that was something added on very recently (like 72 hours ago) I deleted it

beuford23
2014-10-11, 08:53
Haven't had any pop ups or annoying garbage yet......fingers crossed

OCD
2014-10-11, 08:58
Hi beuford32,

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) ESET Online Scanner

*Note:

It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.

** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".

= = = = = = = = = = = = = = = = = = = =

Go here to run ESET Online Scanner (http://www.eset.eu/online-scanner)

(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)


Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
Click Start
Make sure that the option "Remove found threats" is Checked, and the option "Scan unwanted applications" is Checked.
Click Scan.
Wait for the scan to finish.
When the scan completes, click List of found threats
click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
Include the contents of this report in your next reply

Note - when ESET doesn't find any threats, no report will be created.
Push the back button.
Push Finish
Re-enable your Antivirus software.

=========================

In your next post please provide the following:


ESET's log.txt
How's the computer running, any symptoms?

beuford23
2014-10-11, 19:57
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WinDownloadergen.zip Win32/Bagle.gen.zip worm
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ConduitEngine\ConduitEngine.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Vuze Remote toolbar\FF\components\vuzeToolbarFF.dll.vir a variant of Win32/Toolbar.Widgi.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Vuze Remote toolbar\IE\9.6\vuzeToolbarIE.dll.vir a variant of Win32/Toolbar.Widgi.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Vuze Remote toolbar\IE\9.6\vuzeToolbarIE64.dll.vir a variant of Win64/Toolbar.Widgi.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Vuze_Remote\tbVuze.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Brassington\AppData\LocalLow\ConduitEngine\ConduitEngine.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Brassington\AppData\LocalLow\Vuze_Remote\tbVuze.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir a variant of Win64/Systweak.A potentially unwanted application deleted - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Users\Brassington\Downloads\Setup.exe a variant of Win32/Bundlore.N potentially unwanted application deleted - quarantined



Everything seems to be running fine now, asymptomatic

OCD
2014-10-12, 07:22
Hi beuford23,

Your log appears to be clean. If you have no other issues please continue with the following steps.

We have a few items to take care of before we get to the All Clean Speech.

= = = = = = = = = = = = = = = = = = = =

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Remove Disinfection Tools


Download Delfix (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix)
Tick the following boxes:

Remove disinfection tools
Create registry backup
Purge system restore


http://i1269.photobucket.com/albums/jj590/OCD-WTT/Delfix_zpsbce6c60b.gif (http://s1269.photobucket.com/user/OCD-WTT/media/Delfix_zpsbce6c60b.gif.html)


Click Run
Any other tools and files found can simply be deleted or uninstall via the Control Panel.

= = = = = = = = = = = = = = = = = = = =


With the above items taken care of let's move on to the All Clean part of the process.

The following procedures are recommendations for helping to keep your system running smoothly. If you are currently satisfied with how your system is running some or all of these may not pertain to you. Implement what you need.

This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

Here are some tips to reduce the potential for spyware infection in the future:

Make your Internet Explorer more secure - This can be done by following these simple instructions:

From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate windows and frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
Make your Mozilla Firefox more secure - This can be done by adding these add-ons:


NoScript (https://addons.mozilla.org/en-US/firefox/addon/noscript/?src=ss)
AdBlockPlus (https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/)

Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

Free Anti-Virus

Avast Free Antivirus (http://download.cnet.com/Avast-Free-Antivirus/3000-2239_4-10019223.html)
Avira Free Antivirus 2013 (http://download.cnet.com/Avira-Free-Antivirus-2013/3000-2239_4-10322935.html)
PC Tools AntiVirus Free (http://download.cnet.com/PC-Tools-AntiVirus-Free/3000-2239_4-10625067.html)
Ad-Aware Free Antivirus + (http://download.cnet.com/Ad-Aware-Free-Antivirus/3000-8022_4-10045910.html)

Free Firewall
Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here (http://www.bleepingcomputer.com/tutorials/understanding-and-using-firewalls/).

Online Armor Free (http://download.cnet.com/Online-Armor-Free/3000-10435_4-10426782.html)
Agnitum Outpost Firewall Free (http://download.cnet.com/Agnitum-Outpost-Firewall-Free/3000-10435_4-10913746.html)
Comodo Firewall (http://download.cnet.com/Comodo-Firewall/3000-10435_4-75181464.html)

= = = = = = = = = = = = = = = = = = = =

Be prepared for CryptoLocker:

Cryptolocker Ransomware: What You Need To Know (http://blog.malwarebytes.org/intelligence/2013/10/cryptolocker-ransomware-what-you-need-to-know/#)
CryptoLocker Ransomware Information Guide and FAQ (http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information)

to help protect your computer in the future I recommend that you get the following free program:

CryptoPrevent (http://www.foolishit.com/vb6-projects/cryptoprevent/) install this program to lock down and prevent crypto-ransomeware

http://i1269.photobucket.com/albums/jj590/OCD-WTT/CryptoPrevent_zps7ddc3ebd.jpg (http://s1269.photobucket.com/user/OCD-WTT/media/CryptoPrevent_zps7ddc3ebd.jpg.html)

= = = = = = = = = = = = = = = = = = = =

COMPUTER SECURITY (http://www.malwareremoval.com/forum/viewtopic.php?p=557960#p557960) - a short guide to staying safer online

= = = = = = = = = = = = = = = = = = = =

WOT (http://www.mywot.com/) Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites - green to go, yellow for caution and red to stop, helping you avoid the dangerous sites. WOT has an addon available for both Firefox and IE.

Green should be good to go
Yellow for caution
Red to stop

= = = = = = = = = = = = = = = = = = = =

P2P may be a great way to get lots of stuffs, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter (http://www.fbi.gov/cyberinvest/cyberedletter.htm)
USAToday (http://www.usatoday.com/tech/columnist/kimkomando/2006-04-13-file-sharing-woes_x.htm)
infoworld (http://www.infoworld.com/article/07/09/06/Seattle-man-arrested-for-p-to-p-ID-theft_1.html)


= = = = = = = = = = = = = = = = = = = =

Make sure you keep your Windows OS current.

Windows XP:
Microsoft will no longer offer support for Windows XP beginning on April 8, 2014
If you are running Windows XP, please take the time to read the information provided at these links.

Windows XP - The Elephant In The Room (http://www.malwareremoval.com/forum/viewtopic.php?p=630064#p630064)
Windows XP - The end of the road (http://techpageone.dell.com/technology/windows-xp-end-road/?dgc=BA&cid=272099&lid=5049884&acd=12309189674467600#.UxUoP4W9Is3)

Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems.
Window 8 Open Windows Update by swiping in from the right edge of the screen (or, if you're using a mouse, pointing to the lower-right corner of the screen and moving the mouse pointer up), tapping or clicking Settings, tapping or clicking Change PC settings, and then tapping or clicking Update and recovery.

Without these you are leaving the back door open.

= = = = = = = = = = = = = = = = = = = =

Consider a custom hosts file such as MVPS HOSTS (http://www.mvps.org/winhelp2002/hosts.htm). This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002 (http://www.mvps.org/winhelp2002/hosts.htm)
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

= = = = = = = = = = = = = = = = = = = =

Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place? (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)

Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.

OCD
2014-10-15, 08:35
Since this issue appears to be resolved ... this Topic has been closed.

If you still require help, please start a new topic and include fresh FRST and aswMBR logs, along with a link to your previous thread.

Please do not add any logs that might have been requested previously, you would be starting fresh.

Applies only to the original poster, anyone else with similar problems please start your own topic.
---------------------------------------

Admin Edit
Thank you, OCD. :)