Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92789 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Optimizer pro and iminent on my computer [Solved]

optimizer pro

  • This topic is locked This topic is locked
90 replies to this topic

#1 cstruck

cstruck

    Authentic Member

  • Authentic Member
  • PipPip
  • 80 posts

Posted 25 September 2014 - 09:49 PM

Good evening.  My internet explorer is plagued with popups and my bitdefender keeps detecting myosprotect.exe and wget.exe attempts to load patners.cmptch.com.  I noticed that I have optimizer pro and imiment as well.  I also had web protect loaded. 

 

Please help.


    Advertisements

Register to Remove


#2 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 26 September 2014 - 01:59 PM

:welcome:

 

I need to see some scans so we can determine whats going on

 

 

1QYkxTZ.jpg Please download aswMBR to your desktop.
 
  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.
  •  
    I just want to see the report....Please Do Not Fix Anything
     
    ============================================================================
     
     
    Please download Farbar Recovery Scan Tool and save it to your desktop.
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
     
    How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
    A simple way to check your system: Start --> Computer (right click) --> Properties
     
     
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Please make sure All Users is checked
  • Do not check 
  • *List BCD
    *Drivers MD5
    *Shortcut txt
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #3 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 26 September 2014 - 07:28 PM

    Ken, thanks for your help.  Here is the first scan.  I will complete the second scan and send in next reply.

     

     

    aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
    Run date: 2014-09-26 19:48:08
    -----------------------------
    19:48:08.246    OS Version: Windows 6.1.7601 Service Pack 1
    19:48:08.246    Number of processors: 2 586 0xF0D
    19:48:08.246    ComputerName: CARL-PC  UserName: CARL
    19:48:09.463    Initialze error C000010E - driver not loaded
    19:49:40.632    AVAST engine defs: 14092602
    19:49:44.033    The log file has been saved successfully to "C:\Users\CARL\Desktop\aswMBR.txt"
     
     
    aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
    Run date: 2014-09-26 19:47:16
    -----------------------------
    19:47:16.771    OS Version: Windows 6.1.7601 Service Pack 1
    19:47:16.771    Number of processors: 2 586 0xF0D
    19:47:16.771    ComputerName: CARL-PC  UserName: CARL
    19:48:09.245    Initialize success
    19:48:09.666    VM: initialized successfully
    19:48:09.806    VM: Intel CPU virtualization not supported 
    19:54:58.720    AVAST engine defs: 14092602
    19:55:49.186    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    19:55:49.186    Disk 0 Vendor: ST925082 3.AA Size: 238475MB BusType: 3
    19:55:49.186    Disk 1  \Device\Harddisk1\DR1 -> \Device\0000006f
    19:55:49.186    Disk 1 Vendor: RICOH 01 Size: 238475MB BusType: 0
    19:55:49.201    Disk 2  \Device\Harddisk2\DR2 -> \Device\00000070
    19:55:49.201    Disk 2 Vendor: RICOH 02 Size: 238475MB BusType: 0
    19:55:49.389    Disk 0 MBR read successfully
    19:55:49.389    Disk 0 MBR scan
    19:55:49.513    Disk 0 Windows 7 default MBR code
    19:55:49.529    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS         9107 MB offset 2048
    19:55:49.545    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       229366 MB offset 18653184
    19:55:49.560    Disk 0 default boot code
    19:55:49.591    Disk 0 scanning sectors +488395120
    19:55:49.794    Disk 0 scanning C:\Windows\system32\drivers
    19:56:10.885    Service scanning
    19:56:16.673    Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
    19:56:16.907    Service bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
    19:56:17.125    Service bdfwfpf_pc C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys **LOCKED** 5
    19:56:17.500    Service bdselfpr C:\Program Files\Bitdefender\Bitdefender\bdselfpr.sys **LOCKED** 5
    19:57:23.689    Modules scanning
    19:58:02.684    Disk 0 trace - called modules:
    19:58:02.709    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys 
    19:58:02.717    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87039138]
    19:58:02.726    3 CLASSPNP.SYS[8b5cd59e] -> nt!IofCallDriver -> [0x865bb958]
    19:58:02.735    5 ACPI.sys[8b0b23d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86b5a028]
    19:58:15.257    AVAST engine scan C:\Windows
    19:58:22.474    AVAST engine scan C:\Windows\system32
    20:03:28.708    AVAST engine scan C:\Windows\system32\drivers
    20:03:50.751    AVAST engine scan C:\Users\CARL
    20:15:04.168    File: C:\Users\CARL\AppData\Local\Temp\is45637729\438069435_stp\termtutor-setup-1.9.0.8.exe  **INFECTED** Win32:Adware-gen [Adw]
    20:18:14.036    AVAST engine scan C:\ProgramData
    20:22:26.054    File: C:\ProgramData\Wincert\win32prop.dll  **INFECTED** Win32:Adware-BRT [Adw]
    20:22:26.538    Scan finished successfully
    20:23:44.709    Disk 0 MBR has been saved successfully to "C:\Users\CARL\Desktop\MBR.dat"
    20:23:44.834    The log file has been saved successfully to "C:\Users\CARL\Desktop\aswMBR.txt"

    Attached Files



    #4 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 26 September 2014 - 07:48 PM

    Ken, I have the other two files you asked for but it is not letting me paste them.



    #5 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 26 September 2014 - 08:27 PM

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    ProxyEnable: Internet Explorer proxy is enabled.
    ProxyServer: http=127.0.0.1:50576;https=127.0.0.1:50576
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x16A6F450C046CB01
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    URLSearchHook: HKLM - (No Name) - {9565115d-c7d6-46d3-bd63-b67b481a4368} -  No File
    URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -  No File
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
    SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2418376
    SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
    SearchScopes: HKLM - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = http://www.searchqu....q={searchTerms}
    SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2418376
    SearchScopes: HKLM - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = http://start.iminent...q={searchTerms}
    SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://astromenda.co...r=208983757&ir=
    SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://astromenda.co...r=208983757&ir=
    SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://www.trovi.com...rchTerms}&SSPV=
    SearchScopes: HKCU - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = http://www.searchqu....q={searchTerms}
    SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = http://start.iminent...q={searchTerms}
    BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    BHO: PE_IE_Helper Class -> {0941C58F-E461-4E03-BD7D-44C27392ADE1} -> C:\Program Files\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll (IBM Corporation)
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
    BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
    BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
    BHO: Music Toolbar (Dist. by Bandoo Media, Inc.) -> {7e8cd3ea-a4d1-48f5-9fae-c8fe18e94ee6} -> C:\Program Files\Music Toolbar\Datamngr\SR0DE8~2\IE\searchresultsDx.dll (APN LLC)
    BHO: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
    BHO: Boost -> {8DE6FC60-E023-4AD7-A3B7-591E1460E7F7} -> C:\Program Files\Boost\Boost.dll (Jigsaw)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
    BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO: Dogpile Bundle Toolbar BHO -> {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} -> C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
    BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    BHO: BandooIEPlugin Class -> {EB5CEE80-030A-4ED8-8E20-454E9C68380F} -> C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
    BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    Toolbar: HKLM - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
    Toolbar: HKLM - No Name - {9565115d-c7d6-46d3-bd63-b67b481a4368} -  No File
    Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    Toolbar: HKLM - Dogpile Bundle Toolbar - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKLM - Music Toolbar (Dist. by Bandoo Media, Inc.) - {7e8cd3ea-a4d1-48f5-9fae-c8fe18e94ee6} - C:\Program Files\Music Toolbar\Datamngr\SR0DE8~2\IE\searchresultsDx.dll (APN LLC)
    Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
    Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKCU - No Name - {9565115D-C7D6-46D3-BD63-B67B481A4368} -  No File
    DPF: {74F4F118-91E6-4AFC-B8D2-04066781F239} https://www.member-d...dc/EZTwainX.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
    Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Winsock: Catalog9 01 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 02 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 03 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 04 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 15 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Tcpip\Parameters: [DhcpNameServer] 216.177.160.61 216.177.160.60

    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\10\NP_wtapp.dll ()
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @movenetworks.com/Quantum Media Player -> C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    FF Extension: Term Tutor - C:\Program Files\Mozilla Firefox\extensions\termtutor@termtutor.com [2014-09-23]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-24]
    FF HKLM\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\ffpwdman
    FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\ffpwdman [2014-03-26]
    FF HKLM\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files\Mozilla Firefox\extensions\termtutor@termtutor.com
    FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
    FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-03-26]
    FF HKCU\...\Firefox\Extensions: [moveplayer@movenetworks.com] - C:\Users\CARL\AppData\Roaming\Move Networks
    FF Extension: Move Media Player - C:\Users\CARL\AppData\Roaming\Move Networks [2009-05-07]
    FF StartMenuInternet: FIREFOX.EXE - firefox.exe

    Chrome:
    =======
    CHR HomePage: Default -> 44E45485D30E1C546D2070818F600753F9579E871BFEEDD55BF100D5B11101F6
    CHR DefaultSearchKeyword: Default -> 570B3E56450601C2D2E939F4EFBFB4D1E1B390BE9AD796EC76554D975EA2CEC1
    CHR DefaultSearchURL: Default -> 49DE1B380D25D4C0EEDB43ACE5CF6D9A0BBCF10793EE57F96D377342A92BDFF8
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
    CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
    CHR Plugin: (Skype Toolbars) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7280_0\npSkypeChromePlugin.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
    CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll No File
    CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Move Streaming Media Player) - C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
    CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    CHR Plugin: (Default Plug-in) - default_plugin No File
    CHR CustomProfile: C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Ask Search) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf [2014-09-23]
    CHR Extension: (Music Toolbar) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajhhckaajldjhmbpgleomemmpopjp [2014-09-23]
    CHR Extension: (Entanglement Web App) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-05-17]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-24]
    CHR Extension: (Bitdefender Wallet) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-03-26]
    CHR Extension: (Iminent Toolbar Lite) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehhlaekjfiiojlddgndcnefflngfmhen [2014-09-25]
    CHR Extension: (Boost) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\igckfjdcbkimejmjmpmebffdjjjgncfn [2014-09-23]
    CHR Extension: (Skype Click to Call) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-05-04]
    CHR Extension: (Poppit!) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-05-17]
    CHR Extension: (Google Wallet) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
    CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2014-09-22]
    CHR HKLM\...\Chrome\Extension: [aaaajhhckaajldjhmbpgleomemmpopjp] - C:\Windows\system32\config\systemprofile\AppData\Local\bandoomusictoolbar\GC\toolbar.crx [2013-06-07]
    CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\pmbxcr.crx [2014-03-26]
    CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
    CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Liza\AppData\Local\Temp\YontooLayers.crx [2011-10-10]
    CHR StartMenuInternet: Google Chrome - chrome.exe
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S4 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-09-22] () [File not signed]
    R2 Bandoo Coordinator; C:\Program Files\Bandoo\Bandoo.exe [1942416 2010-11-17] (Bandoo Media Inc.)
    S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [69880 2014-08-13] (Bitdefender)
    R2 ca82e1a5; c:\Program Files\Optimizer Pro\OptProCrash.dll [3649616 2014-09-25] ()
    S4 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [3000768 2014-09-18] () [File not signed]
    R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-07-23] (Garmin Ltd or its subsidiaries)
    R2 GlobalUpdater; C:\Program Files\Common Files\IMGUpdater\IMGUpdater.exe [378152 2014-09-16] (SIEN S.A.)
    R2 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [226624 2011-01-27] ()
    S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
    R3 MyOSProtect; C:\Program Files\Web Protect\MyOSProtect.exe [1317096 2014-09-01] (MyOSCompany) [File not signed]
    S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
    S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
    S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
    S2 ProtectMonitor; C:\monitorsvc.exe [34244 2014-09-02] () [File not signed]
    R2 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [20480 2007-11-12] (Intuit) [File not signed]
    S3 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2007-05-24] (Intuit Inc.) [File not signed]
    R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [81704 2013-07-08] (Bitdefender)
    S3 scan; C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll [480368 2014-09-17] (Bitdefender)
    S3 SOHCImp; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation)
    S3 SOHDms; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation)
    S3 SOHDs; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation)
    R2 SProtection; C:\Program Files\Common Files\Umbrella\Umbrella297.exe [3581600 2014-09-16] (Iminent)
    S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation) [File not signed]
    R2 ttsvc; C:\Program Files\TermTutor\Service\ttsvc.exe [276048 2014-09-04] (Term Tutor)
    R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [54424 2014-08-13] (Bitdefender)
    S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation) [File not signed]
    R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-15] (Sony Corporation)
    R2 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [411488 2008-06-19] (Sony Corporation)
    R2 VCFw; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [415744 2008-06-20] (Sony Corporation) [File not signed]
    S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [337184 2008-06-11] (Sony Corporation)
    S3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation)
    R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1251808 2014-08-13] (Bitdefender)
    S2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation) [File not signed]
    S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1060312 2014-08-13] (BitDefender)
    R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
    R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [528248 2014-08-13] (BitDefender)
    R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [77632 2014-05-26] (BitDefender LLC)
    R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [90704 2011-11-14] (BitDefender LLC)
    S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [108008 2013-07-02] (Bitdefender SRL)
    S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [66832 2013-11-04] (BitDefender SRL)
    R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender\bdselfpr.sys [135600 2013-07-26] (BitDefender LLC)
    R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [72704 2012-04-17] (BitDefender)
    S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
    R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [165744 2013-08-23] (BitDefender LLC)
    S3 OlyCamComm; C:\Windows\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-10] (OLYMPUS IMAGING CORP.)
    R1 pcwatch; C:\Windows\system32\Drivers\pcwatch.sys [20480 2014-09-01] () [File not signed] <==== ATTENTION
    R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [385096 2014-08-13] (BitDefender S.R.L.)
    R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [52728 2014-09-04] (Term Tutor)
    U3 aswMBR; \??\C:\Users\CARL\AppData\Local\Temp\aswMBR.sys [X]
    U3 aswVmm; \??\C:\Users\CARL\AppData\Local\Temp\aswVmm.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-26 20:33 - 2014-09-26 20:34 - 00033009 _____ () C:\Users\CARL\Desktop\FRST.txt
    2014-09-26 20:33 - 2014-09-26 20:34 - 00000000 ____D () C:\FRST
    2014-09-26 20:23 - 2014-09-26 20:23 - 00000512 _____ () C:\Users\CARL\Desktop\MBR.dat
    2014-09-26 19:49 - 2014-09-26 20:23 - 00003547 _____ () C:\Users\CARL\Desktop\aswMBR.txt
    2014-09-26 19:46 - 2014-09-26 19:46 - 05185536 _____ (AVAST Software) C:\Users\CARL\Desktop\aswMBR.exe
    2014-09-26 17:31 - 2014-09-26 17:31 - 00000000 ____D () C:\Users\Liza\AppData\Local\{D1075A40-3AD6-48F8-8D80-DB28A94191A8}
    2014-09-25 22:32 - 2014-09-25 22:32 - 01100288 _____ (Farbar) C:\Users\CARL\Desktop\FRST.exe
    2014-09-25 22:21 - 2014-09-25 22:21 - 00000000 ____D () C:\Users\CARL\Documents\Super Optimizer
    2014-09-25 22:21 - 2014-09-25 22:21 - 00000000 ____D () C:\Users\CARL\AppData\Roaming\Super Optimizer
    2014-09-25 22:20 - 2014-09-25 22:20 - 00000000 ____D () C:\Users\CARL\AppData\Roaming\Optimizer Pro
    2014-09-25 22:15 - 2014-09-25 22:15 - 00001044 _____ () C:\Users\CARL\Desktop\Super Optimizer.lnk
    2014-09-25 22:15 - 2014-09-25 22:15 - 00001020 _____ () C:\Users\CARL\Desktop\Optimizer Pro.lnk
    2014-09-25 22:15 - 2014-09-25 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
    2014-09-25 22:15 - 2014-09-25 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
    2014-09-25 22:15 - 2014-09-25 22:15 - 00000000 ____D () C:\Program Files\Super Optimizer
    2014-09-25 22:15 - 2014-09-25 22:15 - 00000000 ____D () C:\Program Files\Optimizer Pro
    2014-09-25 22:14 - 2014-09-26 19:36 - 00000000 ____D () C:\Users\CARL\AppData\Roaming\LookThisUp
    2014-09-25 22:14 - 2014-09-25 22:14 - 00000000 ____D () C:\Program Files\Iminent
    2014-09-25 22:14 - 2014-09-25 22:14 - 00000000 ____D () C:\Program Files\Common Files\Umbrella
    2014-09-25 22:14 - 2014-09-25 22:14 - 00000000 ____D () C:\Program Files\Common Files\IMGUpdater
    2014-09-25 19:10 - 2014-09-25 19:11 - 00000000 ____D () C:\Users\Liza\AppData\Local\{6BF07967-B876-4E01-BE11-7AC7D60E2702}
    2014-09-25 13:02 - 2014-09-25 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
    2014-09-25 07:53 - 2014-09-25 07:53 - 00000000 ____D () C:\Users\CARL\AppData\Local\Astromenda
    2014-09-24 21:53 - 2014-09-26 07:50 - 00000065 _____ () C:\Users\CARL\AppData\Roaming\WB.CFG
    2014-09-24 20:53 - 2014-09-26 19:53 - 00000288 _____ () C:\Windows\Tasks\WSE_Astromenda.job
    2014-09-24 20:53 - 2014-09-24 20:53 - 00000000 ____D () C:\Users\CARL\AppData\Local\IsolatedStorage
    2014-09-24 20:52 - 2014-09-24 21:00 - 00000000 ____D () C:\Program Files\PennyBee
    2014-09-24 20:52 - 2014-09-24 20:53 - 00000000 ____D () C:\Users\CARL\AppData\Roaming\WSE_Astromenda
    2014-09-24 20:11 - 2014-09-24 20:11 - 00000000 ____D () C:\Users\Liza\AppData\Local\{E1B82B34-94F7-4795-A227-A07AC026C3C1}
    2014-09-24 15:21 - 2014-09-24 21:58 - 01454922 _____ () C:\Users\CARL\Documents\Kanto.pptx
    2014-09-24 14:20 - 2014-09-24 14:59 - 02382044 _____ () C:\Users\CARL\Downloads\David_Mythology (1).pptx
    2014-09-24 10:02 - 2014-09-24 10:02 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
    2014-09-24 05:49 - 2014-09-24 05:49 - 00000000 ____D () C:\ProgramData\2308189059
    2014-09-23 19:26 - 2014-09-23 19:26 - 00147016 _____ () C:\Windows\Minidump\092314-80558-01.dmp
    2014-09-23 17:50 - 2014-09-23 17:50 - 00000000 ____D () C:\Users\Liza\AppData\Local\{E36305E3-28E3-4440-9CEA-6993EEE77436}
    2014-09-23 17:49 - 2014-09-23 17:49 - 00000000 ____D () C:\Users\Liza\AppData\Roaming\Systweak
    2014-09-23 17:48 - 2014-09-23 17:48 - 00000000 ____D () C:\Users\Liza\AppData\Local\fst_us_261
    2014-09-23 17:47 - 2014-09-23 17:47 - 00000000 ____D () C:\Users\Liza\AppData\Local\SearchProtect
    2014-09-23 17:44 - 2014-09-24 15:02 - 02382035 _____ () C:\Users\CARL\Documents\David_Mythology.pptx
    2014-09-23 17:32 - 2014-09-23 19:28 - 00000364 _____ () C:\Windows\Tasks\APSnotifierPP2.job
    2014-09-23 17:31 - 2014-09-23 19:28 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP1.job
    2014-09-23 17:31 - 2014-09-23 17:32 - 00000320 _____ () C:\Users\CARL\AppData\Roaming\aps.uninstall.scan.results
    2014-09-23 17:30 - 2014-09-23 17:30 - 00612128 _____ (ClickMeIn Limited) C:\Users\CARL\AppData\Local\nsw664C.tmp
    2014-09-23 17:30 - 2014-09-23 17:30 - 00000000 ____D () C:\Users\CARL\AppData\Local\ConvertAd
    2014-09-23 17:26 - 2014-09-24 20:57 - 00000000 ____D () C:\Users\CARL\AppData\Roaming\Systweak
    2014-09-23 17:26 - 2014-09-23 17:27 - 00000000 ____D () C:\Program Files\TermTutor
    2014-09-23 17:26 - 2014-08-29 17:02 - 00018248 _____ () C:\Windows\system32\roboot.exe
    2014-09-23 17:12 - 2014-09-23 17:12 - 00000000 ____D () C:\Users\CARL\Documents\Optimizer Pro
    2014-09-23 17:09 - 2014-09-23 17:09 - 00000000 ____D () C:\Program Files\Boost
    2014-09-23 17:05 - 2014-09-23 17:05 - 00009776 _____ () C:\Windows\system32\MyOSProtect.ini
    2014-09-23 17:05 - 2014-09-23 17:05 - 00002352 _____ () C:\Windows\system32\MyOSProtectOff.ini
    2014-09-23 17:05 - 2014-09-01 11:29 - 00020480 _____ () C:\Windows\system32\Drivers\pcwatch.sys
    2014-09-23 17:03 - 2014-09-23 17:03 - 18581088 _____ () C:\Users\CARL\Downloads\YGOPro DevPro.zip.thxo3ui.partial
    2014-09-23 17:03 - 2014-09-01 11:28 - 00304776 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect.dll
    2014-09-23 17:01 - 2014-09-25 22:16 - 00000000 ____D () C:\Program Files\Web Protect
    2014-09-23 17:01 - 2014-09-23 17:01 - 00000000 ____D () C:\Users\CARL\AppData\Local\SearchProtect
    2014-09-23 17:01 - 2014-09-23 17:01 - 00000000 ____D () C:\Program Files\SearchProtect
    2014-09-23 14:50 - 2014-09-24 15:21 - 01208942 _____ () C:\Users\CARL\Downloads\New_Microsoft_PowerPoint_Presentation.pptx
    2014-09-23 13:51 - 2014-09-23 14:37 - 02486374 _____ () C:\Users\CARL\Downloads\David_Mythology.pptx
    2014-09-23 12:39 - 2014-09-09 14:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-09-22 16:10 - 2014-09-22 16:10 - 00918440 _____ (Oracle Corporation) C:\Users\CARL\Downloads\JavaSetup7u67.com
    2014-09-22 16:04 - 2014-09-22 16:04 - 00000000 ____D () C:\Users\CARL\AppData\Local\AskPartnerNetwork
    2014-09-22 16:04 - 2014-09-22 16:04 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
    2014-09-22 16:04 - 2014-09-22 16:04 - 00000000 ____D () C:\ProgramData\APN
    2014-09-22 16:04 - 2014-09-22 16:04 - 00000000 ____D () C:\Program Files\AskPartnerNetwork
    2014-09-22 16:02 - 2014-09-22 16:02 - 00000000 ____D () C:\ProgramData\Oracle
    2014-09-19 06:27 - 2014-09-19 06:27 - 00000000 ____D () C:\Users\Liza\AppData\Local\{20373E10-274A-4A68-A976-51CB8838D089}
    2014-09-18 15:01 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-09-18 15:01 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-09-18 15:01 - 2014-08-18 14:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-09-18 15:01 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-09-18 15:01 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-09-18 15:01 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-09-18 15:01 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-09-18 15:01 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-09-18 15:01 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-09-18 15:01 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-09-18 15:01 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-09-18 15:01 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-09-18 15:01 - 2014-08-18 14:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-09-18 15:01 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-09-18 15:01 - 2014-08-18 14:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-09-18 15:01 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-09-18 15:01 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-09-18 15:01 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-09-18 15:01 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-09-18 15:01 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-09-18 15:01 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-09-18 15:01 - 2014-08-18 14:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-09-18 15:01 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-09-18 15:01 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-09-18 15:00 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-09-18 15:00 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-09-18 15:00 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-09-18 15:00 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-09-18 15:00 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-09-18 15:00 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-09-18 15:00 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-09-17 08:56 - 2014-07-06 18:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-09-17 08:56 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-09-17 08:55 - 2014-09-04 18:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-17 08:55 - 2014-09-04 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-17 08:55 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-09-17 08:55 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-09-16 22:47 - 2014-09-18 14:27 - 00000000 ____D () C:\Users\Liza\AppData\Local\{5EB1F283-A6CA-4AF7-9D54-CA3B9F6782B4}
    2014-09-16 19:49 - 2014-09-16 19:49 - 00000000 __SHD () C:\found.000
    2014-09-13 01:51 - 2014-09-13 01:51 - 00000000 ____D () C:\Users\Liza\AppData\Local\{F5899911-E6E6-4F67-82C6-BD68481CA883}
    2014-09-12 21:19 - 2014-09-12 21:19 - 00000000 ____D () C:\Users\Liza\AppData\Local\{3A5CF58D-05AD-4421-8942-EA191F6D89C7}
    2014-09-12 21:15 - 2014-09-12 21:15 - 01510144 _____ () C:\Windows\Minidump\091214-45583-01.dmp
    2014-09-06 03:51 - 2014-09-06 03:51 - 00000000 ____D () C:\Users\Liza\AppData\Local\{7825CC49-70F8-493E-88C9-B07B93EB1007}
    2014-09-05 10:15 - 2014-09-05 10:15 - 00000000 ____D () C:\Users\Liza\AppData\Local\{7771BBE8-4AA6-4FE3-9C86-A5E64EC94CA1}
    2014-09-04 10:22 - 2014-09-04 10:22 - 00052728 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
    2014-09-04 05:01 - 2014-09-04 22:14 - 00000000 ____D () C:\Users\Liza\AppData\Local\{EAF1BEA1-C915-4AB8-9435-5AC345EB9F88}
    2014-09-04 03:58 - 2014-08-22 18:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-09-04 03:58 - 2014-08-22 17:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-09-04 03:51 - 2014-05-14 09:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2014-09-04 03:51 - 2014-05-14 09:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2014-09-04 03:51 - 2014-05-14 09:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2014-09-04 03:51 - 2014-05-14 09:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2014-09-04 03:50 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2014-09-04 03:50 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2014-09-04 03:50 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2014-09-04 03:50 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2014-09-04 03:50 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2014-09-02 12:55 - 2014-09-02 12:55 - 00487483 _____ () C:\monitor.exe
    2014-09-02 12:55 - 2014-09-02 12:55 - 00034244 _____ () C:\monitorsvc.exe
    2014-09-02 11:21 - 2014-09-02 11:21 - 00634880 _____ () C:\DirectControl.exe
    2014-08-31 12:23 - 2014-08-31 12:23 - 00000000 ____D () C:\Users\Liza\AppData\Local\{098F5E7A-8996-473E-B60E-EEFAD175F1A8}
    2014-08-30 16:27 - 2014-08-30 16:27 - 00000000 ____D () C:\Users\CARL\AppData\Roaming\WildTangent

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-26 20:34 - 2011-05-04 15:42 - 02047216 _____ () C:\Windows\WindowsUpdate.log
    2014-09-26 20:19 - 2012-02-14 17:28 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cceb78bf10241d.job
    2014-09-26 20:07 - 2010-03-14 13:07 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-09-26 20:02 - 2012-08-31 15:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-09-26 19:42 - 2012-06-03 20:45 - 00000374 _____ () C:\Windows\Tasks\update-sys.job
    2014-09-26 19:37 - 2011-05-04 15:05 - 00018544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-09-26 19:37 - 2011-05-04 15:05 - 00018544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-09-26 19:36 - 2012-06-03 20:45 - 00000374 _____ () C:\Windows\Tasks\update-S-1-5-21-201924879-2192290182-1421096681-1001.job
    2014-09-26 19:36 - 2011-12-01 19:51 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001Core.job
    2014-09-26 18:23 - 2011-12-01 19:51 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001UA.job
    2014-09-26 17:32 - 2012-02-14 17:28 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cceb78bbbe067a.job
    2014-09-26 17:32 - 2010-03-14 13:07 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-09-26 17:32 - 2009-01-09 22:21 - 00000000 ___HD () C:\TEMP
    2014-09-26 17:29 - 2010-09-11 07:57 - 00000000 ____D () C:\Users\Liza\Tracing
    2014-09-26 17:28 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-09-26 17:28 - 2009-07-13 21:39 - 01494317 _____ () C:\Windows\setupact.log
    2014-09-26 17:26 - 2011-05-04 15:28 - 00172530 _____ () C:\Windows\PFRO.log
    2014-09-25 19:50 - 2010-09-10 16:01 - 00000000 ____D () C:\Users\Liza\Documents\Katie
    2014-09-24 20:56 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-09-24 20:53 - 2014-07-31 17:42 - 00000000 ____D () C:\ProgramData\Datamngr
    2014-09-24 20:53 - 2011-04-11 21:52 - 00002117 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-09-24 20:53 - 2009-06-06 06:26 - 00000907 _____ () C:\Users\CARL\Desktop\Launch Internet Explorer Browser.lnk
    2014-09-24 13:07 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\NDF
    2014-09-24 12:29 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\rescache
    2014-09-24 10:02 - 2012-03-30 16:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2014-09-24 10:02 - 2011-05-19 14:16 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2014-09-23 19:26 - 2011-07-30 11:43 - 358196183 _____ () C:\Windows\MEMORY.DMP
    2014-09-23 19:26 - 2011-07-30 11:43 - 00000000 ____D () C:\Windows\Minidump
    2014-09-23 17:27 - 2013-09-30 20:45 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2014-09-19 06:47 - 2014-07-31 11:57 - 00203574 _____ () C:\Users\CARL\Desktop\1checking.xlsx
    2014-09-18 15:03 - 2008-08-21 00:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-09-18 15:00 - 2013-08-15 11:44 - 00000000 ____D () C:\Windows\system32\MRT
    2014-09-18 14:37 - 2014-05-07 06:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-09-18 14:37 - 2011-05-17 10:41 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-09-18 14:33 - 2011-05-04 15:49 - 00775124 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-17 14:36 - 2014-02-04 01:45 - 00000000 ____D () C:\Users\Liza\Documents\Retirement
    2014-09-06 03:49 - 2009-07-13 21:33 - 00371536 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-08-30 16:26 - 2011-05-04 16:01 - 00093384 _____ () C:\Users\CARL\AppData\Local\GDIPFONTCACHEV1.DAT

    Some content of TEMP:
    ====================
    C:\Users\CARL\AppData\Local\Temp\APNSetup.exe
    C:\Users\CARL\AppData\Local\Temp\bnd2E32.tmp.exe
    C:\Users\CARL\AppData\Local\Temp\bnd438B.tmp.exe
    C:\Users\CARL\AppData\Local\Temp\jre-7u67-windows-i586-iftw_b4dba751.exe
    C:\Users\CARL\AppData\Local\Temp\optprosetup.exe
    C:\Users\CARL\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\CARL\AppData\Local\Temp\SpOrder.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite16672.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite17342.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite20659.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite40444.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite45199.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite49892.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite51767.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite56991.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite57622.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite58186.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite65263.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite77753.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite80400.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite86460.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite87185.dll
    C:\Users\CARL\AppData\Local\Temp\System.Data.SQLite89878.dll
    C:\Users\Liza\AppData\Local\Temp\bnd12EE.tmp.exe
    C:\Users\Liza\AppData\Local\Temp\bnd2307.tmp.exe
    C:\Users\Liza\AppData\Local\Temp\bnd66E8.tmp.exe
    C:\Users\Liza\AppData\Local\Temp\bndF69A.tmp.exe
    C:\Users\Liza\AppData\Local\Temp\dplinst.exe
    C:\Users\Liza\AppData\Local\Temp\MSETUP4.EXE
    C:\Users\Liza\AppData\Local\Temp\SkypeSetup.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2014-09-16 20:22

    ==================== End Of Log ============================



    #6 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 26 September 2014 - 08:28 PM

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-09-2014
    Ran by CARL at 2014-09-26 20:36:40
    Running from C:\Users\CARL\Desktop
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
    AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
    32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
    4500_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
    Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
    Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
    Adobe AIR (Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.3) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
    ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    Bandoo (HKLM\...\Bandoo) (Version:  - Bandoo Media Inc) <==== ATTENTION
    Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
    Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.26.0.1106 - Bitdefender)
    Boost for Internet Explorer (HKLM\...\Boost) (Version: 3.0.0.10 - Boost Shopping)
    bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
    BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
    BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
    BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Canon MP Navigator EX 2.0 (HKLM\...\MP Navigator EX 2.0) (Version:  - )
    Canon MP240 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series) (Version:  - )
    Canon MP240 series User Registration (HKLM\...\Canon MP240 series User Registration) (Version:  - )
    Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
    Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
    Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
    Click to Disc (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.00.06190 - Sony Corporation)
    Click to Disc (Version: 1.2.00.06190 - Sony Corporation) Hidden
    Click to Disc Editor (HKLM\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 1.2.00 - Sony Corporation)
    Click to Disc Editor (Version: 1.2.00 - Sony Corporation) Hidden
    Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Conduit Engine  (HKLM\...\conduitEngine) (Version:  - Conduit Ltd.) <==== ATTENTION
    ConvertAd (HKLM\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Dogpile Bundle Toolbar (HKLM\...\Dogpile Bundle Toolbar) (Version: 1.514 - ) <==== ATTENTION
    Elevated Installer (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
    Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    Garmin Express (HKLM\...\{817c6bb8-ea2d-4e12-abbc-e33c3de43f64}) (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries)
    Garmin Express (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express Tray (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
    Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
    HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version:  - )
    HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    IBM Lotus Forms Viewer 3.5.1 (HKLM\...\{A0BBF7AB-2F47-47DC-BB02-4C826F2BC73C}) (Version: 7.6.1.333 - IBM)
    Iminent (HKLM\...\IMBoosterARP) (Version: 7.5.3.1 - Iminent) <==== ATTENTION
    IminentToolbar (HKLM\...\IminentToolbar) (Version: 7.5.3.1 - Iminent) <==== ATTENTION
    Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
    J4500 (Version: 50.0.165.000 - Hewlett-Packard) Hidden
    Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
    JoJo's Fashion Show (Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Lightshot-5.1.2.5 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.2.5 - Skillbrains)
    LookThisUp (HKLM\...\LookThisUp) (Version: 1.0.2 - LookThisUp)
    Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
    Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
    Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
    Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Standard 2007 (HKLM\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Standard 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
    Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
    MotoHelper 2.0.45 Driver 5.0.0 (HKLM\...\MotoHelper) (Version: 2.0.45 - Motorola)
    MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden
    Motorola Mobile Drivers Installation 5.0.0 (Version: 5.0.0 - Motorola Inc.) Hidden
    Move Media Player (HKCU\...\Move Media Player) (Version:  - Move Networks)
    Mozilla Firefox 24.0 (x86 en-US) (HKLM\...\Mozilla Firefox 24.0 (x86 en-US)) (Version: 24.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)
    MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    Music Toolbar for Chrome (Dist. by Bandoo Media, Inc.) (HKLM\...\bandoomusictoolbarGC) (Version: 1.4.0.0 - APN LLC) <==== ATTENTION
    Music Toolbar for Firefox (Dist. by Bandoo Media, Inc.) (HKLM\...\bandoomusictoolbarFF) (Version: 1.4.0.0 - APN LLC) <==== ATTENTION
    Music Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.) (HKLM\...\bandoomusictoolbarIE) (Version: 1.4.0.0 - APN LLC) <==== ATTENTION
    Music Transfer (HKLM\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.2.00.17290 - Sony Corporation)
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    Officejet J4500 Series (HKLM\...\{E11448F2-0B44-4239-B04E-D88FE743E929}) (Version: 13.0 - HP)
    OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
    OLYMPUS ib (HKLM\...\InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.1.1404 - OLYMPUS IMAGING CORP.)
    OLYMPUS ib (Version: 1.1.1404 - OLYMPUS IMAGING CORP.) Hidden
    OpenMG Secure Module 5.1.00 (Version: 5.1.00.05200 - Sony Corporation) Hidden
    Optimizer Pro v3.2 (HKLM\...\Optimizer Pro_is1) (Version: 3.2.0.1 - PC Utilities Software Limited) <==== ATTENTION
    PageRage Toolbar (HKLM\...\PageRage Toolbar) (Version: 6.3.5.3 - PageRage)
    Plants vs. Zombies - Game of the Year (Version: 2.2.0.98 - WildTangent) Hidden
    Pokémon Trading Card Game Online (HKLM\...\{D81F39D4-FDA9-4356-92B1-16081D8BF71A}) (Version: 1.0.0 - The Pokémon Company International)
    Primo (Version: 1.00.0000 - Your Company Name) Hidden
    ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
    QuickBooks Simple Start 2008 (HKLM\...\{8ECB8220-F419-4BEB-9596-97033C533702}) (Version: 18.0.4003.606 - Intuit Inc.)
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - Realtek Semiconductor Corp.)
    Roxio Central Audio (Version: 3.7.0 - Roxio) Hidden
    Roxio Central Copy (Version: 3.7.0 - Roxio) Hidden
    Roxio Central Core (Version: 3.7.0 - Roxio) Hidden
    Roxio Central Data (Version: 3.7.0 - Roxio) Hidden
    Roxio Central Tools (Version: 3.7.0 - Roxio) Hidden
    Roxio Easy Media Creator 10 LJ (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
    Roxio Easy Media Creator Home (Version: 10.1.177 - Roxio) Hidden
    Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Search App by Ask (HKLM\...\{4F524A2D-5350-4500-76A7-A758B70C1101}) (Version: 12.17.1.65 - APN, LLC) <==== ATTENTION
    Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
    Setting Utility Series (HKLM\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 4.1.00.07290 - Sony Corporation)
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
    Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
    Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    SmartWi Connection Utility (HKLM\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.4.0.20080627.1647 - Sony Corporation)
    Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 3.2.02.06170 - Sony Corporation)
    Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.4.00 - Sony Corporation)
    Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
    Super Optimizer (HKLM\...\Super Optimizer_is1) (Version: 3.2 - Super PC Tools ltd)
    SupportSoft Assisted Service (HKLM\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.13.0 - Synaptics)
    Term Tutor (HKLM\...\TermTutor) (Version: 1.9.0.8 - Term Tutor) <==== ATTENTION
    Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
    Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
    Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
    Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
    Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
    Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
    Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
    Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
    Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
    Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
    Update Installer for WildTangent Games App (Version:  - WildTangent) Hidden
    VAIO Content Folder Setting (HKLM\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.0.00.17290 - Sony Corporation)
    VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{FD72E69E-CF34-4071-BFD6-FD081A365E2C}) (Version: 3.2.00.06115 - Sony Corporation)
    VAIO Content Metadata Intelligent Analyzing Manager (Version: 3.2.00.06115 - Sony Corporation) Hidden
    VAIO Content Metadata Manager Setting (HKLM\...\{FE697886-F392-4E0D-A0C0-47587BF60992}) (Version: 3.2.00.06062 - Sony Corporation)
    VAIO Content Metadata Manager Setting (Version: 3.2.00.06062 - Sony Corporation) Hidden
    VAIO Content Metadata XML Interface Library (HKLM\...\{CB8A8696-93EC-414E-A752-850AB133F68A}) (Version: 3.2.00.06112 - Sony Corporation)
    VAIO Content Metadata XML Interface Library (Version: 3.2.00.06112 - Sony Corporation) Hidden
    VAIO Control Center (HKLM\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 3.1.00.07110 - Sony Corporation)
    VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.04.01170 - Sony Corporation)
    VAIO DVD Menu Data Basic (HKLM\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
    VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.2.00.06200 - Sony Corporation)
    VAIO Entertainment Platform (Version: 3.2.00.06200 - Sony Corporation) Hidden
    VAIO Event Service (HKLM\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 4.1.00.07150 - Sony Corporation)
    VAIO Help and Support (HKLM\...\{D47FE987-EA3D-424B-9886-B752501D7CE7}) (Version: 6.00.0805.NS - Sony Corporation)
    VAIO Launcher (HKLM\...\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}) (Version: 2.1.00.06130 - Sony Corporation)
    VAIO Media plus (HKLM\...\{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}) (Version: 1.1.00.05240 - Sony Corporation)
    VAIO Media plus (Version: 1.1.00.05240 - Sony Corporation) Hidden
    VAIO Movie Story (HKLM\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.3.00.06240 - Sony Corporation)
    VAIO Movie Story (Version: 1.3.00.06240 - Sony Corporation) Hidden
    VAIO Movie Story Template Data (HKLM\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.3.00.06120 - Sony Corporation)
    VAIO MusicBox (HKLM\...\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}) (Version: 2.1.00.06110 - Sony Corporation)
    VAIO MusicBox Sample Music (HKLM\...\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}) (Version: 1.1.00.14140 - Sony Corporation)
    VAIO My Memory Center (HKLM\...\{E1D25278-B51A-4163-BC3D-20A4D2D09F98}) (Version: 1.00.0229 - Sony)
    VAIO Original Function Setting (HKLM\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 1.4.00.04230 - Sony Corporation)
    VAIO Power Management (HKLM\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 3.1.00.06190 - Sony Corporation)
    VAIO Presentation Support (HKLM\...\{2018C019-30D9-4240-8C01-0865C10DCF5A}) (Version: 1.0.00.04240 - Sony Corporation)
    VAIO Survey (HKLM\...\{34B37A74-125E-4406-87BA-E4BD3D097AE5}) (Version: 6.00.0722 - Sony Corporation)
    VAIO Update 4 (HKLM\...\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}) (Version: 4.0.0.06110 - Sony Corporation)
    VAIO Wallpaper Contents (HKLM\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 1.2.00.05200 - Sony Corporation)
    VAIO Wireless Wizard (HKLM\...\{BCED773C-99EE-48DD-8915-25733F69F0A8}) (Version: 1.01.0722 - Sony)
    WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
    WildTangent Games (HKLM\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
    WildTangent Games App (Version: 4.0.10.5 - WildTangent) Hidden
    Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
    Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
    Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\E77704EF5E71F4F18CADFBFA68595AFE036D5D97) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
    Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
    Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
    Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
    Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.513 - InterVideo Inc.)
    WinDVD for VAIO (Version: 8.0-B9.513 - InterVideo Inc.) Hidden
    WinZip 15.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C2}) (Version: 15.5.9468 - WinZip Computing, S.L. )
    Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )
    Yontoo Layers 1.10.01 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.01 - Theme Your World LLC) <==== ATTENTION

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{1704815D-0A03-44ff-8646-1AE1FE84E313}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2008\qbw32.exe (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2008\qbw32.exe (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{e3e02f12-2adb-478c-8742-5f0819f9f0f4}\InprocServer32 -> C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{e473a65c-8087-49a3-affd-c5bc4a10669b}\InprocServer32 -> C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2008\qbw32.exe (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{fc345d4c-b8f4-4674-bff7-3c37d2e535ee}\InprocServer32 -> C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{fd6484ed-ebe3-4c3d-938a-8238003b41b7}\InprocServer32 -> C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)

    ==================== Restore Points  =========================

    06-09-2014 10:26:36 Windows Update
    17-09-2014 03:30:01 Scheduled Checkpoint
    18-09-2014 21:30:02 Windows Update
    22-09-2014 23:01:10 Installed Java 7 Update 67
    24-09-2014 10:00:17 Windows Update
    25-09-2014 03:17:05 Removed Java™ SE Runtime Environment 6
    25-09-2014 20:01:58 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1             localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {1ACBDAEC-2A53-4506-A49D-D873A37BC917} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001Core => C:\Users\Liza\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
    Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
    Task: {409EF0D1-2513-4E3A-A76D-E257DF41C405} - System32\Tasks\{C3F51740-AF9E-48E9-A175-E6984F04682F} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
    Task: {427E299A-AD91-4E61-92A9-4B996E3486BC} - System32\Tasks\MotoHelper Initial Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
    Task: {43EF19D6-51FA-494B-BF61-051F9A268419} - System32\Tasks\{8DDFCE64-8F19-408F-A578-FA55880C9EA4} => Chrome.exe
    Task: {43FC69D4-6AD4-4A8B-B9B2-678DCC1C260C} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe
    Task: {4D4940F1-04EB-49F4-AAC1-63F4631A23E9} - System32\Tasks\GoogleUpdateTaskMachineUA1cceb78bf10241d => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-14] (Google Inc.)
    Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
    Task: {59EFDEC1-B8C1-4320-9CCA-B05EB79B3179} - System32\Tasks\GoogleUpdateTaskMachineCore1cceb78bbbe067a => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-14] (Google Inc.)
    Task: {5EA6180C-1E3F-497E-B3B5-845E667EC203} - System32\Tasks\MotoHelper MUM => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
    Task: {5F96E265-E858-4B4B-ADDF-F6429A8B6516} - System32\Tasks\{2CC1A021-FFE3-45A0-B851-6F2F34A41623} => Chrome.exe
    Task: {63DA6DDC-FB1D-43AC-AA39-D1E07319C481} - System32\Tasks\APSnotifierPP1 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: {6452F7EE-CBDC-45C8-895B-781C465E6354} - System32\Tasks\MotoHelper Routing => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
    Task: {68604C8B-9D2C-489C-97FA-37A5F688EA61} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-07-23] ()
    Task: {708C4888-0606-4B4E-AF5B-6FDE8BE0A415} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
    Task: {70F883A7-702E-4621-A9E2-CD969BF9EB6C} - System32\Tasks\APSnotifierPP2 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: {7221E1AA-3000-4D0A-8B48-09E276FBA3EF} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files\Optimizer Pro\OptProLauncher.exe [2014-09-16] (PC Utilities Software Limited) <==== ATTENTION
    Task: {729EDBDB-A3BE-4D9B-A20E-4D06A20629AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-14] (Google Inc.)
    Task: {76A80074-2D6D-4C86-820D-24BBD40865DA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001UA => C:\Users\Liza\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
    Task: {76B152FC-C976-445C-AA3A-D5A807B21A05} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2008-06-11] (Sony Corporation)
    Task: {836CB314-DEED-4D14-AEDA-9C4635A04D96} - System32\Tasks\ASP => C:\Program Files\RCP\systweakasp.exe
    Task: {883DD7C8-BEF6-4CBB-B38C-BFB2E0FFE7C7} - System32\Tasks\WSE_Astromenda => C:\Users\CARL\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-09-24] ()
    Task: {9168A11B-320A-4B1E-B5F6-68057362C837} - System32\Tasks\Super Optimizer Schedule => C:\Program Files\Super Optimizer\SupOptLauncher.exe [2014-08-26] (SUPER PC TOOLS LIMITED)
    Task: {A283E1E6-3AF9-4E4E-A638-A89421812F73} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files\Sony\VAIO Wallpaper Setting Tool\VWSet.exe [2008-06-27] (Sony Corporation)
    Task: {AEEC548D-24D3-45D5-BE5D-9C1F57505F50} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2009-07-13] (Microsoft Corporation)
    Task: {B9FE42C7-89E1-4026-B5E2-347B00577D49} - System32\Tasks\update-S-1-5-21-201924879-2192290182-1421096681-1001 => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()
    Task: {CE4B2284-26C0-405B-9650-164ED9632C71} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()
    Task: {DCBF70A4-DDED-465D-84EB-29552F50CDBE} - System32\Tasks\MotoHelper Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
    Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
    Task: {EBC0B3BD-4E30-4CBF-B7E5-4CEF62D5CAD8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
    Task: {FBB48E63-E9E5-48AA-9743-88B441929985} - System32\Tasks\{84FBF9DD-3B08-439B-9B55-C2650159933F} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe
    Task: {FFC96332-BC48-4DF6-95C8-A5396C7B66D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-14] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001Core.job => C:\Users\Liza\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001UA.job => C:\Users\Liza\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cceb78bbbe067a.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cceb78bf10241d.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\update-S-1-5-21-201924879-2192290182-1421096681-1001.job => C:\Program Files\Skillbrains\Updater\Updater.exe
    Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
    Task: C:\Windows\Tasks\WSE_Astromenda.job => C:\Users\CARL\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

    ==================== Loaded Modules (whitelisted) =============

    2014-08-13 12:05 - 2014-08-13 12:05 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
    2014-08-13 12:05 - 2014-08-13 12:05 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
    2014-03-26 14:24 - 2011-11-14 19:17 - 00132176 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
    2014-08-13 12:05 - 2014-08-13 12:05 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
    2014-07-24 11:46 - 2014-07-24 11:46 - 00676568 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00040_005\ashttpbr.mdl
    2014-07-24 11:46 - 2014-07-24 11:46 - 00490144 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00040_005\ashttpdsp.mdl
    2014-07-24 11:46 - 2014-07-24 11:46 - 02138096 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00040_005\ashttpph.mdl
    2014-07-24 11:46 - 2014-07-24 11:46 - 01128744 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00040_005\ashttprbl.mdl
    2014-09-25 22:15 - 2014-09-25 22:15 - 03649616 _____ () c:\Program Files\Optimizer Pro\OptProCrash.dll
    2011-01-27 14:13 - 2011-01-27 14:13 - 00226624 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
    2014-09-02 12:55 - 2014-09-02 12:55 - 00487483 _____ () C:\monitor.exe
    2008-08-01 13:55 - 2008-07-15 18:04 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
    2008-08-01 13:55 - 2008-07-15 18:04 - 00009728 _____ () C:\Program Files\Sony\VAIO Event Service\VESMgrSubPS.dll
    2014-03-26 14:24 - 2013-03-25 15:16 - 00919136 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
    2011-01-27 14:13 - 2011-01-27 14:13 - 00673088 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
    2008-08-21 00:17 - 2008-06-02 12:37 - 00028672 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
    2008-08-21 00:17 - 2008-06-02 12:37 - 00118784 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\SonyCommonLib.dll
    2008-08-21 00:17 - 2008-06-02 12:37 - 00020480 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\DebugMsg.dll
    2008-08-21 00:17 - 2008-04-17 00:59 - 00020480 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Resources.dll
    2008-08-21 00:17 - 2008-06-02 12:37 - 00028672 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\SharedInterfaces.dll
    2008-08-21 00:17 - 2008-04-17 00:59 - 00028672 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\DictionaryLookup.dll
    2008-08-21 00:17 - 2008-04-17 00:59 - 00024576 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\MessageXML.dll
    2014-03-26 14:23 - 2014-08-13 12:05 - 00095088 _____ () C:\Program Files\Bitdefender\Bitdefender\bdmetrics.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00040960 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
    2008-08-21 00:17 - 2008-06-02 12:37 - 00016384 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00036864 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00040960 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00016384 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00024576 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00024576 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00020480 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00016384 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
    2008-08-21 00:17 - 2008-04-17 00:59 - 00016384 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\SystemPowerDLL.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00028672 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
    2008-08-21 00:17 - 2008-04-17 01:00 - 00016384 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\SWGadgetInterface.dll
    2014-04-21 12:24 - 2014-04-21 12:24 - 00392704 _____ () C:\Program Files\Boost\BoostUpdater.exe

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\Windows\system32\FlashPlayerInstaller.exe:BDU
    AlternateDataStreams: C:\Users\CARL\Desktop\aswMBR.exe:BDU
    AlternateDataStreams: C:\Users\CARL\Desktop\FRST.exe:BDU
    AlternateDataStreams: C:\Users\CARL\Downloads\install_flashplayer14x32axau_mssa_aaa_aih.exe:BDU
    AlternateDataStreams: C:\Users\CARL\Downloads\JavaSetup7u67.com:BDU
    AlternateDataStreams: C:\Users\Liza\Desktop\Minecraft (2).exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\adventurequesttoolbar.exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\chromeinstall-7u7 (1).exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\chromeinstall-7u7.exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\Firefox Setup 13.0.1 (1).exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\Firefox Setup 13.0.1.exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\GarminExpress.exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\install_flashplayer11x32_mssa_aih.exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\install_flashplayer14x32ax_chra_dy_awa_aih (1).exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\Minecraft (1).exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\setup-lightshot-2.5.0.0 (1).exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\setup-lightshot-2.5.0.0.exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\TechnicLauncher.exe:BDU

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pcwatch.sys => ""="Driver" <==== ATTENTION
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\pcwatch.sys => ""="Driver" <==== ATTENTION

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)


    ========================= Accounts: ==========================

    Administrator (S-1-5-21-201924879-2192290182-1421096681-500 -> Administrator - Disabled - Status: Degraded)
    CARL (S-1-5-21-201924879-2192290182-1421096681-1000 -> Administrator - Enabled - Status: OK) => C:\Users\CARL
    Guest (S-1-5-21-201924879-2192290182-1421096681-501 -> Limited - Disabled - Status: Degraded)
    HomeGroupUser$ (S-1-5-21-201924879-2192290182-1421096681-1003 -> Limited - Enabled - Status: OK)
    Liza (S-1-5-21-201924879-2192290182-1421096681-1001 -> Administrator - Enabled - Status: OK) => C:\Users\Liza

    ==================== Faulty Device Manager Devices =============

    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/26/2014 05:31:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (09/26/2014 07:50:57 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: firefox.exe, version: 24.0.0.5001, time stamp: 0x522fd29f
    Faulting module name: KERNEL32.dll, version: 6.1.7601.18409, time stamp: 0x531599f5
    Exception code: 0xc0000005
    Fault offset: 0x0004f804
    Faulting process id: 0x2ee8
    Faulting application start time: 0xfirefox.exe0
    Faulting application path: firefox.exe1
    Faulting module path: firefox.exe2
    Report Id: firefox.exe3

    Error: (09/25/2014 10:22:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program SuperOptimizer.exe version 3.2.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1ed4

    Start Time: 01cfd9499a46bf46

    Termination Time: 33

    Application Path: C:\Program Files\Super Optimizer\SuperOptimizer.exe

    Report Id:

    Error: (09/25/2014 10:21:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program OptimizerPro.exe version 3.2.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 2470

    Start Time: 01cfd9499e983bcf

    Termination Time: 15

    Application Path: C:\Program Files\Optimizer Pro\OptimizerPro.exe

    Report Id:

    Error: (09/25/2014 10:15:22 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: MyOSProtect.exe, version: 2.2.9.10, time stamp: 0x54049038
    Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
    Exception code: 0xc0000005
    Fault offset: 0x000558fe
    Faulting process id: 0x11c8
    Faulting application start time: 0xMyOSProtect.exe0
    Faulting application path: MyOSProtect.exe1
    Faulting module path: MyOSProtect.exe2
    Report Id: MyOSProtect.exe3

    Error: (09/25/2014 10:05:50 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: iexplore.exe, version: 11.0.9600.17280, time stamp: 0x53f262ac
    Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x531599f6
    Exception code: 0xe06d7363
    Fault offset: 0x0000812f
    Faulting process id: 0x22a8
    Faulting application start time: 0xiexplore.exe0
    Faulting application path: iexplore.exe1
    Faulting module path: iexplore.exe2
    Report Id: iexplore.exe3

    Error: (09/25/2014 09:02:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 37.0.2062.120, time stamp: 0x5407bf0e
    Faulting module name: KERNEL32.dll, version: 6.1.7601.18409, time stamp: 0x531599f5
    Exception code: 0xc0000005
    Fault offset: 0x0004f804
    Faulting process id: 0x2128
    Faulting application start time: 0xchrome.exe0
    Faulting application path: chrome.exe1
    Faulting module path: chrome.exe2
    Report Id: chrome.exe3

    Error: (09/25/2014 08:58:50 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 37.0.2062.120, time stamp: 0x5407bf0e
    Faulting module name: KERNEL32.dll, version: 6.1.7601.18409, time stamp: 0x531599f5
    Exception code: 0xc0000005
    Fault offset: 0x0004f804
    Faulting process id: 0x282c
    Faulting application start time: 0xchrome.exe0
    Faulting application path: chrome.exe1
    Faulting module path: chrome.exe2
    Report Id: chrome.exe3

    Error: (09/25/2014 08:58:24 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 37.0.2062.120, time stamp: 0x5407bf0e
    Faulting module name: KERNEL32.dll, version: 6.1.7601.18409, time stamp: 0x531599f5
    Exception code: 0xc0000005
    Fault offset: 0x0004f804
    Faulting process id: 0x281c
    Faulting application start time: 0xchrome.exe0
    Faulting application path: chrome.exe1
    Faulting module path: chrome.exe2
    Report Id: chrome.exe3

    Error: (09/25/2014 07:09:24 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 37.0.2062.120, time stamp: 0x5407bf0e
    Faulting module name: KERNEL32.dll, version: 6.1.7601.18409, time stamp: 0x531599f5
    Exception code: 0xc0000005
    Fault offset: 0x0004f804
    Faulting process id: 0x1480
    Faulting application start time: 0xchrome.exe0
    Faulting application path: chrome.exe1
    Faulting module path: chrome.exe2
    Report Id: chrome.exe3


    System errors:
    =============

    Microsoft Office Sessions:
    =========================

    CodeIntegrity Errors:
    ===================================
      Date: 2013-06-17 18:37:39.794
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-14 15:47:58.270
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-14 08:36:27.036
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-14 07:59:37.901
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-12 11:36:45.492
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-12 11:11:13.133
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-12 10:58:44.950
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-11 17:43:24.032
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-11 17:29:43.887
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-11 17:16:29.403
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel® Pentium® Dual CPU T3200 @ 2.00GHz
    Percentage of memory in use: 62%
    Total physical RAM: 2939.04 MB
    Available physical RAM: 1092.63 MB
    Total Pagefile: 5876.36 MB
    Available Pagefile: 3475.3 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1871.59 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:223.99 GB) (Free:117 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: B48D4FA6)
    Partition 1: (Not Active) - (Size=8.9 GB) - (Type=27)
    Partition 2: (Active) - (Size=224 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================



    #7 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 27 September 2014 - 03:21 AM

    Good Morning,

     

    There is a lot to remove but lets run a few programs first that will remove most of it .

     

    First lets fix your proxy server, also run this in order as listed

     

    Download MiniToolBox and save it to your desktop and run it.
     
    Checkmark following checkboxes:
    •  
    • Flush DNS 
    • Reset IE Proxy Settings 
     
     
    Click Go and post the result (Result.txt) that pops up. A copy of result.txt will be saved in the same directory the tool is run.
     
     
     
     
    ======================================================================
     
     

    ===============================================================================
     
    -AdwCleaner-by Xplode
     
    Click on this link to download : ADWCleaner
    Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
     
    Do not click on any links in the top Advertisment.
     
    •  
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Scan.
    • After the scan is complete click on "Clean"
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
     
     
     
    ===============================================================================
     
     
    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    •  
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
     
     
     
    ===============================================================================
     
    Download Malwarebytes' Anti-Malware  to your desktop. 
     
    •  
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
     
     
    MBAMDashboard_zpsddef9b5f.gif
     
    •  
    • On the Dashboard click on Update Now
    • Go to the Setting Tab
    • Under Setting go to Detection and Protection
    • Under PUP and PUM make sure both are set to show Treat Detections as Malware
    • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
    • Then on the Dashboard click on Scan
    • Make sure to select THREAT SCAN
    • Then click on Scan
    • When the scan is finished and the log pops up...select Copy to Clipboard
    • Please paste the log back into this thread for review
    • Exit Malwarebytes
     

     



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #8 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 27 September 2014 - 05:08 AM

    MiniToolBox by Farbar  Version: 21-07-2014
    Ran by CARL (administrator) on 27-09-2014 at 06:04:20
    Running from "C:\Users\CARL\Downloads"
    Microsoft Windows 7 Home Premium  Service Pack 1 (X86)
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    "Reset IE Proxy Settings": IE Proxy Settings were reset.

    **** End of log ****



    #9 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 27 September 2014 - 05:19 AM

    Good, remember to download any tools I ask you to run to your desktop, not your downloads folder, most tools run better from the desktop



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #10 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 27 September 2014 - 05:51 AM

    # AdwCleaner v3.310 - Report created 27/09/2014 at 06:40:50
    # Updated 12/09/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
    # Username : CARL - CARL-PC
    # Running from : C:\Users\CARL\Desktop\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    [#] Service Deleted : APNMCP
    Service Deleted : Bandoo Coordinator
    Service Deleted : ca82e1a5
    [#] Service Deleted : CltMngSvc
    Service Deleted : GlobalUpdater
    Service Deleted : MyOSProtect
    [#] Service Deleted : pcwatch
    [#] Service Deleted : ProtectMonitor
    Service Deleted : SProtection

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\2308189059
    Folder Deleted : C:\ProgramData\apn
    Folder Deleted : C:\ProgramData\AskPartnerNetwork
    Folder Deleted : C:\ProgramData\Bandoo
    [#] Folder Deleted : C:\ProgramData\Browser Manager
    Folder Deleted : C:\ProgramData\DataMngr
    Folder Deleted : C:\ProgramData\Tarma Installer
    Folder Deleted : C:\ProgramData\wincert
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
    Folder Deleted : C:\Program Files\AskPartnerNetwork
    Folder Deleted : C:\Program Files\Bandoo
    Folder Deleted : C:\Program Files\Boost
    Folder Deleted : C:\Program Files\Conduit
    Folder Deleted : C:\Program Files\ConduitEngine
    Folder Deleted : C:\Program Files\Dogpile Bundle Toolbar
    Folder Deleted : C:\Program Files\Iminent
    Folder Deleted : C:\Program Files\Music Toolbar
    Folder Deleted : C:\Program Files\Optimizer Pro
    Folder Deleted : C:\Program Files\PennyBee
    Folder Deleted : C:\Program Files\SearchProtect
    Folder Deleted : C:\Program Files\Skillbrains
    [!] Folder Deleted : C:\Program Files\Web Protect
    Folder Deleted : C:\Program Files\Yontoo Layers
    Folder Deleted : C:\Program Files\PageRage
    Folder Deleted : C:\Program Files\Common Files\IMGUpdater
    Folder Deleted : C:\Program Files\Common Files\Umbrella
    Folder Deleted : C:\Users\CARL\AppData\Local\AskPartnerNetwork
    Folder Deleted : C:\Users\CARL\AppData\Local\Astromenda
    Folder Deleted : C:\Users\CARL\AppData\Local\ConvertAd
    Folder Deleted : C:\Users\CARL\AppData\Local\SearchProtect
    Folder Deleted : C:\Users\CARL\AppData\Local\Temp\Iminent
    Folder Deleted : C:\Users\CARL\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\CARL\AppData\LocalLow\ConduitEngine
    Folder Deleted : C:\Users\CARL\AppData\LocalLow\HPAppData
    Folder Deleted : C:\Users\CARL\AppData\LocalLow\PageRage
    Folder Deleted : C:\Users\CARL\AppData\Roaming\ap_logs
    Folder Deleted : C:\Users\CARL\AppData\Roaming\Bandoo
    Folder Deleted : C:\Users\CARL\AppData\Roaming\LookThisUp
    Folder Deleted : C:\Users\CARL\AppData\Roaming\Optimizer Pro
    Folder Deleted : C:\Users\CARL\AppData\Roaming\Systweak
    Folder Deleted : C:\Users\CARL\AppData\Roaming\wse_astromenda
    Folder Deleted : C:\Users\CARL\Documents\Optimizer Pro
    Folder Deleted : C:\Users\Liza\AppData\Local\Conduit
    Folder Deleted : C:\Users\Liza\AppData\Local\SearchProtect
    Folder Deleted : C:\Users\Liza\AppData\Local\Skillbrains
    Folder Deleted : C:\Users\Liza\AppData\Local\fst_us_261
    Folder Deleted : C:\Users\Liza\AppData\Local\Temp\apn
    Folder Deleted : C:\Users\Liza\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Liza\AppData\LocalLow\ConduitEngine
    Folder Deleted : C:\Users\Liza\AppData\LocalLow\SearchquTB
    Folder Deleted : C:\Users\Liza\AppData\LocalLow\PageRage
    Folder Deleted : C:\Users\Liza\AppData\Roaming\Bandoo
    Folder Deleted : C:\Users\Liza\AppData\Roaming\Systweak
    Folder Deleted : C:\Users\Liza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dogpile Bundle Toolbar
    Folder Deleted : C:\Users\Liza\AppData\Roaming\Mozilla\Firefox\Profiles\zlrbzbso.default\Extensions\staged\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}
    Folder Deleted : C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehhlaekjfiiojlddgndcnefflngfmhen
    Folder Deleted : C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\igckfjdcbkimejmjmpmebffdjjjgncfn
    [!] Folder Deleted : C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\igckfjdcbkimejmjmpmebffdjjjgncfn
    File Deleted : C:\Users\Liza\AppData\Roaming\Mozilla\Firefox\Profiles\zlrbzbso.default\Extensions\firefoxmini@go.im.xpi
    File Deleted : C:\monitor.exe
    File Deleted : C:\monitorsvc.exe
    File Deleted : C:\Windows\system32\conduitEngine.tmp
    File Deleted : C:\Windows\system32\drivers\pcwatch.sys
    File Deleted : C:\Windows\system32\MyOSProtect.dll
    File Deleted : C:\Windows\system32\MyOSProtect.ini
    File Deleted : C:\Windows\system32\MyOSProtectOff.ini
    File Deleted : C:\Windows\system32\roboot.exe
    File Deleted : C:\Users\CARL\AppData\Roaming\aps.uninstall.scan.results
    File Deleted : C:\Users\CARL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BoostUpdater.lnk
    File Deleted : C:\Users\CARL\Desktop\Optimizer Pro.lnk
    File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
    File Deleted : C:\Users\Liza\AppData\Roaming\Mozilla\Firefox\Profiles\zlrbzbso.default\searchplugins\astromenda.xml
    File Deleted : C:\Users\Liza\AppData\Roaming\Mozilla\Firefox\Profiles\zlrbzbso.default\user.js
    File Deleted : C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
    File Deleted : C:\Users\Liza\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
    File Deleted : C:\Users\Liza\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
    File Deleted : C:\Users\Liza\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
    File Deleted : C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage
    File Deleted : C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal

    ***** [ Scheduled Tasks ] *****

    Task Deleted : APSnotifierPP1
    Task Deleted : APSnotifierPP2
    Task Deleted : ASP
    Task Deleted : Optimizer Pro Schedule
    Task Deleted : update-sys
    Task Deleted : WSE_Astromenda
    Task Deleted : update-S-1-5-21-201924879-2192290182-1421096681-1001

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ehhlaekjfiiojlddgndcnefflngfmhen
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbljechdpodpbchbmjcoamidppmpnmlc
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
    Key Deleted : HKCU\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
    Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [LookThisUp]
    Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCoordinator.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\FlashAnimator.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator.1
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI.1
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult.1
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier.1
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
    Key Deleted : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin
    Key Deleted : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin.1
    Key Deleted : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl
    Key Deleted : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
    Key Deleted : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl
    Key Deleted : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
    Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
    Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
    Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
    Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
    Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
    Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BandooUI_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BandooUI_RASMANCS
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
    Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
    Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_us_261]
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.FCTB000060231Pos
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.FCTB000060231Pos.1
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.IEToolbar
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.IEToolbar.1
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.JSOptionsImpl
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.JSOptionsImpl.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2418376
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DE6FC60-E023-4AD7-A3B7-591E1460E7F7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F78BF7A8-CF12-4DE7-A6DA-C463D1B539A7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60A4228B-CFB0-4567-92C7-3350E7FB7802}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8DE6FC60-E023-4AD7-A3B7-591E1460E7F7}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DE6FC60-E023-4AD7-A3B7-591E1460E7F7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DE6FC60-E023-4AD7-A3B7-591E1460E7F7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{60A4228B-CFB0-4567-92C7-3350E7FB7802}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A6A3854D-391E-4B71-BC0E-595179BEA09A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCE267F3-05DD-4258-8089-B668B9E80EDA}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681BD354-FF5B-48FC-8746-F6BBA2D104FE}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C80BDEB2-8735-44C6-BD55-A1CCD555667A}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9565115D-C7D6-46D3-BD63-B67B481A4368}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{9565115D-C7D6-46D3-BD63-B67B481A4368}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{9565115D-C7D6-46D3-BD63-B67B481A4368}]
    Key Deleted : HKCU\Software\AnyProtect
    Key Deleted : HKCU\Software\DataMngr
    Key Deleted : HKCU\Software\Iminent
    Key Deleted : HKCU\Software\InstallCore
    Key Deleted : HKCU\Software\Optimizer Pro
    Key Deleted : HKCU\Software\systweak
    Key Deleted : HKCU\Software\TutoTag
    Key Deleted : HKCU\Software\WebProtect
    Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
    Key Deleted : HKCU\Software\AppDataLow\Software\searchqutb
    Key Deleted : HKCU\Software\AppDataLow\Software\PageRage
    Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
    Key Deleted : HKLM\SOFTWARE\Bandoo
    Key Deleted : HKLM\SOFTWARE\Conduit
    Key Deleted : HKLM\SOFTWARE\conduitEngine
    Key Deleted : HKLM\SOFTWARE\DataMngr
    Key Deleted : HKLM\SOFTWARE\FreeSoftToday
    Key Deleted : HKLM\SOFTWARE\IMGUPDATER
    Key Deleted : HKLM\SOFTWARE\Iminent
    Key Deleted : HKLM\SOFTWARE\SearchProtect
    Key Deleted : HKLM\SOFTWARE\SkillBrains
    Key Deleted : HKLM\SOFTWARE\systweak
    Key Deleted : HKLM\SOFTWARE\Tarma Installer
    Key Deleted : HKLM\SOFTWARE\Tutorials
    Key Deleted : HKLM\SOFTWARE\Umbrella
    Key Deleted : HKLM\SOFTWARE\WebProtect
    Key Deleted : HKLM\SOFTWARE\PageRage
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Boost
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Music Toolbar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PageRage Toolbar
    Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\bandoo\bndhook.dll
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17280


    -\\ Mozilla Firefox v32.0.3 (x86 en-US)

    [ File : C:\Users\CARL\AppData\Roaming\Mozilla\Firefox\Profiles\f8su429z.default\prefs.js ]


    [ File : C:\Users\Liza\AppData\Roaming\Mozilla\Firefox\Profiles\zlrbzbso.default\prefs.js ]

    Line Deleted : user_pref("browser.startup.homepage", "hxxp://astromenda.com/?f=1&a=ast_cmi_14_39_ch&cd=2XzuyEtN2Y1L1QzutDyCtC0F0EtC0DzzyEyD0EtDyD0FtCyDtN0D0Tzu0SzyzyzztN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN[...]
    Line Deleted : user_pref("browser.search.selectedEngine", "Astromenda");
    Line Deleted : user_pref("iminent.enableToolbar", "false");
    Line Deleted : user_pref("iminent.BirthDate", "1411708466");
    Line Deleted : user_pref("iminent.searchindex", "1");
    Line Deleted : user_pref("iminent.newtabredirect", "true");
    Line Deleted : user_pref("iminent.enableToolbar", "true");
    Line Deleted : user_pref("iminent.nomsi", "true");

    -\\ Google Chrome v37.0.2062.120

    [ File : C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
    Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3330390&octid=EB_ORIGINAL_CTID&ISID=MA4BA5206-570F-4B0E-988D-F90041C05C8C&SearchSource=58&CUI=&UM=6&UP=SP50E22D59-FACB-4392-88F8-7443BF6BA82B&q={searchTerms}&SSPV=
    Deleted [Search Provider] : hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_cmi_14_39_ch&cd=2XzuyEtN2Y1L1QzutDyCtC0F0EtC0DzzyEyD0EtDyD0FtCyDtN0D0Tzu0SzyzyzztN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEyEyDzyyBtAtCtCtGyEtAyDtCtG0CyCtD0EtGyEyDyE0EtGyCyD0EtC0AyEyByByB0B0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyEyDzy0F0FtAtAtG0AtDtB0EtGyEtD0BtCtG0ByCzyzytGzyzz0DzzyC0AzytDyBtAzztA2Q&cr=208983757&ir=

    [ File : C:\Users\Liza\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
    Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

    *************************

    AdwCleaner[R0].txt - [28288 octets] - [27/09/2014 06:38:31]
    AdwCleaner[S0].txt - [28532 octets] - [27/09/2014 06:40:50]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28593 octets] ##########


      Advertisements

    Register to Remove


    #11 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 27 September 2014 - 06:02 AM

    Great, just so you know I will be offline for the next few hours, should be back by noon or so



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #12 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 27 September 2014 - 06:08 AM

    Sorry just saw your note on desktop.  it saved automatically to download.  I will save as to desktop from here on.

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.2.3 (09.27.2014:1)
    OS: Windows 7 Home Premium x86
    Ran by CARL on Sat 09/27/2014 at  5:00:52.44
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     


    ~~~ Services

     

    ~~~ Registry Values

     

    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e8cd3ea-a4d1-48f5-9fae-c8fe18e94ee6}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7e8cd3ea-a4d1-48f5-9fae-c8fe18e94ee6}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7e8cd3ea-a4d1-48f5-9fae-c8fe18e94ee6}

    ~~~ Files

    ~~~ Folders

    ~~~ Chrome

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
    Successfully deleted: [Folder] C:\Users\CARL\appdata\local\Google\Chrome\User Data\Default\Extensions\ehhlaekjfiiojlddgndcnefflngfmhen

     

    ~~~ Event Viewer Logs were cleared

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sat 09/27/2014 at  5:05:53.44
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    #13 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 27 September 2014 - 07:10 AM

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.2.3 (09.27.2014:1)
    OS: Windows 7 Home Premium x86
    Ran by CARL on Sat 09/27/2014 at  5:00:52.44
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     


    ~~~ Services

     

    ~~~ Registry Values

     

    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e8cd3ea-a4d1-48f5-9fae-c8fe18e94ee6}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7e8cd3ea-a4d1-48f5-9fae-c8fe18e94ee6}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7e8cd3ea-a4d1-48f5-9fae-c8fe18e94ee6}

    ~~~ Files

    ~~~ Folders

    ~~~ Chrome

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
    Successfully deleted: [Folder] C:\Users\CARL\appdata\local\Google\Chrome\User Data\Default\Extensions\ehhlaekjfiiojlddgndcnefflngfmhen

     

    ~~~ Event Viewer Logs were cleared

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sat 09/27/2014 at  5:05:53.44
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    #14 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 27 September 2014 - 07:16 AM

    Good Morning,

     

    I ran Malwarebytes, copied to clipboard and it will not let me paste to reply. 



    #15 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 27 September 2014 - 08:12 AM

    You should be able to copy and paste that report, you just start a new reply then then just right click with your mouse and select paste

     

    Maybe somewhere along the line you lost the log, do this

     

    1. Open up Malwarebytes 
    2. Go to the History Tab
    3. Click on Application Logs
    4. Click on the last Scan Log you just ran
    5. Click on View
    6. Then on the Bottom click on Copy to Clipboard
    7. Then paste it into this thread
     
     
    If it still dont work then do the same as above  this time export it to your desktop and then attach it


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    Related Topics



    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users