# Hacker Problem Possible



## lavenderchef45 (Jul 24, 2013)

Tech Support Guy System Info Utility version 1.0.0.2 OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit Processor: AMD E-350 Processor, AMD64 Family 20 Model 1 Stepping 0 Processor Count: 2 RAM: 2662 Mb Graphics Card: AMD Radeon HD 6310 Graphics, 384 Mb Hard Drives: C: Total - 292136 MB, Free - 254443 MB; Motherboard: TOSHIBA, Portable PC Antivirus: avast! Internet Security, Updated and Enabled I believe I have a hacker. The indications of this are: mouse literally jumping to top of screen, trying to close or closing my web page. Writing something using Open Office & receiving spam mail about the exact thing I wrote less than a day later. Screen freezes at odd times, webpages drop to task bar or resize when I am not touching keyboard or mouse. At times there is no problem. Then it starts & I have difficulty using my mouse at all. I have switched mice, checked mouse drivers also. There is no problem with mouse. I keep windows updates auto, use malware bytes, keyscrambler & CCleaner. I Use WOT and do not view dangerous websites.Nor do I fill out forms randomly with my email info. Any help would be appreciated.


----------



## eddie5659 (Mar 19, 2001)

Hiya and welcome to Tech Support Guy 

Are you still having this problem? If so, can you do the following:

Download *Security Check* from *here*.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called *checkup.txt*; please post the contents of that document.

----

Download *OTL* to your Desktop


Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath *Output* at the top change it to *Standard Output*.
Select 
*All Users*
*LOP Check*
*Purity Check*
Under the *Standard Registry* box change it to *All*

Please copy the text in the code box below and paste it in the *Custom Scans/Fixes* box in OTL:


```
netsvcs
activex
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%windir%\Installer\*.*
%windir%\system32\tasks\*.*
%windir%\system32\tasks\*.* /64
%systemroot%\Fonts\*.exe
%systemroot%\*. /mp /s
/md5start
consrv.dll
explorer.exe
winlogon.exe
regedit.exe
Userinit.exe
svchost.exe
services.exe
user32.dll
ATAPI.SYS
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%Temp%\smtmp\* \s
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
dir "%systemdrive%\*" /S /A:L /C
CREATERESTOREPOINT
```

Click the *Run Scan* button. Do not change any settings unless otherwise told to do so. The scan wont take long.
A black box will appear, this is part of the custom scan, so don't be alarmed 
*IF OTL SAYS 'NOT RESPONDING' DON'T USE THE MOUSE. IT WILL CARRY ON SCANNING AFTER A FEW MINUTES*

When the scan completes, it will open two notepad windows. *OTL.Txt* and *Extras.Txt*. These are saved in the same location as OTL.

Please copy *(Edit->Select All, Edit->Copy)* the contents of these files, one at a time and post them in your topic


eddie


----------



## lavenderchef45 (Jul 24, 2013)

Results of screen317's Security Check version 0.99.71

Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
*``````````````Antivirus/Firewall Check:``````````````*
Windows Firewall Enabled!
avast! Internet Security Antivirus up to date!
*`````````Anti-malware/Other Utilities Check:`````````*
Malwarebytes Anti-Malware version 1.75.0.1300
TuneUp Utilities 2013
TuneUp Utilities Language Pack (en-US)
TuneUp Utilities 2013
Adobe Flash Player 11.8.800.94
Mozilla Firefox (22.0)
*````````Process Check: objlist.exe by Laurent````````*
AVAST Software Avast AvastSvc.exe
AVAST Software Avast afwServ.exe
AVAST Software Avast AvastUI.exe
*`````````````````System Health check`````````````````*
Total Fragmentation on Drive C: 4% *
````````````````````End of Log``````````````````````*


----------



## lavenderchef45 (Jul 24, 2013)

OTL logfile created on: 8/1/2013 11:45:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lisa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.60 Gb Total Physical Memory | 0.92 Gb Available Physical Memory | 35.27% Memory free
5.20 Gb Paging File | 3.50 Gb Available in Paging File | 67.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.29 Gb Total Space | 251.24 Gb Free Space | 88.06% Space Free | Partition Type: NTFS

Computer Name: LISA-PC | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/01 21:34:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
PRC - [2013/07/14 00:25:10 | 000,508,048 | ---- | M] (QFX Software Corporation) -- C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe 
PRC - [2013/07/09 11:01:18 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe 
PRC - [2013/07/06 11:09:49 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe 
PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe 
PRC - [2013/05/09 04:58:27 | 000,137,960 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe 
PRC - [2013/01/01 02:09:37 | 002,712,200 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Lisa\Desktop\procexp.exe 
PRC - [2012/04/19 08:50:16 | 000,103,936 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
PRC - [2012/04/19 08:50:10 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe 
PRC - [2012/04/19 08:50:10 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

========== Modules (No Company Name) ==========

MOD - [2013/07/09 11:01:18 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013/07/06 11:09:49 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 
MOD - [2012/04/13 12:04:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 
MOD - [2012/04/13 12:00:04 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll

========== Services (SafeList) ==========

SRV:*64bit:* - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) 
SRV:*64bit:* - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) 
SRV:*64bit:* - [2013/05/09 04:58:27 | 000,137,960 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall) 
SRV:*64bit:* - [2013/01/31 10:35:48 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) 
SRV:*64bit:* - [2011/02/10 15:52:04 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) 
SRV:*64bit:* - [2010/10/20 17:41:50 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) 
SRV:*64bit:* - [2010/09/28 15:30:28 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) 
SRV:*64bit:* - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert

Service) 
SRV - [2013/05/21 02:17:01 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) 
SRV - [2013/01/31 10:35:52 | 002,402,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) 
SRV - [2013/01/31 10:35:48 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) 
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) 
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) 
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:*64bit:* - [2013/07/12 00:10:11 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers
\aswVmm.sys -- (aswVmm) 
DRV:*64bit:* - [2013/07/12 00:10:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx) 
DRV:*64bit:* - [2013/07/12 00:10:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP) 
DRV:*64bit:* - [2013/05/31 10:53:12 | 000,222,200 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler) 
DRV:*64bit:* - [2013/05/09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) 
DRV:*64bit:* - [2013/05/09 04:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) 
DRV:*64bit:* - [2013/05/09 04:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi) 
DRV:*64bit:* - [2013/05/09 04:59:06 | 000,270,824 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2) 
DRV:*64bit:* - [2013/05/09 04:59:06 | 000,131,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW) 
DRV:*64bit:* - [2013/05/09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) 
DRV:*64bit:* - [2013/05/09 04:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) 
DRV:*64bit:* - [2013/05/09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswKbd.sys -- (aswKbd) 
DRV:*64bit:* - [2013/03/13 14:01:59 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis) 
DRV:*64bit:* - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) 
DRV:*64bit:* - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) 
DRV:*64bit:* - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) 
DRV:*64bit:* - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) 
DRV:*64bit:* - [2011/04/20 09:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) 
DRV:*64bit:* - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) 
DRV:*64bit:* - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) 
DRV:*64bit:* - [2011/02/14 15:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) 
DRV:*64bit:* - [2011/02/10 16:22:00 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) 
DRV:*64bit:* - [2011/02/10 15:15:08 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) 
DRV:*64bit:* - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect) 
DRV:*64bit:* - [2011/01/05 04:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce) 
DRV:*64bit:* - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) 
DRV:*64bit:* - [2010/11/11 15:58:54 | 000,137,512 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) 
DRV:*64bit:* - [2010/11/05 10:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) 
DRV:*64bit:* - [2010/11/05 10:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) 
DRV:*64bit:* - [2010/10/08 14:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) 
DRV:*64bit:* - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst) 
DRV:*64bit:* - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) 
DRV:*64bit:* - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) 
DRV:*64bit:* - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) 
DRV:*64bit:* - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) 
DRV:*64bit:* - [2009/07/07 12:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk) 
DRV:*64bit:* - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) 
DRV:*64bit:* - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) 
DRV:*64bit:* - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) 
DRV:*64bit:* - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) 
DRV - [2013/07/10 13:16:22 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64) 
DRV - [2012/11/16 16:38:44 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) 
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] 
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons 
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm 
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk 
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm 
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm 
IE:*64bit:* - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} 
IE:*64bit:* - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie=

{inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ 
IE:*64bit:* - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank 
IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} 
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe=

{outputEncoding}&rlz=1I7TSNJ

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) 
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) 
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch 
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank 
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) 
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\SearchScopes,DefaultScope = {DA0CC9A4-539D-40F4-90F7-B565B9B4C6B1} 
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:

{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ 
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\SearchScopes\{DA0CC9A4-539D-40F4-90F7-B565B9B4C6B1}: "URL" = http://www.bing.com/search?FORM=U039DF&PC=U039&dt=070613&q={searchTerms}&src=IE-

SearchBox 
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\SearchScopes\C5879625A899472F8231C4DAF8D55DC1: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:

{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ_enUS529 
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing " 
FF - prefs.js..browser.search.order.3: "Bing " 
FF - prefs.js..browser.search.update: false 
FF - prefs.js..browser.search.useDBForOrder: true 
FF - prefs.js..browser.startup.homepage: "about:home" 
FF - prefs.js..extensions.enabledAddons: https-facebook%40niyaz.pk:0.4 
FF - prefs.js..extensions.enabledAddons: %7B3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d%7D:2.0 
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515 
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489 
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.9 
FF - prefs.js..extensions.enabledAddons: html5notifications%40paxal.net:1.2.2 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=U039DF&PC=U039&dt=070613&q=" 
FF - user.js - File not found

FF:*64bit:* - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found 
FF:*64bit:* - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF

[2013/07/11 23:29:01 | 000,000,000 | ---D | M] [2013/07/06 10:52:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions 
[2013/07/06 10:52:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} 
[2013/08/01 10:24:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions 
[2013/05/17 22:59:14 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} 
[2013/08/01 10:24:35 | 000,048,446 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected] 
[2013/04/21 21:26:35 | 000,005,831 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected] 
[2013/07/06 01:18:46 | 000,175,050 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected] 
[2013/05/27 00:21:21 | 000,085,966 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}.xpi 
[2013/04/21 21:35:56 | 000,049,690 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}.xpi 
[2013/07/23 15:44:02 | 000,534,063 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi 
[2013/07/31 13:27:55 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 
[2013/07/30 14:21:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions 
[2013/07/06 11:09:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions 
[2013/07/06 11:09:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} 
[2013/07/11 23:29:01 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

O1 HOSTS File: ([2013/07/25 11:26:57 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts 
O1 - Hosts: 127.0.0.1 localhost 
O2:*64bit:* - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) 
O2:*64bit:* - BHO: (avast! Ad Blocker) - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll (AVAST Software) 
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) 
O2 - BHO: (avast! Ad Blocker) - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software) 
O3:*64bit:* - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) 
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) 
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. 
O4:*64bit:* - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) 
O4:*64bit:* - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.) 
O4:*64bit:* - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) 
O4:*64bit:* - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) 
O4:*64bit:* - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) 
O4:*64bit:* - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation) 
O4:*64bit:* - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) 
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) 
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe (QFX Software Corporation) 
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) 
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) 
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) 
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurretVersion\policies\System: ConsentPromptBehaviorUser = 3 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present 
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present 
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present 
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present 
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present 
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present 
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present 
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present 
O7 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present 
O7 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present 
O7 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 
O10:*64bit:* - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation) 
O10:*64bit:* - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation) 
O10:*64bit:* - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) 
O10:*64bit:* - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) 
O10:*64bit:* - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) 
O10:*64bit:* - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation) 
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) 
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) 
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) 
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) 
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) 
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) 
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) 
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) 
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) 
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) 
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation) 
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation) 
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) 
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) 
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) 
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation) 
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) 
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) 
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) 
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) 
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) 
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) 
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) 
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) 
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) 
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) 
O13 - gopher Prefix: missing 
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll (PCPitstop AntiVirus) 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 204.111.1.195 204.111.1.194 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F2D4926-9457-4FB2-8668-A29BDBCB3F5D}: DhcpNameServer = 204.111.1.195 204.111.1.194 
O18:*64bit:* - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) 
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) 
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) 
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) 
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) 
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) 
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) 
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) 
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) 
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) 
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) 
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) 
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) 
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) 
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) 
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) 
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) 
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation) 
O18:*64bit:* - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation) 
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation) 
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation) 
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation) 
O20:*64bit:* - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) 
O20:*64bit:* - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) 
O20:*64bit:* - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) 
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) 
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) 
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) 
O21:*64bit:* - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O27:*64bit:* - HKLM IFEO\hwsetup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27:*64bit:* - HKLM IFEO\install.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27:*64bit:* - HKLM IFEO\knfb.reader.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27:*64bit:* - HKLM IFEO\mediacontroller.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27:*64bit:* - HKLM IFEO\pcdiag.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27:*64bit:* - HKLM IFEO\smoothview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27:*64bit:* - HKLM IFEO\tacsprop.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27:*64bit:* - HKLM IFEO\tfcconf.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27:*64bit:* - HKLM IFEO\tfcrst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27:*64bit:* - HKLM IFEO\tintouch.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27:*64bit:* - HKLM IFEO\toshibaservicestation.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27:*64bit:* - HKLM IFEO\trmclcher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27 - HKLM IFEO\hwsetup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27 - HKLM IFEO\install.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27 - HKLM IFEO\knfb.reader.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27 - HKLM IFEO\mediacontroller.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27 - HKLM IFEO\pcdiag.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27 - HKLM IFEO\smoothview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27 - HKLM IFEO\tacsprop.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27 - HKLM IFEO\tfcconf.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27 - HKLM IFEO\tfcrst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27 - HKLM IFEO\tintouch.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27 - HKLM IFEO\toshibaservicestation.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O27 - HKLM IFEO\trmclcher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) 
O29:*64bit:* - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation) 
O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation) 
O30:*64bit:* - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation) 
O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation) 
O30:*64bit:* - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation) 
O30:*64bit:* - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation) 
O30:*64bit:* - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation) 
O30:*64bit:* - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation) 
O30:*64bit:* - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation) 
O30:*64bit:* - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation) 
O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation) 
O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation) 
O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation) 
O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation) 
O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation) 
O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation) 
O31 - SafeBoot: AlternateShell - cmd.exe 
O32 - HKLM CDRom: AutoRun - 1 
O34 - HKLM BootExecute: (autocheck autochk *) 
O35:*64bit:* - HKLM\..comfile [open] -- "%1" %* 
O35:*64bit:* - HKLM\..exefile [open] -- "%1" %* 
O35 - HKLM\..comfile [open] -- "%1" %* 
O35 - HKLM\..exefile [open] -- "%1" %* 
O37:*64bit:* - HKLM\...com [@ = comfile] -- "%1" %* 
O37:*64bit:* - HKLM\...exe [@ = exefile] -- "%1" %* 
O37 - HKLM\...com [@ = comfile] -- "%1" %* 
O37 - HKLM\...exe [@ = exefile] -- "%1" %* 
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) 
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) 
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:*64bit:* UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) 
ActiveX:*64bit:* {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 
ActiveX:*64bit:* {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll 
ActiveX:*64bit:* {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack 
ActiveX:*64bit:* {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE 
ActiveX:*64bit:* {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx 
ActiveX:*64bit:* {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help 
ActiveX:*64bit:* {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 
ActiveX:*64bit:* {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools 
ActiveX:*64bit:* {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements 
ActiveX:*64bit:* {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player 
ActiveX:*64bit:* {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access 
ActiveX:*64bit:* {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 
ActiveX:*64bit:* {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll 
ActiveX:*64bit:* {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\windows\System32\ie4uinit.exe -UserConfig 
ActiveX:*64bit:* {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install 
ActiveX:*64bit:* {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding 
ActiveX:*64bit:* {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts 
ActiveX:*64bit:* {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help 
ActiveX:*64bit:* {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface 
ActiveX:*64bit:* {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework 
ActiveX:*64bit:* {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework 
ActiveX:*64bit:* >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP 
ActiveX:*64bit:* >{D38C90BD-8360-4405-8158-4FB592093488} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll 
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack 
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx 
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help 
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools 
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements 
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player 
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access 
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework 
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll 
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - 
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install 
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts 
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help 
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface 
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework 
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

MsConfig:64bit - StartUpReg: *ETDCtrl* - hkey= - key= - C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) 
MsConfig:64bit - StartUpReg: *rfagent* - hkey= - key= - C:\Program Files\RFA 9\rfagent64.exe (KsL Software) 
MsConfig:64bit - StartUpReg: *SmartFaceVWatcher* - hkey= - key= - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation) 
MsConfig:64bit - StartUpReg: *StartCCC* - hkey= - key= - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) 
MsConfig:64bit - StartUpReg: *TosReelTimeMonitor* - hkey= - key= - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation) 
MsConfig:64bit - State: "services" - Reg Error: Key error. 
MsConfig:64bit - State: "startup" - Reg Error: Key error.

CREATERESTOREPOINT Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/08/01 21:34:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe 
[2013/08/01 10:22:22 | 001,493,872 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Lisa\Desktop\procexp64.exe 
[2013/07/31 01:49:40 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\How to disable Java in IE, Firefox, Chrome, and Safari _ How To - CNET_files 
[2013/07/31 01:48:55 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Use the Java plugin to view interactive content on websites _ Firefox Help_files 
[2013/07/26 19:54:08 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT 
[2013/07/26 13:37:52 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Toparcadehits Popup How to Fix Toparcade Hits Redirect Issue - Remove Malware - Zimbio_files 
[2013/07/26 13:18:12 | 002,828,552 | ---- | C] (AVAST Software) -- C:\Users\Lisa\Desktop\avast-browser-cleanup.exe 
[2013/07/25 22:18:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com 
[2013/07/25 21:57:45 | 000,029,984 | ---- | C] (TuneUp Software) -- C:\windows\SysWow64\uxtuneup.dll 
[2013/07/25 21:57:44 | 000,037,664 | ---- | C] (TuneUp Software) -- C:\windows\SysNative\uxtuneup.dll 
[2013/07/25 21:41:44 | 000,035,104 | ---- | C] (TuneUp Software) -- C:\windows\SysNative\TURegOpt.exe 
[2013/07/25 21:41:40 | 000,026,400 | ---- | C] (TuneUp Software) -- C:\windows\SysNative\authuitu.dll 
[2013/07/25 21:41:38 | 000,021,792 | ---- | C] (TuneUp Software) -- C:\windows\SysWow64\authuitu.dll 
[2013/07/25 21:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 
[2013/07/25 21:41:07 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\TuneUp Software 
[2013/07/25 21:40:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013 
[2013/07/25 21:40:03 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software 
[2013/07/25 21:39:49 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 
[2013/07/25 21:39:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files 
[2013/07/25 21:19:33 | 028,529,504 | ---- | C] (TuneUp Software) -- C:\Users\Lisa\Desktop\TuneUpUtilities2013_en-US.exe 
[2013/07/25 21:07:42 | 00,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Cook Jobs & Employment in Winchester, VA _ Americasjobexchange.com_files 
[2013/07/25 11:31:39 | 000,000,000 | ---D | C] -- C:\windows\temp 
[2013/07/24 17:29:51 | 000,509,440 | ---- | C] (Tech Support Guy System) -- C:\Users\Lisa\Desktop\SysInfo.exe 
[2013/07/24 11:00:02 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\How to Remove Malware_files 
[2013/07/22 14:31:43 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\World Polyamory Association HarbinPolyCon2012Gp_files 
[2013/07/22 14:31:16 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Polyamorous Relationships _ Polyamorous Dating_files 
[2013/07/22 14:31:05 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Polyamorous Relationship _ Find Polyamorous Personals_files 
[2013/07/19 20:31:14 | 000,000,000 | ---D | C] -- C:\ProgramData\PCPitstop 
[2013/07/19 20:30:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCPitstop 
[2013/07/19 19:16:57 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN 
[2013/07/18 15:45:55 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Throx_Market_Station_Schedule_WE_04-21-13_files 
[2013/07/18 15:19:28 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\New folder 
[2013/07/18 15:18:56 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Malwarebytes 
[2013/07/18 15:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware 
[2013/07/18 15:18:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes 
[2013/07/18 15:18:27 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys 
[2013/07/18 15:18:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware 
[2013/07/18 10:07:50 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software 
[2013/07/17 14:32:59 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Alpha Recovery Corp_files 
[2013/07/17 12:11:42 | 000,222,200 | ---- | C] (QFX Software Corporation) -- C:\windows\SysNative\drivers\keyscrambler.sys 
[2013/07/17 12:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2013/07/17 12:11:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyScrambler 
[2013/07/16 19:35:40 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\servsafe practice test - Yahoo! Search Results_files 
[2013/07/15 00:32:34 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Dog Coughing Types, Treatments, and Causes_files 
[2013/07/12 18:00:45 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Distance calculator_files 
[2013/07/11 23:56:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVAST Software 
[2013/07/11 23:30:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security 
[2013/07/11 23:30:02 | 000,378,944 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys 
[2013/07/11 23:30:02 | 000,033,400 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys 
[2013/07/11 23:29:35 | 000,270,824 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswNdis2.sys 
[2013/07/11 23:29:35 | 000,131,232 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFW.sys 
[2013/07/11 23:29:34 | 000,072,016 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys 
[2013/07/11 23:29:34 | 000,064,288 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys 
[2013/07/11 23:29:33 | 001,030,952 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys 
[2013/07/11 23:29:33 | 000,022,600 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswKbd.sys 
[2013/07/11 23:29:31 | 000,080,816 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys 
[2013/07/11 23:29:09 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\windows\SysNative\drivers\aswNdis.sys 
[2013/07/11 23:28:36 | 000,041,664 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr 
[2013/07/11 23:28:05 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software 
[2013/07/11 23:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software 
[2013/07/11 21:30:09 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll 
[2013/07/11 21:30:08 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll 
[2013/07/11 21:30:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/07/11 21:30:07 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll 
[2013/07/11 21:30:06 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll 
[2013/07/11 21:30:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll 
[2013/07/11 21:30:06 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe 
[2013/07/11 21:30:06 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe 
[2013/07/11 21:30:06 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe 
[2013/07/11 21:30:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll 
[2013/07/11 21:30:06 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll 
[2013/07/11 21:30:03 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll 
[2013/07/11 21:30:03 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll 
[2013/07/11 21:30:03 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll 
[2013/07/11 21:30:01 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll 
[2013/07/11 01:43:36 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll 
[2013/07/11 01:43:36 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll 
[2013/07/11 01:43:35 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL 
[2013/07/11 01:43:35 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL 
[2013/07/11 01:32:47 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll 
[2013/07/10 13:16:22 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\windows\SysWow64\drivers\DrvAgent64.SYS 
[2013/07/10 13:16:22 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\eSupport.com 
[2013/07/10 12:45:44 | 000,000,000 | ---D | C] -- C:\ProgramData\APN 
[2013/07/09 11:01:18 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe 
[2013/07/09 11:01:18 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 
[2013/07/06 11:09:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox 
[2013/07/06 10:56:31 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Little_Apps 
[2013/07/06 10:53:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Little Registry Cleaner 
[3 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/01 21:36:18 | 000,014,001 | ---- | M] () -- C:\Users\Lisa\Desktop\References.odt 
[2013/08/01 21:34:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe 
[2013/08/01 21:34:05 | 000,891,098 | ---- | M] () -- C:\Users\Lisa\Desktop\SecurityCheck.exe 
[2013/08/01 20:30:49 | 000,032,757 | ---- | M] () -- C:\Users\Lisa\Desktop\cap1[1].odt 
[2013/08/01 19:56:35 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat 
[2013/08/01 10:25:54 | 000,024,400 | ---- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 
[2013/08/01 10:25:54 | 000,024,400 | ---- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 
[2013/08/01 10:22:24 | 001,493,872 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Lisa\Desktop\procexp64.exe 
[2013/08/01 10:20:36 | 2094,161,920 | -HS- | M] () -- C:\hiberfil.sys 
[2013/07/31 01:49:50 | 000,086,646 | ---- | M] () -- C:\Users\Lisa\Desktop\How to disable Java in IE, Firefox, Chrome, and Safari _ How To - CNET.htm 
[2013/07/31 01:49:05 | 000,038,558 | ---- | M] () -- C:\Users\Lisa\Desktop\Use the Java plugin to view interactive content on websites _ Firefox Help.htm 
[2013/07/31 00:43:24 | 000,010,888 | ---- | M] () -- C:\Users\Lisa\Desktop\HACCP.odt 
[2013/07/29 12:18:06 | 000,026,695 | ---- | M] () -- C:\Users\Lisa\Desktop\resume 2013.odt 
[2013/07/28 09:39:11 | 000,012,794 | ---- | M] () -- C:\Users\Lisa\Desktop\American Pride Traditional Stone Worx.odt 
[2013/07/26 19:50:37 | 000,740,374 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI 
[2013/07/26 19:50:37 | 000,624,178 | ---- | M] () -- C:\windows\SysNative\perfh009.dat 
[2013/07/26 19:50:37 | 000,106,522 | ---- | M] () -- C:\windows\SysNative\perfc009.dat 
[2013/07/26 13:37:55 | 000,040,142 | ---- | M] () -- C:\Users\Lisa\Desktop\Toparcadehits Popup How to Fix Toparcade Hits Redirect Issue - Remove Malware - Zimbio.htm 
[2013/07/26 13:35:12 | 000,000,000 | ---- | M] () -- C:\windows\ToDisc.INI 
[2013/07/26 13:18:47 | 002,828,552 | ---- | M] (AVAST Software) -- C:\Users\Lisa\Desktop\avast-browser-cleanup.exe 
[2013/07/26 12:58:32 | 000,294,032 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT 
[2013/07/26 11:52:47 | 000,000,020 | ---- | M] () -- C:\windows\Èú¡ 
[2013/07/25 21:41:31 | 000,002,220 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk 
[2013/07/25 21:41:31 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk 
[2013/07/25 21:30:33 | 028,529,504 | ---- | M] (TuneUp Software) -- C:\Users\Lisa\Desktop\TuneUpUtilities2013_en-US.exe 
[2013/07/25 21:07:56 | 000,091,976 | ---- | M] () -- C:\Users\Lisa\Desktop\Cook Jobs & Employment in Winchester, VA _ Americasjobexchange.com.htm 
[2013/07/25 12:10:14 | 005,373,340 | ---- | M] () -- C:\Users\Lisa\Desktop\tweaking.com_windows_repair_aio_setup.exe 
[2013/07/25 11:29:07 | 000,181,064 | ---- | M] (Sysinternals) -- C:\windows\PSEXESVC.EXE 
[2013/07/25 11:26:57 | 000,000,855 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts 
[2013/07/24 17:29:52 | 000,509,440 | ---- | M] (Tech Support Guy System) -- C:\Users\Lisa\Desktop\SysInfo.exe 
[2013/07/24 11:00:12 | 000,049,746 | ---- | M] () -- C:\Users\Lisa\Desktop\How to Remove Malware.htm 
[2013/07/22 14:32:11 | 000,060,590 | ---- | M] () -- C:\Users\Lisa\Desktop\World Polyamory Association HarbinPolyCon2012Gp.htm 
[2013/07/22 14:31:18 | 000,027,324 | ---- | M] () -- C:\Users\Lisa\Desktop\Polyamorous Relationships _ Polyamorous Dating.htm 
[2013/07/22 14:31:16 | 000,032,852 | ---- | M] () -- C:\Users\Lisa\Desktop\Polyamorous Relationship _ Find Polyamorous Personals.htm 
[2013/07/22 04:09:57 | 000,029,786 | ---- | M] () -- C:\Users\Lisa\Desktop\7.19 thru 8.01 sched.png 
[2013/07/21 15:09:49 | 000,080,143 | ---- | M] () -- C:\Users\Lisa\Desktop\RECURRING_CREDIT_CARD_NOTIFICATION.pdf 
[2013/07/18 14:15:32 | 000,001,761 | ---- | M] () -- C:\Users\Lisa\Desktop\Old Desktop.lnk 
[2013/07/17 21:31:50 | 000,001,418 | ---- | M] () -- C:\Users\Lisa\Desktop\attorneys.gif 
[2013/07/17 14:33:01 | 000,014,883 | ---- | M] () -- C:\Users\Lisa\Desktop\Alpha Recovery Corp.htm 
[2013/07/16 19:35:43 | 000,109,689 | ---- | M] () -- C:\Users\Lisa\Desktop\servsafe practice test - Yahoo! Search Results.htm 
[2013/07/15 00:32:46 | 000,137,611 | ---- | M] () -- C:\Users\Lisa\Desktop\Dog Coughing Types, Treatments, and Causes.htm 
[2013/07/13 01:13:26 | 000,010,653 | ---- | M] () -- C:\Users\Lisa\Desktop\Alpha.odt 
[2013/07/12 18:00:48 | 000,015,073 | ---- | M] () -- C:\Users\Lisa\Desktop\Distance calculator.htm 
[2013/07/12 00:10:11 | 000,189,936 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys 
[2013/07/12 00:10:11 | 000,000,175 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys.sum 
[2013/07/12 00:10:11 | 000,000,175 | ---- | M] () -- C:\windows\SysNative\drivers\aswS.sys.sum 
[2013/07/12 00:10:10 | 001,030,952 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys 
[2013/07/12 00:10:10 | 000,378,944 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys 
[2013/07/12 00:10:10 | 000,000,175 | ---- | M] () -- C:\windows\SysNative\drivers\aswSnx.sys.sum 
[2013/07/11 23:29:31 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt 
[2013/07/10 13:16:22 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\windows\SysWow64\drivers\DrvAgent64.SYS 
[2013/07/09 11:01:18 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe 
[2013/07/09 11:01:18 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[3 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/01 21:33:07 | 000,891,098 | ---- | C] () -- C:\Users\Lisa\Desktop\SecurityCheck.exe 
[2013/08/01 13:35:49 | 000,014,001 | ---- | C] () -- C:\Users\Lisa\Desktop\References.odt 
[2013/07/31 01:49:39 | 000,086,646 | ---- | C] () -- C:\Users\Lisa\Desktop\How to disable Java in IE, Firefox, Chrome, and Safari _ How To - CNET.htm 
[2013/07/31 01:48:54 | 000,038,558 | ---- | C] () -- C:\Users\Lisa\Desktop\Use the Java plugin to view interactive content on websites _ Firefox Help.htm 
[2013/07/31 00:43:23 | 000,010,888 | ---- | C] () -- C:\Users\Lisa\Desktop\HACCP.odt 
[2013/07/28 09:39:09 | 000,012,794 | ---- | C] () -- C:\Users\Lisa\Desktop\American Pride Traditional Stone Worx.odt 
[2013/07/27 10:58:16 | 000,026,695 | ---- | C] () -- C:\Users\Lisa\Desktop\resume 2013.odt 
[2013/07/26 13:37:51 | 000,040,142 | ---- | C] () -- C:\Users\Lisa\Desktop\Toparcadehits Popup How to Fix Toparcade Hits Redirect Issue - Remove Malware - Zimbio.htm 
[2013/07/26 13:35:12 | 000,000,000 | ---- | C] () -- C:\windows\ToDisc.INI 
[2013/07/26 12:58:27 | 000,294,032 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT 
[2013/07/26 11:52:46 | 000,000,020 | ---- | C] () -- C:\windows\Èú¡ 
[2013/07/25 21:41:31 | 000,002,220 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk 
[2013/07/25 21:41:31 | 000,002,194 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk 
[2013/07/25 21:41:30 | 000,002,206 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk 
[2013/07/25 21:07:41 | 000,091,976 | ---- | C] () -- C:\Users\Lisa\Desktop\Cook Jobs & Employment in Winchester, VA _ Americasjobexchange.com.htm 
[2013/07/25 12:09:20 | 005,373,340 | ---- | C] () -- C:\Users\Lisa\Desktop\tweaking.com_windows_repair_aio_setup.exe 
[2013/07/24 11:00:01 | 000,049,746 | ---- | C] () -- C:\Users\Lisa\Desktop\How to Remove Malware.htm 
[2013/07/22 14:32:10 | 000,060,590 | ---- | C] () -- C:\Users\Lisa\Desktop\World Polyamory Association HarbinPolyCon2012Gp.htm 
[2013/07/22 14:31:16 | 000,027,324 | ---- | C] () -- C:\Users\Lisa\Desktop\Polyamorous Relationships _ Polyamorous Dating.htm 
[2013/07/22 14:31:04 | 000,032,852 | ---- | C] () -- C:\Users\Lisa\Desktop\Polyamorous Relationship _ Find Polyamorous Personals.htm 
[2013/07/22 04:09:55 | 000,029,786 | ---- | C] () -- C:\Users\Lisa\Desktop\7.19 thru 8.01 sched.png 
[2013/07/21 15:09:47 | 000,080,143 | ---- | C] () -- C:\Users\Lisa\Desktop\RECURRING_CREDIT_CARD_NOTIFICATION.pdf 
[2013/07/18 14:15:29 | 000,001,761 | ---- | C] () -- C:\Users\Lisa\Desktop\Old Desktop.lnk 
[2013/07/17 21:31:48 | 000,001,418 | ---- | C] () -- C:\Users\Lisa\Desktop\attorneys.gif 
[2013/07/17 14:32:58 | 000,014,883 | ---- | C] () -- C:\Users\Lisa\Desktop\Alpha Recovery Corp.htm 
[2013/07/16 19:35:39 | 000,109,689 | ---- | C] () -- C:\Users\Lisa\Desktop\servsafe practice test - Yahoo! Search Results.htm 
[2013/07/15 00:32:33 | 000,137,611 | ---- | C] () -- C:\Users\Lisa\Desktop\Dog Coughing Types, Treatments, and Causes.htm 
[2013/07/13 01:13:25 | 000,010,653 | ---- | C] () -- C:\Users\Lisa\Desktop\Alpha.odt 
[2013/07/12 18:00:44 | 000,015,073 | ---- | C] () -- C:\Users\Lisa\Desktop\Distance calculator.htm 
[2013/07/12 00:10:11 | 000,000,175 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys.sum 
[2013/07/12 00:10:11 | 000,000,175 | ---- | C] () -- C:\windows\SysNative\drivers\aswSP.sys.sum 
[2013/07/12 00:10:11 | 000,000,175 | ---- | C] () -- C:\windows\SysNative\drivers\aswSnx.sys.sum 
[2013/07/11 23:29:32 | 000,189,936 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys 
[2013/07/11 23:29:32 | 000,065,336 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2013/06/28 14:03:12 | 000,000,017 | ---- | C] () -- C:\Users\Lisa\AppData\Local\resmon.resmoncfg 
[2013/06/28 12:55:24 | 000,000,207 | ---- | C] () -- C:\windows\tweaking.com-regbackup-LISA-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat 
[2013/06/25 22:55:16 | 000,026,818 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\UserTile.png 
[2013/03/25 12:49:37 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe 
[2013/03/25 12:41:51 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin 
[2013/03/25 12:38:45 | 000,002,975 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat 
[2013/03/25 11:16:26 | 000,727,182 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) 
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] 
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) 
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) 
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] 
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) 
"ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/03/26 10:38:45 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Book Place 
[2013/05/01 00:43:21 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\OpenOffice.org 
[2013/06/25 22:55:16 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\PeerNetworking 
[2013/06/27 10:34:35 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\QFX Software 
[2013/05/25 23:03:09 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\QuickScan 
[2013/07/26 12:13:00 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\SoftGrid Client 
[2013/06/18 15:09:54 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\SumatraPDF 
[2013/05/01 20:50:27 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Toshiba 
[2013/03/25 11:17:42 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\TP 
[2013/07/25 21:55:25 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\TuneUp Software 
[2013/03/25 10:38:49 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\WinBatch 
[2013/06/27 10:34:21 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Wise Care 365

========== Purity Check ========== 
========== Custom Scans ==========

< %SYSTEMDRIVE%\*. >

[2013/07/19 19:16:57 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN 
[2011/03/29 23:11:39 | 000,000,000 | ---D | M] -- C:\Boot 
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings 
[2013/07/26 12:14:16 | 000,000,000 | R--D | M] -- C:\Program Files 
[2013/07/30 14:22:06 | 000,000,000 | R--D | M] -- C:\Program Files (x86) 
[2013/07/25 21:40:03 | 000,000,000 | ---D | M] -- C:\ProgramData 
[2013/06/28 12:54:16 | 000,000,000 | ---D | M] -- C:\RegBackup 
[2013/08/01 23:49:22 | 000,000,000 | -HSD | M] -- C:\System Volume Information 
[2013/03/25 10:37:36 | 000,000,000 | R--D | M] -- C:\Users 
[2013/07/26 13:35:12 | 000,000,000 | ---D | M] -- C:\Windows

< %PROGRAMFILES%\*.exe > 
< %LOCALAPPDATA%\*.exe >

< %windir%\Installer\*.* >

[2013/02/07 00:39:06 | 001,039,872 | R--- | M] () -- C:\windows\Installer\11735fa.msp 
[2011/03/29 22:48:48 | 029,130,752 | ---- | M] () -- C:\windows\Installer\139f2.msi 
[2011/03/29 22:49:28 | 031,928,832 | ---- | M] () -- C:\windows\Installer\139f7.msi 
[2008/08/08 17:46:10 | 000,242,176 | ---- | M] () -- C:\windows\Installer\139fc.msi 
[2011/03/29 22:50:40 | 004,675,072 | ---- | M] () -- C:\windows\Installer\13a01.msi 
[2009/06/01 08:00:00 | 004,505,600 | ---- | M] () -- C:\windows\Installer\147eb.msi 
[2013/02/22 12:29:39 | 001,138,688 | ---- | M] () -- C:\windows\Installer\16a99c.msi 
[2011/01/07 20:05:12 | 004,583,936 | R--- | M] () -- C:\windows\Installer\16cf66.msp 
[2011/03/29 22:53:01 | 035,035,136 | ---- | M] () -- C:\windows\Installer\16e26.msi 
[2011/03/29 22:55:48 | 002,081,792 | ---- | M] () -- C:\windows\Installer\16e47.msi 
[2011/03/29 22:55:56 | 002,343,936 | ---- | M] () -- C:\windows\Installer\16e93.msi 
[2011/01/07 20:10:36 | 003,991,040 | R--- | M] () -- C:\windows\Installer\1742a2.msp 
[2011/11/22 00:42:40 | 033,189,888 | R--- | M] () -- C:\windows\Installer\1ffba2.msp 
[2011/05/18 23:06:22 | 038,672,896 | R--- | M] () -- C:\windows\Installer\1ffbb7.msp 
[2011/12/26 06:24:12 | 008,835,072 | R--- | M] () -- C:\windows\Installer\1ffbbf.msp 
[2011/12/15 14:54:16 | 039,732,736 | R--- | M] () -- C:\windows\Installer\1ffbe1.msp 
[2012/09/06 10:16:24 | 025,810,944 | R--- | M] () -- C:\windows\Installer\1ffbf7.msp 
[2012/12/06 16:56:22 | 003,725,312 | R--- | M] () -- C:\windows\Installer\1ffbff.msp 
[2012/09/10 09:35:36 | 015,580,672 | R--- | M] () -- C:\windows\Installer\1ffc13.msp 
[2011/04/06 23:12:06 | 194,340,864 | R--- | M] () -- C:\windows\Installer\1ffc28.msp 
[2012/10/10 04:44:54 | 012,961,280 | R--- | M] () -- C:\windows\Installer\1ffc40.msp 
[2008/04/11 10:11:40 | 000,233,472 | ---- | M] () -- C:\windows\Installer\21c55a.msi 
[2012/04/19 02:53:04 | 003,121,152 | ---- | M] () -- C:\windows\Installer\21c55e.msi 
[2013/07/25 21:39:57 | 002,744,320 | ---- | M] () -- C:\windows\Installer\22d8f82.msi 
[2013/07/25 21:39:50 | 024,707,072 | ---- | M] () -- C:\windows\Installer\22d8f86.msi 
[2011/02/17 08:50:38 | 000,509,952 | ---- | M] () -- C:\windows\Installer\26774.msi 
[2011/02/17 08:53:56 | 006,753,280 | ---- | M] () -- C:\windows\Installer\2677a.msi 
[2010/10/19 16:18:18 | 000,441,856 | ---- | M] () -- C:\windows\Installer\2677f.msi 
[2011/02/17 08:51:56 | 001,773,056 | ---- | M] () -- C:\windows\Installer\26784.msi 
[2011/02/17 08:48:20 | 001,198,080 | ---- | M] () -- C:\windows\Installer\26789.msi 
[2011/02/17 08:48:26 | 001,181,696 | ---- | M] () -- C:\windows\Installer\2678e.msi 
[2011/02/17 08:48:32 | 001,167,360 | ---- | M] () -- C:\windows\Installer\26793.msi
[2011/02/17 08:48:40 | 001,235,456 | ---- | M] () -- C:\windows\Installer\26798.msi 
[2011/02/17 08:48:44 | 000,600,064 | ---- | M] () -- C:\windows\Installer\2679d.msi 
[2011/02/17 08:48:50 | 001,184,768 | ---- | M] () -- C:\windows\Installer\267a2.msi 
[2011/02/17 08:48:54 | 001,187,840 | ---- | M] () -- C:\windows\Installer\267a7.msi 
[2011/02/17 08:49:00 | 001,193,984 | ---- | M] () -- C:\windows\Installer\267ac.msi 
[2011/02/17 08:49:10 | 001,202,688 | ---- | M] () -- C:\windows\Installer\267b1.msi 
[2011/02/17 08:49:14 | 001,185,280 | ---- | M] () -- C:\windows\Installer\267b6.msi 
[2011/02/17 08:49:18 | 001,212,416 | ---- | M] () -- C:\windows\Installer\267bb.msi 
[2011/02/17 08:49:24 | 001,197,568 | ---- | M] () -- C:\windows\Installer\267c0.msi 
[2011/02/17 08:49:28 | 001,188,864 | ---- | M] () -- C:\windows\Installer\267c5.msi 
[2011/02/17 08:49:34 | 001,176,064 | ---- | M] () -- C:\windows\Installer\267ca.msi 
[2011/02/17 08:49:38 | 001,191,424 | ---- | M] () -- C:\windows\Installer\267cf.msi 
[2011/02/17 08:49:44 | 001,188,864 | ---- | M] () -- C:\windows\Installer\267d4.msi 
[2011/02/17 08:49:50 | 001,221,632 | ---- | M] () -- C:\windows\Installer\267d9.msi 
[2011/02/17 08:49:56 | 001,178,624 | ---- | M] () -- C:\windows\Installer\267de.msi 
[2011/02/17 08:50:02 | 001,209,344 | ---- | M] () -- C:\windows\Installer\267e3.msi 
[2011/02/17 08:50:08 | 001,187,328 | ---- | M] () -- C:\windows\Installer\267e8.msi 
[2011/02/17 08:50:14 | 000,876,032 | ---- | M] () -- C:\windows\Installer\267ed.msi 
[2011/02/17 08:50:18 | 001,179,648 | ---- | M] () -- C:\windows\Installer\267f2.msi 
[2011/02/17 08:50:32 | 001,783,296 | ---- | M] () -- C:\windows\Installer\267f7.msi 
[2011/02/17 08:50:48 | 000,274,432 | ---- | M] () -- C:\windows\Installer\267fc.msi 
[2011/02/17 08:48:12 | 011,069,952 | ---- | M] () -- C:\windows\Installer\26802.msi 
[2011/02/17 08:54:04 | 001,462,784 | ---- | M] () -- C:\windows\Installer\26807.msi 
[2011/04/16 08:44:26 | 002,770,944 | ---- | M] () -- C:\windows\Installer\271c89.msi 
[2010/04/21 08:48:32 | 000,168,960 | ---- | M] () -- C:\windows\Installer\4801b.msi 
[2013/04/26 09:09:52 | 009,008,128 | R--- | M] () -- C:\windows\Installer\500574.msp 
[2010/03/18 17:41:24 | 001,901,056 | ---- | M] () -- C:\windows\Installer\5411a.msi 
[2009/07/12 15:16:26 | 000,223,232 | ---- | M] () -- C:\windows\Installer\6e91a.msi 
[2009/07/12 10:43:18 | 000,231,936 | ---- | M] () -- C:\windows\Installer\6e920.msi 
[2013/03/25 10:17:34 | 007,786,496 | ---- | M] () -- C:\windows\Installer\6e930.msi 
[2013/03/25 10:18:56 | 000,276,992 | ---- | M] () -- C:\windows\Installer\6e935.msi 
[2013/04/26 08:45:04 | 023,511,552 | R--- | M] () -- C:\windows\Installer\7b3f4.msp 
[2013/05/14 22:00:12 | 017,707,008 | R--- | M] () -- C:\windows\Installer\7b40e.msp 
[2009/10/27 17:11:28 | 000,998,912 | ---- | M] () -- C:\windows\Installer\827e3.msi 
[2013/03/25 12:56:43 | 069,883,392 | ---- | M] () -- C:\windows\Installer\827e8.msi 
[2010/03/19 12:19:04 | 000,155,136 | ---- | M] () -- C:\windows\Installer\827ed.msi 
[2013/03/25 12:58:16 | 048,625,664 | ---- | M] () -- C:\windows\Installer\827f2.msi 
[2010/11/04 19:35:00 | 002,891,776 | ---- | M] () -- C:\windows\Installer\827f7.msi 
[2011/04/19 04:21:02 | 000,235,520 | ---- | M] () -- C:\windows\Installer\be333.msi 
[2011/04/19 04:54:14 | 000,227,328 | ---- | M] () -- C:\windows\Installer\be33a.msi 
[2011/03/29 22:57:13 | 000,000,000 | ---- | M] () -- C:\windows\Installer\wix{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}.SchedServiceConfig.rmi 
[3 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]

< %windir%\system32\tasks\*.* > 
< %windir%\system32\tasks\*.* /64 >

[2013/08/01 10:23:01 | 000,004,182 | ---- | M] () -- C:\windows\SysNative\tasks\avast! Emergency Update 
[2013/05/23 13:35:49 | 000,002,770 | ---- | M] () -- C:\windows\SysNative\tasks\CCleanerSkipUAC 
[2013/07/26 01:35:20 | 000,002,770 | ---- | M] () -- C:\windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013

< %systemroot%\Fonts\*.exe >

< %systemroot%\*. /mp /s >

< MD5 for: ATAPI.SYS >

[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys 
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys 
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e

\atapi.sys 
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd

\atapi.sys

< MD5 for: EXPLORER.EXE >

[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-

explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe 
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe 
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe 
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-

explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe 
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-

explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe 
[2010/11/20 23:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-

explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe 
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe 
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-

explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe 
[2010/11/20 23:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-

explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: REGEDIT.EXE >

[2009/07/13 21:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\erdnt\cache86\regedit.exe 
[2009/07/13 21:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-

editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe 
[2009/07/13 21:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe 
[2009/07/13 21:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe 
[2009/07/13 21:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-

editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

< MD5 for: SERVICES.EXE >

[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe 
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe 
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-

servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >

[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe 
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe 
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-

svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe 
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe 
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe 
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe 
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-

svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe 
< MD5 for: USER32.DLL >

[2010/11/20 23:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\erdnt\cache86\user32.dll 
[2010/11/20 23:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll 
[2010/11/20 23:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-

user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll 
[2010/11/20 23:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\erdnt\cache64\user32.dll 
[2010/11/20 23:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\windows\SysNative\user32.dll 
[2010/11/20 23:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-

user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

< MD5 for: USERINIT.EXE >

[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe 
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe 
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-

userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe 
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe 
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe 
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-

userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe 
< MD5 for: WINLOGON.EXE >

[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe 
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe 
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-

winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe 
[2013/04/04 14:50:32 | 000,218,184 |---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< C:\Windows\assembly\tmp\U\*.* /s >

[2009/07/14 01:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT 
[2009/07/14 01:08:49 | 000,032,540 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT 
< %Temp%\smtmp\* \s > 
< %Temp%\smtmp\1\*.* > 
< %Temp%\smtmp\2\*.* > 
< %Temp%\smtmp\3\*.* > 
< %Temp%\smtmp\4\*.* > 
< dir "%systemdrive%\*" /S /A:L /C >

Volume in drive C is TI106147W0C Volume Serial Number is F039-9AAA Directory of C:\ 07/14/2009 01:08 AM

Documents and Settings [..] 0 File(s) 
0 bytes Directory of C:\ProgramData 07/14/2009 01:08 AM 
Application Data [..] 07/14/2009 01:08 AM 
Desktop [..] 07/14/2009 01:08 AM 
Documents [..] 07/14/2009 01:08 AM
Favorites [..] 07/14/2009 01:08 AM
Start Menu [..] 07/14/2009 01:08 AM
Templates [..] 0 File(s) 0 bytes
Directory of C:\Users 07/14/2009 01:08 AM
All Users [C:\ProgramData] 07/14/2009 01:08 AM 
Default User [..] 0 File(s) 0 bytes 
Directory of C:\Users\All Users 07/14/2009 01:08 AM 
Application Data [..] 07/14/2009 01:08 AM
Desktop [..] 07/14/2009 01:08 AM 
Documents [..] 07/14/2009 01:08 AM
Favorites [..] 07/14/2009 01:08 AM
Start Menu [..] 07/14/2009 01:08 AM
Templates [..] 0 File(s) 0 bytes 
Directory of C:\Users\Default 07/14/2009 01:08 AM
Application Data [..] 07/14/2009 01:08 AM
Local Settings [..] 07/14/2009 01:08 AM
My Documents [..] 07/14/2009 01:08 AM
NetHood [..] 07/14/2009 01:08 AM
PrintHood [..] 07/14/2009 01:08 AM
Recent [..] 07/14/2009 01:08 AM SendTo [..] 07/14/2009 01:08 AM
Start Menu [..] 07/14/2009 01:08 AM
Templates [..] 0 File(s) 0 bytes 
Directory of C:\Users\Default\AppData\Local 07/14/2009 01:08 AM
Application Data [..] 07/14/2009 01:08 AM
History [..] 07/14/2009 01:08 AM
Temporary Internet Files [..] 0 File(s) 0 bytes 
Directory of C:\Users\Default\Documents 07/14/2009 01:08 AM
My Music [..] 07/14/2009 01:08 AM
My Pictures [..] 07/14/2009 01:08 AM
My Videos [..] 0 File(s) 0 bytes 
Directory of C:\Users\Lisa 03/25/2013 10:37 AMApplication Data 
[C:\Users\Lisa\AppData\Roaming] 03/25/2013 10:37 AM 
Cookies [C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Cookies] 03/25/2013 10:37 AM 
Local Settings [C:\Users\Lisa\AppData\Local] 03/25/2013 10:37 AM
My Documents [C:\Users\Lisa\Documents] 03/25/2013 10:37 AM
NetHood [C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 03/25/2013 10:37 AM
PrintHood [C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 03/25/2013 10:37 AM 
Recent [C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Recent] 03/25/2013 10:37 AM
SendTo [C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\SendTo] 03/25/2013 10:37 AM
Start Menu [C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu] 03/25/2013 10:37 AM
Templates [C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes 
Directory of C:\Users\Lisa\AppData\Local 03/25/2013 10:37 AM 
Application Data [C:\Users\Lisa\AppData\Local] 03/25/2013 10:37 AM
History [C:\Users\Lisa\AppData\Local\Microsoft\Windows\History] 03/25/2013 10:37 AM 
Temporary Internet Files [C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 File(s) 0 bytes 
Directory of C:\Users\Lisa\Documents 03/25/2013 10:37 AM 
My Music [C:\Users\Lisa\Music] 03/25/2013 10:37 AM 
My Pictures [C:\Users\Lisa\Pictures] 03/25/2013 10:37 AM 
My Videos [C:\Users\Lisa\Videos] 0 File(s) 0 bytes
Directory of C:\Users\Public\Documents 07/14/2009 01:08 AM 
My Music [C:\Users\Public\Music] 07/14/2009 01:08 AM 
My Pictures [C:\Users\Public\Pictures] 07/14/2009 01:08 AM 
My Videos [C:\Users\Public\Videos] 0 File(s) 0 bytes
Total Files Listed: 0 File(s) 0 bytes 
49 Dir(s) 270,035,214,336 bytes free 
< End of report >


----------



## eddie5659 (Mar 19, 2001)

Looks like WordWrap is off on Notepad, which is why it looks like that 

Can you open the Notepad logs again, go to *Format* and then click on *Word Wrap*, and they should be in a better way to read it. Then, paste the logs here again.

eddie


----------



## lavenderchef45 (Jul 24, 2013)

eddie5659 said:


> Looks like WordWrap is off on Notepad, which is why it looks like that
> 
> Can you open the Notepad logs again, go to *Format* and then click on *Word Wrap*, and they should be in a better way to read it. Then, paste the logs here again.
> 
> eddie


 503c Server Error This is what I am directed to every time I try to send you the corrected files after they have been word wrapped. I am sorry I will try tonight. I have to go to work now. Thank you for helping me I am sorry for the mess!


----------



## eddie5659 (Mar 19, 2001)

That's okay, I'll have a look later.

If it still won't work, I'll try and get it right myself, as I have a rough idea on the layout


----------



## lavenderchef45 (Jul 24, 2013)

I have tried everything. I used word wrap and copy. But, when I paste it it reverts back to the mess. I am so sorry!


----------



## eddie5659 (Mar 19, 2001)

Its okay, I'll have a look at it and put it in order


----------



## eddie5659 (Mar 19, 2001)

I'll undelete some things, change it so its readable, then remove the duplicates.

Have to go out in 10 mins, so some may be half done 

Will do rest after


----------



## lavenderchef45 (Jul 24, 2013)

Hi: Would you like to delete my post and have me try to work wrap the required txt info again? I am so sorry. I do word wrap all the time as a chef when I copy & post recipes & menus. Bless you for what u do! Angela


----------



## eddie5659 (Mar 19, 2001)

I've managed to do the first log, so I'll remove the duplicates in a second.

However, can you see the Extra's log? It should be on the Desktop, like the other. If so, see if you can get it like this one:

http://forums.techguy.org/8746843-post4.html

If not, copy/paste it here, and I'll fix it


----------



## eddie5659 (Mar 19, 2001)

Okay, the duplicates have gone now, so if you find the other log that would be great. I'll look at the other log in a min


----------



## lavenderchef45 (Jul 24, 2013)

OTL Extras logfile created on: 8/1/2013 11:45:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lisa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.60 Gb Total Physical Memory | 0.92 Gb Available Physical Memory | 35.27% Memory free
5.20 Gb Paging File | 3.50 Gb Available in Paging File | 67.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.29 Gb Total Space | 251.24 Gb Free Space | 88.06% Space Free | Partition Type: NTFS

Computer Name: LISA-PC | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

*64bit:* [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{D35FCAD1-99C5-4214-8E47-A2D7ACB638EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series" = Canon MG2100 series MP Drivers
"{1D27E8CF-7546-F200-4CA3-CD2F39909F5A}" = ATI Catalyst Install Manager
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{3EF6F8CE-BE77-0786-CA40-3CB5BF5EBCC8}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{522D5958-FFF0-2849-776B-442BE2A0004C}" = WMV9/VC-1 Video Playback
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Elantech" = ETDWare PS/2-X64 8.0.8.0_R01
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"RFA9_is1" = Registry First Aid 9

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{021C6667-63D3-4416-B537-865E77F4DF4F}" = avast! Ad Blocker
"{04259F13-626E-814E-A80C-4601DFF3CE95}" = CCC Help Finnish
"{04D90620-2973-6F93-6E6C-C833F39C50C1}" = CCC Help Thai
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{073B89C3-BA88-41B5-965F-B35A88EAE838}" = TOSHIBA Supervisor Password
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = [email protected] 1.0
"{0FC61261-B251-C870-C650-8A854F1B4CF0}" = CCC Help Chinese Standard
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24C563C0-5569-A3BF-DF26-AAB3F25B5375}" = CCC Help Danish
"{2823D463-54F8-F7B4-818F-B7436FF70658}" = CCC Help Portuguese
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{32F32D10-5190-7565-DD14-C235FAF81408}" = CCC Help Dutch
"{34F971C8-B75F-6B8D-4AFC-5DAB84241AE6}" = CCC Help French
"{3798E892-DB93-6BE5-D4AD-8D1C4569F5EF}" = CCC Help Norwegian
"{51071D66-D034-4239-94E0-723FCA10B6FE}" = OpenOffice.org 3.4
"{52A2A26B-59BE-DE58-67EA-AE33077248A0}" = CCC Help Greek
"{589EB570-9B45-8EF9-7A0F-2A5B3A37BC49}" = CCC Help Swedish
"{59F65EE9-3DD6-6944-8222-342A9947D40B}" = Catalyst Control Center InstallProxy
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{60A1C223-4D86-AD1E-FB21-DE75010DABE3}" = CCC Help Hungarian
"{618AF7BF-10CD-0118-EE52-ED9BC440487B}" = CCC Help Russian
"{6C313A41-2704-23C5-DA68-05BB34126233}" = CCC Help Italian
"{6C49A7D6-FD97-A573-29C7-87ED1756AC6D}" = CCC Help Chinese Traditional
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{70B4D913-147C-7084-961A-6728E8F2AC2E}" = CCC Help Korean
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}" = TOSHIBA Hardware Setup
"{92C7DC44-DAD3-49FE-B89B-F92C6BA9A331}" = Toshiba Book Place
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}" = TuneUp Utilities Language Pack (en-US)
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{ACB77FD0-7796-82B5-51B1-3ABAD84932E7}" = Catalyst Control Center Graphics Previews Common
"{AE26F217-2100-A52C-2A00-3829358E4930}" = ccc-core-static
"{B35FB627-BB1F-E79D-9512-E7CF549B00AD}" = CCC Help Polish
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C4F1B841-0C75-368C-0A54-1BAF7C8B6A91}" = CCC Help English
"{CE15C07B-32E3-0586-305C-975F0FEE559A}" = CCC Help Turkish
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DC280F21-4FD6-9D47-6323-7CD5C8712DFB}" = CCC Help Spanish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{ED8AB7F6-E885-A8E9-1E97-2218D89FAE8F}" = CCC Help German
"{EEE6C8F8-4FDD-A08F-2292-31B34E327C0C}" = CCC Help Japanese
"{F4C03C2A-E14E-EB7C-AAD7-F4FB6396BEA1}" = Catalyst Control Center Localization All
"{F9E83908-4502-9B01-6B42-21E449DD2627}" = CCC Help Czech
"{FB90923E-F94F-4343-A084-F0AB39305C8B}" = Catalyst Control Center - Branding
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Internet Security
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"KeyScrambler" = KeyScrambler
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.93
"SumatraPDF" = SumatraPDF
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/16/2013 3:22:38 AM | Computer Name = Lisa-PC | Source = ESENT | ID = 455
Description = Windows (2540) Windows: Error -1811 occurred while opening logfile
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00015.log.

Error - 7/16/2013 3:22:38 AM | Computer Name = Lisa-PC | Source = Windows Search Service | ID = 9000
Description = The Windows Search Service cannot open the Jet property store. Details:
0x%08x
(0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error - 7/16/2013 3:22:38 AM | Computer Name = Lisa-PC | Source = Windows Search Service | ID = 7040
Description = The search service has detected corrupted data files in the index 
{id=4700}. The service will attempt to automatically correct this problem by rebuilding
the index. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801)
(0xc0041801)

Error - 7/16/2013 3:22:38 AM | Computer Name = Lisa-PC | Source = Windows Search Service | ID = 7042
Description = The Windows Search Service is being stopped because there is a problem
with the indexer: The catalog is corrupt. Details: The content index catalog is corrupt.
(HRESULT : 0xc0041801) (0xc0041801)

Error - 7/16/2013 3:22:38 AM | Computer Name = Lisa-PC | Source = Windows Search Service | ID = 9002
Description = The Windows Search Service cannot load the property store information.

Context:
Windows Application, SystemIndex Catalog Details: The content index database is corrupt.
(HRESULT : 0xc0041800) (0xc0041800)

Error - 7/16/2013 3:22:38 AM | Computer Name = Lisa-PC | Source = Windows Search Service | ID = 3029
Description = The plug-in in <Search.JetPropStore> cannot be initialized. Context:
Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt.
(HRESULT : 0xc0041801) (0xc0041801)

Error - 7/16/2013 3:22:40 AM | Computer Name = Lisa-PC | Source = Windows Search Service | ID = 3029
Description = The plug-in in <Search.TripoliIndexer> cannot be initialized. Context:
Windows Application, SystemIndex Catalog Details: Element not found. (HRESULT : 
0x80070490) (0x80070490)

Error - 7/16/2013 3:22:40 AM | Computer Name = Lisa-PC | Source = Windows Search Service | ID = 3028
Description = The gatherer object cannot be initialized. Context: Windows Application,
SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801)
(0xc0041801)

Error - 7/16/2013 3:22:40 AM | Computer Name = Lisa-PC | Source = Windows Search Service | ID = 3058
Description = The application cannot be initialized. Context: Windows Application

Details:
The
content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error - 7/16/2013 3:22:40 AM | Computer Name = Lisa-PC | Source = Windows Search Service | ID = 7010
Description = The index cannot be initialized. Details: The content index catalog 
is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

[ System Events ]
Error - 7/25/2013 9:57:45 PM | Computer Name = Lisa-PC | Source = Service Control Manager | ID = 7000
Description = The TuneUp Theme Extension service failed to start due to the following
error: %%1083

Error - 7/25/2013 9:57:45 PM | Computer Name = Lisa-PC | Source = Service Control Manager | ID = 7000
Description = The TuneUp Theme Extension service failed to start due to the following
error: %%1083

Error - 7/26/2013 10:06:36 AM | Computer Name = Lisa-PC | Source = WMPNetworkSvc | ID = 866300
Description = Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder)
encountered error '0x80004005'. Verify that the UPnPHost service is running and
that the UPnPHost component of Windows is installed properly.

Error - 7/26/2013 1:12:56 PM | Computer Name = Lisa-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 7/26/2013 6:19:33 PM | Computer Name = Lisa-PC | Source = DCOM | ID = 10010
Description =

Error - 7/27/2013 10:09:32 AM | Computer Name = Lisa-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Netman service.

Error - 7/27/2013 10:09:34 AM | Computer Name = Lisa-PC | Source = DCOM | ID = 10010
Description =

Error - 7/28/2013 9:56:59 AM | Computer Name = Lisa-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.

Error - 7/29/2013 3:57:54 AM | Computer Name = Lisa-PC | Source = DCOM | ID = 10010
Description =

Error - 7/30/2013 12:26:09 PM | Computer Name = Lisa-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Media Center Receiver Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in 
10000 milliseconds: Restart the service.

< End of report >


----------



## eddie5659 (Mar 19, 2001)

Excellent, thanks for the log :up:

Uninstall these programs because they're not needed or are outdated or are dangerous to use.
If any can't be installed, let me know, but carry on with the rest of the uninstall and the programs below. We can look at any that couldn't be uninstalled later 
Optimizers, boosters, cleaners, etc. are basically useless and a waste of money and can do more harm than good

Reading these links might also put you off such progs:

http://miekiemoes.blogspot.com/2008/02/registry-cleaners-and-system-tweaking_13.html

http://www.edbott.com/weblog/?p=643

TuneUp Utilities 2013
Registry First Aid 9
Tweaking.com - Windows Repair (All in One)

-------------------------------------

Then, can you do the following:

Run OTL 

Under the *Custom Scans/Fixes* box at the bottom, paste in the following 

```
:OTL
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[3 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[3 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
:Files
ipconfig /flushdns /c
:Commands
[emptytemp]
[purity] 
[CREATERESTOREPOINT]
```

Then click the *Run Fix* button at the top 
Click OK.
Let the program run unhindered, reboot when it is done
It will produce a log for you on reboot, please post that log in your next reply. The log is saved in the same location as OTL.

------------------

After that, as I see you have MBAM already, can you update that and do a quick scan and post the log.

Also, run the following:

*Download and scan with* *SUPERAntiSpyware* Free Edition for Home Users
Double-click *SUPERAntiSpyware.exe* and use the default settings for installation.
An icon will be created on your desktop. Double-click that icon to launch the program.
If asked to update the program definitions, click "*Yes*". If not, update the definitions before scanning by selecting "*Check for Updates*". (_If you encounter any problems while downloading the updates, manually download and unzip them from here._)
Under "*Configuration and Preferences*", click the *Preferences* button.
Click the *Scanning Control* tab.
Under *Scanner Options* make sure the following are checked _(leave all others unchecked)_:
_Close browsers before scanning._
_Scan for tracking cookies._
_Terminate memory threats before quarantining._

Click the "*Home*" button to leave the control center screen.
On the right, under "*Complete Scan*", choose *Perform Complete Scan*.
Click *Scan your computer*.
On the left, select all *fixed drives*.
Click "*Start Complete Scan*" to start the scan. Please be patient while it scans your computer.
After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "*Continue*".
Make sure everything has a checkmark next to it and click "*Next*".
A notification will appear that "_Quarantine and Removal is Complete_". Click "*Remove Threats*" and then click the "*Finish*" button to return to the main menu.
If asked if you want to reboot, click "*Yes*".
To retrieve the removal information after reboot, launch SUPERAntispyware again.
_Click *View Scan Logs*.
[*]Under Scanner Logs, double-click *SUPERAntiSpyware Scan Log*.
[*]If there are several logs, click the current dated log and press *View log*. A text file will open in your default text editor.
[*]Please copy and paste the Scan Log results in your next reply._
_[*]Click *Close* to exit the program._
_

---








Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

---

Please download *AdwCleaner* by Xplode onto your desktop.

Double click on *AdwCleaner.exe* to run the tool.
Click on *Search*.
A logfile will automatically open after the scan has finished.
Please post the contents of that logfile with your next reply.
You can find the logfile at *C:\AdwCleaner[R1].txt* as well.

eddie_


----------



## lavenderchef45 (Jul 24, 2013)

All processes killed ========== OTL ========== 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_USERS\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found. Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found. Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found. Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found. Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found. Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found. Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found. Registry key HKEY_USERS\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Registry key HKEY_USERS\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. C:\windows\SysWow64\sho2427.tmp deleted successfully. C:\windows\SysWow64\sho50B.tmp deleted successfully. C:\windows\SysWow64\shoB28D.tmp deleted successfully. C:\windows\Installer\MSI6EE2.tmp deleted successfully. C:\windows\Installer\MSI75F1.tmp deleted successfully. C:\windows\Installer\MSI8C81.tmp deleted successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\Lisa\Desktop\cmd.bat deleted successfully. C:\Users\Lisa\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Lisa ->Temp folder emptied: 32040 bytes ->Temporary Internet Files folder emptied: 4096 bytes ->FireFox cache emptied: 25986324 bytes ->Flash cache emptied: 528 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes RecycleBin emptied: 17745082 bytes Total Files Cleaned = 42.00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 08052013_030120 Files\Folders moved on Reboot... C:\Users\Lisa\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...


----------



## eddie5659 (Mar 19, 2001)

Thanks 

Any joy with the other scans?


----------



## lavenderchef45 (Jul 24, 2013)

Well Eddie: Its been a long and horrible week for me & the Toshiba. Not only have I had more crap in my system than NYC city garbage on a strike but, due to the electric Gods my modem committed suicide on between Sun & Mon of this week. At first I thought it could be the after effects of the last OTL scan & removal. So I set up my Dell desktop & tried to access the internet. No luck whatsoever. At least I knew it wasn;t the laptop. Here I am with a new modem ready to roll. I've already removed all of the registry cleaner programs & downloaded the programs you suggested to scan. Will submit scans a s a p. I thank you from the bottom of my heart for all your kind attentive care with my problem. Especially the word wrap debacle. When time permits would you write & explain what was going on that so screwed up my system? Thank you again! Angela


----------



## eddie5659 (Mar 19, 2001)

Sounds like you're not having fun there, but I laughed out loud when I read the first line 

I tend to reply back after a few days, as sometimes people post the one log, and either don't see the other tools to run, or think that they've uploaded the scans and waiting for me to respond 

Anytime is fine, and I'll let you know that Fridays I'm never here, as that is freeeeeedooooomm (Mel from BraveHeart speech there) from work for the week.

But, I'll log on at the weekend, and see how it goes.

eddie


----------



## lavenderchef45 (Jul 24, 2013)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
Junkware Removal Tool (JRT) by Thisisu Version: 5.3.8 (08.07.2013:4)
OS: Windows 7 Home Premium x64 Ran by Lisa on Thu 08/08/2013 at 14:53:33.76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services ~~~ Registry Values  ~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt

~~~ Files Successfully deleted:

[File] "C:\users\default user\start menu\programs\startup\best buy pc app.lnk"

~~ Folders Successfully deleted:

[Folder] "C:\ProgramData\apn" Successfully deleted: 
[Folder] "C:\ProgramData\best buy pc app" Successfully deleted: 
[Folder] "C:\Users\Lisa\appdata\local\best buy pc app" ~~~

FireFox Emptied folder: C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\145ix1m0.default\minidumps [16 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
Scan was completed on Thu 08/08/2013 at 15:09:39.50 End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


----------



## eddie5659 (Mar 19, 2001)

Whoops, wordwrap is off again 

I'll sort this one, just letting you know for the others


----------



## lavenderchef45 (Jul 24, 2013)

# AdwCleaner v2.306 - Logfile created 08/08/2013 at 15:14:33
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) 
# User : Lisa - LISA-PC # Boot Mode : Normal 
# Running from : C:\Users\Lisa\Desktop\adwcleaner.exe 
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\jetpack

***** [Registry] *****

Key Found : HKLM\SOFTWARE\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16635 
[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US) File : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\prefs.js 
[OK] File is clean.

************************* 
AdwCleaner[R1].txt - [798 octets] - [08/08/2013 15:14:33]

########## EOF - C:\AdwCleaner[R1].txt - [857 octets] ##########


----------



## eddie5659 (Mar 19, 2001)

Just so you know, I've edited the two logs above, as wordwrap turned itself off again


----------



## lavenderchef45 (Jul 24, 2013)

SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 08/08/2013 at 04:25 PM Application Version : 5.6.1020 Core Rules Database Version : 10677 Trace Rules Database Version: 8489 Scan type : Complete Scan Total Scan Time : 00:53:35 Operating System Information Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601) UAC On - Administrator Memory items scanned : 616 Memory threats detected : 0 Registry items scanned : 69243 Registry threats detected : 0 File items scanned : 49925 File threats detected : 0


----------



## eddie5659 (Mar 19, 2001)

Okay, can you do this one, and lets hope WordWrap works this time 

*Delete any copies of Combofix that you have.*

Download ComboFix from one of these locations:

*Link 1*
*Link 2*

** IMPORTANT !!! As you download it rename it to lavenderchef123.exe and save it to your Desktop *


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

Click on *this link* to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
*Remember to re-enable the protection again afterwards before connecting to the Internet.*

Double click on ComboFix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.








Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:










Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the *C:\ComboFix.txt* in your next reply.

eddie


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie: I just got home from work a bit ago. 11:30 PM Tomorrow morning I am driving to visit one of my children in Brooklyn. I downloaded lavenderchef123.exe and will run it in the next day or so when I get settled & have a nights' sleep. Interestingly something else unforseen has occurred. My internet connection slowed way down last night. I opened Network & Sharing to check the properties of Local Area Connection & when I tried a box popped up stating "An Unexpected Error Occurred." Can not open Properties, No way no how. This has NEVER happened ever. FYI, Again with the CA CA. I will do as you have instructed no later than Wednesday of this week. Best Regards, Angela


----------



## eddie5659 (Mar 19, 2001)

Anytime is fine, I'll still be here 

As for the error with the internet, you mentioned something like that back here:

http://forums.techguy.org/8751344-post18.html

Are you using a router for both the laptop and pc? If so, and I know this may seem simple, but have you tried turning it off from the mains for 5 minutes, then turning it back on?

Sometimes it needs to clear itself, my laptop has the same problem, and sometimes the pc, and rebooting like above works. Just have the laptop/pc off when you do it, or if its running, a reboot of the laptop/pc may be needed to 'see' the router 

eddie


----------



## lavenderchef45 (Jul 24, 2013)

ComboFix 13-08-14.02 - Lisa 08/14/2013 16:42:58.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2663.1610 [GMT -4:00] 
Running from: c:\users\Lisa\Desktop\lavenderchef123.exe 
AV: GFI Software VIPRE *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7} 
FW: GFI Software VIPRE *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC} 
SP: GFI Software VIPRE *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A} 
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.

((((((((((((((((((((((((( Files Created from 2013-07-14 to 2013-08-14 )))))))))))))))))))))))))))))))
. 
.

2013-08-14 20:49 . 2013-08-14 20:49 -------- d-----w- c:\users\Public\AppData\Local\temp 
2013-08-14 20:49 . 2013-08-14 20:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-13 08:06 . 2013-08-13 08:06 -------- d-----w- c:\program files (x86)\MSXML 4.0 
2013-08-12 05:24 . 2013-05-15 18:23 31264 ----a-w- c:\windows\system32\drivers\gfiutil.sys 
2013-08-12 05:24 . 2013-04-11 15:06 39504 ----a-w- c:\windows\system32\drivers\gfiark.sys 
2013-08-12 04:39 . 2013-04-12 19:43 61808 ----a-w- c:\windows\system32\drivers\sbhips.sys 
2013-08-12 04:38 . 2013-04-12 19:43 259440 ----a-w- c:\windows\system32\drivers\SbFw.sys 
2013-08-12 04:38 . 2012-10-24 18:38 120608 ----a-w- c:\windows\system32\drivers\SbFwIm.sys 
2013-08-12 04:38 . 2013-04-18 16:07 47936 ----a-w- c:\windows\system32\sbbd.exe 
2013-08-12 04:38 . 2013-08-12 04:40 -------- d-----w- c:\programdata\GFI Software 
2013-08-12 04:38 . 2013-08-12 04:38 -------- d-----w- c:\programdata\Downloaded Installations 2
2013-08-12 04:26 . 2013-08-12 04:26 -------- d-----w- c:\program files (x86)\GFI Software 
2013-08-12 04:26 . 2013-08-12 04:26 -------- d-----w- c:\users\Lisa\AppData\Roaming\GFI Software 
2013-08-09 23:51 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3EB3B08E-5106-4AF1-853E-B0D7569A5F90}\mpengine.dll 
2013-08-08 18:53 . 2013-08-08 18:53 -------- d-----w- c:\windows\ERUNT 
2013-08-05 07:01 . 2013-08-05 07:01 -------- d-----w- C:\_OTL 
2013-07-26 23:54 . 2013-07-26 23:57 -------- d-----w- c:\windows\system32\MRT 
2013-07-26 01:40 . 2013-07-26 01:41 -------- d-----w- c:\programdata\TuneUp Software 
2013-07-26 01:39 . 2013-07-26 01:49 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 
2013-07-26 01:39 . 2013-07-26 01:39 -------- d--h--w- c:\programdata\Common Files 
2013-07-20 00:30 . 2013-07-22 15:15 -------- d-----w- c:\program files (x86)\PCPitstop 
2013-07-18 19:18 . 2013-07-18 19:18 -------- d-----w- c:\users\Lisa\AppData\Roaming\Malwarebytes 
2013-07-18 19:18 . 2013-07-18 19:18 -------- d-----w- c:\programdata\Malwarebytes 
2013-07-18 19:18 . 2013-07-18 19:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 
2013-07-18 19:18 . 2013-04-04 18:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 
2013-07-18 14:07 . 2013-07-18 14:07 -------- d-----w- c:\programdata\QFX Software 
2013-07-17 16:11 . 2013-05-31 14:53 222200 ----a-w- c:\windows\system32\drivers\keyscrambler.sys 
2013-07-17 16:11 . 2013-07-17 16:11 -------- d-----w- c:\program files (x86)\KeyScrambler
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
. 
2013-07-25 15:29 . 2013-06-28 16:57 181064 ----a-w- c:\windows\PSEXESVC.EXE 
2013-07-10 17:16 . 2013-07-10 17:16 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS 
2013-07-09 15:01 . 2013-07-09 15:01 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 
2013-07-09 15:01 . 2013-07-09 15:01 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 
2013-06-24 04:57 . 2013-03-25 17:31 78277128 ----a-w- c:\windows\system32\MRT.exe 
2013-06-11 23:43 . 2013-07-12 01:29 1767936 ----a-w- c:\windows\SysWow64\wininet.dll 
2013-06-11 23:43 . 2013-07-12 01:30 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll 
2013-06-11 23:42 . 2013-07-12 01:30 61440 ----a-w- c:\windows\SysWow64\iesetup.dll 
2013-06-11 23:42 . 2013-07-12 01:30 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll 
2013-06-11 23:26 . 2013-07-12 01:30 51712 ----a-w- c:\windows\system32\ie4uinit.exe 
2013-06-11 23:26 . 2013-07-12 01:29 2241024 ----a-w- c:\windows\system32\wininet.dll 
2013-06-11 23:26 . 2013-07-12 01:29 1365504 ----a-w- c:\windows\system32\urlmon.dll 
2013-06-11 23:25 . 2013-07-12 01:29 19238912 ----a-w- c:\windows\system32\mshtml.dll 
2013-06-11 23:25 . 2013-07-12 01:30 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-06-11 23:25 . 2013-07-12 01:30 855552 ----a-w- c:\windows\system32\jscript.dll 
2013-06-11 23:25 . 2013-07-12 01:30 3958784 ----a-w- c:\windows\system32\jscript9.dll 
2013-06-11 23:25 . 2013-07-12 01:29 53248 ----a-w- c:\windows\system32\jsproxy.dll 
2013-06-11 23:25 . 2013-07-12 01:30 526336 ----a-w- c:\windows\system32\ieui.dll 
2013-06-11 23:25 . 2013-07-12 01:30 67072 ----a-w- c:\windows\system32\iesetup.dll 
2013-06-11 23:25 . 2013-07-12 01:30 39936 ----a-w- c:\windows\system32\iernonce.dll 
2013-06-11 23:25 . 2013-07-12 01:30 136704 ----a-w- c:\windows\system32\iesysprep.dll 
2013-06-11 23:25 . 2013-07-12 01:30 2648576 ----a-w- c:\windows\system32\iertutil.dll 
2013-06-11 23:25 . 2013-07-12 01:29 15404032 ----a-w- c:\windows\system32\ieframe.dll 
2013-06-11 22:51 . 2013-07-12 01:30 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 
2013-06-11 22:50 . 2013-07-12 01:30 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 
2013-06-07 03:22 . 2013-07-12 01:30 2706432 ----a-w- c:\windows\system32\mshtml.tlb 
2013-06-07 02:37 . 2013-07-12 01:30 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-06-05 03:34 . 2013-07-11 05:35 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-11 05:43 624128 ----a-w- c:\windows\system32\qedit.dll 
2013-06-04 04:53 . 2013-07-11 05:43 509440 ----a-w- c:\windows\SysWow64\qedit.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736] 
"KeyScrambler"="c:\program files (x86)\KeyScrambler\keyscrambler.exe" [2013-07-14 508048] 
"SBAMTray"="c:\program files (x86)\GFI Software\VIPRE\SBAMTray.exe" [2013-04-18 3155776] 
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] 
"ConsentPromptBehaviorUser"= 3 (0x3) 
"EnableUIADesktopToggle"= 0 (0x0)
. 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc]
@="Service"
.
R2 !SASCORE;!SASCORE; [x] 
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] 
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x] 
R2 SBAMSvc;VIPRE Internet Security;c:\program files (x86)\GFI Software\VIPRE\SBAMSvc.exe;c:\program files (x86)\GFI Software\VIPRE\SBAMSvc.exe [x] 
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x] 
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x] 
R3 gfiutil;gfiutil;c:\windows\system32\drivers\gfiutil.sys;c:\windows\SYSNATIVE\drivers\gfiutil.sys [x] 
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x] 
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] 
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x] 
R3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys;c:\windows\SYSNATIVE\DRIVERS\sbfwim.sys [x] 
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys;c:\windows\SYSNATIVE\drivers\sbhips.sys [x] 
R3 sbwtis;sbwtis;c:\windows\system32\DRIVERS\sbwtis.sys;c:\windows\SYSNATIVE\DRIVERS\sbwtis.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] 
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] 
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x] 
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x] 
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys;c:\windows\SYSNATIVE\drivers\SbFw.sys [x] 
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] 
S2 gfi_lanss10_attservice;GFI LanGuard 10 Attendant Service;c:\program files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe;c:\program files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe [x] S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys;c:\windows\SYSNATIVE\DRIVERS\sbapifs.sys [x] 
S2 SBPIMSvc;SB Recovery Service;c:\program files (x86)\GFI Software\VIPRE\SBPIMSvc.exe;c:\program files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [x] 
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x] 
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys;c:\windows\SYSNATIVE\DRIVERS\FwLnk.sys [x] 
S3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys;c:\windows\SYSNATIVE\drivers\keyscrambler.sys [x] 
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x] 
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x] 
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x] 
S3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys;c:\windows\SYSNATIVE\DRIVERS\SBFWIM.sys [x] 
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x] 
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
.
. Contents of the 'Scheduled Tasks' folder
. 2013-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08 19:22]
. 2013-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - 
c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08 19:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe"[2010-12-14 316032] 
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2010-09-28 566184] 
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 508216] 
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2010-05-10 915320] 
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376] 
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976] 
"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank 
mLocal Page = c:\windows\SysWOW64\blank.htm 
TCP: DhcpNameServer = 192.168.0.1 
FF - ProfilePath - c:\users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\ 
FF - prefs.js: browser.startup.homepage - about:home 
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=U039DF&PC=U039&dt=070613&q= 
FF - ExtSQL: 2013-08-01 10:24; [email protected]; c:\users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected]
.
.
Completion time: 2013-08-14 16:53:08 
ComboFix-quarantined-files.txt 2013-08-14 20:53 
ComboFix2.txt 2013-08-13 07:09 
.
Pre-Run: 270,148,411,392 bytes free 
Post-Run: 270,096,412,672 bytes free
.
- - End Of File - - 0BA2CB0C76ACC032235CA6CB1EDFFE52 5B5E648D12FCADC244C1EC30318E1EB9


----------



## eddie5659 (Mar 19, 2001)

I see Wordwrap has reared its ugly head again 

I'll edit it once I grab the format


----------



## eddie5659 (Mar 19, 2001)

Okay, added the new log for you 

Not much is showing as bad, are you still getting the same issues you had originally?

Also, did you uninstall all of these, or just the odd one or two:

TuneUp
Registry First Aid 9
Tweaking.com - Windows Repair (All in One)

----

Can you also run this:

Please download *aswMBR* ( 4.5MB ) to your desktop.

Double click the *aswMBR.exe* icon, and click *Run*.
When asked if you'd like to "download the latest Avast! virus definitions", click *Yes*.
Click the *Scan* button to start the scan.
On completion of the scan, click the *save log* button, save it to your *desktop*, then copy and paste it in your next reply.

-----

And then do a virus scan here:

Please run a free online scan with the *ESET Online Scanner*

*Vista / Win7 users: *Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select *Run as Administrator*.

*Note: This scan works with Internet Explorer or Mozilla FireFox.*

If using* Mozilla Firefox* you will need to download *esetsmartinstaller_enu.exe* when prompted then double click on it to install.


Click the green ESET Online Scanner box
Tick the box next to *YES, I accept the Terms of Use*
then click on: *Start*
You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
 Make sure that the option *Scan archives *is checked.
 Now click on *Advanced Settings* and select the following:
*Scan for potentially unwanted applications*
* Scan for potentially unsafe applications*
* Enable Anti-Stealth Technology*

 Click on *Start*
 The virus signature database will begin to download. *Be patient* this make take some time depending on the speed of your Internet Connection.
 When completed the *Online Scan* will begin automatically. The scan may take several hours.
 *Do not touch either the Mouse or keyboard* during the scan otherwise it may stall.
 When completed select *Uninstall application on close*, *make sure you copy the logfile first!*
 Then click on: *Finish*
 Use *notepad* to open the logfile located at *C:\Program Files\ESET\EsetOnlineScanner\log.txt.*
 *Copy *and *paste* that log *as a reply* to this topic.

eddie


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie:
Its been a busy week. I did not receive an email so I thought you might be busy & just waited. Went on ur website & found your instructions just now. Am downloading aswMBR.exe & esetsmartinstaller_enu.exe. Will have to run them tonight however. As I must leave for work soon. I did uninstall all of the so called registry cleaners as directed several weeks ago. In response to your query regarding my original privacy & strange webpage closings, etc. Its still status quo. If I could reach into cyberspace I would gleefully choke the idiot. Who has time to sit idly by & screw with someone else's privacy & programs? Certainly not me. Thank you again for all you do. If we were on the same side of the ocean I would provide you with green beans, peppers, peaches, tomatoes, squash & melons. You do ROCK! Will send you the logs asap this week end. Also, how come everything I Word Wrap with works except the logs I send you? This sucks for you and I am so sorry.


----------



## eddie5659 (Mar 19, 2001)

Anytime is fine in running them, weekends I'm not normally here, so anyone that posts on Fridays have to wait till 2 days later before I reply 

Not sure why Wordwrap doesn't seem to work. If you open Notepad up, turn it on, type something and save it (anywhere on the desktop, as you can delete it after).

Then, run the programs. Check if WordWrap is on or off after the log appears. If its not, click the option again so its ticked, and see if that works.

If not, then post it up, and I'll sort it 

As for the emails, there is an issue lately with emails not getting through. Its a pain for you and the helper, as we have multiple threads open at one time, so if we see it after a few days, we have a lot of catching up to do


----------



## lavenderchef45 (Jul 24, 2013)

9:54:34.847 OS Version: Windows x64 6.1.7601 Service Pack 1 
09:54:34.847 Number of processors: 2 586 0x100 
09:54:34.847 ComputerName: LISA-PC UserName: Lisa 
09:54:36.001 Initialize success 
10:32:19.588 AVAST engine defs: 13082900 
10:35:20.378 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006c 
10:35:20.384 Disk 0 Vendor: TOSHIBA_ GH10 Size: 305245MB BusType: 11 
10:35:20.836 Disk 0 MBR read successfully 
10:35:20.846 Disk 0 MBR scan 
10:35:20.861 Disk 0 Windows VISTA default MBR code 
10:35:20.877 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048 
10:35:20.909 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 292137 MB offset 3074048 
10:35:20.962 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 11607 MB offset 601370624 
10:35:21.185 Disk 0 scanning C:\windows\system32\drivers 
10:35:54.590 Service scanning 
10:36:59.515 Modules scanning 
10:36:59.519 Disk 0 trace - called modules: 
10:36:59.860 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 
10:36:59.867 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002fdc5d0] 
10:36:59.869 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8002eaf040] 
10:36:59.871 5 amd_xata.sys[fffff880011218b4] -> nt!IofCallDriver -> \Device\0000006c[0xfffffa8002ea9060] 
10:37:01.489 AVAST engine scan C:\windows 
10:37:05.678 AVAST engine scan C:\windows\system32 
10:45:13.641 AVAST engine scan C:\windows\system32\drivers 
10:45:47.092 AVAST engine scan C:\Users\Lisa 
10:51:08.432 AVAST engine scan C:\ProgramData 
10:52:55.745 Scan finished successfully 
10:54:59.145 Disk 0 MBR has been saved successfully to "C:\Users\Lisa\Desktop\MBR.dat" 
10:54:59.177 The log file has been saved successfully to "C:\Users\Lisa\Desktop\aswMBR.txt"


----------



## lavenderchef45 (Jul 24, 2013)

Eddie I am so sorry! Yet again word wrap did not work. I believe it may be on TSG;s side though. I wrapped it 5 times & placed it in the reply box. Once I hit submit reply it unwraps to a jumble of words. There is nothing I can do but send you a line at a time. That would not be very smart on my end. And, might cause a bit of a stir on your website. Thank you for not hunting me down & beating me with an old Smith Corona! Angela


----------



## eddie5659 (Mar 19, 2001)

That's okay, this one is easy, as it starts each line with a time, so edited it 

It looks good, so that's okay 

Any joy on the Eset scan as well?

Also, lets see if we have any remains of the programs taht you uninstalled earlier:

Please download *SystemLook* from one of the links below and save it to your Desktop.
*Download Mirror #1
Download Mirror #2*

Double-click *SystemLook.exe* to run it.
Copy the content of the following codebox into the main textfield:

```
:folderfind
*TuneUp*
*First Aid*
*Tweaking.com*
:filefind
*TuneUp*.*
*First Aid*.*
*Tweaking.com*.*
:regfind
TuneUp
First Aid
Tweaking.com
```

Click the *Look* button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
*Note:* The log can also be found at on your Desktop entitled *SystemLook.txt*


----------



## lavenderchef45 (Jul 24, 2013)

[email protected] as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=f57ad873a4ba564b899c57481068b7bf # engine=14974 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-09-01 08:53:54 # local_time=2013-09-01 04:53:54 (-0500, Eastern Daylight Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776574 100 94 1026941 129612284 0 0 # scanned=101289 # found=0 # cleaned=0 # scan_time=7072


----------



## lavenderchef45 (Jul 24, 2013)

ystemLook 30.07.11 by jpshortstuff Log created at 23:37 on 03/09/2013 by Lisa Administrator - Elevation successful ========== folderfind ========== Searching for "*TuneUp*" C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget	d------	[01:41 26/07/2013] C:\ProgramData\TuneUp Software	d------	[01:40 26/07/2013] C:\ProgramData\TuneUp Software\TuneUp Utilities	d------	[01:40 26/07/2013] C:\ProgramData\TuneUp Software\TuneUp Utilities 2013	d------	[01:40 26/07/2013] C:\Users\All Users\TuneUp Software	d------	[01:40 26/07/2013] C:\Users\All Users\TuneUp Software\TuneUp Utilities	d------	[01:40 26/07/2013] C:\Users\All Users\TuneUp Software\TuneUp Utilities 2013	d------	[01:40 26/07/2013] C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TuneUp Software	d------	[04:59 29/07/2013] Searching for "*First Aid*" No folders found. Searching for "*Tweaking.com*" C:\Program Files (x86)\Tweaking.com	d------	[16:45 28/06/2013] ========== filefind ========== Searching for "*TuneUp*.*" C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\TuneUpUtilitiesService64.exe.1704.dmp	--a---- 767904 bytes	[01:42 26/07/2013]	[01:42 26/07/2013] 2E99E00A4DA3A9CDB2C7042B59B8B8E5 C:\Windows\System32\winevt\Logs\TuneUp.evtx	--a---- 69632 bytes	[01:41 26/07/2013]	[14:34 02/08/2013] E4393C8E8E46BDF24F0B367C27484C0A Searching for "*First Aid*.*" No files found. Searching for "*Tweaking.com*.*" C:\Windows\tweaking.com-regbackup-LISA-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat	--a---- 207 bytes	[16:55 28/06/2013]	[16:55 28/06/2013] CA2A8AF1DBAD0F31F9B33A2827DFBC16 ========== regfind ========== Searching for "TuneUp" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00711705-12C5-420B-A4E5-6413F2AB3C7B}] @="TuneUp WinLogon Extension" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00711705-12C5-420B-A4E5-6413F2AB3C7B}] @="TuneUp WinLogon Extension" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\TuneUp Software\TuneUp Utilities 2013\"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\TuneUp Software\"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\ProgramData\TuneUp Software\TuneUp Utilities\"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\TuneUpSystemStatusCheck_RASAPI32] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\TuneUpSystemStatusCheck_RASMANCS] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TuneUp] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{00711705-12C5-420B-A4E5-6413F2AB3C7B}] @="TuneUp WinLogon Extension" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\TuneUp] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\TuneUp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\TuneUp] [HKEY_USERS\.DEFAULT\Software\TuneUp] [HKEY_USERS\S-1-5-18\Software\TuneUp] Searching for "First Aid" No data found. Searching for "Tweaking.com" No data found. -= EOF =-


----------



## eddie5659 (Mar 19, 2001)

Sorry, no email notification, hence the lateness 

Okay, as we're going to edit the registry, lets create a backup, just in case 

*Backing Up Your Registry*
Download *ERUNT* 
_(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)_
Install *ERUNT* by following the prompts
_(use the default install settings but say no to the portion that asks you to add *ERUNT* to the start-up folder, if you like you can enable this option later)_
Start *ERUNT*
_(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)_
Choose a location for the backup
_(the default location is C:\WINDOWS\ERDNT which is acceptable)._
Make sure that at least the first two check boxes are ticked
Press *OK*
Press *YES* to create the folder.










Then, can you run the following fix:

Run OTL 

Under the *Custom Scans/Fixes* box at the bottom, paste in the following 

```
:Commands
[CREATERESTOREPOINT] 
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TuneUp]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\TuneUp]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\TuneUp] 
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\TuneUp]
[-HKEY_USERS\.DEFAULT\Software\TuneUp] 
[-HKEY_USERS\S-1-5-18\Software\TuneUp]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\TuneUpSystemStatusCheck_RASMANCS]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\TuneUpSystemStatusCheck_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] 
"C:\ProgramData\TuneUp Software\TuneUp Utilities 2013\"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\TuneUp Software\"=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\TuneUp Software\TuneUp Utilities\"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00711705-12C5-420B-A4E5-6413F2AB3C7B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00711705-12C5-420B-A4E5-6413F2AB3C7B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{00711705-12C5-420B-A4E5-6413F2AB3C7B}]
:Files
C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget
C:\ProgramData\TuneUp Software
C:\Users\All Users\TuneUp Software
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TuneUp Software
C:\Program Files (x86)\Tweaking.com
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\TuneUpUtilitiesService64.exe.1704.dmp
C:\Windows\tweaking.com-regbackup-LISA-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
ipconfig /flushdns /c
:Commands
[emptytemp]
[purity]
[emptyjava]
[EMPTYFLASH]
```

Then click the *Run Fix* button at the top 
Click OK.
Let the program run unhindered, reboot when it is done
It will produce a log for you on reboot, please post that log in your next reply. The log is saved in the same location as OTL.

eddie


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie: Downloaded erunt. So far so good. Then, at install the program insists that I must install it to the Start menu! Cant go any further without doing it. So I just stopped/ Let me know if you have any suggestions


----------



## lavenderchef45 (Jul 24, 2013)

All processes killed ========== COMMANDS ========== Restore point Set: OTL Restore Point ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TuneUp\ not found. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\TuneUp\ not found. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\TuneUp\ not found. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\TuneUp\ not found. Registry key HKEY_USERS\.DEFAULT\Software\TuneUp\ not found. Registry key HKEY_USERS\S-1-5-18\Software\TuneUp\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\TuneUpSystemStatusCheck_RASMANCS\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\TuneUpSystemStatusCheck_RASAPI32\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00711705-12C5-420B-A4E5-6413F2AB3C7B}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00711705-12C5-420B-A4E5-6413F2AB3C7B}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{00711705-12C5-420B-A4E5-6413F2AB3C7B}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00711705-12C5-420B-A4E5-6413F2AB3C7B}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{00711705-12C5-420B-A4E5-6413F2AB3C7B}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00711705-12C5-420B-A4E5-6413F2AB3C7B}\ not found. ========== FILES ========== File\Folder C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget not found. C:\ProgramData\TuneUp Software\TuneUp Utilities 2013 folder moved successfully. C:\ProgramData\TuneUp Software folder moved successfully. File\Folder C:\Users\All Users\TuneUp Software not found. File\Folder C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TuneUp Software not found. File\Folder C:\Program Files (x86)\Tweaking.com not found. File\Folder C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\TuneUpUtilitiesService64.exe.1704.dmp not found. C:\Windows\tweaking.com-regbackup-LISA-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat moved successfully. < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\Lisa\Desktop\cmd.bat deleted successfully. C:\Users\Lisa\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Lisa ->Temp folder emptied: 23537 bytes ->Temporary Internet Files folder emptied: 4096 bytes ->FireFox cache emptied: 52458716 bytes ->Flash cache emptied: 541 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 50.00 mb [EMPTYJAVA] User: All Users User: Default User: Default User User: Lisa User: Public Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Lisa ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 09102013_231428 Files\Folders moved on Reboot... File\Folder C:\Users\Lisa\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...


----------



## eddie5659 (Mar 19, 2001)

Hi

Just to let you know I haven't forgotten you, but my router died at home, and a new one should arrive tomorrow. I have limited internet use at work, so can't really research anything here.

As soon as its u and running, I'll reply


----------



## eddie5659 (Mar 19, 2001)

Back with new router 

Its okay about the WordWrap, I can read this one okay 

Lets just check some of the actual files are not there anymore from TuneUp:


Double-click *SystemLook.exe* to run it.
Copy the content of the following codebox into the main textfield:

```
:filefind
*uxtuneup*.*
*TURegOpt*.*
*authuitu*.*
:dir
C:\windows\Èú¡
:file
C:\windows\SysNative\drivers\aswVmm.sys.sum
C:\windows\SysNative\drivers\aswSP.sys.sum
C:\windows\SysNative\drivers\aswSnx.sys.sum
C:\windows\SysNative\drivers\aswVmm.sys
C:\windows\SysNative\drivers\aswRvrt.sys
```

Click the *Look* button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
*Note:* The log can also be found at on your Desktop entitled *SystemLook.txt*

------------------

This is a different tool to OTL. Very similar name, but called OTS 

Download *OTS.exe * to your Desktop. 

Close any open browsers.
If your Real protection or Antivirus interferes with OTS, allow it to run.
Double-click on *OTS.exe* to start the program.
At the top put a check mark in the box beside "Scan All Users".
Under the *Additional Scans *section put a check in the box next to Disabled MS Config Items, NetSvcs and EventViewer logs (Last 10 errors)
Now click the *Run Scan *button on the toolbar.
Let it run unhindered until it finishes.
When the scan is complete Notepad will open with the report file loaded in it.
Save that notepad file.
Use the *Reply* button, scroll down to the attachments section and attach the notepad file here.

*Make sure you attach the report in your reply. If it is too big to upload, then zip the text file and upload it that way*

*IF OTS SAYS 'NOT RESPONDING' DON'T USE THE MOUSE. IT WILL CARRY ON SCANNING AFTER A FEW MINUTES*

eddie


----------



## eddie5659 (Mar 19, 2001)

Please download *Farbar Service Scanner* and run it on the computer with the issue.
Make sure the following options are checked:
*Internet Services*
*Windows Firewall*
*System Restore*
*Security Center*
*Windows Update*

Press "*Scan*".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


----------



## lavenderchef45 (Jul 24, 2013)

SystemLook 30.07.11 by jpshortstuff
Log created at 10:26 on 18/09/2013 by Lisa
Administrator - Elevation successful

========== filefind ==========

Searching for "*uxtuneup*.*"
No files found.

Searching for "*TURegOpt*.*"
No files found.

Searching for "*authuitu*.*"
No files found.

========== dir ==========

C:\windows\Èú¡ - Unable to find folder.

========== file ==========

C:\windows\SysNative\drivers\aswVmm.sys.sum - Unable to find/read file.

C:\windows\SysNative\drivers\aswSP.sys.sum - Unable to find/read file.

C:\windows\SysNative\drivers\aswSnx.sys.sum - Unable to find/read file.

C:\windows\SysNative\drivers\aswVmm.sys - Unable to find/read file.

C:\windows\SysNative\drivers\aswRvrt.sys - Unable to find/read file.

-= EOF =-


----------



## lavenderchef45 (Jul 24, 2013)

Farbar Service Scanner Version: 13-09-2013
Ran by Lisa (administrator) on 19-09-2013 at 16:55:16
Running from "C:\Users\Lisa\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie. Just tried to run OTS program. Denied. Said I would have to get Administrative permission. So, closed antivirus & firewall. Tried again as Admin, no luck whatsoever! Deleted program & reinstalled. Same results. Pulled up Task Manager to have a look. Interesting, there are 2 exe files I have never seen before: unit_ manager and unit.exe. There is nothing in the Description area. No Comodo or Avast. I don't have any other antivirus programs running, did not download anything else. Comodo & Avast always display in the Description in task manager. Bloody Hell! Sorry, but this is beginning to wear on my. My internet connection reset itself about 30 times in the last 2 days. I don't get it. Had to go into Safe Mode to download & install Avast & Comodo firewall. Sorry about the madness, Angela


----------



## eddie5659 (Mar 19, 2001)

Sorry for the lateness, was away so had no acess to the internet 

Do you still have Comodo Firewall installed, or are you still having problems with the Windows Firewall?

I tend not to use Comodo, as it can keep asking you questions all the time.

Disable that, and see if running the below script starts up the firewall:

Run OTL 

Under the *Custom Scans/Fixes* box at the bottom, paste in the following 

```
:Commands
[CREATERESTOREPOINT] 
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = DWORD:1
ipconfig /flushdns /c
:Commands
[emptytemp]
[purity]
[emptyjava]
[EMPTYFLASH]
```

Then click the *Run Fix* button at the top 
Click OK.
Let the program run unhindered, reboot when it is done
It will produce a log for you on reboot, please post that log in your next reply. The log is saved in the same location as OTL.

Also, you may have to uninstall Comodo afterwards, if the Windows firewall starts ok.

Leave OTS for now, lets just work on the firewall


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie: Disabled Cpmodo Firewall, ran scan, sent u the scans u requested. After running OTS with the "fix" I checked Win Firewall & it is still disabled & nothing happens when I click on the program. On a pleasant note: I have been watching Call the Midwife, Whitechapel, The White Queen; & fell in love with Port Isac due to watching Doc Martin. Currently in Brooklyn visiting a daughter in Caroll Gardens neighborhood. Would move here in a nano if I could stand to sell the farm. This mess with my laptop appears unending. I did however, have an interesting event when I randomly ran Malware Bytes. Can send you the scan results if you so wish. Best Regards, Angela


----------



## eddie5659 (Mar 19, 2001)

hmmmm, can you send me the Malware Bytes scan 

Also, lets have another look at the firewall. Can you run this one for me. It will create the two logs again, just want to see if I missed something.

Over two posts is fine 


Download *random's system information tool (RSIT)* by *random/random* from *here*.
*It is important that is saved to your desktop.*
Double click on *RSIT.exe* to run *RSIT*.
Click *Continue* at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both *log.txt* (<<will be maximized) and *info.txt* (<<will be minimized)

-------

Good to see you're watching some classics there. Doc Martin I've never seen yet, but Martin Clunes I used to watch in one of his first comedies called Men Behaving Badly.


----------



## eddie5659 (Mar 19, 2001)

Got your email. Can you try it without the ipconfig command, as below:


```
:Commands
[CREATERESTOREPOINT] 
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = DWORD:1
:Commands
[emptytemp]
[purity]
[emptyjava]
[EMPTYFLASH]
```
Exactly as before, it should work this time 

eddie


----------



## lavenderchef45 (Jul 24, 2013)

OTL logfile created on: 9/24/2013 11:26:08 AM - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lisa\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16686) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.60 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 57.32% Memory free 5.20 Gb Paging File | 3.76 Gb Available in Paging File | 72.27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285.29 Gb Total Space | 249.33 Gb Free Space | 87.40% Space Free | Partition Type: NTFS Computer Name: LISA-PC | User Name: Lisa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/09/19 11:15:30 | 000,227,024 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe PRC - [2013/09/19 11:15:30 | 000,216,272 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe PRC - [2013/09/19 11:15:30 | 000,070,352 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe PRC - [2013/09/17 12:00:52 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe PRC - [2013/08/30 03:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2013/08/19 09:48:15 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013/08/01 21:34:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe PRC - [2013/07/14 00:25:10 | 000,508,048 | ---- | M] (QFX Software Corporation) -- C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe PRC - [2013/05/29 08:19:04 | 002,094,216 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ========== Modules (No Company Name) ========== MOD - [2013/08/19 09:48:14 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ========== Services (SafeList) ========== SRV:*64bit:* - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:*64bit:* - [2013/07/08 16:59:40 | 006,199,520 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV:*64bit:* - [2013/06/18 16:15:30 | 000,158,936 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth) SRV:*64bit:* - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:*64bit:* - [2011/02/10 15:52:04 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:*64bit:* - [2010/10/20 17:41:50 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) SRV:*64bit:* - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) SRV - [2013/09/19 11:15:30 | 000,070,352 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher) SRV - [2013/09/17 12:00:52 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP) SRV - [2013/05/29 08:19:04 | 002,094,216 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater) SRV - [2013/05/21 02:17:01 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:*64bit:* - [2013/08/30 03:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:*64bit:* - [2013/08/30 03:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:*64bit:* - [2013/08/30 03:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:*64bit:* - [2013/08/30 03:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:*64bit:* - [2013/08/30 03:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:*64bit:* - [2013/08/30 03:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:*64bit:* - [2013/08/30 03:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:*64bit:* - [2013/08/30 03:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:*64bit:* - [2013/08/01 09:46:26 | 000,062,168 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys -- (ESProtectionDriver) DRV:*64bit:* - [2013/06/18 16:16:08 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd) DRV:*64bit:* - [2013/05/31 10:53:12 | 000,222,200 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler) DRV:*64bit:* - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:*64bit:* - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:*64bit:* - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:*64bit:* - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:*64bit:* - [2011/04/20 09:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:*64bit:* - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:*64bit:* - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:*64bit:* - [2011/02/14 15:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:*64bit:* - [2011/02/10 16:22:00 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:*64bit:* - [2011/02/10 15:15:08 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:*64bit:* - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect) DRV:*64bit:* - [2011/01/05 04:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce) DRV:*64bit:* - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:*64bit:* - [2010/11/11 15:58:54 | 000,137,512 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:*64bit:* - [2010/11/05 10:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:*64bit:* - [2010/11/05 10:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:*64bit:* - [2010/10/08 14:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:*64bit:* - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst) DRV:*64bit:* - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) DRV:*64bit:* - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:*64bit:* - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:*64bit:* - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:*64bit:* - [2009/07/07 12:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk) DRV:*64bit:* - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:*64bit:* - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:*64bit:* - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:*64bit:* - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2013/07/10 13:16:22 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64) DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:*64bit:* - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} IE:*64bit:* - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ IE:*64bit:* - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ IE - HKCU\..\SearchScopes\{DA0CC9A4-539D-40F4-90F7-B565B9B4C6B1}: "URL" = http://www.bing.com/search?FORM=U039DF&PC=U039&dt=070613&q={searchTerms}&src=IE-SearchBox IE - HKCU\..\SearchScopes\C5879625A899472F8231C4DAF8D55DC1: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ_enUS529 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing " FF - prefs.js..browser.search.order.3: "Bing " FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: https-facebook%40niyaz.pk:0.4 FF - prefs.js..extensions.enabledAddons: %7B3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d%7D:2.0 FF - prefs.js..extensions.enabledAddons: html5notifications%40paxal.net:1.2.2 FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130917 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.1 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1 FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=U039DF&PC=U039&dt=070613&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/09/18 23:45:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/07/06 10:52:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions [2013/09/22 09:33:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions [2013/09/18 09:55:17 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013/08/01 10:24:35 | 000,048,446 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected] [2013/04/21 21:26:35 | 000,005,831 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected] [2013/07/06 01:18:46 | 000,175,050 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected] [2013/08/25 00:41:58 | 000,086,000 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}.xpi [2013/04/21 21:35:56 | 000,049,690 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}.xpi [2013/09/22 09:33:47 | 000,534,729 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013/07/31 13:27:55 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013/08/19 09:48:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/08/19 09:48:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013/08/19 09:48:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2013/08/13 03:05:56 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:*64bit:* - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software) O2:*64bit:* - BHO: (no name) - {FFCB3198-32F3-4E8B-9539-4324694ED663} - No CLSID value found. O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (avast! Ad Blocker) - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software) O3:*64bit:* - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O4:*64bit:* - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4:*64bit:* - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO) O4:*64bit:* - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.) O4:*64bit:* - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4:*64bit:* - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) O4:*64bit:* - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) O4:*64bit:* - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation) O4:*64bit:* - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe (QFX Software Corporation) O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [tvncontrol] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13 - gopher Prefix: missing O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll (Reg Error: Value error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F2D4926-9457-4FB2-8668-A29BDBCB3F5D}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A17F4BD4-A57D-4282-BAC7-916CF67685B2}: DhcpNameServer = 192.168.0.1 O20:*64bit:* - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:*64bit:* - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:*64bit:* - HKLM\..comfile [open] -- "%1" %* O35:*64bit:* - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:*64bit:* - HKLM\...com [@ = comfile] -- "%1" %* O37:*64bit:* - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [CREATERESTOREPOINT] Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013/09/20 10:45:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COMODO [2013/09/19 17:48:06 | 000,646,656 | ---- | C] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTS.exe [2013/09/19 16:20:28 | 000,358,923 | ---- | C] (Farbar) -- C:\Users\Lisa\Desktop\FSS.exe [2013/09/19 02:19:50 | 000,000,000 | -H-D | C] -- C:\VTRoot [2013/09/19 02:07:37 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space [2013/09/19 02:07:03 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2013/09/19 02:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO [2013/09/19 02:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo [2013/09/19 02:05:41 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Comodo [2013/09/19 02:05:33 | 000,056,072 | ---- | C] (COMODO CA Limited) -- C:\windows\SysNative\certsentry.dll [2013/09/19 02:05:33 | 000,047,368 | ---- | C] (COMODO CA Limited) -- C:\windows\SysWow64\certsentry.dll [2013/09/19 02:05:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo [2013/09/19 02:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader [2013/09/18 23:56:21 | 149,029,376 | ---- | C] (COMODO) -- C:\Users\Lisa\Desktop\cfw_installer.exe [2013/09/18 23:47:28 | 000,072,016 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys [2013/09/18 23:45:58 | 001,030,952 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys [2013/09/18 23:45:49 | 000,041,664 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr [2013/09/18 23:39:15 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013/09/18 23:27:20 | 000,000,000 | ---D | C] -- C:\windows\ERUNT [2013/09/18 23:22:58 | 001,029,675 | ---- | C] (Thisisu) -- C:\Users\Lisa\Desktop\JRT_NEW.exe [2013/09/18 23:08:37 | 000,378,944 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys [2013/09/18 23:08:37 | 000,033,400 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys [2013/09/18 23:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013/09/18 23:08:36 | 000,028,752 | ---- | C] (ALWIL Software) -- C:\windows\SysNative\drivers\aswRdr.sys [2013/09/18 23:08:35 | 000,064,288 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys [2013/09/18 23:08:34 | 000,080,816 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys [2013/09/18 23:08:25 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\windows\SysWow64\aswBoot.exe [2013/09/18 23:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software [2013/09/18 23:08:22 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2013/09/18 22:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit [2013/09/18 22:32:28 | 001,498,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr100d.dll [2013/09/18 22:32:28 | 000,743,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp100d.dll [2013/09/18 22:32:27 | 001,858,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcr100d.dll [2013/09/18 22:32:27 | 001,014,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcp100d.dll [2013/09/18 22:32:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Exploit [2013/09/18 22:31:10 | 001,790,576 | ---- | C] (Malwarebytes ) -- C:\Users\Lisa\Desktop\mbae-setup-0.09.3.1000.exe [2013/09/18 22:25:33 | 001,350,155 | ---- | C] (Malwarebytes ) -- C:\Users\Lisa\Desktop\mbae-setup-0.9.2.1200.exe.part [2013/09/17 09:59:30 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013/09/10 23:41:06 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2013/09/10 23:41:05 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2013/09/10 23:41:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll [2013/09/10 23:41:03 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll [2013/09/10 23:41:03 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll [2013/09/10 23:41:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll [2013/09/10 23:41:02 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll [2013/09/10 23:41:02 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll [2013/09/10 23:41:02 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe [2013/09/10 23:41:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe [2013/09/10 23:41:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe [2013/09/10 23:40:57 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2013/09/10 23:40:56 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2013/09/10 23:40:56 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2013/09/10 23:40:54 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2013/09/10 23:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT [2013/09/10 23:02:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT [2013/09/10 22:55:50 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys [2013/09/10 22:55:23 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe [2013/09/10 22:55:22 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe [2013/09/10 22:55:21 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe [2013/09/10 22:55:21 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll [2013/09/10 22:55:18 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll [2013/09/10 22:55:17 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll [2013/09/10 22:55:13 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll [2013/09/10 22:55:10 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe [2013/09/10 22:55:09 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll [2013/09/10 22:55:09 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll [2013/09/10 22:55:07 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe [2013/09/10 22:55:06 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll [2013/09/10 22:55:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll [2013/09/10 22:55:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll [2013/09/10 22:55:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll [2013/09/10 22:55:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013/09/10 22:55:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013/09/10 22:55:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013/09/10 22:55:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013/09/10 22:55:03 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013/09/10 22:55:03 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013/09/10 22:55:03 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll [2013/09/10 22:55:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013/09/10 22:55:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013/09/10 22:55:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013/09/10 22:55:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013/09/10 22:55:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013/09/10 22:55:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013/09/10 22:55:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013/09/10 22:55:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013/09/10 22:55:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013/09/10 22:55:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/09/10 22:55:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013/09/10 22:55:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/09/10 22:55:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013/09/10 22:55:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013/09/10 22:54:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013/09/10 22:54:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013/09/10 22:54:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013/09/10 22:54:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013/09/10 22:54:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013/09/10 22:54:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013/09/10 22:54:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013/09/10 22:54:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013/09/10 22:54:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013/09/10 22:54:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013/09/10 22:54:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013/09/10 22:54:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013/09/10 22:54:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013/09/10 22:54:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013/09/10 22:54:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013/09/10 22:54:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013/09/10 22:54:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013/09/10 22:54:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013/09/10 22:54:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013/09/10 22:54:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013/09/10 22:54:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013/09/10 22:54:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013/09/10 22:54:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013/09/10 22:54:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013/09/10 22:54:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013/09/10 22:54:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013/09/10 22:54:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013/09/10 22:54:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013/09/10 22:54:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013/09/10 22:54:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013/09/10 22:54:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013/09/10 22:54:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013/09/10 22:54:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013/09/10 22:54:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013/09/10 22:54:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013/09/10 22:54:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013/09/10 22:54:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe [2013/09/10 22:54:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe [2013/09/10 22:54:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll [2013/09/10 22:54:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll [2013/09/10 22:54:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe [2013/09/10 22:54:22 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll [2013/09/09 23:12:37 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Lisa\Desktop\erunt_setup.exe [2013/09/05 05:35:06 | 000,055,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\offreg.dll [2013/09/04 19:46:03 | 000,026,432 | ---- | C] (IObit) -- C:\windows\SysNative\RegistryDefragBootTime.exe [2013/09/04 19:37:27 | 000,000,000 | ---D | C] -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} [2013/09/04 19:37:23 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Apple Computer [2013/09/04 19:37:01 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\IObit [2013/08/29 12:16:26 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Recipe Contests for 2013 & 2014 Cooking Contests; Food Contests & Competitions_files [2013/08/28 11:49:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN ========== Files - Modified Within 30 Days ========== [2013/09/24 11:36:06 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013/09/24 11:18:21 | 000,024,608 | ---- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/09/24 11:18:21 | 000,024,608 | ---- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/09/24 11:18:16 | 000,726,316 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2013/09/24 11:18:16 | 000,624,178 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2013/09/24 11:18:16 | 000,106,522 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2013/09/24 11:13:45 | 000,000,508 | ---- | M] () -- C:\windows\tasks\Malwarebytes Anti-Exploit.job [2013/09/24 11:13:18 | 000,000,890 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013/09/24 11:12:46 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013/09/24 11:12:40 | 2094,161,920 | -HS- | M] () -- C:\hiberfil.sys [2013/09/21 03:52:43 | 000,169,358 | ---- | M] () -- C:\windows\SysNative\drivers\fvstore.dat [2013/09/21 02:27:13 | 000,016,961 | ---- | M] () -- C:\Users\Lisa\Desktop\San lorenzo.odt [2013/09/20 10:45:27 | 000,002,054 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2013/09/20 10:45:27 | 000,002,054 | ---- | M] () -- C:\Users\Public\Desktop\GeekBuddy.lnk [2013/09/19 17:48:09 | 000,646,656 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTS.exe [2013/09/19 16:20:48 | 000,358,923 | ---- | M] (Farbar) -- C:\Users\Lisa\Desktop\FSS.exe [2013/09/19 04:48:17 | 000,001,947 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk [2013/09/19 02:09:54 | 000,001,910 | ---- | M] () -- C:\Users\Public\Desktop\Virtual Comodo Dragon.lnk [2013/09/19 02:09:45 | 000,000,604 | ---- | M] () -- C:\Users\Public\Desktop\Shared Space.lnk [2013/09/19 02:05:45 | 000,001,127 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk [2013/09/19 02:05:33 | 000,056,072 | ---- | M] (COMODO CA Limited) -- C:\windows\SysNative\certsentry.dll [2013/09/19 02:05:33 | 000,047,368 | ---- | M] (COMODO CA Limited) -- C:\windows\SysWow64\certsentry.dll [2013/09/19 00:29:29 | 149,029,376 | ---- | M] (COMODO) -- C:\Users\Lisa\Desktop\cfw_installer.exe [2013/09/18 23:45:57 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt [2013/09/18 23:38:28 | 001,039,554 | ---- | M] () -- C:\Users\Lisa\Desktop\adwcleaner.exe [2013/09/18 23:08:37 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013/09/18 22:31:22 | 001,790,576 | ---- | M] (Malwarebytes ) -- C:\Users\Lisa\Desktop\mbae-setup-0.09.3.1000.exe [2013/09/18 22:25:56 | 001,350,155 | ---- | M] (Malwarebytes  ) -- C:\Users\Lisa\Desktop\mbae-setup-0.9.2.1200.exe.part [2013/09/18 22:25:43 | 000,000,000 | ---- | M] () -- C:\Users\Lisa\Desktop\mbae-setup-0.9.2.1200.exe [2013/09/18 20:09:14 | 000,012,212 | ---- | M] () -- C:\Users\Lisa\Desktop\clen marble.odt [2013/09/15 15:13:53 | 000,027,169 | ---- | M] () -- C:\Users\Lisa\Desktop\resume 2013.odt [2013/09/15 14:34:53 | 000,014,577 | ---- | M] () -- C:\Users\Lisa\Desktop\References.odt [2013/09/15 02:43:33 | 001,029,675 | ---- | M] (Thisisu) -- C:\Users\Lisa\Desktop\JRT_NEW.exe [2013/09/12 15:49:10 | 000,021,530 | ---- | M] () -- C:\Users\Lisa\Desktop\cap1[1].odt [2013/09/11 10:10:47 | 000,001,527 | ---- | M] () -- C:\Users\Lisa\Desktop\377337_10150480821992095_770253012_n - Shortcut.lnk [2013/09/11 09:18:09 | 000,294,032 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2013/09/10 23:02:04 | 000,000,935 | ---- | M] () -- C:\Users\Lisa\Desktop\NTREGOPT.lnk [2013/09/10 23:02:03 | 000,000,916 | ---- | M] () -- C:\Users\Lisa\Desktop\ERUNT.lnk [2013/09/10 11:03:20 | 000,012,974 | ---- | M] () -- C:\Users\Lisa\Desktop\neighbors.odt [2013/09/09 23:13:31 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Lisa\Desktop\erunt_setup.exe [2013/09/05 05:35:06 | 000,055,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\offreg.dll [2013/09/04 20:23:07 | 000,000,000 | ---- | M] () -- C:\asc_rdflag [2013/09/03 23:36:51 | 000,165,376 | ---- | M] () -- C:\Users\Lisa\Desktop\SystemLook_x64.exe [2013/08/31 21:39:31 | 000,001,738 | ---- | M] () -- C:\windows\SysWow64\EmailAVConfig.xml [2013/08/31 21:36:59 | 000,014,122 | ---- | M] () -- C:\Users\Lisa\Desktop\directions to emmas from Jacks.odt [2013/08/31 10:48:18 | 000,014,037 | ---- | M] () -- C:\Users\Lisa\Desktop\From Jack to Emmas.odt [2013/08/30 03:48:10 | 001,030,952 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys [2013/08/30 03:48:10 | 000,378,944 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys [2013/08/30 03:48:10 | 000,204,880 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys [2013/08/30 03:48:10 | 000,072,016 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys [2013/08/30 03:48:10 | 000,065,336 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys [2013/08/30 03:48:10 | 000,064,288 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys [2013/08/30 03:48:09 | 000,080,816 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys [2013/08/30 03:48:09 | 000,033,400 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys [2013/08/30 03:47:40 | 000,041,664 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr [2013/08/30 03:47:14 | 000,287,840 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe [2013/08/29 14:13:56 | 000,559,739 | ---- | M] () -- C:\Users\Lisa\Desktop\Susannahs feet @Far Rockaway Beach.JPG [2013/08/29 14:12:23 | 000,776,953 | ---- | M] () -- C:\Users\Lisa\Desktop\Grassy Park Brooklyn Waterfront.JPG [2013/08/29 14:04:22 | 000,013,716 | ---- | M] () -- C:\Users\Lisa\Desktop\American Pride Traditional Stone Worx.odt [2013/08/29 12:16:39 | 000,047,484 | ---- | M] () -- C:\Users\Lisa\Desktop\Recipe Contests for 2013 & 2014 Cooking Contests; Food Contests & Competitions.htm [2013/08/27 00:39:18 | 000,035,498 | ---- | M] () -- C:\Users\Lisa\Desktop\Mrs Kline.odt [2013/08/27 00:25:32 | 000,191,419 | ---- | M] () -- C:\Users\Lisa\Desktop\grand-hotel-gianicolo-first-course.jpg.1024x0.jpg [2013/08/26 11:15:02 | 000,391,594 | ---- | M] () -- C:\Users\Lisa\Desktop\Supper's Panna Cotta with heated Italian bitter chocolate & Fruit.jpg ========== Files Created - No Company Name ========== [2013/09/22 01:22:23 | 000,000,508 | ---- | C] () -- C:\windows\tasks\Malwarebytes Anti-Exploit.job [2013/09/20 10:45:27 | 000,002,054 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2013/09/20 10:45:27 | 000,002,054 | ---- | C] () -- C:\Users\Public\Desktop\GeekBuddy.lnk [2013/09/19 02:19:45 | 000,169,358 | ---- | C] () -- C:\windows\SysNative\drivers\fvstore.dat [2013/09/19 02:09:55 | 000,001,947 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk [2013/09/19 02:09:54 | 000,001,910 | ---- | C] () -- C:\Users\Public\Desktop\Virtual Comodo Dragon.lnk [2013/09/19 02:09:45 | 000,000,604 | ---- | C] () -- C:\Users\Public\Desktop\Shared Space.lnk [2013/09/19 02:05:45 | 000,001,127 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk [2013/09/18 23:45:58 | 000,204,880 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys [2013/09/18 23:45:58 | 000,065,336 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys [2013/09/18 23:37:57 | 001,039,554 | ---- | C] () -- C:\Users\Lisa\Desktop\adwcleaner.exe [2013/09/18 23:08:37 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013/09/18 22:25:43 | 000,000,000 | ---- | C] () -- C:\Users\Lisa\Desktop\mbae-setup-0.9.2.1200.exe [2013/09/18 20:09:12 | 000,012,212 | ---- | C] () -- C:\Users\Lisa\Desktop\clen marble.odt [2013/09/11 10:10:47 | 000,001,527 | ---- | C] () -- C:\Users\Lisa\Desktop\377337_10150480821992095_770253012_n - Shortcut.lnk [2013/09/10 23:02:03 | 000,000,935 | ---- | C] () -- C:\Users\Lisa\Desktop\NTREGOPT.lnk [2013/09/10 23:02:03 | 000,000,916 | ---- | C] () -- C:\Users\Lisa\Desktop\ERUNT.lnk [2013/09/10 11:03:18 | 000,012,974 | ---- | C] () -- C:\Users\Lisa\Desktop\neighbors.odt [2013/09/04 20:23:07 | 000,000,000 | ---- | C] () -- C:\asc_rdflag [2013/09/03 23:36:50 | 000,165,376 | ---- | C] () -- C:\Users\Lisa\Desktop\SystemLook_x64.exe [2013/08/31 21:39:31 | 000,001,738 | ---- | C] () -- C:\windows\SysWow64\EmailAVConfig.xml [2013/08/31 21:36:56 | 000,014,122 | ---- | C] () -- C:\Users\Lisa\Desktop\directions to emmas from Jacks.odt [2013/08/31 10:48:15 | 000,014,037 | ---- | C] () -- C:\Users\Lisa\Desktop\From Jack to Emmas.odt [2013/08/29 14:13:54 | 000,559,739 | ---- | C] () -- C:\Users\Lisa\Desktop\Susannahs feet @Far Rockaway Beach.JPG [2013/08/29 14:12:21 | 000,776,953 | ---- | C] () -- C:\Users\Lisa\Desktop\Grassy Park Brooklyn Waterfront.JPG [2013/08/29 12:16:26 | 000,047,484 | ---- | C] () -- C:\Users\Lisa\Desktop\Recipe Contests for 2013 & 2014 Cooking Contests; Food Contests & Competitions.htm [2013/08/27 00:25:30 | 000,191,419 | ---- | C] () -- C:\Users\Lisa\Desktop\grand-hotel-gianicolo-first-course.jpg.1024x0.jpg [2013/08/26 11:16:29 | 000,391,594 | ---- | C] () -- C:\Users\Lisa\Desktop\Supper's Panna Cotta with heated Italian bitter chocolate & Fruit.jpg [2013/07/26 13:35:12 | 000,000,000 | ---- | C] () -- C:\windows\ToDisc.INI [2013/06/28 14:03:12 | 000,000,017 | ---- | C] () -- C:\Users\Lisa\AppData\Local\resmon.resmoncfg [2013/06/25 22:55:16 | 000,026,818 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\UserTile.png [2013/03/25 12:49:37 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe [2013/03/25 12:41:51 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2013/03/25 12:38:45 | 000,002,975 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat [2013/03/25 11:16:26 | 000,727,182 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Custom Scans ========== < :Commands > < :Reg > < [-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] > < [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] > < "EnableFirewall" = DWORD:1 > < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. < :Commands > < [emptytemp] > < [purity] > < [emptyjava] > < [EMPTYFLASH] > < End of report >


----------



## eddie5659 (Mar 19, 2001)

You have to click on *RUN FIX*. You keep pressing run scan, which is why its not working.











Under the *Custom Scans/Fixes* box at the bottom, paste in the following 

```
:Commands
[CREATERESTOREPOINT] 
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = DWORD:1
:Commands
[emptytemp]
[purity]
[emptyjava]
[EMPTYFLASH]
```

Then click the *Run Fix* button at the top 
Click OK.
Let the program run unhindered, reboot when it is done
It will produce a log for you on reboot, please post that log in your next reply. The log is saved in the same location as OTL.


----------



## lavenderchef45 (Jul 24, 2013)

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\"EnableFirewall" | DWORD:1 /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Lisa
->Temp folder emptied: 1227999 bytes
->Temporary Internet Files folder emptied: 102031 bytes
->FireFox cache emptied: 12542476 bytes
->Flash cache emptied: 1612 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 23710 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 39494384 bytes

Total Files Cleaned = 51.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Lisa

User: Public

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Lisa
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 10062013_170710

Files\Folders moved on Reboot...
C:\Users\Lisa\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


----------



## lavenderchef45 (Jul 24, 2013)

WIndows firewall is still dead in the h2O! I disabled Comodo when I ran the fix.


----------



## eddie5659 (Mar 19, 2001)

Did the firewall stop working after you installed Comodo, or before?

Can we see what is there at the moment:


Double-click *SystemLook.exe* to run it.
Copy the content of the following codebox into the main textfield:

```
:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] /sub
```

Click the *Look* button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
*Note:* The log can also be found at on your Desktop entitled *SystemLook.txt*

eddie


----------



## lavenderchef45 (Jul 24, 2013)

SystemLook 30.07.11 by jpshortstuff Log created at 00:06 on 08/10/2013 by Lisa Administrator - Elevation successful ========== Reg ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"= 0x0000000001 (1) "DisableNotifications"= 0x0000000000 (0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications] (No values found) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] (No values found) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts] (No values found) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] (No values found) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging] "LogFileSize"= 0x0000001000 (4096) "LogFilePath"="%systemroot%\system32\LogFiles\Firewall\pfirewall.log" -= EOF =-


----------



## lavenderchef45 (Jul 24, 2013)

The reason I installed Comodo firewall was after I discovered that my windows firewall was totally inoperable. I did not want to install Comodo, but at that time I had virutally no firewall. Best Regards Angela


----------



## eddie5659 (Mar 19, 2001)

Well, its showing its enabled:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"= 0x0000000001 (1) 
"DisableNotifications"= 0x0000000000 (0)

This part

"EnableFirewall"= 0x0000000001 (1)

As its 1, that means its on. 0 is off.

Anyway, that doesn't solve the issue, so off I go a testing, back in a few mins


----------



## eddie5659 (Mar 19, 2001)

Okay, can you do this for me, so we can see if an error code comes up or not.


Please download the Event Viewer Tool by Vino Rosso:

http://images.malwareremoval.com/vino/VEW.exe

and save it to your Desktop.

Now, try and start Windows Firewall, so that you get a message. If you can, jot down exactly what it says, just in case its different to the error number we're getting in a min.

 Right-click *VEW.exe* and Run AS Administrator

 Under *Select log to query*, select:

**System
*Application
*

 Under *Select type to list*, select:

** Error
* Warning
*Information*

Then use the *Number of events* as follows:

 Click the radio button for *Number of events*

Type *20* in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application.


----------



## lavenderchef45 (Jul 24, 2013)

Vino's Event Viewer v01c run on Windows 2008 in English Report run at 10/10/2013 10:24:58 AM Note: All dates below are in the format dd/mm/yyyy 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 10/10/2013 2:04:31 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 09/10/2013 7:37:19 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 09/10/2013 2:25:58 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 09/10/2013 12:22:40 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 08/10/2013 10:52:45 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 08/10/2013 4:14:43 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 08/10/2013 3:38:21 AM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 06/10/2013 9:12:35 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 06/10/2013 7:48:43 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 05/10/2013 12:56:41 AM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 04/10/2013 10:54:44 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 04/10/2013 9:01:53 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service

Log: 'Application' Date/Time: 04/10/2013 5:16:14 PM Type: Error Category: 0 Event: 8193 Source: System Restore Failed to create restore point (Process = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Description = Revo Uninstaller's restore point - Comodo Dragon; Error = 0x8007043c).

Log: 'Application' Date/Time: 04/10/2013 5:05:08 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service

Log: 'Application' Date/Time: 04/10/2013 3:53:09 AM Type: Error Category: 100 Event: 1000 Source: Application Error Faulting application name: dragon_updater.exe, version: 0.0.0.0, time stamp: 0x51a5da71 Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f Exception code: 0xc0000005 Fault offset: 0x00039342 Faulting process id: 0x844 Faulting application start time: 0x01cec0541e58ad89 Faulting application path: C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe Faulting module path: C:\windows\syswow64\ole32.dll Report Id: 7b4a3180-2ca8-11e3-8935-00266cbf61b0

Log: 'Application' Date/Time: 03/10/2013 4:21:25 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 02/10/2013 5:05:04 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 02/10/2013 11:48:33 AM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 01/10/2013 8:09:51 PM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service 
Log: 'Application' Date/Time: 01/10/2013 11:06:11 AM Type: Error Category: 0 Event: 0 Source: TOSHIBA Service Station TSS Load: could not communicate with TMachInfo service ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Information Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
Log: 'Application' Date/Time: 10/10/2013 2:07:57 PM Type: Information Category: 0 Event: 1000 Source: Microsoft-Windows-LoadPerf Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data in the data section contains the new index values assigned to this service.

Log: 'Application' Date/Time: 10/10/2013 2:07:57 PM Type: Information Category: 0 Event: 1001 Source: Microsoft-Windows-LoadPerf Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

Log: 'Application' Date/Time: 10/10/2013 2:07:30 PM Type: Information Category: 0 Event: 903 Source: Microsoft-Windows-Security-SPP The Software Protection service has stopped. 
Log: 'Application' Date/Time: 10/10/2013 2:04:58 PM Type: Information Category: 0 Event: 1 Source: SecurityCenter The Windows Security Center Service has started. 
Log: 'Application' Date/Time: 10/10/2013 2:04:51 PM Type: Information Category: 0 Event: 0 Source: gupdate The event description cannot be found. 
Log: 'Application' Date/Time: 10/10/2013 2:04:26 PM Type: Information Category: 0 Event: 0 Source: Service1 Service started successfully. 
Log: 'Application' Date/Time: 10/10/2013 2:02:30 PM Type: Information Category: 0 Event: 5617 Source: Microsoft-Windows-WMI Windows Management Instrumentation Service subsystems initialized successfully Log: 'Application' Date/Time: 10/10/2013 2:02:29 PM Type: Information Category: 0 Event: 902 Source: Microsoft-Windows-Security-SPP The Software Protection service has started. 6.1.7601.17514

Log: 'Application' Date/Time: 10/10/2013 2:02:29 PM Type: Information Category: 0 Event: 1003 Source: Microsoft-Windows-Security-SPP The Software Protection service has completed licensing status check. Application Id=55c92734-d682-4d71-983e-d6ec3f16059f Licensing Status= 1: 01f5fc37-a99e-45c5-b65e-d762f3518ead, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 2: 2e7d060d-4714-40f2-9896-1e4f15b612ad, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 3: 3b965dfc-31d9-4903-886f-873a0382776c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 4: 586bc076-c93d-429a-afe5-a69fbc644e88, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 5: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 6: 5e35dc43-389b-47c5-b889-2088b06738cb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 7: 6a7d5d8a-92af-4e6a-af4b-8fddaec800e5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 8: 9ab82e0c-ffc9-4107-baa1-c65a8bd3ccc3, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 9: 9f83d90f-a151-4665-ae69-30b3f63ec659, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 10: a63275f4-530c-48a7-b0d3-4f00d688d151, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 11: b8a4bb91-69b1-460d-93f8-40e0670af04a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 12: d2c04e90-c3dd-4260-b0f3-f845f5d27d64, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 0 0 msft:rm/algorithm/bios/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )] 13: e68b141f-4dfa-4387-b3b7-e65c4889216e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 14: ee4e1629-bcdc-4b42-a68f-b92e135f78d7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 15: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )] 16: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]

Log: 'Application' Date/Time: 10/10/2013 2:02:29 PM Type: Information Category: 0 Event: 1066 Source: Microsoft-Windows-Security-SPP Initialization status for service objects. C:\windows\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000 C:\windows\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000 C:\windows\system32\sppobjs.dll, msft:rm/algorithm/pkey/2005, 0x00000000, 0x00000000 C:\windows\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000 C:\windows\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000 C:\windows\system32\sppobjs.dll, msft:spp/volume/services/kms/licenserenewal/1.0, 0x00000000, 0x00000000

Log: 'Application' Date/Time: 10/10/2013 2:02:28 PM Type: Information Category: 0 Event: 5615 Source: Microsoft-Windows-WMI Windows Management Instrumentation Service started sucessfully 
Log: 'Application' Date/Time: 10/10/2013 2:02:24 PM Type: Information Category: 0 Event: 900 Source: Microsoft-Windows-Security-SPP The Software Protection service is starting. 
Log: 'Application' Date/Time: 10/10/2013 2:02:23 PM Type: Information Category: 0 Event: 257 Source: GeekBuddyRSP Service has been started successfully

Log: 'Application' Date/Time: 10/10/2013 2:02:11 PM Type: Information Category: 0 Event: 6000 Source: Microsoft-Windows-Winlogon The winlogon notification subscriber was unavailable to handle a notification event.

Log: 'Application' Date/Time: 10/10/2013 2:02:11 PM Type: Information Category: 0 Event: 4101 Source: Microsoft-Windows-Winlogon Windows license validated.

Log: 'Application' Date/Time: 10/10/2013 2:02:05 PM Type: Information Category: 0 Event: 1531 Source: Microsoft-Windows-User Profiles Service The User Profile Service has started successfully.

Log: 'Application' Date/Time: 10/10/2013 2:02:05 PM Type: Information Category: 0 Event: 4625 Source: Microsoft-Windows-EventSystem The EventSystem sub system is suppressing duplicate event log entries for a duration of 86400 seconds. The suppression timeout can be controlled by a REG_DWORD value named SuppressDuplicateDuration under the following registry key: HKLM\Software\Microsoft\EventSystem\EventLog.

Log: 'Application' Date/Time: 10/10/2013 3:25:53 AM Type: Information Category: 0 Event: 1532 Source: Microsoft-Windows-User Profiles Service The User Profile Service has stopped.

Log: 'Application' Date/Time: 10/10/2013 3:25:46 AM Type: Information Category: 0 Event: 6000 Source: Microsoft-Windows-Winlogon The winlogon notification subscriber was unavailable to handle a notification event. Log: 'Application' Date/Time: 10/10/2013 3:25:46 AM Type: Information Category: 0 Event: 9009 Source: Desktop Window Manager The Desktop Window Manager has exited with code (0x40010004)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'Application' Date/Time: 05/10/2013 12:54:08 AM Type: Warning Category: 0 Event: 6000 Source: Microsoft-Windows-Winlogon The winlogon notification subscriber was unavailable to handle a notification event.

Log: 'Application' Date/Time: 05/10/2013 12:54:07 AM Type: Warning Category: 0 Event: 6000 Source: Microsoft-Windows-Winlogon The winlogon notification subscriber was unavailable to handle a notification event.

Log: 'Application' Date/Time: 04/10/2013 10:56:19 PM Type: Warning Category: 0 Event: 6000 Source: Microsoft-Windows-Winlogon The winlogon notification subscriber was unavailable to handle a notification event.

Log: 'Application' Date/Time: 04/10/2013 5:12:22 PM Type: Warning Category: 0 Event: 6000 Source: Microsoft-Windows-Winlogon The winlogon notification subscriber was unavailable to handle a notification event.

Log: 'Application' Date/Time: 04/10/2013 5:09:15 PM Type: Warning Category: 0 Event: 1530 Source: Microsoft-Windows-User Profiles Service Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-3278135505-1108507621-254113999-1000_Classes: Process 4216 (\Device\HarddiskVolume2\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000_CLASSES

Log: 'Application' Date/Time: 04/10/2013 5:09:14 PM Type: Warning Category: 0 Event: 1530 Source: Microsoft-Windows-User Profiles Service Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 70 user registry handles leaked from \Registry\User\S-1-5-21-3278135505-1108507621-254113999-1000: Process 4216 (\Device\HarddiskVolume2\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 3744 (\Device\HarddiskVolume2\Program Files (x86)\Comodo\GeekBuddy\unit.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000

Log: 'Application' Date/Time: 01/10/2013 4:04:42 AM Type: Warning Category: 0 Event: 1530 Source: Microsoft-Windows-User Profiles Service Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3278135505-1108507621-254113999-1000: Process 1008 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 1008 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections

Log: 'Application' Date/Time: 29/09/2013 11:30:49 PM Type: Warning Category: 0 Event: 6003 Source: Microsoft-Windows-Winlogon The winlogon notification subscriber was unavailable to handle a critical notification event.

Log: 'Application' Date/Time: 29/09/2013 12:44:33 AM Type: Warning Category: 0 Event: 6000 Source: Microsoft-Windows-Winlogon The winlogon notification subscriber was unavailable to handle a notification event.

Log: 'Application' Date/Time: 29/09/2013 12:44:32 AM Type: Warning Category: 0 Event: 6000 Source: Microsoft-Windows-Winlogon The winlogon notification subscriber was unavailable to handle a notification event.

Log: 'Application' Date/Time: 29/09/2013 12:22:48 AM Type: Warning Category: 0 Event: 6000 Source: Microsoft-Windows-Winlogon The winlogon notification subscriber was unavailable to handle a notification event.

Log: 'Application' Date/Time: 25/09/2013 1:33:58 PM Type: Warning Category: 0 Event: 1530 Source: Microsoft-Windows-User Profiles Service Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3278135505-1108507621-254113999-1000: Process 1752 (\Device\HarddiskVolume2\Windows\System32\wuauclt.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000 Process 1752 (\Device\HarddiskVolume2\Windows\System32\wuauclt.exe) has opened key \REGISTRY\USER\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Microsoft\Windows\CurrentVersion\Explorer

Log: 'Application' Date/Time: 19/09/2013 3:40:57 AM Type: Warning Category: 0 Event: 6000 Source: Microsoft-Windows-Winlogon The winlogon notification subscriber was unavailable to handle a notification event.

Log: 'Application' Date/Time: 19/09/2013 3:40:56 AM Type: Warning Category: 0 Event: 6000 Source: Microsoft-Windows-Winlogon The winlogon notification subscriber was unavailable to handle a notification event.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ '

System' Log - Error Type ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 10/10/2013 2:02:38 PM Type: Error Category: 0 Event: 14332 Source: Microsoft-Windows-WMPNSS-Service Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Log: 'System' Date/Time: 10/10/2013 2:02:14 PM Type: Error Category: 0 Event: 7000 Source: Service Control Manager The !SASCORE service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 09/10/2013 7:35:07 PM Type: Error Category: 0 Event: 14332 Source: Microsoft-Windows-WMPNSS-Service Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Log: 'System' Date/Time: 09/10/2013 7:34:41 PM Type: Error Category: 0 Event: 7000 Source: Service Control Manager The !SASCORE service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 09/10/2013 7:34:27 PM Type: Error Category: 0 Event: 6008 Source: EventLog The previous system shutdown at 1:36:12 PM on ?10/?9/?2013 was unexpected.

Log: 'System' Date/Time: 09/10/2013 2:23:57 PM Type: Error Category: 0 Event: 14332 Source: Microsoft-Windows-WMPNSS-Service Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Log: 'System' Date/Time: 09/10/2013 2:23:31 PM Type: Error Category: 0 Event: 7000 Source: Service Control Manager The !SASCORE service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 09/10/2013 2:23:23 PM Type: Error Category: 0 Event: 6008 Source: EventLog The previous system shutdown at 8:32:55 AM on ?10/?9/?2013 was unexpected.

Log: 'System' Date/Time: 09/10/2013 12:20:02 PM Type: Error Category: 0 Event: 7000 Source: Service Control Manager The !SASCORE service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 08/10/2013 10:52:12 PM Type: Error Category: 0 Event: 10010 Source: Microsoft-Windows-DistributedCOM The server {4B635ECB-0887-4015-8CA6-D621362F98D1} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 08/10/2013 10:50:33 PM Type: Error Category: 0 Event: 7000 Source: Service Control Manager The !SASCORE service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 08/10/2013 4:12:31 PM Type: Error Category: 0 Event: 7000 Source: Service Control Manager The !SASCORE service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 08/10/2013 5:51:59 AM Type: Error Category: 0 Event: 10010 Source: Microsoft-Windows-DistributedCOM The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 08/10/2013 5:51:57 AM Type: Error Category: 0 Event: 14332 Source: Microsoft-Windows-WMPNSS-Service Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Log: 'System' Date/Time: 08/10/2013 5:51:43 AM Type: Error Category: 0 Event: 7000 Source: Service Control Manager The !SASCORE service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 08/10/2013 3:36:47 AM Type: Error Category: 0 Event: 7000 Source: Service Control Manager The !SASCORE service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 06/10/2013 9:10:28 PM Type: Error Category: 0 Event: 14332 Source: Microsoft-Windows-WMPNSS-Service Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Log: 'System' Date/Time: 06/10/2013 9:10:11 PM Type: Error Category: 0 Event: 7000 Source: Service Control Manager The !SASCORE service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 06/10/2013 9:07:11 PM Type: Error Category: 0 Event: 7031 Source: Service Control Manager The GeekBuddyRSP Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Log: 'System' Date/Time: 06/10/2013 9:07:10 PM Type: Error Category: 0 Event: 7034 Source: Service Control Manager The COMODO LPS Launcher service terminated unexpectedly. It has done this 1 time(s). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
'System' Log - Information Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 10/10/2013 2:26:40 PM Type: Information Category: 0 Event: 7036 Source: Service Control Manager The Windows Modules Installer service entered the stopped state.

Log: 'System' Date/Time: 10/10/2013 2:26:39 PM Type: Information Category: 0 Event: 7040 Source: Service Control Manager The start type of the Windows Modules Installer service was changed from auto start to demand start.

Log: 'System' Date/Time: 10/10/2013 2:26:27 PM Type: Information Category: 0 Event: 7040 Source: Service Control Manager The start type of the Windows Modules Installer service was changed from demand start to auto start.

Log: 'System' Date/Time: 10/10/2013 2:20:20 PM Type: Information Category: 0 Event: 7036 Source: Service Control Manager The Application Experience service entered the running state.

Log: 'System' Date/Time: 10/10/2013 2:17:52 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240) - Update for Windows 7 for x64-based Systems (KB2882822) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Security Update for Windows 7 for x64-based Systems (KB2883150) - Update for Windows 7 for x64

Log: 'System' Date/Time: 10/10/2013 2:17:52 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240) - Update for Windows 7 for x64-based Systems (KB2882822) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Security Update for Windows 7 for x64-based Systems (KB2883150) - Update for Windows 7 for x64

Log: 'System' Date/Time: 10/10/2013 2:17:48 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240) - Update for Windows 7 for x64-based Systems (KB2882822) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Security Update for Windows 7 for x64-based Systems (KB2883150) - Update for Windows 7 for x64

Log: 'System' Date/Time: 10/10/2013 2:17:48 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240) - Update for Windows 7 for x64-based Systems (KB2882822) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Security Update for Windows 7 for x64-based Systems (KB2883150) - Update for Windows 7 for x64

Log: 'System' Date/Time: 10/10/2013 2:17:44 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240) - Update for Windows 7 for x64-based Systems (KB2882822) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Security Update for Windows 7 for x64-based Systems (KB2883150) - Update for Windows 7 for x64

Log: 'System' Date/Time: 10/10/2013 2:17:44 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240) - Update for Windows 7 for x64-based Systems (KB2882822) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Security Update for Windows 7 for x64-based Systems (KB2883150) - Update for Windows 7 for x64

Log: 'System' Date/Time: 10/10/2013 2:17:40 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240) - Update for Windows 7 for x64-based Systems (KB2882822) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Security Update for Windows 7 for x64-based Systems (KB2883150) - Update for Windows 7 for x64

Log: 'System' Date/Time: 10/10/2013 2:17:40 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240) - Update for Windows 7 for x64-based Systems (KB2882822) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Security Update for Windows 7 for x64-based Systems (KB2883150) - Update for Windows 7 for x64

Log: 'System' Date/Time: 10/10/2013 2:17:33 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240) - Update for Windows 7 for x64-based Systems (KB2882822) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Security Update for Windows 7 for x64-based Systems (KB2883150) - Cumulative Security Update f

Log: 'System' Date/Time: 10/10/2013 2:17:33 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240) - Update for Windows 7 for x64-based Systems (KB2882822) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based

Log: 'System' Date/Time: 10/10/2013 2:17:03 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2863240) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2879017)

Log: 'System' Date/Time: 10/10/2013 2:16:58 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2879017)

Log: 'System' Date/Time: 10/10/2013 2:16:54 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2861191) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2879017)

Log: 'System' Date/Time: 10/10/2013 2:16:45 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Security Update for Windows 7 for x64-based Systems (KB2876284) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2879017)

Log: 'System' Date/Time: 10/10/2013 2:16:45 PM Type: Information Category: 2 Event: 17 Source: Microsoft-Windows-WindowsUpdateClient Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: - Update for Windows 7 for x64-based Systems (KB2852386) - Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939) - Windows Malicious Software Removal Tool x64 - October 2013 (KB890830) - Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302) - Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2879017)

Log: 'System' Date/Time: 10/10/2013 2:16:26 PM Type: Information Category: 0 Event: 7040 Source: Service Control Manager The start type of the Windows Modules Installer service was changed from auto start to demand start.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 10/10/2013 2:14:30 PM Type: Warning Category: 0 Event: 1014 Source: Microsoft-Windows-DNS-Client Name resolution for the name cedarrapids.craigslist.org timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 10/10/2013 2:02:10 PM Type: Warning Category: 0 Event: 11 Source: Microsoft-Windows-Wininit Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 10/10/2013 3:25:57 AM Type: Warning Category: 0 Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 09/10/2013 10:34:30 PM Type: Warning Category: 0 Event: 1014 Source: Microsoft-Windows-DNS-Client Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 09/10/2013 9:34:47 PM Type: Warning Category: 0 Event: 1014 Source: Microsoft-Windows-DNS-Client Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 09/10/2013 8:30:14 PM Type: Warning Category: 0 Event: 1014 Source: Microsoft-Windows-DNS-Client Name resolution for the name richmondin.craigslist.org timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 09/10/2013 7:34:33 PM Type: Warning Category: 0 Event: 11 Source: Microsoft-Windows-Wininit Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 09/10/2013 4:56:56 PM Type: Warning Category: 0 Event: 1014 Source: Microsoft-Windows-DNS-Client Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 09/10/2013 2:23:29 PM Type: Warning Category: 0 Event: 11 Source: Microsoft-Windows-Wininit Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 09/10/2013 12:20:00 PM Type: Warning Category: 0 Event: 11 Source: Microsoft-Windows-Wininit Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 09/10/2013 7:00:34 AM Type: Warning Category: 0 Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 09/10/2013 12:06:55 AM Type: Warning Category: 0 Event: 1014 Source: Microsoft-Windows-DNS-Client Name resolution for the name mytexashub.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 08/10/2013 10:50:32 PM Type: Warning Category: 0 Event: 11 Source: Microsoft-Windows-Wininit Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 08/10/2013 5:03:22 PM Type: Warning Category: 0 Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 08/10/2013 4:12:27 PM Type: Warning Category: 0 Event: 11 Source: Microsoft-Windows-Wininit Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 08/10/2013 5:52:27 AM Type: Warning Category: 0 Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 08/10/2013 5:51:35 AM Type: Warning Category: 0 Event: 11 Source: Microsoft-Windows-Wininit Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 08/10/2013 5:50:43 AM Type: Warning Category: 0 Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 08/10/2013 3:36:45 AM Type: Warning Category: 0 Event: 11 Source: Microsoft-Windows-Wininit Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 07/10/2013 5:13:09 PM Type: Warning Category: 0 Event: 1014 Source: Microsoft-Windows-DNS-Client Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.


----------



## lavenderchef45 (Jul 24, 2013)

Dear Eddie: . Once again I apologize for word wrap. I use it all the time when copying & pasting on gmail. I cant help but wonder if this is in any way connected to the hell we have been going through. Wiindows Firewall is literally untouchable. That is: it appears to be enabled on Home network which I do NOT use. And is completely off on Public Network which I do use. When I click on any box in Windows Firewall nothing
happens. Also there is a File sharing program that flashes by when I shut down my system. IGU, IDK, *&^%A%)))!!
Angela


----------



## eddie5659 (Mar 19, 2001)

Can you send it via Gmail, as I think it works okay, and I#ll copy/paste here.

If not, I'll redo it here 

Is there anyone else on the network? Its interesting, as you say its off on the Public Network. Does anyone else know your router security details?


----------



## eddie5659 (Mar 19, 2001)

Edited it now, thanks for emailing me as well, didn't work either 

Now, just need to read it now, I'll grab a drink


----------



## eddie5659 (Mar 19, 2001)

Okay, lets seeif this pick anything up:

Please download the latest version of TDSSKiller from *here* and save it to your *Desktop*.

Doubleclick on *TDSSKiller.exe* to run the application, then click on *Change parameters.*








Put a checkmark beside *loaded modules*.








A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on *Change parameters* in TDSSKiller.
Check all boxes then click OK.








Click the *Start Scan* button.








The scan should take no longer than 2 minutes.
If a *suspicious object* is detected, the default action will be *Skip*, click on *Continue*.








 If *malicious objects* are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure *Cure* (default) is selected, then click *Continue* > *Reboot now to finish the cleaning process.*








*Note*: If *Cure* is not available, please choose *Skip* instead, do not choose *Delete* unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "*TDSSKiller.[Version]_[Date]_[Time]_log.txt*". Please copy and paste the contents of that file here.


----------



## lavenderchef45 (Jul 24, 2013)

tHi Eddie: I have tried to send you the log from the above mentioned program for days. I have attempted to send the file via attach & regular cut paste. On reg cut paste it specifies that the file is too lg & says to reduce size. I cannot send it as an attach at all. It is huge though, so if you have any ideas just let me know.

As for Allow programs to communicate through Windows Firewall there are some doozies in there that I NEVER enabled or even saw before. Two are @peerdistsh.dll,-10002 & 10004. Enabled on both Home/Work (Private) & Public. Next is File & Printer Sharing Public which is checked & greyed out. Lastly HomeGroup in Home/Work (Private). I have never enabled anything but Core Networking in Win Firewall!

Best regards

Angela


----------



## eddie5659 (Mar 19, 2001)

Re-reading the entire thread to see if I'm missing something.

Is this still happening:



> My internet connection slowed way down last night. I opened Network & Sharing to check the properties of Local Area Connection & when I tried a box popped up stating "An Unexpected Error Occurred." Can not open Properties, No way no how.


http://forums.techguy.org/8753921-post26.html

If so, although this link is for XP, it may work on Windows 7:

http://support.microsoft.com/kb/824923

-------------

Now, lets have a look at this:

1) Open the Task Manager by going to *Start*, typing *Task Manager* into the search box and selecting *Task Manager* from the program list.
2) In Task Manager, click on the tab that says *Services*.
3) In the bottom right corner click on the button that says *Services*.
4) If prompted by User Account Control, click yes.
5) Scroll to the service that says *Windows Firewall*.
6) Scroll to the right. There are two tabs that say *status* and *startup type*. What are they listed as? (Status should say either *started* or be *blank*, startup type should say *automatic, automatic (delayed), manual* or *disabled*)

------------

Next, can you run this:

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop ( it will be randomly named )

*First we will run a virus scan * 
Select the cog to access scan areas









On the first tab select all elements down to *OS C* and then select start scan 









Once it has finished select reports and post the detected threats
.

*Now an analysis scan* 
Select the *Manual Disinfection* tab 
Press the *Gather System Information *button










Once it has completed then click Step 2 Report sending 









Click avptool.sysinfo.zip
And you will be taken to the zip file that needs to be attached

-----------

And finally a fresh OTL scan, but with a new custom scan:




*(Vista or Win 7 => right click and Run As Administrator)*

Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath *Output* at the top change it to *Standard Output*.
Select 
*All Users*
*LOP Check*
*Purity Check*
Under the *Standard Registry* box change it to *All*

Please copy the text in the code box below and paste it in the *Custom Scans/Fixes* box in OTL:


```
DRIVES
netsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT
```

Click the *Run Scan* button. Do not change any settings unless otherwise told to do so. The scan wont take long.
A black box will appear, this is part of the custom scan, so don't be alarmed 
*IF OTL SAYS 'NOT RESPONDING' DON'T USE THE MOUSE. IT WILL CARRY ON SCANNING AFTER A FEW MINUTES*

When the scan completes, it will open two notepad windows. *OTL.Txt* and *Extras.Txt*. These are saved in the same location as OTL.

Please copy *(Edit->Select All, Edit->Copy)* the contents of these files, one at a time and post them in your topic


eddie


----------



## lavenderchef45 (Jul 24, 2013)

*Results of system analysis*

Kaspersky Virus Removal Tool 11.0.0.1245 (database released 21/10/2013; 20:57)​ *List of processes*

*File name**PID**Description**Copyright**MD5**Information *c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate1272avast! ServiceCopyright (c) 2013 AVAST Software??45.71 kb, rsAh,
created: 18.09.2013 23:45:48,
modified: 30.08.2013 03:47:33
Command line: 
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" KeyScrambler.exe
Script: Quarantine, Delete, BC delete, Terminate3312 ??error getting file info
Command line: SmoothView.exe
Script: Quarantine, Delete, BC delete, Terminate1824 ??error getting file info
Command line: TCrdMain.exe
Script: Quarantine, Delete, BC delete, Terminate1848 ??error getting file info
Command line: TMachInfo.exe
Script: Quarantine, Delete, BC delete, Terminate3192 ??error getting file info
Command line: TosNcCore.exe
Script: Quarantine, Delete, BC delete, Terminate1952 ??error getting file info
Command line: TosSENotify.exe
Script: Quarantine, Delete, BC delete, Terminate1700 ??error getting file info
Command line: TosSmartSrv.exe
Script: Quarantine, Delete, BC delete, Terminate3120 ??error getting file info
Command line: TPwrMain.exe
Script: Quarantine, Delete, BC delete, Terminate1796 ??error getting file info
Command line: wmpnetwk.exe
Script: Quarantine, Delete, BC delete, Terminate2192 ??error getting file info
Command line: Detected:46, recognized as trusted 37 *Module name**Handle**Description**Copyright**MD5**Used by processes *C:\Program Files\Alwil Software\Avast5\defs\13102101\algo.dll
Script: Quarantine, Delete, BC delete1786642432 --1272 Modules detected:360, recognized as trusted 359 *Kernel Space Modules Viewer*

*Module**Base address**Size in memory**Description**Manufacturer *C:\windows\System32\Drivers\dump_amd_sata.sys
Script: Quarantine, Delete, BC delete45C3000016000 (90112)

C:\windows\System32\Drivers\dump_diskdump.sys
Script: Quarantine, Delete, BC delete45B900000A000 (40960)

C:\windows\System32\Drivers\dump_dumpfve.sys
Script: Quarantine, Delete, BC delete45D9000013000 (77824)

Modules detected - 209, recognized as trusted - 206 *Services*

*Service**Description**Status**File**Group**Dependencies *!SASCORE
Service: Stop, Delete, Disable, BC delete!SASCORENot started!SASCORE.sys
Script: Quarantine, Delete, BC delete Detected - 152, recognized as trusted - 151 *Drivers*

*Service**Description**Status**File**Group**Dependencies *catchme
Driver: Unload, Delete, Disable, BC deletecatchmeNot startedC:\lavenderchef123\catchme.sys
Script: Quarantine, Delete, BC deleteBase Detected - 257, recognized as trusted - 256 *Autoruns*

*File name**Status**Startup method**Description *C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
Script: Quarantine, Delete, BC delete--Registry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\GeekBuddyRSP, EventMessageFile C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\IPSEventLogMsg.dll
Script: Quarantine, Delete, BC delete--Registry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Handwriting Recognition, EventMessageFile C:\Program Files (x86)\PCPitstop\PCPitstopEventMessage.dll
Script: Quarantine, Delete, BC delete--Registry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\PCPitstop Scheduling, EventMessageFile C:\Users\Lisa\AppData\Local\Temp\_uninst_58083545.bat
Script: Quarantine, Delete, BC deleteActiveShortcut in Autoruns folderC:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\, C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_58083545.lnk, C:\windows\System32\MsSpellCheckingFacility.dll
Script: Quarantine, Delete, BC delete--Registry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-Spell-Checking, EventMessageFile C:\windows\System32\MsSpellCheckingFacility.dll
Script: Quarantine, Delete, BC delete--Registry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft-Windows-SpellChecker, EventMessageFile C:\windows\System32\MsSpellCheckingFacility.dll
Script: Quarantine, Delete, BC delete--Registry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-Spell-Checking, EventMessageFile C:\windows\System32\MsSpellCheckingFacility.dll
Script: Quarantine, Delete, BC delete--Registry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-SpellChecker, EventMessageFile C:\windows\System32\appmgmts.dll
Script: Quarantine, Delete, BC deleteActiveRegistry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\AppMgmt\Parameters, ServiceDll
Delete C:\windows\System32\drivers\sbapifs.sys
Script: Quarantine, Delete, BC delete--Registry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Anti-Spyware Filter, EventMessageFile C:\windows\system32\psxss.exe
Script: Quarantine, Delete, BC delete--Registry keyHKEY_LOCAL_MACHINE, System\CurrentControlSet\Control\Session Manager\SubSystems, Posix auditcse.dll
Script: Quarantine, Delete, BC deleteActiveRegistry keyHKEY_LOCAL_MACHINE, Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{f3ccc681-b74c-4060-9f26-cd84525dca2a}, DLLName
Delete c:\d8efd05432f01ed761\DW\DW20.exe
Script: Quarantine, Delete, BC delete--Registry keyHKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\VSSetup, EventMessageFile rdpclip
Script: Quarantine, Delete, BC deleteActiveRegistry keyHKEY_LOCAL_MACHINE, System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd, StartupPrograms
Delete Autoruns items detected - 615, recognized as trusted - 601 *Microsoft Internet Explorer extension modules (BHOs, Toolbars ...)*

*File name**Type**Description**Manufacturer**CLSID *
BHO

{FFCB3198-32F3-4E8B-9539-4324694ED663}
Delete Elements detected - 4, recognized as trusted - 3 *Windows Explorer extension modules*

*File name**Destination**Description**Manufacturer**CLSID *
WebCheck

{E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Delete 
OpenOffice.org Property Handler

{AE424E85-F6DF-4910-A6A9-438797986431}
Delete 
Auto Update Property Sheet Extension

{5F327514-6C5E-4d60-8F16-D07FA08A78ED}
Delete 
ColumnHandler

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
Delete Elements detected - 18, recognized as trusted - 14 *Printing system extensions (print monitors, providers)*

*File name**Type**Name**Description**Manufacturer *CNMLMAQ.DLL
Script: Quarantine, Delete, BC deleteMonitorCanon BJ Language Monitor MG2100 series

localspl.dll
Script: Quarantine, Delete, BC deleteMonitorLocal Port

FXSMON.DLL
Script: Quarantine, Delete, BC deleteMonitorMicrosoft Shared Fax Monitor

tcpmon.dll
Script: Quarantine, Delete, BC deleteMonitorStandard TCP/IP Port

usbmon.dll
Script: Quarantine, Delete, BC deleteMonitorUSB Monitor

WSDMon.dll
Script: Quarantine, Delete, BC deleteMonitorWSD Port

inetpp.dll
Script: Quarantine, Delete, BC deleteProviderHTTP Print Services

Elements detected - 8, recognized as trusted - 1 *Task Scheduler jobs*

*File name**Job name**Job status**Description**Manufacturer * Elements detected - 3, recognized as trusted - 3 *SPI/LSP settings*

*Namespace providers (NSP) * *Provider**Status**EXE file**Description**GUID *Detected - 6, recognized as trusted - 6 * Transport protocol providers (TSP, LSP) ProviderEXE fileDescription Detected - 10, recognized as trusted - 10 Results of automatic SPI settings check LSP settings checked. No errors detected TCP/UDP ports

PortStatusRemote HostRemote PortApplicationNotes TCP ports 135LISTENING0.0.0.00[816] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate 139LISTENING0.0.0.00[4] System
Script: Quarantine, Delete, BC delete, Terminate 445LISTENING0.0.0.00[4] System
Script: Quarantine, Delete, BC delete, Terminate 5357LISTENING0.0.0.00[4] System
Script: Quarantine, Delete, BC delete, Terminate 12025LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12025LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12080TIME_WAIT127.0.0.151475[0] 12080LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12110LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12110LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12119LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12119LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12143LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12143LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12465LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12465LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12563LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12563LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12993LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12993LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12995LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 12995LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 27275LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 27275LISTENING0.0.0.00[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 49152LISTENING0.0.0.00[496] wininit.exe
Script: Quarantine, Delete, BC delete, Terminate 49153LISTENING0.0.0.00[936] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate 49154LISTENING0.0.0.00[408] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate 49155LISTENING0.0.0.00[576] lsass.exe
Script: Quarantine, Delete, BC delete, Terminate 49156LISTENING0.0.0.00[560] services.exe
Script: Quarantine, Delete, BC delete, Terminate 49157LISTENING0.0.0.00[2784] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate 49168ESTABLISHED127.0.0.149169[3996] c:\program files (x86)\mozilla firefox\firefox.exe
Script: Quarantine, Delete, BC delete, Terminate 49169ESTABLISHED127.0.0.149168[3996] c:\program files (x86)\mozilla firefox\firefox.exe
Script: Quarantine, Delete, BC delete, Terminate 50675ESTABLISHED74.125.228.118443[3996] c:\program files (x86)\mozilla firefox\firefox.exe
Script: Quarantine, Delete, BC delete, Terminate 50704ESTABLISHED77.234.42.5580[1272] c:\program files\alwil software\avast5\avastsvc.exe
Script: Quarantine, Delete, BC delete, Terminate 50897ESTABLISHED69.78.235.104443[3996] c:\program files (x86)\mozilla firefox\firefox.exe
Script: Quarantine, Delete, BC delete, Terminate 51304CLOSE_WAIT173.194.74.13880[2640] c:\program files\alwil software\avast5\avastui.exe
Script: Quarantine, Delete, BC delete, Terminate 51465TIME_WAIT127.0.0.112080[0] 51470TIME_WAIT127.0.0.112080[0] UDP ports 137LISTENING----[4] System
Script: Quarantine, Delete, BC delete, Terminate 138LISTENING----[4] System
Script: Quarantine, Delete, BC delete, Terminate 500LISTENING----[408] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate 1900LISTENING----[2032] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate 1900LISTENING----[2032] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate 3702LISTENING----[2032] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate 3702LISTENING----[2032] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate 4500LISTENING----[408] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate 5355LISTENING----[1124] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate 52618LISTENING----[2032] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate 52619LISTENING----[2032] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate 53710LISTENING----[2032] svchost.exe
Script: Quarantine, Delete, BC delete, Terminate Downloaded Program Files (DPF)

File nameDescriptionManufacturerCLSIDSource URL  Elements detected - 0, recognized as trusted - 0 Control Panel Applets (CPL)

File nameDescriptionManufacturer  Elements detected - 19, recognized as trusted - 19 Active Setup

File nameDescriptionManufacturerCLSID  Elements detected - 8, recognized as trusted - 8 HOSTS file

Hosts file record 127.0.0.1 localhost Clear Hosts file Protocols and handlers

File nameTypeDescriptionManufacturerCLSID mscoree.dll
Script: Quarantine, Delete, BC deleteProtocolMicrosoft .NET Runtime Execution Engine ()© Microsoft Corporation. All rights reserved.{1E66F26B-79EE-11D2-8710-00C04F79ED0D}
Delete mscoree.dll
Script: Quarantine, Delete, BC deleteProtocolMicrosoft .NET Runtime Execution Engine ()© Microsoft Corporation. All rights reserved.{1E66F26B-79EE-11D2-8710-00C04F79ED0D}
Delete mscoree.dll
Script: Quarantine, Delete, BC deleteProtocolMicrosoft .NET Runtime Execution Engine ()© Microsoft Corporation. All rights reserved.{1E66F26B-79EE-11D2-8710-00C04F79ED0D}
Delete Elements detected - 20, recognized as trusted - 17 Suspicious objects

FileDescriptionType  
* Main script of analysis Windows version: Windows 7 Home Premium, Build=7601, SP="Service Pack 1" System Restore: enabled >> Services: potentially dangerous service allowed: TermService (Remote Desktop Services) >> Services: potentially dangerous service allowed: SSDPSRV (@%systemroot%\system32\ssdpsrv.dll,-100) >> Services: potentially dangerous service allowed: Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) > Services: please bear in mind that the set of services depends on the use of the PC (home PC, office PC connected to corporate network, etc)! >> Security: disk drives' autorun is enabled >> Security: administrative shares (C$, D$ ...) are enabled >> Security: anonymous user access is enabled >> Security: sending Remote Assistant queries is enabled >> Disable HDD autorun >> Disable autorun from network drives >> Disable CD/DVD autorun >> Disable removable media autorun >> Windows Explorer - show extensions of known file types System Analysis in progress 
System Analysis - complete 
*Script commands* Add commands to script:


Blocking hooks using Anti-Rootkit
Enable AVZGuard
Operations with AVZPM (true=enable,false=disable)
BootCleaner - import list of deleted files
BootCleaner - import all
Registry cleanup after deleting files
ExecuteWizard ('TSW',2,3,true) - Running Troubleshooting wizard
BootCleaner - activate
Reboot
Insert template for QuarantineFile() - quarantining file
Insert template for BC_QrFile() - quarantining file via BootCleaner
Insert template for DeleteFile() - deleting file
Insert template for DelCLSID() - deleting CLSID item from registry
Additional operations:

Performance tweaking: disable service TermService (Remote Desktop Services)
Performance tweaking: disable service SSDPSRV (@%systemroot%\system32\ssdpsrv.dll,-100)
Performance tweaking: disable service Schedule (@%SystemRoot%\system32\schedsvc.dll,-100)
Security tweaking: disable CD autorun
Security tweaking: disable administrative shares
Security tweaking: disable anonymous user access
Security: disable sending Remote Assistant queries
 *File list*


----------



## lavenderchef45 (Jul 24, 2013)

OTL logfile created on: 10/21/2013 9:17:04 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lisa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.60 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 67.17% Memory free
5.20 Gb Paging File | 4.03 Gb Available in Paging File | 77.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.29 Gb Total Space | 248.42 Gb Free Space | 87.08% Space Free | Partition Type: NTFS

Computer Name: LISA-PC | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/22 01:30:44 | 000,717,080 | ---- | M] () -- C:\Users\Lisa\AppData\Local\Temp\RarSFX0\5612342.exe
PRC - [2013/10/22 01:30:41 | 000,457,520 | ---- | M] (Kaspersky Lab) -- C:\Users\Lisa\AppData\Local\Temp\7855185\5612342.exe
PRC - [2013/10/21 20:02:18 | 183,606,504 | ---- | M] () -- C:\Users\Lisa\Desktop\setup_11.0.1.1245.x01_2013_10_22_01_29.exe
PRC - [2013/08/30 03:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013/08/01 21:34:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
PRC - [2013/07/14 00:25:10 | 000,508,048 | ---- | M] (QFX Software Corporation) -- C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe

========== Modules (No Company Name) ==========

MOD - [2013/10/22 01:30:44 | 000,717,080 | ---- | M] () -- C:\Users\Lisa\AppData\Local\Temp\RarSFX0\5612342.exe
MOD - [2013/10/21 20:02:18 | 183,606,504 | ---- | M] () -- C:\Users\Lisa\Desktop\setup_11.0.1.1245.x01_2013_10_22_01_29.exe

========== Services (SafeList) ==========

SRV:*64bit:* - [2013/08/30 03:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:*64bit:* - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:*64bit:* - [2011/02/10 15:52:04 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:*64bit:* - [2010/10/20 17:41:50 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:*64bit:* - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2013/05/21 02:17:01 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:*64bit:* - [2013/10/22 01:29:18 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\58083545.sys -- (58083545)
DRV:*64bit:* - [2013/08/30 03:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:*64bit:* - [2013/08/30 03:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:*64bit:* - [2013/08/30 03:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:*64bit:* - [2013/08/30 03:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:*64bit:* - [2013/08/30 03:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:*64bit:* - [2013/08/30 03:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:*64bit:* - [2013/08/30 03:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:*64bit:* - [2013/08/30 03:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:*64bit:* - [2013/08/01 09:46:26 | 000,062,168 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys -- (ESProtectionDriver)
DRV:*64bit:* - [2013/05/31 10:53:12 | 000,222,200 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler)
DRV:*64bit:* - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:*64bit:* - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:*64bit:* - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:*64bit:* - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:*64bit:* - [2011/04/20 09:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:*64bit:* - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:*64bit:* - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:*64bit:* - [2011/02/14 15:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:*64bit:* - [2011/02/10 16:22:00 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:*64bit:* - [2011/02/10 15:15:08 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:*64bit:* - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:*64bit:* - [2011/01/05 04:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:*64bit:* - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:*64bit:* - [2010/11/11 15:58:54 | 000,137,512 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:*64bit:* - [2010/11/05 10:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:*64bit:* - [2010/11/05 10:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:*64bit:* - [2010/10/08 14:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:*64bit:* - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:*64bit:* - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:*64bit:* - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:*64bit:* - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:*64bit:* - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:*64bit:* - [2009/07/07 12:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:*64bit:* - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:*64bit:* - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:*64bit:* - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:*64bit:* - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/07/10 13:16:22 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:*64bit:* - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:*64bit:* - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:*64bit:* - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ
IE:*64bit:* - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\SearchScopes\{DA0CC9A4-539D-40F4-90F7-B565B9B4C6B1}: "URL" = http://www.bing.com/search?FORM=U039DF&PC=U039&dt=070613&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\SearchScopes\C5879625A899472F8231C4DAF8D55DC1: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ_enUS529
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: https-facebook%40niyaz.pk:0.4
FF - prefs.js..extensions.enabledAddons: %7B3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d%7D:2.0
FF - prefs.js..extensions.enabledAddons: html5notifications%40paxal.net:1.2.2
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.3
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131008
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=U039DF&PC=U039&dt=070613&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/09/18 23:45:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/07/06 10:52:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions
[2013/09/19 20:29:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013/10/17 12:04:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions
[2013/10/17 12:04:05 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/08/01 10:24:35 | 000,048,446 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected]
[2013/04/21 21:26:35 | 000,005,831 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected]
[2013/07/06 01:18:46 | 000,175,050 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected]
[2013/08/25 00:41:58 | 000,086,000 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}.xpi
[2013/04/21 21:35:56 | 000,049,690 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}.xpi
[2013/10/15 11:07:15 | 000,534,870 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/10/10 10:13:02 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/10/01 07:33:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/10/01 07:33:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/10/01 07:34:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013/08/13 03:05:56 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:*64bit:* - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:*64bit:* - BHO: (no name) - {FFCB3198-32F3-4E8B-9539-4324694ED663} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (avast! Ad Blocker) - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software)
O3:*64bit:* - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4:*64bit:* - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:*64bit:* - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:*64bit:* - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:*64bit:* - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:*64bit:* - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:*64bit:* - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:*64bit:* - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\RunOnce: [GrpConv] C:\windows\SysWow64\grpconv.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000..\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_58083545.lnk = C:\Users\Lisa\AppData\Local\Temp\_uninst_58083545.bat ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O10:*64bit:* - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:*64bit:* - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:*64bit:* - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:*64bit:* - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:*64bit:* - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:*64bit:* - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:*64bit:* - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F2D4926-9457-4FB2-8668-A29BDBCB3F5D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A17F4BD4-A57D-4282-BAC7-916CF67685B2}: DhcpNameServer = 192.168.0.1
O18:*64bit:* - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:*64bit:* - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O29:*64bit:* - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:*64bit:* - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:*64bit:* - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:*64bit:* - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:*64bit:* - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation)
O30:*64bit:* - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:*64bit:* - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:*64bit:* - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:*64bit:* - HKLM\..comfile [open] -- "%1" %*
O35:*64bit:* - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:*64bit:* - HKLM\...com [@ = comfile] -- "%1" %*
O37:*64bit:* - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - StartUpReg: *ETDCtrl* - hkey= - key= - C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
MsConfig:64bit - StartUpReg: *SmartFaceVWatcher* - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: *StartCCC* - hkey= - key= - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig:64bit - StartUpReg: *TosReelTimeMonitor* - hkey= - key= - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:*64bit:* 76384793.sys - Driver
SafeBootMin:*64bit:* Base - Driver Group
SafeBootMin:*64bit:* Boot Bus Extender - Driver Group
SafeBootMin:*64bit:* Boot file system - Driver Group
SafeBootMin:*64bit:* File system - Driver Group
SafeBootMin:*64bit:* Filter - Driver Group
SafeBootMin:*64bit:* HelpSvc - Service
SafeBootMin:*64bit:* PCI Configuration - Driver Group
SafeBootMin:*64bit:* PNP Filter - Driver Group
SafeBootMin:*64bit:* Primary disk - Driver Group
SafeBootMin:*64bit:* sacsvr - Service
SafeBootMin:*64bit:* SCSI Class - Driver Group
SafeBootMin:*64bit:* System Bus Extender - Driver Group
SafeBootMin:*64bit:* vmms - Service
SafeBootMin:*64bit:* WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:*64bit:* {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:*64bit:* {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:*64bit:* {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:*64bit:* {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:*64bit:* {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:*64bit:* {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:*64bit:* {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:*64bit:* {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:*64bit:* {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:*64bit:* {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:*64bit:* {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:*64bit:* {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:*64bit:* {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:*64bit:* {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:*64bit:* {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:*64bit:* {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:*64bit:* {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: 76384793.sys - Driver
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:*64bit:* 76384793.sys - Driver
SafeBootNet:*64bit:* Base - Driver Group
SafeBootNet:*64bit:* Boot Bus Extender - Driver Group
SafeBootNet:*64bit:* Boot file system - Driver Group
SafeBootNet:*64bit:* File system - Driver Group
SafeBootNet:*64bit:* Filter - Driver Group
SafeBootNet:*64bit:* HelpSvc - Service
SafeBootNet:*64bit:* Messenger - Service
SafeBootNet:*64bit:* NDIS Wrapper - Driver Group
SafeBootNet:*64bit:* NetBIOSGroup - Driver Group
SafeBootNet:*64bit:* NetDDEGroup - Driver Group
SafeBootNet:*64bit:* Network - Driver Group
SafeBootNet:*64bit:* NetworkProvider - Driver Group
SafeBootNet:*64bit:* PCI Configuration - Driver Group
SafeBootNet:*64bit:* PNP Filter - Driver Group
SafeBootNet:*64bit:* PNP_TDI - Driver Group
SafeBootNet:*64bit:* Primary disk - Driver Group
SafeBootNet:*64bit:* rdsessmgr - Service
SafeBootNet:*64bit:* sacsvr - Service
SafeBootNet:*64bit:* SCSI Class - Driver Group
SafeBootNet:*64bit:* Streams Drivers - Driver Group
SafeBootNet:*64bit:* System Bus Extender - Driver Group
SafeBootNet:*64bit:* TDI - Driver Group
SafeBootNet:*64bit:* vmms - Service
SafeBootNet:*64bit:* WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:*64bit:* WudfUsbccidDriver - Driver
SafeBootNet:*64bit:* {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:*64bit:* {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:*64bit:* {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:*64bit:* {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:*64bit:* {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:*64bit:* {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:*64bit:* {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:*64bit:* {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:*64bit:* {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:*64bit:* {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:*64bit:* {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:*64bit:* {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:*64bit:* {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:*64bit:* {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:*64bit:* {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:*64bit:* {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:*64bit:* {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:*64bit:* {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:*64bit:* {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:*64bit:* {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:*64bit:* {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:*64bit:* {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: 76384793.sys - Driver
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:*64bit:* {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:*64bit:* {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:*64bit:* {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:*64bit:* {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:*64bit:* {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:*64bit:* {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:*64bit:* {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:*64bit:* {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:*64bit:* {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:*64bit:* {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:*64bit:* {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:*64bit:* {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:*64bit:* {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:*64bit:* {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\windows\System32\ie4uinit.exe -UserConfig
ActiveX:*64bit:* {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:*64bit:* {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:*64bit:* {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:*64bit:* {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:*64bit:* {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:*64bit:* {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:*64bit:* {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:*64bit:* >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:*64bit:* >{D38C90BD-8360-4405-8158-4FB592093488} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - 
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:*64bit:* msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/10/21 20:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/10/21 20:02:58 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\58083545.sys
[2013/10/18 12:00:47 | 001,493,872 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Lisa\Desktop\procexp64.exe
[2013/10/15 21:26:18 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2013/10/15 21:26:18 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2013/10/15 19:24:36 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Lisa\Desktop\tdsskiller.exe
[2013/10/13 14:53:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/10/13 03:06:19 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/10/13 03:06:18 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/10/13 03:06:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/10/13 03:06:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/10/13 03:06:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/10/13 03:06:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/10/13 03:06:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/10/13 03:06:14 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/10/13 03:06:13 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/10/13 03:06:13 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/10/13 03:06:12 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/10/13 03:06:04 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/10/13 03:06:03 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/10/13 03:06:03 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/10/13 03:06:00 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/10/10 10:17:51 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2013/10/10 10:17:47 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2013/10/10 10:17:46 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2013/10/10 10:17:46 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2013/10/10 10:17:46 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2013/10/10 10:17:46 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2013/10/10 10:17:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2013/10/10 10:17:45 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2013/10/10 10:17:45 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2013/10/10 10:17:41 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2013/10/10 10:17:40 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidparse.sys
[2013/10/10 10:17:38 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2013/10/10 10:17:19 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013/10/10 10:17:18 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2013/10/10 10:17:16 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013/10/10 10:17:15 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013/10/10 10:17:15 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdh.dll
[2013/10/10 10:17:14 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdh.dll
[2013/10/10 10:17:12 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2013/10/10 10:17:09 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013/10/10 10:17:01 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013/10/10 10:17:01 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013/10/10 10:17:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013/10/10 10:17:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013/10/10 10:17:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013/10/10 10:16:46 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/10 10:16:45 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/10 10:16:39 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll
[2013/10/04 13:16:20 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gdiplus.dll
[2013/10/04 13:16:20 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc71.dll
[2013/10/01 07:33:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/09/24 22:23:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2013/09/24 22:23:38 | 000,000,000 | ---D | C] -- C:\rsit

========== Files - Modified Within 30 Days ==========

[2013/10/22 01:29:18 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\58083545.sys
[2013/10/21 20:41:01 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/21 20:04:40 | 000,000,978 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_58083545.lnk
[2013/10/21 20:02:18 | 183,606,504 | ---- | M] () -- C:\Users\Lisa\Desktop\setup_11.0.1.1245.x01_2013_10_22_01_29.exe
[2013/10/21 18:44:48 | 000,726,316 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/10/21 18:44:48 | 000,624,178 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/10/21 18:44:48 | 000,106,522 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/10/21 12:11:49 | 000,024,608 | ---- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/21 12:11:49 | 000,024,608 | ---- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/21 12:06:52 | 000,000,508 | ---- | M] () -- C:\windows\tasks\Malwarebytes Anti-Exploit.job
[2013/10/21 12:06:50 | 000,000,890 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/21 12:06:27 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/10/21 12:06:20 | 2094,161,920 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/18 12:00:47 | 001,493,872 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Lisa\Desktop\procexp64.exe
[2013/10/17 21:39:03 | 000,023,106 | ---- | M] () -- C:\Users\Lisa\Desktop\American Pride Traditional Stone Worx.odt
[2013/10/17 01:39:39 | 342,249,704 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013/10/15 20:52:51 | 004,101,145 | ---- | M] () -- C:\Users\Lisa\Desktop\tdsskiller.zip
[2013/10/15 19:24:34 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Lisa\Desktop\tdsskiller.exe
[2013/10/13 13:57:51 | 001,048,960 | ---- | M] () -- C:\Users\Lisa\Desktop\adwcleaner.exe
[2013/10/13 09:17:45 | 000,013,749 | ---- | M] () -- C:\Users\Lisa\Desktop\bookeeping proctor.odt
[2013/10/13 07:55:22 | 000,294,032 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/10/12 23:58:26 | 000,023,030 | ---- | M] () -- C:\Users\Lisa\Desktop\cap1[1].odt
[2013/10/10 10:20:18 | 000,061,440 | ---- | M] ( ) -- C:\Users\Lisa\Desktop\VEW.exe
[2013/10/09 02:58:33 | 000,021,825 | ---- | M] () -- C:\Users\Lisa\Desktop\Untitled 1.odt
[2013/10/08 21:17:20 | 000,023,676 | ---- | M] () -- C:\Users\Lisa\Desktop\Reason to hire a professional painter.odt
[2013/10/04 13:16:20 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\gdiplus.dll
[2013/10/04 13:16:20 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mfc71.dll
[2013/09/26 20:31:39 | 000,001,907 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/09/26 11:54:52 | 000,010,699 | ---- | M] () -- C:\Users\Lisa\Desktop\Alpha.odt
[2013/09/26 10:50:25 | 000,035,460 | ---- | M] () -- C:\Users\Lisa\Desktop\Mrs Kline.odt
[2013/09/24 22:22:48 | 000,781,383 | ---- | M] () -- C:\Users\Lisa\Desktop\RSIT.exe
[2013/09/22 19:27:49 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/09/22 19:27:48 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/09/22 19:27:48 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/09/22 19:27:48 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/09/22 19:27:48 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/09/22 18:55:16 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/09/22 18:54:55 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/09/22 18:54:51 | 003,959,296 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/09/22 18:54:51 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/09/22 18:54:50 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/09/22 18:54:50 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/09/22 18:54:50 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/09/22 18:54:50 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll

========== Files Created - No Company Name ==========

[2013/10/21 20:04:40 | 000,000,978 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_58083545.lnk
[2013/10/21 19:57:54 | 183,606,504 | ---- | C] () -- C:\Users\Lisa\Desktop\setup_11.0.1.1245.x01_2013_10_22_01_29.exe
[2013/10/17 01:39:39 | 342,249,704 | ---- | C] () -- C:\windows\MEMORY.DMP
[2013/10/15 20:53:29 | 004,101,145 | ---- | C] () -- C:\Users\Lisa\Desktop\tdsskiller.zip
[2013/10/13 13:57:59 | 001,048,960 | ---- | C] () -- C:\Users\Lisa\Desktop\adwcleaner.exe
[2013/10/10 10:20:46 | 000,061,440 | ---- | C] ( ) -- C:\Users\Lisa\Desktop\VEW.exe
[2013/10/09 02:58:31 | 000,021,825 | ---- | C] () -- C:\Users\Lisa\Desktop\Untitled 1.odt
[2013/10/08 21:17:18 | 000,023,676 | ---- | C] () -- C:\Users\Lisa\Desktop\Reason to hire a professional painter.odt
[2013/09/25 23:34:07 | 000,013,749 | ---- | C] () -- C:\Users\Lisa\Desktop\bookeeping proctor.odt
[2013/09/25 14:10:06 | 000,000,508 | ---- | C] () -- C:\windows\tasks\Malwarebytes Anti-Exploit.job
[2013/09/24 22:22:43 | 000,781,383 | ---- | C] () -- C:\Users\Lisa\Desktop\RSIT.exe
[2013/07/26 13:35:12 | 000,000,000 | ---- | C] () -- C:\windows\ToDisc.INI
[2013/06/28 14:03:12 | 000,000,017 | ---- | C] () -- C:\Users\Lisa\AppData\Local\resmon.resmoncfg
[2013/06/25 22:55:16 | 000,026,818 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\UserTile.png
[2013/03/25 12:49:37 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2013/03/25 12:41:51 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2013/03/25 12:38:45 | 000,002,975 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2013/03/25 11:16:26 | 000,727,182 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/03/26 10:38:45 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Book Place
[2013/09/04 20:26:04 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\IObit
[2013/05/01 00:43:21 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\OpenOffice.org
[2013/06/25 22:55:16 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\PeerNetworking
[2013/06/27 10:34:35 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\QFX Software
[2013/05/25 23:03:09 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\QuickScan
[2013/07/26 12:13:00 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\SoftGrid Client
[2013/06/18 15:09:54 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\SumatraPDF
[2013/05/01 20:50:27 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Toshiba
[2013/03/25 11:17:42 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\TP
[2013/03/25 10:38:49 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\WinBatch

========== Purity Check ==========

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: TOSHIBA MK3265GSXN SATA Disk Device
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 1.00GB
Starting Offset: 1048576
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 285.00GB
Starting Offset: 1573912576
Hidden sectors: 0

DeviceID: Disk #0, Partition #2
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 11.00GB
Starting Offset: 307901759488
Hidden sectors: 0

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2013/05/31 11:55:47 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Adobe
[2013/09/04 19:37:25 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Apple Computer
[2013/03/25 10:42:54 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ATI
[2013/03/26 10:38:45 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Book Place
[2013/04/21 21:06:14 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Google
[2013/03/25 10:41:08 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Identities
[2013/05/01 20:57:09 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\InstallShield
[2013/09/04 20:26:04 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\IObit
[2013/06/27 10:30:08 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Macromedia
[2013/07/18 15:18:56 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Malwarebytes
[2010/11/21 03:16:41 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Media Center Programs
[2013/09/04 18:01:25 | 000,000,000 | --SD | M] -- C:\Users\Lisa\AppData\Roaming\Microsoft
[2013/04/21 21:16:30 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Mozilla
[2013/05/01 00:43:21 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\OpenOffice.org
[2013/06/25 22:55:16 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\PeerNetworking
[2013/06/27 10:34:35 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\QFX Software
[2013/05/25 23:03:09 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\QuickScan
[2013/07/26 12:13:00 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\SoftGrid Client
[2013/06/18 15:09:54 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\SumatraPDF
[2013/05/01 20:50:27 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Toshiba
[2013/03/25 11:17:42 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\TP
[2013/03/25 10:38:49 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\WinBatch

< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: CSRSS.EXE >
[2009/07/13 21:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\windows\SysNative\csrss.exe
[2009/07/13 21:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 23:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 23:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: MSWSOCK.DLL >
[2010/11/20 23:24:00 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\erdnt\cache64\mswsock.dll
[2010/11/20 23:24:00 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[2013/09/06 22:04:16 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=6547D445C4B69DC0083B619AC642DF04 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_bac3d364a4c3ea89\mswsock.dll
[2010/11/20 23:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\erdnt\cache86\mswsock.dll
[2010/11/20 23:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
[2013/09/07 22:27:14 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=9A9F9F1A77D6A80EE28B57664F00013E -- C:\windows\SysNative\mswsock.dll
[2013/09/07 22:27:14 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=9A9F9F1A77D6A80EE28B57664F00013E -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_164e004b440bdabf\mswsock.dll
[2013/09/06 22:24:39 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=BDDB1FD258B92DEE00F222D3304B5D9C -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_16e26ee85d215bbf\mswsock.dll
[2013/09/07 22:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=E94C583CDE2348950155F2AF2876F34D -- C:\Windows\SysWOW64\mswsock.dll
[2013/09/07 22:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=E94C583CDE2348950155F2AF2876F34D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_ba2f64c78bae6989\mswsock.dll

< MD5 for: NAPINSP.DLL >
[2009/07/13 21:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\SysWOW64\NapiNSP.dll
[2009/07/13 21:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll
[2009/07/13 21:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\windows\SysNative\NapiNSP.dll
[2009/07/13 21:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\winsxs\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_0812326fa8e1ed67\NapiNSP.dll

< MD5 for: NLAAPI.DLL >
[2012/01/13 03:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\SysWOW64\nlaapi.dll
[2012/01/13 03:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_cfca9d84561311f2\nlaapi.dll
[2010/11/20 23:24:01 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_d000a58855ea91a1\nlaapi.dll
[2012/10/03 12:29:27 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=11B8C7970C10650827D060AA81BEE63F -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_d07f52216f10753a\nlaapi.dll
[2010/11/20 23:23:54 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=2DF36F15B2BC1571A6A542A3C2107920 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_c5abfb362189cfa6\nlaapi.dll
[2012/10/03 13:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\windows\SysNative\nlaapi.dll
[2012/10/03 13:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_c575f33221b24ff7\nlaapi.dll
[2012/10/03 13:32:48 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=C98BCE54F31113D5E736C1097FD086DC -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_c62aa7cf3aafb33f\nlaapi.dll

< MD5 for: PNRPNSP.DLL >
[2009/07/13 21:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\SysWOW64\pnrpnsp.dll
[2009/07/13 21:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_d7c8b1ac70865dab\pnrpnsp.dll
[2009/07/13 21:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\windows\SysNative\pnrpnsp.dll
[2009/07/13 21:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\winsxs\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_cd74075a3c259bb0\pnrpnsp.dll

< MD5 for: PRINTISOLATIONHOST.EXE >
[2009/07/13 21:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\windows\SysNative\PrintIsolationHost.exe
[2009/07/13 21:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\winsxs\amd64_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_f8a40495785334a9\PrintIsolationHost.exe

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< MD5 for: WINRNR.DLL >
[2009/07/13 21:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\windows\SysNative\winrnr.dll
[2009/07/13 21:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_b543449669c73e11\winrnr.dll
[2009/07/13 21:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\SysWOW64\winrnr.dll
[2009/07/13 21:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll

< MD5 for: WSHELPER.DLL >
[2009/07/13 21:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
[2009/07/13 21:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
[2009/07/13 21:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\windows\SysNative\wshelper.dll
[2009/07/13 21:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/10/01 07:34:10 | 000,871,608 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/10/01 07:34:10 | 000,871,608 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/10/01 07:34:10 | 000,871,608 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [2013/10/01 07:34:13 | 000,274,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2013/10/01 07:34:13 | 000,274,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2013/10/01 07:34:13 | 000,274,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013/09/22 21:25:59 | 000,775,256 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2013/09/22 19:54:30 | 000,770,648 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2013/10/01 07:34:10 | 000,871,608 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2013/10/01 07:34:10 | 000,871,608 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2013/10/01 07:34:10 | 000,871,608 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" [2013/10/01 07:34:13 | 000,274,840 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2013/10/01 07:34:13 | 000,274,840 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2013/10/01 07:34:13 | 000,274,840 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2013/09/22 18:55:16 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2013/09/22 18:55:16 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2013/09/22 18:55:16 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2013/09/22 21:25:59 | 000,775,256 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2013/09/22 19:54:30 | 000,770,648 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< End of report >


----------



## lavenderchef45 (Jul 24, 2013)

Ran everything as requested. Win Firewall is still dead in the water. Says its connected but is OFF on both Home & Public. Still nothing happens when I click to turn it on. Unable to turn off & Save Network Discovery & File & Printer Sharing either in Public or Home Network.


----------



## eddie5659 (Mar 19, 2001)

Did you have a look here:

1) Open the Task Manager by going to *Start*, typing *Task Manager* into the search box and selecting *Task Manager* from the program list.
2) In Task Manager, click on the tab that says *Services*.
3) In the bottom right corner click on the button that says *Services*.
4) If prompted by User Account Control, click yes.
5) Scroll to the service that says *Windows Firewall*.
6) Scroll to the right. There are two tabs that say *status* and *startup type*. What are they listed as? (Status should say either *started* or be *blank*, startup type should say *automatic, automatic (delayed), manual* or *disabled*)

-----------

Also, with regards to AVZ, it looks like you posted the wrong log. Can you open it up, and see if you can see a log here:










Top right of the picture, in the blue box I've highlighted.

Also, can you attach *avptool.sysinfo.zip* file. If its not on your Desktop, can you re-run it again, as I need it in its zipped form.

If you have to re-run it, do all it says as before, but click on this link to find the file:










To attach it, do the following:

Click on the *Go Advanced* button for the uploading options at the bottom of this page (in the picture below  ) [/list]











In there, at the bottom, click on the button *Manage Attachments* (in the picture below  .
A window will appear, and then Browse to *avptool.sysinfo.zip* on your Desktop.
Click Upload, and when uploaded click *Close this Window*
Then, in the previous window, click on *Submit Reply*










===============================
To re-do it if needbe, do the following:

Run the programme you have just downloaded to your desktop ( it will be randomly named, so looks like it may be called setup_11.0.1.1245.x01_2013_10_22_01_29.exe )

*First we will run a virus scan * 
Select the cog to access scan areas









On the first tab select all elements down to *OS C* and then select start scan 









Once it has finished select reports and post the detected threats
.

*Now an analysis scan* 
Select the *Manual Disinfection* tab 
Press the *Gather System Information *button










Once it has completed then click Step 2 Report sending 









Click avptool.sysinfo.zip
And you will be taken to the zip file that needs to be attached
-------------

I'll go through the OTL log now, whilst you do the above 

eddie


----------



## eddie5659 (Mar 19, 2001)

Looking in your OTL log, it appears you don't have your Comodo firewall running. Has this been uninstalled?

Can you also, after doing all the above, can you do this for me.

Using SystemLook that you should still have, but if not get a new one from here:

Please download *SystemLook* from one of the links below and save it to your Desktop.
*Download Mirror #1
Download Mirror #2*

Double-click *SystemLook.exe* to run it.
Copy the content of the following codebox into the main textfield:

```
:file
C:\Users\Lisa\AppData\Local\Temp\RarSFX0\5612342.exe
:filefind
76384793.sys
*IObit*
:folderfind
*IObit*
:regfind
IObit
```

Click the *Look* button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
*Note:* The log can also be found at on your Desktop entitled *SystemLook.txt*


----------



## lavenderchef45 (Jul 24, 2013)

Here is the message displayed when I attempt to start windows firewall. It has been this way for over a month now, I still cant turn it on or change properites. It is the same with Network Discovery & File & Printer Sharing. They are all enabled & I cannot change them.:Error: Windows could not start the Windows Firewall service on Local Computer. Error 1079: The account specified for this service is different from the account specified for other services running in the same process _______________________________________________________________________________________________________ I have had to re-install the Virus Removal Tool. IDK if it uninstalls auto when you have run it. But, it was no where on my desktop or in my file sys in c. Only the downld to install. I did not uninstall it. So, I have re-installed & am running it again. So I had to re-installl the Virus Removal Tool as there was not a sign of it anywhere on my desktop or in my programs. Installed & began to run per your instructions. This time a lot of passwd locked programs showed up. A nasty trojan was found, and so on. I had things to do (visiting a child & his family in Richmond VA. When I returned to my laptop about 20 min later the program had literally disappeared! Now it was just at 12% of scan when I walked away. Laptop is on Wireless internet, did not disconnect, nothing.


----------



## eddie5659 (Mar 19, 2001)

The AVZ I think does self uninstall, sorry about that. But, hopefully the scan is going well, and don't forget to post the log and the zip file, as shown above.

Looking at the error now.


----------



## eddie5659 (Mar 19, 2001)

Okay, for the eror message, and do this after the AVZ tool has been completed and you've posted the log and zip file, there is a Microsoft link:

http://support.microsoft.com/kb/2478117

Scroll down to *Resolution* and click the Fix It button.

Have a good read of the page anyway, we'll try it with the automated fix first


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie:
In case you thought I dropped off the map, NOT SO. I have run Virus Removal Tool 3 times. Each time the program finishes running stage 1 there is NO 2 (Report Sending). If I click on anything it starts scanning again, then uninstalls. Also, there is no avptool.sysinfo.zip displayed. I went so far as to download the newer version from Kaspersky. Same problem. I am so sorry to be dragging this out. When the program runs it shows a Trojan & several locked files.

Yes,I uninstalled Comodo quite a bit ago. Hoping against hope my Windows Firewall would start running again. No luck there.


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie:
In case you thought I dropped off the map, NOT SO. I have run Virus Removal Tool 3 times. Each time the program finishes running stage 1 there is NO 2 (Report Sending). If I click on anything it starts scanning again, then uninstalls. Also, there is no avptool.sysinfo.zip displayed. I went so far as to download the newer version from Kaspersky. Same problem. I am so sorry to be dragging this out. When the program runs it shows a Trojan & several locked files.


----------



## lavenderchef45 (Jul 24, 2013)

SystemLook 30.07.11 by jpshortstuff Log created at 23:33 on 02/11/2013 by Lisa Administrator - Elevation successful ========== file ========== C:\Users\Lisa\AppData\Local\Temp\RarSFX0\5612342.exe - Unable to find/read file. ========== filefind ========== Searching for "76384793.sys" No files found. Searching for "*IObit*" No files found. ========== folderfind ========== Searching for "*IObit*" C:\Users\Lisa\AppData\LocalLow\IObit	d------	[23:37 04/09/2013] C:\Users\Lisa\AppData\Roaming\IObit	d------	[23:37 04/09/2013] C:\Users\Lisa\AppData\Roaming\IObit\IObit Uninstaller	d------	[00:26 05/09/2013] C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit	d------	[00:24 05/09/2013] ========== regfind ========== Searching for "IObit" No data found. -= EOF =-


----------



## eddie5659 (Mar 19, 2001)

Its okay about the lateness in replies, weekends I'm never here, so I'm always playing catchup, but we all have lives outside of pc's.

The locked files don't always mean they're bad. They just may be locked by programs, as I know many antivirus programs tend to lock certain files.

As for the Trojan, can you remember roughly what it says?

No worries if you can't, but don't re-run the tool just to find out.

==============

Now, it looks like it found some IobIt stuff, which we can remove. Can you check to see if in AddRemove Programs there are any entries for *IObit*. Again, if not its not a problem.

===============

For the firewall issue, see if this helps:

http://support.microsoft.com/kb/2478117

Scroll down to *Resolution* and click the Fix It button.

Have a good read of the page anyway, we'll try it with the automated fix first 

================

As for the scan, lets see if the standalone system will work:


Go to here
Click the *download* button under *Kaspersky Security Scan*
Download and run the file
It will start to download the Kaspersky Security Scan program data
Once downloaded the installer will begin
Click *Next*
*Accept* the License Agreement
Click *Install*
The program will now install
Click *Finish*
Kaspersky Security Scan will now start










Click the *Full Scan* button










The scan will take about an *hour or two* depending on the amount of data on your hard drive
If the scan detects problems it will open a *Problems found* window
Click *Details* to generate a scan results report










Once the scan is complete do the following:
For *XP*: Navigate to *C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\KSS2\DataRoot*
For *Vista/7*: Navigate to *C:\ProgramData\Kaspersky Lab\KSS2\DataRoot*
Right-click on the *HtmlReport* folder --> Click *Send to* --> Click *Compressed (zipped) folder*
Attach the *HtmlReport zipped folder* to your next post
























You can now close *Kaspersky Security Scan*

Click on the *Go Advanced* button for the uploading options at the bottom of this page (in the picture below  ) [/list]











In there, at the bottom, click on the button *Manage Attachments* (in the picture below  .
A window will appear, and then Browse to *htmlreport.zip* on your Desktop.
Click Upload, and when uploaded click *Close this Window*
Then, in the previous window, click on *Submit Reply*


----------



## lavenderchef45 (Jul 24, 2013)

Detailed report Problems found Scanning date: Database update date: Product version: 11/07/2013 08:38 PM 05/27/2013 10:35 PM 12.0.1.340 Kaspersky Security Scan Computer protection (1) Information about anti-virus software and firewalls installed on the computer. Firewall is disabled. Malware (0) Information about malware detected on the computer. Vulnerabilities (1) Information about applications and operating system components in which vulnerabilities have been detected. 1. C:\windows\SysWOW64\msxml4.dll Other issues (11) Information about vulnerabilities associated with the settings of installed applications and the operating system. 1. "Autorun from hard drives is allowed" 2. "Autorun from network drives is enabled" 3. "CD/DVD autorun is enabled" 4. "Removable media autorun is enabled" 5. "Windows Explorer - show extensions of known file types" 6. "Microsoft Internet Explorer - disable caching data received via protected channel" 7. "Microsoft Internet Explorer: disable sending error reports" 8. "Microsoft Internet Explorer: clear list of pop-up blocker exceptions" 9. "Microsoft Internet Explorer: enable cache autocleanup on browser closing" 10. "Windows Explorer: display of known file types extensions is disabled" 11. "Microsoft Internet Explorer: start page reset"


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie v Just sent you the Kas Security Scan. Had to dwnld another Kaspersky Virus Removal Tool to run. Taking quite a while to run. Wish me luck with the zip file & send! I ready ran the Microsoft Fixit Tool. Unfortunately, zip/nada. Whatever has a hold on my system is total evil. Went to Brooklyn to help out a daughter. Left the laptop battery charger home. STUPID! Fantastic child Amazoned me a new one overnight! Ergo, I was at the mercy of an IPAD for a day or 2. Have a great weekend Angela


----------



## eddie5659 (Mar 19, 2001)

Hope you had a great weekend, and I love Amazon as well, buy a lot from there. Plus, I have a shop on there as well 

Looks like the Kaspersky scan didn't find anything that is related to what you're getting 

Lets do the Firewall thing manually.

I'll create some screenshots of what to do, up to the point where I'm not changing anything, as my firewall is ok 

---

1. Click Start, type *Services.msc* in the *Search programs and files* box, and then press *ENTER*










2. Locate and double click the *Windows Firewall* service.










doubleclick to get:










3. Click the *Log On* tab










4. In the *This account* text box, type *NT AUTHORITY\LocalService*










5. Set both *Password* fields blank










6. Click *Apply* and then *OK*

7. Repeat these steps for the *Base Filtering Engine* service



















8. Restart both services, eg this is for *Base Filtering Engine*. Mine is greyed out as its already started, but click on *Start*


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie: I am sorry to tell you but I have already followed those steps numerous times. Each time I hit apply a box comes up telling me I cannot do it for whatever reason. I really have followed those exact steps. Dont know what else to tell u Angela


----------



## eddie5659 (Mar 19, 2001)

Are you the only person that uses this computer? Are there other people in your house that use the router?

Can you run this for me:

Download *RogueKiller* to your desktop


Quit all running programs 
For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe 
Wait until the Pre-scan has finished.
Click on Scan
If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe 
Click on Report and copy/paste the contents here.

I'm also going to ask around, see if anyone else can help, as I may be missing something.

Its late here, ready for bed in 5 mins, but I'll post to the others first thing in my lunch hour tomorow, as I need to explain what we've tried etc 

We'll get this solved, I never give up


----------



## lavenderchef45 (Jul 24, 2013)

RogueKiller V8.7.7 [Nov 11 2013] by Tigzy
mail : tigzyRKgmailcom
Feedback : http://www.adlice.com/forum/ 
Website : http://www.adlice.com/softwares/roguekiller/ 
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Lisa [Admin rights] 
Mode : Scan -- Date : 11/11/2013 18:07:38
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤

[SERVICE][ROGUE ST] HKLM\[...]\CS002\[...]\Services : 17138345 (C:\windows\system32\DRIVERS\17138345.sys [x]) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND 
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND 
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND 
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND 
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND 
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND 
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND 
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 1 ¤¤¤

[Lisa][SUSP PATH] _uninst_17138345.lnk : C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_17138345.lnk @C:\Users\Lisa\AppData\Local\Temp\_UNINS~1.BAT [-][-] -> FOUND

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤ -->

%SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3265GSXN SATA Disk Device +++++ 
--- User --- 
[MBR] 22a0d70330e3e8cdf3df977bf60a98ad 
[BSP] d17fb229d6e39fb26d48a5cb86f88de0 : Windows Vista MBR Code 
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 292137 Mo 
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 601370624 | Size: 11607 Mo 
User = LL1 ... OK! 
User = LL2 ... OK!

Finished : > RKreport[0]_S_11112013_180500.txt


----------



## eddie5659 (Mar 19, 2001)

Sorry for the lateness, I'm having problems with my computer. Long story short, I installed some beta graphic card drivers, and its damaged my card I think. New one on order, so using the laptop at the moment 

-----------

It actually has found something on startup, which is good to know, so lets get this thing removed.

Re-run RogueKiller, hit "Scan" tab when pre-scan completes.

Under the "Registry" tab *Untick* the following keys: (All keys should be ticked by default)

[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

Hit the "Delete" tab, re-run RK and post fresh log.


----------



## lavenderchef45 (Jul 24, 2013)

RogueKiller V8.7.9 _x64_ [Nov 25 2013] by Tigzy mail : tigzyRKgmailcom Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Lisa [Admin rights] Mode : Scan [Aborted] -- Date : 11/30/2013 18:13:10 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 0 ¤¤¤ ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ Finished : >


----------



## lavenderchef45 (Jul 24, 2013)

¤¤¤ Registry Entries : 4 ¤¤¤ [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie: Laptop is horrible! Webpages and apps close at random. Can't write an email without the words getting turned around. Cursor moves to top, whole paragraphs highlight & delete. Just writing this short note has taken 15 min. I am at a loss. This has been going on for over a month now. I tried the other scan Kaspersky Virus remov but the program kept telling me that I needded to download the newest version. So, I went to the website & did as . When I started the program it stated I needed a newer version. Other that that I am fine. That was supposed to be funny. Hope u are well. Just finished with Thanksgiving.The American holiday that promotes gluttony Nationwide. Hope u r well.Thanks for sticking with me! Angela


----------



## eddie5659 (Mar 19, 2001)

Okay, I'm going through the entire thread. Seen some things that I may have missed, so lets try something:

Click *Start*>>*All Programs*>>*Accessories*

Right-click on *Command Prompt* and select *Run As Administrator*

In the Command Prompt type *chkdsk /f* click *Enter*

There is a space between k and /f

You will be asked if you want a check disk to run on next startup click *Y *and then press *Enter*

Restart your PC

It will run in 5 sections please do not interrupt it let it finish.

Let me know if that helps.


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie:
k
Ran chk dsk last week. Nothing showed up. I just do not understand. I now am certain I have a very powerful hacker. In Network & Sharing Center I can not turn off Network Discovery or File & Printer Sharing.
When I hit the buttons to save its exactly like windows firewall. Typing this short note has taken double the normal time bc the words keep highlighting and delete or move to another line. No, I am not resting my hand on the touch pad. I still believe we can lick this thing! I believe in u !

Angela


----------



## eddie5659 (Mar 19, 2001)

I know this sounds like a strange question, but do you have a spare keyboard that is normmaly used on a desktop pc?

If you do, and its USB, try plugging it in and starting up the laptop. Let it install new hardware if it asks, then try a few things out on the keyboard.

I just want to rule it out, as I know that sometimes keyboards can act screwy on laptops, as mine that I have has had problems in the past.

If not, I'll re-read and see what else I can see, and may point this to some other experts for a fresh pair of eyes


----------



## lavenderchef45 (Jul 24, 2013)

You were right, you were right, Oh Joy Oh Gladness! It was the 5 & dime keyboard on my 5 & dime Toshiba Satellite. But, I should NOT be like this. It was a gift. Any hoo: now all I need to do is get a new mouse & I can dance. I really want to run the Kaspersky program. Not the Scanner the one that I have to zip to send you the results. I think there are several in my registry & I need to uninstall/remove all instances of them before downloading another and running it. We had a nice snow storm this morning. It lasted thru this afternoon. Then turned to ice and stopped. A foot in some places. But so beautiful. I live walking distance to the Shenandoah River. It is a lovely place. Grew up in Philadelphia & Washington DC. Have a great sleep! Angela


----------



## lavenderchef45 (Jul 24, 2013)

Run by Lisa at 2013-12-08 20:32:07 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 256 GB (88%) free of 292 GB Total RAM: 2663 MB (52% free) 
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:32:36 PM, on 12/8/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal

Running processes:
C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Users\Lisa\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Lisa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [20131121] C:\Program Files\Alwil Software\Avast5\setup\emupdate\8048d7fc-f276-4f5a-8a10-1700d41b87f2.exe /check
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} - http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -

O23 - Service: !SASCORE - - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

End of file - 6433 bytes


----------



## lavenderchef45 (Jul 24, 2013)

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\Malwarebytes Anti-Exploit.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=U039DF&PC=U039&dt=070613&q="

"[email protected]"=C:\Program Files\Alwil Software\Avast5\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll


C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\
[email protected]
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}


----------



## lavenderchef45 (Jul 24, 2013)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED663}]
avast! Ad Blocker - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll [2013-02-18 1366720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2011-02-11 1295736]
"KeyScrambler"=C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [2013-07-13 508048]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2013-08-30 4858968]
"20131121"=C:\Program Files\Alwil Software\Avast5\setup\emupdate\8048d7fc-f276-4f5a-8a10-1700d41b87f2.exe [2013-11-23 180184]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1


----------



## lavenderchef45 (Jul 24, 2013)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv


----------



## lavenderchef45 (Jul 24, 2013)

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-12-07 19:56:29 ----D---- C:\windows\Migration
2013-12-07 19:56:17 ----SHD---- C:\Config.Msi
2013-11-23 08:43:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-21 07:29:57 ----D---- C:\ProgramData\TEMP
2013-11-21 07:26:09 ----A---- C:\windows\GPlrLanc.dat
2013-11-21 07:24:56 ----D---- C:\ProgramData\Updater
2013-11-21 07:24:56 ----D---- C:\ProgramData\RHelpers
2013-11-16 01:28:35 ----SHD---- C:\$RECYCLE.BIN
2013-11-16 01:28:29 ----D---- C:\windows\temp
2013-11-16 01:28:27 ----A---- C:\ComboFix.txt
2013-11-16 00:36:46 ----A---- C:\windows\zip.exe
2013-11-16 00:36:46 ----A---- C:\windows\SWSC.exe
2013-11-16 00:36:46 ----A---- C:\windows\SWREG.exe
2013-11-16 00:36:46 ----A---- C:\windows\sed.exe
2013-11-16 00:36:46 ----A---- C:\windows\PEV.exe
2013-11-16 00:36:46 ----A---- C:\windows\NIRCMD.exe
2013-11-16 00:36:46 ----A---- C:\windows\MBR.exe
2013-11-16 00:36:46 ----A---- C:\windows\grep.exe
2013-11-16 00:36:25 ----D---- C:\Qoobox
2013-11-14 01:25:39 ----A---- C:\windows\SysWOW64\crypt32.dll
2013-11-14 01:25:18 ----A---- C:\windows\SysWOW64\authui.dll
2013-11-14 01:25:17 ----A---- C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 01:25:16 ----A---- C:\windows\SysWOW64\credui.dll
2013-11-14 01:25:02 ----A---- C:\windows\SysWOW64\schannel.dll
2013-11-14 01:24:59 ----A---- C:\windows\SysWOW64\sspicli.dll
2013-11-14 01:24:59 ----A---- C:\windows\SysWOW64\ncrypt.dll
2013-11-14 01:24:58 ----A---- C:\windows\SysWOW64\secur32.dll
2013-11-14 01:24:52 ----A---- C:\windows\SysWOW64\gdi32.dll
2013-11-14 01:24:46 ----A---- C:\windows\SysWOW64\nshwfp.dll
2013-11-14 01:24:46 ----A---- C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 01:58:19 ----A---- C:\windows\SysWOW64\elshyph.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\wininet.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\wextract.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\webcheck.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\vbscript.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\urlmon.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\url.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\pngfilt.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\occache.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\msrating.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\msls31.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\mshtmler.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\mshtmled.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\MshtmlDac.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\mshtml.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\mshta.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\msfeedssync.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\msfeedsbs.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\msfeeds.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\licmgr10.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\jsproxy.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\jsIntl.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\jscript9diag.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\jscript9.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\jscript.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\inseng.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\imgutil.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\iexpress.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\ieUnatt.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\ieui.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\iesysprep.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\iesetup.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\iertutil.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\iernonce.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\iepeers.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\ieframe.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\iedkcs32.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\ieapfltr.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\ieapfltr.dat
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\IEAdvpack.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\icardie.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\dxtrans.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\dxtmsft.dll


----------



## lavenderchef45 (Jul 24, 2013)

2013-12-08 20:32:36 ----D---- C:\windows\Prefetch
2013-12-08 20:32:34 ----D---- C:\Program Files (x86)\trend micro
2013-12-08 19:45:29 ----D---- C:\windows\inf
2013-12-08 17:40:03 ----D---- C:\windows\System32
2013-12-08 16:44:50 ----D---- C:\windows\Microsoft.NET
2013-12-08 16:21:29 ----D---- C:\windows\Tasks
2013-12-07 20:11:54 ----SHD---- C:\windows\Installer
2013-12-07 20:07:53 ----RSD---- C:\windows\assembly
2013-12-07 20:02:21 ----D---- C:\windows\SysWOW64
2013-12-07 20:02:21 ----A---- C:\windows\SysWOW64\PerfStringBackup.INI
2013-12-07 19:57:10 ----D---- C:\windows\SysWOW64\en-US
2013-12-07 19:56:29 ----SD---- C:\ProgramData\Microsoft
2013-12-07 19:56:29 ----AD---- C:\Windows
2013-12-07 19:52:59 ----SHD---- C:\System Volume Information
2013-12-06 20:46:40 ----D---- C:\windows\winsxs
2013-12-05 14:20:27 ----D---- C:\ProgramData
2013-12-05 14:20:26 ----RD---- C:\Program Files (x86)
2013-11-29 18:32:55 ----D---- C:\windows\Panther
2013-11-29 18:32:54 ----D---- C:\windows\Minidump
2013-11-29 18:32:54 ----D---- C:\windows\Logs
2013-11-29 18:32:54 ----D---- C:\windows\debug
2013-11-29 18:31:19 ----RD---- C:\Program Files
2013-11-21 10:02:12 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-11-21 07:37:49 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2013-11-21 07:37:30 ----D---- C:\windows\Downloaded Program Files
2013-11-21 07:22:34 ----D---- C:\windows\Resources
2013-11-16 01:24:14 ----A---- C:\windows\system.ini
2013-11-16 01:19:51 ----D---- C:\windows\SysWOW64\drivers
2013-11-16 01:19:50 ----D---- C:\windows\AppPatch
2013-11-16 01:19:46 ----D---- C:\Program Files (x86)\Common Files
2013-11-16 00:03:35 ----D---- C:\windows\erdnt
2013-11-15 20:18:01 ----D---- C:\windows\rescache
2013-11-13 08:52:32 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-13 08:52:30 ----D---- C:\windows\SysWOW64\migration
2013-11-13 08:52:19 ----D---- C:\windows\PolicyDefinitions
2013-11-12 23:37:14 ----D---- C:\AdwCleaner


----------



## lavenderchef45 (Jul 24, 2013)

(R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\system32\DRIVERS\amd_sata.sys []
R0 amd_xata;amd_xata; C:\windows\system32\DRIVERS\amd_xata.sys []
R0 aswRvrt;aswRvrt; C:\windows\SysWOW64\drivers\aswRvrt.sys []
R0 aswVmm;aswVmm; C:\windows\SysWOW64\drivers\aswVmm.sys []
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys []
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ_O.SYS []
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys []
R1 aswSnx;aswSnx; C:\windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\windows\SysWOW64\drivers\aswTdi.sys []
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Program Files\Malwarebytes Anti-Exploit\MBAE.sys [2013-08-01 62168]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys []
R2 aswFsBlk;aswFsBlk; C:\windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys []
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys []
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys []
R3 FwLnk;FwLnk Driver; C:\windows\system32\DRIVERS\FwLnk.sys []
R3 KeyScrambler;KeyScrambler; C:\windows\System32\drivers\keyscrambler.sys []
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys []
R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys []
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\windows\system32\DRIVERS\rtl8192Ce.sys []
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys []
S3 catchme;catchme; \??\C:\lavenderchef123\catchme.sys []
S3 DrvAgent64;DrvAgent64; \??\C:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2013-07-10 21712]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys []
S3 tap0901;avast! SecureLine TAP Adapter; C:\windows\system32\DRIVERS\tap0901.sys []
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys []
S3 usbscan;USB Scanner Driver; C:\windows\system32\drivers\usbscan.sys []


----------



## lavenderchef45 (Jul 24, 2013)

(R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-08-30 46808]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe []
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08 116648]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe /V []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-21 117144]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------


----------



## lavenderchef45 (Jul 24, 2013)

Just wanted to see if we could see any red flags so I re ran this and tried to send it as neatly "easy on the eyes" as possible.

Angela


----------



## eddie5659 (Mar 19, 2001)

Looks good to me :up:

Sometimes with laptops, they can get some fluff or bits of dirt under the keyboard that can have all sorts of problems.

Replacing the keyboard can be done, but either by a shop or you can order the part yourself and do it at home.

I've replaced the keyboard, power button, and a few other inside parts on my laptop that my mum gave me when it died. Still works, but I have a USB mouse instead, as its a lot easier, as the right-click still doesn't work on the laptop.

For the AVZ, it should uninstall fully. So, instead of running the full scan, lets do a partial bit first:

----

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop ( it will be randomly named )

*First we will run a virus scan * 
Select the cog to access scan areas









On the first tab select all elements down to *OS C* and then select start scan 









Once it has finished select reports and post the detected threats

-----------------

As for the mouse, you can get some pretty cheap ones out there. Mine cost £4, as it does basic commands. Here is one in Amazon:

http://www.amazon.com/Logitech-B100...&ie=UTF8&qid=1386708267&sr=1-1&keywords=mouse

Or, just go to Amazon, typy 'mouse' in the search, and narrow it down by selecting PC then USB (if you have a USB slot).

Don't bother with the expensive ones, for home use, you just want to pint and click.

Can't find the one I have, it pretty basic. But, my gaming mouse is this one:

http://www.amazon.com/Razer-Deathad...azer+Deathadder+Re-Spawn+3500DPI+Gaming+Mouse

Bit expensive, but when gaming you need quick speed etc


----------



## lavenderchef45 (Jul 24, 2013)

You don't want to know how many times I have attempted to downld & install only to have a box pop up telling me the program was out of date or have it just "disappear" into thin air while it was downloading. Finally went into Safe Mode & it worked! Can not run in Safe though. So I rebooted into normal & "A BOX POPPED UP" (SUPRISE) telling me the program could not load BC it had not renamed itself! Went into downloaded programs & reinstalled. Somewhere in my system there is another downloaded KVRT! I don't think the first one is gone. Just hidden. 

While I was hanging out, thinking of putting my laptop in the wood stove I re-ran several of the programs you had me run over the past few months. I got some interesting results. I am sending them for your overview. If its a bore, or you don't feel up to ruining your eyesight further, no worries. I saw what I believed were a few red flags.

Best Regards to U!

Angela


----------



## lavenderchef45 (Jul 24, 2013)

RogueKiller V8.7.9 _x64_ [Nov 25 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : Lisa [Admin rights]
Mode : Scan -- Date : 12/18/2013 21:02:40
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] tdsskiller.exe -- C:\Users\Lisa\Desktop\tdsskiller.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 8 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3265GSXN SATA Disk Device +++++
--- User ---
[MBR] 22a0d70330e3e8cdf3df977bf60a98ad
[BSP] d17fb229d6e39fb26d48a5cb86f88de0 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 292137 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 601370624 | Size: 11607 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_12182013_210240.txt >>


----------



## lavenderchef45 (Jul 24, 2013)

Farbar Service Scanner Version: 13-09-2013
Ran by Lisa (administrator) on 18-12-2013 at 21:21:21
Running from "C:\Users\Lisa\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. 
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors

Windows Firewall:
=============

Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.

System Restore Disabled Policy: 
========================

Action Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.

Windows Autoupdate Disabled Policy: 
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2013-11-14 01:25] - [2013-09-27 20:09] - 0497152 ____A (Microsoft Corporation) 79059559E89D06E8B80CE2944BE20228

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-10-10 09:17] - [2013-09-07 21:30] - 1903552 ____A (Microsoft Corporation) 40AF23633D197905F03AB5628C558C51

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****


----------



## lavenderchef45 (Jul 24, 2013)

# AdwCleaner v3.007 - Report created 18/12/2013 at 21:09:15
# Updated 09/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lisa - LISA-PC
# Running from : C:\Users\Lisa\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [972 octets] - [18/09/2013 22:39:22]
AdwCleaner[R1].txt - [1499 octets] - [13/10/2013 12:58:49]
AdwCleaner[R2].txt - [1343 octets] - [13/10/2013 13:08:07]
AdwCleaner[R3].txt - [1463 octets] - [12/11/2013 22:50:40]
AdwCleaner[R4].txt - [1122 octets] - [18/12/2013 21:09:15]
AdwCleaner[S0].txt - [1038 octets] - [18/09/2013 22:40:38]
AdwCleaner[S1].txt - [1574 octets] - [13/10/2013 13:03:20]
AdwCleaner[S2].txt - [1410 octets] - [13/10/2013 13:14:01]
AdwCleaner[S3].txt - [1530 octets] - [12/11/2013 23:36:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1422 octets] ##########


----------



## lavenderchef45 (Jul 24, 2013)

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lisa at 2013-12-18 21:23:55
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 259 GB (89%) free of 292 GB
Total RAM: 2663 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:23:58 PM, on 12/18/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Safe mode with network support

Running processes:
C:\windows\SysWOW64\notepad.exe
C:\Users\Lisa\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Lisa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [20131121] C:\Program Files\Alwil Software\Avast5\setup\emupdate\8048d7fc-f276-4f5a-8a10-1700d41b87f2.exe /check
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} - http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - 
O23 - Service: !SASCORE - - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6132 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\Malwarebytes Anti-Exploit.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=U039DF&PC=U039&dt=070613&q="

"[email protected]"=C:\Program Files\Alwil Software\Avast5\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\
[email protected]
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED663}]
avast! Ad Blocker - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll [2013-02-18 1366720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"20131121"=C:\Program Files\Alwil Software\Avast5\setup\emupdate\8048d7fc-f276-4f5a-8a10-1700d41b87f2.exe [2013-11-23 180184]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2013-08-30 4858968]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2011-02-11 1295736]
"KeyScrambler"=C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [2013-11-14 508144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 3 months======

2013-12-18 21:04:43 ----A---- C:\TDSSKiller.2.8.16.0_18.12.2013_21.04.43_log.txt
2013-12-18 20:59:21 ----A---- C:\TDSSKiller.2.8.16.0_18.12.2013_20.59.20_log.txt
2013-12-18 20:57:29 ----A---- C:\windows\ntbtlog.txt
2013-12-16 00:22:00 ----D---- C:\Users\Lisa\AppData\Roaming\QFX Software
2013-12-16 00:22:00 ----D---- C:\ProgramData\QFX Software
2013-12-16 00:07:34 ----D---- C:\Program Files (x86)\KeyScrambler
2013-12-11 18:46:46 ----A---- C:\windows\SysWOW64\wmploc.DLL
2013-12-11 18:46:45 ----A---- C:\windows\SysWOW64\wmp.dll
2013-12-11 18:44:15 ----A---- C:\windows\SysWOW64\ieui.dll
2013-12-11 18:44:14 ----A---- C:\windows\SysWOW64\jsproxy.dll
2013-12-11 18:44:10 ----A---- C:\windows\SysWOW64\jscript9diag.dll
2013-12-11 18:44:09 ----A---- C:\windows\SysWOW64\ieapfltr.dll
2013-12-11 18:44:07 ----A---- C:\windows\SysWOW64\iertutil.dll
2013-12-11 18:44:06 ----A---- C:\windows\SysWOW64\wininet.dll
2013-12-11 18:44:05 ----A---- C:\windows\SysWOW64\urlmon.dll
2013-12-11 18:44:00 ----A---- C:\windows\SysWOW64\ieframe.dll
2013-12-11 18:43:58 ----A---- C:\windows\SysWOW64\mshtml.dll
2013-12-11 18:43:57 ----A---- C:\windows\SysWOW64\jscript9.dll
2013-12-10 20:20:49 ----A---- C:\windows\SysWOW64\msieftp.dll
2013-12-10 20:20:46 ----A---- C:\windows\SysWOW64\WMPhoto.dll
2013-12-10 20:20:42 ----A---- C:\windows\SysWOW64\imagehlp.dll
2013-12-10 20:15:53 ----A---- C:\windows\SysWOW64\tzres.dll
2013-12-10 20:15:41 ----A---- C:\windows\SysWOW64\wscript.exe
2013-12-10 20:15:40 ----A---- C:\windows\SysWOW64\scrrun.dll
2013-12-10 20:15:40 ----A---- C:\windows\SysWOW64\cscript.exe
2013-12-07 19:56:29 ----D---- C:\windows\Migration
2013-11-23 08:43:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-21 07:29:57 ----D---- C:\ProgramData\TEMP
2013-11-21 07:26:09 ----A---- C:\windows\GPlrLanc.dat
2013-11-21 07:24:56 ----D---- C:\ProgramData\Updater
2013-11-21 07:24:56 ----D---- C:\ProgramData\RHelpers
2013-11-16 01:28:35 ----SHD---- C:\$RECYCLE.BIN
2013-11-16 01:28:29 ----D---- C:\windows\temp
2013-11-16 01:28:27 ----A---- C:\ComboFix.txt
2013-11-16 00:36:46 ----A---- C:\windows\zip.exe
2013-11-16 00:36:46 ----A---- C:\windows\SWSC.exe
2013-11-16 00:36:46 ----A---- C:\windows\SWREG.exe
2013-11-16 00:36:46 ----A---- C:\windows\sed.exe
2013-11-16 00:36:46 ----A---- C:\windows\PEV.exe
2013-11-16 00:36:46 ----A---- C:\windows\NIRCMD.exe
2013-11-16 00:36:46 ----A---- C:\windows\MBR.exe
2013-11-16 00:36:46 ----A---- C:\windows\grep.exe
2013-11-16 00:36:25 ----D---- C:\Qoobox
2013-11-14 01:25:39 ----A---- C:\windows\SysWOW64\crypt32.dll
2013-11-14 01:25:18 ----A---- C:\windows\SysWOW64\authui.dll
2013-11-14 01:25:17 ----A---- C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 01:25:16 ----A---- C:\windows\SysWOW64\credui.dll
2013-11-14 01:25:02 ----A---- C:\windows\SysWOW64\schannel.dll
2013-11-14 01:24:59 ----A---- C:\windows\SysWOW64\sspicli.dll
2013-11-14 01:24:59 ----A---- C:\windows\SysWOW64\ncrypt.dll
2013-11-14 01:24:58 ----A---- C:\windows\SysWOW64\secur32.dll
2013-11-14 01:24:52 ----A---- C:\windows\SysWOW64\gdi32.dll
2013-11-14 01:24:46 ----A---- C:\windows\SysWOW64\nshwfp.dll
2013-11-14 01:24:46 ----A---- C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 01:58:19 ----A---- C:\windows\SysWOW64\elshyph.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\wextract.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\webcheck.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\vbscript.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\url.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\pngfilt.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\occache.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\msrating.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\msls31.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\mshtmler.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\mshtmled.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\MshtmlDac.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\mshta.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\msfeedssync.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\msfeedsbs.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\msfeeds.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\licmgr10.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\jsIntl.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\jscript.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\inseng.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\imgutil.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\iexpress.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\ieUnatt.exe
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\iesysprep.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\iesetup.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\iernonce.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\iepeers.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\iedkcs32.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\ieapfltr.dat
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\IEAdvpack.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\icardie.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\dxtrans.dll
2013-11-13 01:58:09 ----A---- C:\windows\SysWOW64\dxtmsft.dll
2013-10-15 19:51:55 ----A---- C:\TDSSKiller.2.8.16.0_15.10.2013_20.51.55_log.txt
2013-10-15 19:48:20 ----A---- C:\TDSSKiller.2.8.16.0_15.10.2013_20.48.20_log.txt
2013-10-15 19:46:44 ----A---- C:\TDSSKiller.2.8.16.0_15.10.2013_20.46.44_log.txt
2013-10-15 18:17:15 ----A---- C:\TDSSKiller.2.8.16.0_15.10.2013_19.17.15_log.txt
2013-10-10 09:24:58 ----A---- C:\VEW.txt
2013-10-10 09:17:50 ----A---- C:\windows\SysWOW64\comctl32.dll
2013-10-10 09:17:46 ----A---- C:\windows\SysWOW64\lpk.dll
2013-10-10 09:17:46 ----A---- C:\windows\SysWOW64\fontsub.dll
2013-10-10 09:17:46 ----A---- C:\windows\SysWOW64\dciman32.dll
2013-10-10 09:17:46 ----A---- C:\windows\SysWOW64\atmfd.dll
2013-10-10 09:17:45 ----A---- C:\windows\SysWOW64\atmlib.dll
2013-10-10 09:17:38 ----A---- C:\windows\SysWOW64\WebClnt.dll
2013-10-10 09:17:37 ----A---- C:\windows\SysWOW64\davclnt.dll
2013-10-10 09:17:33 ----A---- C:\windows\SysWOW64\mswsock.dll
2013-10-10 09:17:16 ----A---- C:\windows\SysWOW64\ntkrnlpa.exe
2013-10-10 09:17:15 ----A---- C:\windows\SysWOW64\ntoskrnl.exe
2013-10-10 09:17:14 ----A---- C:\windows\SysWOW64\tdh.dll
2013-10-10 09:17:12 ----A---- C:\windows\SysWOW64\advapi32.dll
2013-10-10 09:17:11 ----A---- C:\windows\SysWOW64\ntdll.dll
2013-10-10 09:17:01 ----A---- C:\windows\SysWOW64\wow32.dll
2013-10-10 09:17:01 ----A---- C:\windows\SysWOW64\setup16.exe
2013-10-10 09:17:01 ----A---- C:\windows\SysWOW64\ntvdm64.dll
2013-10-10 09:17:01 ----A---- C:\windows\SysWOW64\instnm.exe
2013-10-10 09:17:00 ----A---- C:\windows\SysWOW64\user.exe
2013-10-10 09:16:46 ----A---- C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-04 12:16:20 ----A---- C:\windows\SysWOW64\msvcr71.dll
2013-10-04 12:16:20 ----A---- C:\windows\SysWOW64\mfc71.dll
2013-10-04 12:16:20 ----A---- C:\windows\SysWOW64\gdiplus.dll
2013-09-24 21:23:40 ----D---- C:\Program Files (x86)\trend micro
2013-09-24 21:23:38 ----D---- C:\rsit

======List of files/folders modified in the last 3 months======

2013-12-18 21:09:56 ----D---- C:\AdwCleaner
2013-12-18 21:02:53 ----D---- C:\windows\System32
2013-12-18 21:02:53 ----D---- C:\windows\inf
2013-12-18 20:57:29 ----AD---- C:\Windows
2013-12-18 20:56:25 ----D---- C:\windows\Prefetch
2013-12-18 20:56:10 ----D---- C:\windows\Tasks
2013-12-18 12:21:16 ----SHD---- C:\System Volume Information
2013-12-16 12:15:32 ----D---- C:\windows\rescache
2013-12-16 00:22:00 ----D---- C:\ProgramData
2013-12-16 00:20:36 ----D---- C:\windows\winsxs
2013-12-16 00:08:02 ----D---- C:\windows\SysWOW64\wbem
2013-12-16 00:08:02 ----D---- C:\windows\SysWOW64\en-US
2013-12-16 00:08:02 ----D---- C:\windows\SysWOW64
2013-12-16 00:08:02 ----D---- C:\windows\PolicyDefinitions
2013-12-16 00:07:34 ----RD---- C:\Program Files (x86)
2013-12-15 23:26:18 ----SHD---- C:\windows\Installer
2013-12-15 22:20:20 ----SD---- C:\ProgramData\Microsoft
2013-12-14 18:57:47 ----D---- C:\windows\debug
2013-12-11 21:54:31 ----RD---- C:\Program Files
2013-12-11 20:14:13 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-11 20:14:09 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-11 02:58:44 ----SD---- C:\Users\Lisa\AppData\Roaming\Microsoft
2013-12-08 16:44:50 ----D---- C:\windows\Microsoft.NET
2013-12-07 20:07:53 ----RSD---- C:\windows\assembly
2013-12-07 20:02:21 ----A---- C:\windows\SysWOW64\PerfStringBackup.INI
2013-11-29 18:32:55 ----D---- C:\windows\Panther
2013-11-29 18:32:54 ----D---- C:\windows\Minidump
2013-11-29 18:32:54 ----D---- C:\windows\Logs
2013-11-21 10:02:12 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-11-21 07:37:49 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2013-11-21 07:37:30 ----D---- C:\windows\Downloaded Program Files
2013-11-21 07:22:34 ----D---- C:\windows\Resources
2013-11-16 01:24:14 ----A---- C:\windows\system.ini
2013-11-16 01:19:51 ----D---- C:\windows\SysWOW64\drivers
2013-11-16 01:19:50 ----D---- C:\windows\AppPatch
2013-11-16 01:19:46 ----D---- C:\Program Files (x86)\Common Files
2013-11-16 00:03:35 ----D---- C:\windows\erdnt
2013-11-13 08:52:30 ----D---- C:\windows\SysWOW64\migration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\system32\DRIVERS\amd_sata.sys []
R0 amd_xata;amd_xata; C:\windows\system32\DRIVERS\amd_xata.sys []
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys []
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ_O.SYS []
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys []
R3 FwLnk;FwLnk Driver; C:\windows\system32\DRIVERS\FwLnk.sys []
R3 KeyScrambler;KeyScrambler; C:\windows\System32\drivers\keyscrambler.sys []
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys []
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\windows\system32\DRIVERS\rtl8192Ce.sys []
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys []
S0 aswRvrt;aswRvrt; C:\windows\SysWOW64\drivers\aswRvrt.sys []
S0 aswVmm;aswVmm; C:\windows\SysWOW64\drivers\aswVmm.sys []
S1 aswSnx;aswSnx; C:\windows\SysWOW64\drivers\aswSnx.sys []
S1 aswSP;aswSP; C:\windows\SysWOW64\drivers\aswSP.sys []
S1 aswTdi;avast! Network Shield Support; C:\windows\SysWOW64\drivers\aswTdi.sys []
S1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Program Files\Malwarebytes Anti-Exploit\MBAE.sys [2013-08-01 62168]
S2 aswFsBlk;aswFsBlk; C:\windows\SysWOW64\drivers\aswFsBlk.sys []
S2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys []
S3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys []
S3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys []
S3 catchme;catchme; \??\C:\lavenderchef123\catchme.sys []
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys []
S3 DrvAgent64;DrvAgent64; \??\C:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2013-07-10 21712]
S3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys []
S3 tap0901;avast! SecureLine TAP Adapter; C:\windows\system32\DRIVERS\tap0901.sys []
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys []
S3 usbscan;USB Scanner Driver; C:\windows\system32\drivers\usbscan.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe []
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-08-30 46808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08 116648]
S2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe []
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe /V []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-21 117144]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------


----------



## eddie5659 (Mar 19, 2001)

Thanks for posting these. I'm out tonight as its Christmas, but will look at them fully tomorrow, after I've been shopping. Will need to relax after the last Saturday at the shops before the big day


----------



## eddie5659 (Mar 19, 2001)

Okay, looking at them now 

Also, hope you have a nice Christmas, its a busy few days, but then I've booked off a few days off work, so got 2 weeks, and I plan on doing as little as possible 

So, onto the logs:



> [SUSP PATH] tdsskiller.exe -- C:\Users\Lisa\Desktop\tdsskiller.exe [7] -> KILLED [TermProc]


That one is fine, its a program we used earlier. We'll remove all when its all better 

Now, as we now know it was the keyboard, lets see if we can solve the Firewall issue.

I see its still not enabled, so can you see if some of the things you tried before will work now, and let me know how it goes 

I also see a few other things that are not running, but let's see if you can start.

---

Adwcleaner found some stuff, but it looks like the remains, so do this as before:

Re-run AdwCleaner with the *Scan* option. After its finished scanning, click the *Clean* button.

Allow the cleaning process to finish.

If it appears to freeze, be patient for a few minutes.

When it's finished, click on the *Report* button.

Return here to your thread, then copy-and-paste the ENTIRE log here

eddie


----------



## lavenderchef45 (Jul 24, 2013)

# AdwCleaner v3.017 - Report created 12/01/2014 at 14:43:25
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lisa - LISA-PC
# Running from : C:\Users\Lisa\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\RHelpers

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [972 octets] - [18/09/2013 22:39:22]
AdwCleaner[R1].txt - [1499 octets] - [13/10/2013 12:58:49]
AdwCleaner[R2].txt - [1343 octets] - [13/10/2013 13:08:07]
AdwCleaner[R3].txt - [1463 octets] - [12/11/2013 22:50:40]
AdwCleaner[R4].txt - [1502 octets] - [18/12/2013 21:09:15]
AdwCleaner[R5].txt - [2145 octets] - [12/01/2014 14:26:01]
AdwCleaner[S0].txt - [1038 octets] - [18/09/2013 22:40:38]
AdwCleaner[S1].txt - [1574 octets] - [13/10/2013 13:03:20]
AdwCleaner[S2].txt - [1410 octets] - [13/10/2013 13:14:01]
AdwCleaner[S3].txt - [1530 octets] - [12/11/2013 23:36:50]
AdwCleaner[S4].txt - [2082 octets] - [12/01/2014 14:43:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [2142 octets] ##########


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie:

Well, just for fun I tried running the Kaspersky Virus Removal app again. A mere 2.5 hrs later it completed. So I went to the log, tried to open the zip file program et voil'a! No less than 50 tabs opened with the Kaspersky website, my laptop screamed beep and froze in its tracks. After a bit I was able to close the multitude of windows. As soon as I got to the last one they did it again. I was determined not to lose the log. So I waited patiently, terrified that my entire system would crash. Eventually I was able to close all the tabs. I tried saving the log to my documents library. I saved it, named it and saw it there. When I went back to look at the log, it was gone. I mean, something completely took over my laptop. When I tried to login to Tech Support Guy the page redirected to my being told I had tried to login with an incorrect password. Finally I refreshed the page and was able to login. So, here I am 4 hours later with nada. Not quite though. I did a full scan with Malwarebytes earlier today. Sending you the log file of what it found.Maybe its nothing, but who knows at this point? Cheers

Registry Keys Detected: 2
HKCR\AppID\{384997EE-E3BE-49C4-9ECA-C62B7C08128A} (PUP.Optional.DynConIE.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} (PUP.Optional.DynConIE.A) -> Quarantined and deleted successfully.


----------



## eddie5659 (Mar 19, 2001)

Okay, looking at this in depth, there must be something that is causing this. Can you see if you have this installed:

Wise Care 365
Little Registry Cleaner

It may be via AddRemove Programs in the Control Panel or in Start | Programs.

Now, I do see an extension that may be causing it, so lets see if removing that helps.

Use OTL like you did before, with the following code:

Run OTL 

Under the *Custom Scans/Fixes* box at the bottom, paste in the following


```
:Files
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected]
```

Then click the *Run Fix* button at the top 
Click OK.
Let the program run unhindered, reboot when it is done
It will produce a log for you on reboot, please post that log in your next reply. The log is saved in the same location as OTL.

-----------

Then, I'd like to see what is running when the computer is being used. So, open up OTL after you've posted the above, and set it as per the screenshot below, click *Run Scan* abd post the log. If its large, upload it 

If wordwrap is having its issue, that's fine, just post it and I'll look at it 










eddie


----------



## lavenderchef45 (Jul 24, 2013)

OTL logfile created on: 1/14/2014 10:51:13 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lisa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.60 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 60.60% Memory free
5.20 Gb Paging File | 3.98 Gb Available in Paging File | 76.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.29 Gb Total Space | 252.95 Gb Free Space | 88.66% Space Free | Partition Type: NTFS

Computer Name: LISA-PC | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/01 20:09:02 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/01 20:09:02 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/05 14:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/11/14 13:16:14 | 000,508,144 | ---- | M] (QFX Software Corporation) -- C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
PRC - [2013/08/20 12:12:34 | 000,130,520 | ---- | M] () -- C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
PRC - [2013/08/20 12:06:24 | 000,167,384 | ---- | M] () -- C:\Program Files (x86)\DFX\Universal\Apps\dfxItunesSong.exe
PRC - [2013/08/20 12:03:18 | 001,274,840 | ---- | M] () -- C:\Program Files (x86)\DFX\DFX.exe
PRC - [2013/08/01 20:34:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe

========== Modules (No Company Name) ==========

MOD - [2014/01/01 20:09:03 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/05 14:36:56 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/08/20 12:31:50 | 000,049,112 | ---- | M] () -- C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared32.dll
MOD - [2013/08/20 12:12:34 | 000,130,520 | ---- | M] () -- C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
MOD - [2013/08/20 12:06:24 | 000,167,384 | ---- | M] () -- C:\Program Files (x86)\DFX\Universal\Apps\dfxItunesSong.exe
MOD - [2013/08/20 12:03:18 | 001,274,840 | ---- | M] () -- C:\Program Files (x86)\DFX\DFX.exe

========== Services (SafeList) ==========

SRV:*64bit:* - [2014/01/01 20:09:02 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:*64bit:* - [2013/11/26 04:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:*64bit:* - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:*64bit:* - [2011/02/10 14:52:04 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:*64bit:* - [2010/10/20 16:41:50 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:*64bit:* - [2010/02/05 19:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2013/12/05 14:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/02/11 12:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:*64bit:* - [2014/01/01 20:10:06 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:*64bit:* - [2014/01/01 20:09:05 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:*64bit:* - [2014/01/01 20:09:05 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:*64bit:* - [2014/01/01 20:09:05 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:*64bit:* - [2014/01/01 20:09:05 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:*64bit:* - [2014/01/01 20:09:05 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:*64bit:* - [2014/01/01 20:09:05 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:*64bit:* - [2013/05/31 09:53:12 | 000,222,200 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler)
DRV:*64bit:* - [2013/04/30 03:51:09 | 000,040,616 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:*64bit:* - [2012/12/13 10:41:10 | 000,028,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dfx11_1x64.sys -- (DFX11_1)
DRV:*64bit:* - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:*64bit:* - [2011/04/20 08:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:*64bit:* - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:*64bit:* - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:*64bit:* - [2011/02/14 14:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:*64bit:* - [2011/02/10 15:22:00 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:*64bit:* - [2011/02/10 14:15:08 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:*64bit:* - [2011/02/08 21:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:*64bit:* - [2011/01/05 03:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:*64bit:* - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:*64bit:* - [2010/11/11 14:58:54 | 000,137,512 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:*64bit:* - [2010/11/06 22:24:34 | 000,024,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV:*64bit:* - [2010/11/05 09:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:*64bit:* - [2010/11/05 09:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:*64bit:* - [2010/10/08 13:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:*64bit:* - [2009/07/30 22:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:*64bit:* - [2009/07/14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:*64bit:* - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:*64bit:* - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:*64bit:* - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:*64bit:* - [2009/07/07 11:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:*64bit:* - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:*64bit:* - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:*64bit:* - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:*64bit:* - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/07/10 12:16:22 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:*64bit:* - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:*64bit:* - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ
IE:*64bit:* - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\SearchScopes\{DA0CC9A4-539D-40F4-90F7-B565B9B4C6B1}: "URL" = http://www.bing.com/search?FORM=U039DF&PC=U039&dt=070613&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\..\SearchScopes\C5879625A899472F8231C4DAF8D55DC1: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ_enUS529
IE - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d%7D:2.0
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.11
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found

FF:*64bit:* - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/01 20:09:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/07/06 09:52:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Extensions
[2014/01/10 10:28:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions
[2013/12/31 16:34:28 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014/01/01 17:00:36 | 000,169,613 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected]
[2014/01/02 20:24:03 | 000,170,594 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected]
[2013/12/31 16:33:32 | 000,049,690 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}.xpi
[2014/01/10 10:28:28 | 000,536,010 | ---- | M] () (No name found) -- C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/12/31 16:21:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/31 16:21:43 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013/11/14 00:54:15 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:*64bit:* - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:*64bit:* - BHO: (no name) - {FFCB3198-32F3-4E8B-9539-4324694ED663} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (avast! Ad Blocker) - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software)
O3:*64bit:* - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:*64bit:* - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:*64bit:* - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:*64bit:* - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:*64bit:* - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:*64bit:* - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:*64bit:* - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:*64bit:* - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DFX] C:\Program Files (x86)\DFX\DFX.exe ()
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3278135505-1108507621-254113999-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll (Reg Error: Value error.)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F2D4926-9457-4FB2-8668-A29BDBCB3F5D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9DBDB07-C25A-40AA-B02D-C5C5D0288EC4}: DhcpNameServer = 192.168.1.1
O20:*64bit:* - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:*64bit:* - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:*64bit:* - HKLM\..comfile [open] -- "%1" %*
O35:*64bit:* - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:*64bit:* - HKLM\...com [@ = ComFile] -- "%1" %*
O37:*64bit:* - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/12 22:16:08 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\How to Convert Mouse Movements to Key Press _ eHow_files
[2014/01/12 20:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2014/01/10 10:44:30 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\SlimWare Utilities Inc
[2014/01/10 10:33:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriverUpdate
[2014/01/10 10:33:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2014/01/08 04:11:37 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Online Payment Services - Ocwen_files
[2014/01/07 22:06:18 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Galati
[2014/01/04 10:19:34 | 001,493,872 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Lisa\Desktop\procexp64.exe
[2014/01/02 11:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/01/02 11:51:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/01/02 11:48:10 | 004,645,232 | ---- | C] (Piriform Ltd) -- C:\Users\Lisa\Desktop\ccsetup409.exe
[2014/01/01 20:10:32 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\AVAST Software
[2014/01/01 20:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/01 20:09:20 | 000,079,672 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswstm.sys
[2014/01/01 20:09:16 | 001,034,464 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2014/01/01 20:09:14 | 000,422,216 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2014/01/01 20:09:14 | 000,078,648 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2014/01/01 20:09:13 | 000,092,544 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2014/01/01 20:09:04 | 000,043,152 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2014/01/01 20:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/01 18:23:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/01 18:23:02 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/01/01 18:23:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/01/01 18:18:33 | 010,285,040 | ---- | C] (Malwarebytes Corporation  ) -- C:\Users\Lisa\Desktop\mbam-setup-1.75.0.1300.exe
[2014/01/01 17:39:01 | 091,412,976 | ---- | C] (AVAST Software) -- C:\Users\Lisa\Desktop\avast_free_antivirus_setup.exe
[2013/12/31 23:13:23 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\DFX
[2013/12/31 23:11:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DFX Audio Enhancer
[2013/12/31 23:11:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DFX
[2013/12/31 23:11:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DFX
[2013/12/31 23:11:08 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\vlc
[2013/12/31 23:08:47 | 004,808,008 | ---- | C] (Power Technology) -- C:\Users\Lisa\Desktop\dfx11Setup.exe
[2013/12/30 15:51:04 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\ProcAlyzer Dumps
[2013/12/30 15:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/12/30 15:38:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/12/30 15:37:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/12/23 22:03:22 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2013/12/23 22:00:49 | 002,105,040 | ---- | C] (PeerBlock, LLC ) -- C:\Users\Lisa\Desktop\PeerBlock-Setup_v1.1_r518.exe
[2013/12/21 00:33:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/12/20 23:37:01 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\0 0ff
[2013/12/19 00:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Conexant
[2013/12/19 00:57:05 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Conexant
[2013/12/18 22:34:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/12/18 21:33:04 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\desk tp pics
[2013/12/16 00:22:00 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\QFX Software
[2013/12/16 00:22:00 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software
[2013/12/16 00:07:40 | 000,222,200 | ---- | C] (QFX Software Corporation) -- C:\windows\SysNative\drivers\keyscrambler.sys
[2013/12/16 00:07:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2013/12/16 00:07:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyScrambler

========== Files - Modified Within 30 Days ==========

[2014/01/14 22:47:43 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/14 22:23:35 | 000,024,608 | ---- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/14 22:23:35 | 000,024,608 | ---- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/14 22:18:31 | 000,000,890 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/14 22:18:01 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/01/14 22:17:52 | 2094,161,920 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/13 18:28:02 | 000,782,462 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/01/13 18:28:02 | 000,662,632 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/01/13 18:28:02 | 000,122,468 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/01/13 10:30:02 | 001,493,872 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Lisa\Desktop\procexp64.exe
[2014/01/12 22:16:13 | 000,074,597 | ---- | M] () -- C:\Users\Lisa\Desktop\How to Convert Mouse Movements to Key Press _ eHow.htm
[2014/01/12 14:24:16 | 001,236,282 | ---- | M] () -- C:\Users\Lisa\Desktop\adwcleaner.exe
[2014/01/11 14:16:03 | 000,078,241 | ---- | M] () -- C:\Users\Lisa\Desktop\Christmas 13.zip
[2014/01/11 14:15:51 | 000,095,110 | ---- | M] () -- C:\Users\Lisa\Desktop\Christmas 13.jpg
[2014/01/11 14:15:51 | 000,095,110 | ---- | M] () -- C:\Users\Lisa\Documents\Christmas 13 (2).jpg
[2014/01/11 14:13:31 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/11 09:32:02 | 000,294,032 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/01/10 21:59:44 | 000,073,902 | ---- | M] () -- C:\Users\Lisa\Documents\Christmas 13.jpg
[2014/01/10 21:59:15 | 000,088,501 | ---- | M] () -- C:\Users\Lisa\Desktop\The Girly Girls Christmas 2013.jpg
[2014/01/08 04:11:37 | 000,031,620 | ---- | M] () -- C:\Users\Lisa\Desktop\Online Payment Services - Ocwen.htm
[2014/01/06 03:08:07 | 000,014,965 | ---- | M] () -- C:\Users\Lisa\Desktop\Patrick Johnson 1.1.2014.odt
[2014/01/03 03:31:23 | 000,009,839 | ---- | M] () -- C:\Users\Lisa\Desktop\adam.odt
[2014/01/02 11:49:17 | 004,645,232 | ---- | M] (Piriform Ltd) -- C:\Users\Lisa\Desktop\ccsetup409.exe
[2014/01/02 11:30:57 | 000,009,761 | ---- | M] () -- C:\Users\Lisa\Desktop\can b rem frm sys.odt
[2014/01/01 20:10:06 | 000,079,672 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswstm.sys
[2014/01/01 20:09:05 | 001,034,464 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2014/01/01 20:09:05 | 000,422,216 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2014/01/01 20:09:05 | 000,334,136 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2014/01/01 20:09:05 | 000,207,904 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2014/01/01 20:09:05 | 000,092,544 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2014/01/01 20:09:05 | 000,078,648 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2014/01/01 20:09:05 | 000,065,776 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2014/01/01 20:09:04 | 000,043,152 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2014/01/01 18:20:44 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Lisa\Desktop\mbam-setup-1.75.0.1300.exe
[2014/01/01 17:57:50 | 091,412,976 | ---- | M] (AVAST Software) -- C:\Users\Lisa\Desktop\avast_free_antivirus_setup.exe
[2014/01/01 11:16:27 | 002,365,840 | ---- | M] () -- C:\Users\Lisa\Desktop\SecurityTaskManager_Setup.exe
[2013/12/31 23:11:26 | 000,001,706 | ---- | M] () -- C:\Users\Public\Desktop\DFX.lnk
[2013/12/31 23:10:10 | 004,808,008 | ---- | M] (Power Technology) -- C:\Users\Lisa\Desktop\dfx11Setup.exe
[2013/12/31 16:21:48 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/12/31 15:57:53 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
[2013/12/30 18:41:39 | 000,105,666 | ---- | M] () -- C:\Users\Lisa\AppData\Local\SDPRE.jpg
[2013/12/25 21:27:29 | 000,023,451 | ---- | M] () -- C:\Users\Lisa\Documents\Bernard Fetsko.odt
[2013/12/23 22:01:54 | 002,105,040 | ---- | M] (PeerBlock, LLC ) -- C:\Users\Lisa\Desktop\PeerBlock-Setup_v1.1_r518.exe
[2013/12/21 02:17:17 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/12/21 02:17:16 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/18 22:28:15 | 130,383,968 | ---- | M] () -- C:\Users\Lisa\Desktop\setup_11.0.1.1245.x01_2013_12_19_05_35.exe
[2013/12/16 01:36:20 | 000,516,268 | ---- | M] () -- C:\Users\Lisa\Desktop\Poster-Session-List-with-PDFs1.pdf

========== Files Created - No Company Name ==========

[2014/01/12 22:16:08 | 000,074,597 | ---- | C] () -- C:\Users\Lisa\Desktop\How to Convert Mouse Movements to Key Press _ eHow.htm
[2014/01/12 14:23:49 | 001,236,282 | ---- | C] () -- C:\Users\Lisa\Desktop\adwcleaner.exe
[2014/01/11 14:16:49 | 000,095,110 | ---- | C] () -- C:\Users\Lisa\Documents\Christmas 13 (2).jpg
[2014/01/11 14:16:03 | 000,078,241 | ---- | C] () -- C:\Users\Lisa\Desktop\Christmas 13.zip
[2014/01/11 14:14:48 | 000,073,902 | ---- | C] () -- C:\Users\Lisa\Documents\Christmas 13.jpg
[2014/01/11 09:31:29 | 000,294,032 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/01/10 21:59:43 | 000,095,110 | ---- | C] () -- C:\Users\Lisa\Desktop\Christmas 13.jpg
[2014/01/10 21:59:15 | 000,088,501 | ---- | C] () -- C:\Users\Lisa\Desktop\The Girly Girls Christmas 2013.jpg
[2014/01/08 04:11:37 | 000,031,620 | ---- | C] () -- C:\Users\Lisa\Desktop\Online Payment Services - Ocwen.htm
[2014/01/06 03:08:05 | 000,014,965 | ---- | C] () -- C:\Users\Lisa\Desktop\Patrick Johnson 1.1.2014.odt
[2014/01/03 03:31:21 | 000,009,839 | ---- | C] () -- C:\Users\Lisa\Desktop\adam.odt
[2014/01/02 11:30:53 | 000,009,761 | ---- | C] () -- C:\Users\Lisa\Desktop\can b rem frm sys.odt
[2014/01/01 20:10:14 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/01 20:09:19 | 000,207,904 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2014/01/01 20:09:16 | 000,065,776 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2014/01/01 11:14:41 | 002,365,840 | ---- | C] () -- C:\Users\Lisa\Desktop\SecurityTaskManager_Setup.exe
[2013/12/31 23:11:26 | 000,001,706 | ---- | C] () -- C:\Users\Public\Desktop\DFX.lnk
[2013/12/31 16:21:48 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/12/30 18:41:38 | 000,105,666 | ---- | C] () -- C:\Users\Lisa\AppData\Local\SDPRE.jpg
[2013/12/25 21:27:22 | 000,023,451 | ---- | C] () -- C:\Users\Lisa\Documents\Bernard Fetsko.odt
[2013/12/18 22:01:44 | 130,383,968 | ---- | C] () -- C:\Users\Lisa\Desktop\setup_11.0.1.1245.x01_2013_12_19_05_35.exe
[2013/12/16 01:36:11 | 000,516,268 | ---- | C] () -- C:\Users\Lisa\Desktop\Poster-Session-List-with-PDFs1.pdf
[2013/11/21 07:26:09 | 000,000,064 | ---- | C] () -- C:\windows\GPlrLanc.dat
[2013/11/16 00:36:46 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/11/16 00:36:46 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/11/16 00:36:46 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/11/16 00:36:46 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/11/16 00:36:46 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/07/26 12:35:12 | 000,000,000 | ---- | C] () -- C:\windows\ToDisc.INI
[2013/06/28 13:03:12 | 000,000,017 | ---- | C] () -- C:\Users\Lisa\AppData\Local\resmon.resmoncfg
[2013/06/25 21:55:16 | 000,026,818 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\UserTile.png
[2013/03/25 11:49:37 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2013/03/25 11:41:51 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2013/03/25 11:38:45 | 000,002,975 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2013/03/25 10:16:26 | 000,771,040 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/01/01 20:10:32 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\AVAST Software
[2013/03/26 09:38:45 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Book Place
[2013/04/30 23:43:21 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\OpenOffice.org
[2013/12/31 15:53:42 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\QFX Software
[2013/05/25 22:03:09 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\QuickScan
[2013/07/26 11:13:00 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\SoftGrid Client
[2013/06/18 14:09:54 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\SumatraPDF
[2013/12/30 19:43:16 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Toshiba
[2013/03/25 10:17:42 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\TP
[2013/03/25 09:38:49 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\WinBatch

========== Purity Check ==========

========== Custom Scans ==========

< :Files >
[2009/07/14 00:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009/07/14 00:08:49 | 000,032,600 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2013/08/08 14:22:36 | 000,000,890 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/08/08 14:22:37 | 000,000,894 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

< C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected] >

< End of report >


----------



## lavenderchef45 (Jul 24, 2013)

I could not find any instances of Wise Care 365 or Little Registry Cleaner in Add/Remove Programs. Uses regedit as Admin & found a lot of files for Little Registry Cleaner. Nothing for Wise Care 365 though. So, Little Registry Cleaner is def in my system. Did not delete the files, probably have tentacles everywhere.


----------



## lavenderchef45 (Jul 24, 2013)

OTL logfile created on: 1/14/2014 11:54:15 PM - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lisa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.60 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 58.46% Memory free
5.20 Gb Paging File | 4.01 Gb Available in Paging File | 77.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.29 Gb Total Space | 253.02 Gb Free Space | 88.69% Space Free | Partition Type: NTFS

Computer Name: LISA-PC | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Processes (All) ==========

PRC - [2014/01/01 20:09:02 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/01 20:09:02 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/21 02:17:16 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2013/12/05 14:37:25 | 000,018,544 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2013/12/05 14:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/11/14 13:16:14 | 000,508,144 | ---- | M] (QFX Software Corporation) -- C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
PRC - [2013/08/20 12:12:34 | 000,130,520 | ---- | M] () -- C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
PRC - [2013/08/20 12:06:24 | 000,167,384 | ---- | M] () -- C:\Program Files (x86)\DFX\Universal\Apps\dfxItunesSong.exe
PRC - [2013/08/20 12:03:18 | 001,274,840 | ---- | M] () -- C:\Program Files (x86)\DFX\DFX.exe
PRC - [2013/08/01 20:34:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe

========== Services (All) ==========

SRV:*64bit:* - [2014/01/01 20:09:02 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:*64bit:* - [2013/11/26 04:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:*64bit:* - [2013/10/11 21:29:21 | 000,859,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\IKEEXT.DLL -- (IKEEXT)
SRV:*64bit:* - [2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (VaultSvc)
SRV:*64bit:* - [2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:*64bit:* - [2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:*64bit:* - [2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (Netlogon)
SRV:*64bit:* - [2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:*64bit:* - [2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (EFS)
SRV:*64bit:* - [2013/07/09 00:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:*64bit:* - [2013/07/04 07:57:22 | 000,259,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WebClnt.dll -- (WebClient)
SRV:*64bit:* - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:*64bit:* - [2013/03/25 13:07:07 | 001,255,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:*64bit:* - [2013/03/19 00:53:58 | 000,230,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:*64bit:* - [2013/02/27 00:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:*64bit:* - [2013/01/13 14:58:28 | 001,175,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:*64bit:* - [2012/10/03 12:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:*64bit:* - [2012/10/03 12:42:16 | 000,569,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:*64bit:* - [2012/07/25 22:08:14 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:*64bit:* - [2012/07/04 17:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:*64bit:* - [2012/06/02 17:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:*64bit:* - [2012/05/01 00:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:*64bit:* - [2012/02/11 01:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:*64bit:* - [2011/05/24 06:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:*64bit:* - [2011/05/04 00:19:28 | 000,591,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV:*64bit:* - [2011/03/03 01:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:*64bit:* - [2011/02/10 14:52:04 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:*64bit:* - [2010/11/20 22:25:14 | 001,504,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:*64bit:* - [2010/11/20 22:25:14 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:*64bit:* - [2010/11/20 22:25:10 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:*64bit:* - [2010/11/20 22:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:*64bit:* - [2010/11/20 22:25:05 | 001,525,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:*64bit:* - [2010/11/20 22:24:52 | 000,117,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:*64bit:* - [2010/11/20 22:24:51 | 000,232,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:*64bit:* - [2010/11/20 22:24:51 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:*64bit:* - [2010/11/20 22:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:*64bit:* - [2010/11/20 22:24:42 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:*64bit:* - [2010/11/20 22:24:36 | 001,743,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:*64bit:* - [2010/11/20 22:24:36 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:*64bit:* - [2010/11/20 22:24:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:*64bit:* - [2010/11/20 22:24:33 | 000,121,856 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SessEnv.dll -- (SessionEnv)
SRV:*64bit:* - [2010/11/20 22:24:32 | 000,777,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:*64bit:* - [2010/11/20 22:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:*64bit:* - [2010/11/20 22:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:*64bit:* - [2010/11/20 22:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:*64bit:* - [2010/11/20 22:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:*64bit:* - [2010/11/20 22:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:*64bit:* - [2010/11/20 22:24:24 | 002,018,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:*64bit:* - [2010/11/20 22:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:*64bit:* - [2010/11/20 22:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:*64bit:* - [2010/11/20 22:24:16 | 000,162,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:*64bit:* - [2010/11/20 22:24:16 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\KMSVC.DLL -- (hkmsvc)
SRV:*64bit:* - [2010/11/20 22:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:*64bit:* - [2010/11/20 22:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV:*64bit:* - [2010/11/20 22:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:*64bit:* - [2010/11/20 22:24:09 | 000,080,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:*64bit:* - [2010/11/20 22:24:09 | 000,080,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:*64bit:* - [2010/11/20 22:24:07 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:*64bit:* - [2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:*64bit:* - [2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:*64bit:* - [2010/11/20 22:24:00 | 001,389,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:*64bit:* - [2010/11/20 22:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:*64bit:* - [2010/11/20 22:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:*64bit:* - [2010/11/20 22:23:56 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:*64bit:* - [2010/11/20 22:23:56 | 000,444,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:*64bit:* - [2010/11/20 22:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:*64bit:* - [2010/11/20 22:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:*64bit:* - [2010/11/20 22:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:*64bit:* - [2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:*64bit:* - [2010/11/20 22:23:51 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:*64bit:* - [2010/11/20 22:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:*64bit:* - [2010/11/20 22:23:48 | 000,476,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\QAGENTRT.DLL -- (napagent)
SRV:*64bit:* - [2010/11/20 22:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:*64bit:* - [2010/10/20 16:41:50 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:*64bit:* - [2010/02/05 19:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:*64bit:* - [2009/07/13 20:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:*64bit:* - [2009/07/13 20:41:57 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
SRV:*64bit:* - [2009/07/13 20:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:*64bit:* - [2009/07/13 20:41:56 | 000,381,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:*64bit:* - [2009/07/13 20:41:56 | 000,353,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:*64bit:* - [2009/07/13 20:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:*64bit:* - [2009/07/13 20:41:56 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:*64bit:* - [2009/07/13 20:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:*64bit:* - [2009/07/13 20:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:*64bit:* - [2009/07/13 20:41:56 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:*64bit:* - [2009/07/13 20:41:56 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:*64bit:* - [2009/07/13 20:41:56 | 000,084,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:*64bit:* - [2009/07/13 20:41:56 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wersvc.dll -- (WerSvc)
SRV:*64bit:* - [2009/07/13 20:41:56 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:*64bit:* - [2009/07/13 20:41:56 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\uxsms.dll -- (UxSms)
SRV:*64bit:* - [2009/07/13 20:41:55 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:*64bit:* - [2009/07/13 20:41:55 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tbssvc.dll -- (TBS)
SRV:*64bit:* - [2009/07/13 20:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:*64bit:* - [2009/07/13 20:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:*64bit:* - [2009/07/13 20:41:54 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:*64bit:* - [2009/07/13 20:41:54 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:*64bit:* - [2009/07/13 20:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:*64bit:* - [2009/07/13 20:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:*64bit:* - [2009/07/13 20:41:53 | 000,438,784 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:*64bit:* - [2009/07/13 20:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:*64bit:* - [2009/07/13 20:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:*64bit:* - [2009/07/13 20:41:53 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:*64bit:* - [2009/07/13 20:41:53 | 000,190,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:*64bit:* - [2009/07/13 20:41:53 | 000,186,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:*64bit:* - [2009/07/13 20:41:53 | 000,159,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:*64bit:* - [2009/07/13 20:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:*64bit:* - [2009/07/13 20:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:*64bit:* - [2009/07/13 20:41:53 | 000,064,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Sens.dll -- (SENS)
SRV:*64bit:* - [2009/07/13 20:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:*64bit:* - [2009/07/13 20:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:*64bit:* - [2009/07/13 20:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV:*64bit:* - [2009/07/13 20:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:*64bit:* - [2009/07/13 20:41:28 | 000,368,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:*64bit:* - [2009/07/13 20:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:*64bit:* - [2009/07/13 20:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
SRV:*64bit:* - [2009/07/13 20:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:*64bit:* - [2009/07/13 20:41:18 | 000,300,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:*64bit:* - [2009/07/13 20:41:18 | 000,023,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:*64bit:* - [2009/07/13 20:41:11 | 000,156,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:*64bit:* - [2009/07/13 20:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:*64bit:* - [2009/07/13 20:41:09 | 000,101,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPBusEnum.dll -- (IPBusEnum)
SRV:*64bit:* - [2009/07/13 20:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:*64bit:* - [2009/07/13 20:40:52 | 000,034,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FDResPub.dll -- (FDResPub)
SRV:*64bit:* - [2009/07/13 20:40:52 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:*64bit:* - [2009/07/13 20:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:*64bit:* - [2009/07/13 20:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:*64bit:* - [2009/07/13 20:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:*64bit:* - [2009/07/13 20:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:*64bit:* - [2009/07/13 20:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:*64bit:* - [2009/07/13 20:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:*64bit:* - [2009/07/13 20:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:*64bit:* - [2009/07/13 20:39:55 | 000,203,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:*64bit:* - [2009/07/13 20:39:48 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:*64bit:* - [2009/07/13 20:39:41 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:*64bit:* - [2009/07/13 20:39:21 | 000,141,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:*64bit:* - [2009/07/13 20:39:15 | 000,010,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Locator.exe -- (RpcLocator)
SRV:*64bit:* - [2009/07/13 20:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\dllhost.exe -- (COMSysApp)
SRV:*64bit:* - [2009/07/13 20:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV - [2013/12/05 14:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/11 19:39:06 | 000,124,088 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2013/09/11 19:39:06 | 000,051,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2013/08/08 14:22:32 | 000,116,648 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdatem)
SRV - [2013/08/08 14:22:32 | 000,116,648 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate)
SRV - [2013/07/08 23:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/04 06:57:28 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2011/05/03 23:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2011/02/11 12:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/11/20 22:25:10 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2010/11/20 22:24:53 | 000,856,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2010/11/20 22:24:52 | 000,042,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2010/11/20 22:24:49 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wcncsvc.dll -- (wcncsvc)
SRV - [2010/11/20 22:24:42 | 000,696,832 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2010/11/20 22:24:32 | 001,175,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
SRV - [2010/11/20 22:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2010/11/20 22:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 22:24:08 | 001,508,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2010/11/20 22:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/11/20 22:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 22:24:03 | 000,194,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2010/11/20 22:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 22:23:55 | 000,113,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2009/07/13 20:39:09 | 000,127,488 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009/07/13 20:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2009/07/13 20:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2009/07/13 20:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2009/07/13 20:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2009/07/13 20:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2009/07/13 20:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\Sens.dll -- (SENS)
SRV - [2009/07/13 20:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2009/07/13 20:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV - [2009/07/13 20:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009/07/13 20:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2009/07/13 20:14:28 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2009/07/13 20:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/10 15:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)

========== Driver Services (All) ==========

DRV:*64bit:* - [2014/01/01 20:10:06 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:*64bit:* - [2014/01/01 20:09:05 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:*64bit:* - [2014/01/01 20:09:05 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:*64bit:* - [2014/01/01 20:09:05 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:*64bit:* - [2014/01/01 20:09:05 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:*64bit:* - [2014/01/01 20:09:05 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:*64bit:* - [2014/01/01 20:09:05 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:*64bit:* - [2013/09/27 20:09:10 | 000,497,152 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:*64bit:* - [2013/09/24 21:26:40 | 000,154,560 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:*64bit:* - [2013/09/24 21:26:40 | 000,095,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
DRV:*64bit:* - [2013/09/07 21:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (TCPIP6)
DRV:*64bit:* - [2013/09/07 21:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:*64bit:* - [2013/09/04 07:12:11 | 000,343,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
DRV:*64bit:* - [2013/09/04 07:11:49 | 000,099,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)
DRV:*64bit:* - [2013/09/04 07:11:43 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)
DRV:*64bit:* - [2013/09/04 07:11:43 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)
DRV:*64bit:* - [2013/09/04 07:11:42 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:*64bit:* - [2013/08/01 07:09:36 | 000,983,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:*64bit:* - [2013/07/12 05:41:35 | 000,185,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo)
DRV:*64bit:* - [2013/07/12 05:41:12 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir)
DRV:*64bit:* - [2013/07/04 07:18:29 | 000,458,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:*64bit:* - [2013/07/04 05:11:35 | 000,140,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:*64bit:* - [2013/07/02 23:40:12 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbscan.sys -- (usbscan)
DRV:*64bit:* - [2013/06/25 17:55:52 | 000,785,624 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:*64bit:* - [2013/06/14 23:32:16 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tssecsrv.sys -- (tssecsrv)
DRV:*64bit:* - [2013/05/31 09:53:12 | 000,222,200 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler)
DRV:*64bit:* - [2013/04/30 03:51:09 | 000,040,616 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:*64bit:* - [2013/04/12 09:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\windows\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:*64bit:* - [2013/01/24 01:01:01 | 000,223,752 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:*64bit:* - [2012/12/13 10:41:10 | 000,028,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dfx11_1x64.sys -- (DFX11_1)
DRV:*64bit:* - [2012/10/03 11:07:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:*64bit:* - [2012/08/22 13:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:*64bit:* - [2012/07/25 21:26:45 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:*64bit:* - [2012/07/25 21:26:06 | 000,198,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
DRV:*64bit:* - [2012/04/27 22:55:21 | 000,210,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\rdpwd.sys -- (RDPWD)
DRV:*64bit:* - [2012/03/17 02:58:57 | 000,075,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:*64bit:* - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:*64bit:* - [2012/02/16 23:57:32 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:*64bit:* - [2011/07/08 21:46:28 | 000,288,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV:*64bit:* - [2011/04/28 22:06:10 | 000,467,456 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
DRV:*64bit:* - [2011/04/28 22:05:49 | 000,410,112 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
DRV:*64bit:* - [2011/04/28 22:05:37 | 000,168,448 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
DRV:*64bit:* - [2011/04/26 21:40:40 | 000,158,208 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
DRV:*64bit:* - [2011/04/26 21:39:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:*64bit:* - [2011/04/20 08:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:*64bit:* - [2011/03/11 01:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:*64bit:* - [2011/03/11 01:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:*64bit:* - [2011/03/11 01:41:26 | 000,410,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)
DRV:*64bit:* - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:*64bit:* - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:*64bit:* - [2011/03/10 23:37:16 | 000,091,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)
DRV:*64bit:* - [2011/02/22 23:55:04 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
DRV:*64bit:* - [2011/02/14 14:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:*64bit:* - [2011/02/10 15:22:00 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:*64bit:* - [2011/02/10 14:15:08 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:*64bit:* - [2011/02/08 21:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:*64bit:* - [2011/01/05 03:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:*64bit:* - [2010/11/20 22:24:33 | 000,213,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:*64bit:* - [2010/11/20 22:24:33 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp)
DRV:*64bit:* - [2010/11/20 22:24:33 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport)
DRV:*64bit:* - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:*64bit:* - [2010/11/20 22:24:32 | 000,119,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
DRV:*64bit:* - [2010/11/20 22:24:32 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (DfsC)
DRV:*64bit:* - [2010/11/20 22:24:32 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
DRV:*64bit:* - [2010/11/20 22:24:27 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:*64bit:* - [2010/11/20 22:24:25 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:*64bit:* - [2010/11/20 22:24:24 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:*64bit:* - [2010/11/20 22:24:15 | 000,366,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:*64bit:* - [2010/11/20 22:24:15 | 000,363,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:*64bit:* - [2010/11/20 22:24:15 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
DRV:*64bit:* - [2010/11/20 22:24:14 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:*64bit:* - [2010/11/20 22:24:11 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wanarp.sys -- (Wanarpv6)
DRV:*64bit:* - [2010/11/20 22:24:11 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (WANARP)
DRV:*64bit:* - [2010/11/20 22:24:09 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:*64bit:* - [2010/11/20 22:24:08 | 000,309,248 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
DRV:*64bit:* - [2010/11/20 22:24:08 | 000,164,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
DRV:*64bit:* - [2010/11/20 22:24:08 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
DRV:*64bit:* - [2010/11/20 22:24:00 | 000,289,664 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
DRV:*64bit:* - [2010/11/20 22:23:55 | 000,753,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
DRV:*64bit:* - [2010/11/20 22:23:55 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:*64bit:* - [2010/11/20 22:23:53 | 000,094,592 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
DRV:*64bit:* - [2010/11/20 22:23:51 | 000,261,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
DRV:*64bit:* - [2010/11/20 22:23:48 | 000,273,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)
DRV:*64bit:* - [2010/11/20 22:23:48 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,334,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,229,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,215,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,184,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,155,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,140,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,103,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,063,360 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\termdd.sys -- (TermDD)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:*64bit:* - [2010/11/20 22:23:47 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:*64bit:* - [2010/11/11 14:58:54 | 000,137,512 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:*64bit:* - [2010/11/06 22:24:34 | 000,024,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV:*64bit:* - [2010/11/05 09:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:*64bit:* - [2010/11/05 09:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:*64bit:* - [2010/10/08 13:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:*64bit:* - [2009/07/30 22:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:*64bit:* - [2009/07/14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:*64bit:* - [2009/07/13 20:52:31 | 000,367,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\clfs.sys -- (CLFS)
DRV:*64bit:* - [2009/07/13 20:52:31 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt)
DRV:*64bit:* - [2009/07/13 20:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
DRV:*64bit:* - [2009/07/13 20:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:*64bit:* - [2009/07/13 20:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:*64bit:* - [2009/07/13 20:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:*64bit:* - [2009/07/13 20:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:*64bit:* - [2009/07/13 20:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:*64bit:* - [2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AGP440.sys -- (agp440)
DRV:*64bit:* - [2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:*64bit:* - [2009/07/13 20:52:21 | 000,015,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
DRV:*64bit:* - [2009/07/13 20:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
DRV:*64bit:* - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:*64bit:* - [2009/07/13 20:48:27 | 000,060,496 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
DRV:*64bit:* - [2009/07/13 20:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)
DRV:*64bit:* - [2009/07/13 20:48:27 | 000,032,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)
DRV:*64bit:* - [2009/07/13 20:48:27 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:*64bit:* - [2009/07/13 20:48:26 | 000,122,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NV_AGP.SYS -- (nv_agp)
DRV:*64bit:* - [2009/07/13 20:48:26 | 000,051,264 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:*64bit:* - [2009/07/13 20:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MegaSR.sys -- (MegaSR)
DRV:*64bit:* - [2009/07/13 20:48:04 | 000,115,776 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:*64bit:* - [2009/07/13 20:48:04 | 000,114,752 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
DRV:*64bit:* - [2009/07/13 20:48:04 | 000,106,560 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:*64bit:* - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:*64bit:* - [2009/07/13 20:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)
DRV:*64bit:* - [2009/07/13 20:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:*64bit:* - [2009/07/13 20:48:04 | 000,035,392 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:*64bit:* - [2009/07/13 20:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:*64bit:* - [2009/07/13 20:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:*64bit:* - [2009/07/13 20:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:*64bit:* - [2009/07/13 20:47:48 | 000,530,496 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:*64bit:* - [2009/07/13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (Disk)
DRV:*64bit:* - [2009/07/13 20:47:48 | 000,070,224 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:*64bit:* - [2009/07/13 20:47:48 | 000,065,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV:*64bit:* - [2009/07/13 20:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:*64bit:* - [2009/07/13 20:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:*64bit:* - [2009/07/13 20:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:*64bit:* - [2009/07/13 20:45:55 | 000,064,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV:*64bit:* - [2009/07/13 20:45:55 | 000,064,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UAGP35.SYS -- (uagp35)
DRV:*64bit:* - [2009/07/13 20:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:*64bit:* - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:*64bit:* - [2009/07/13 20:45:55 | 000,021,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:*64bit:* - [2009/07/13 20:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\spldr.sys -- (spldr)
DRV:*64bit:* - [2009/07/13 20:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:*64bit:* - [2009/07/13 20:45:55 | 000,012,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)
DRV:*64bit:* - [2009/07/13 20:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
DRV:*64bit:* - [2009/07/13 20:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:*64bit:* - [2009/07/13 20:45:45 | 000,220,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:*64bit:* - [2009/07/13 20:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
DRV:*64bit:* - [2009/07/13 20:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:*64bit:* - [2009/07/13 20:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:*64bit:* - [2009/07/13 20:45:45 | 000,012,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:*64bit:* - [2009/07/13 20:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerId.sys -- (Brserid)
DRV:*64bit:* - [2009/07/13 20:01:48 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bridge.sys -- (BridgeMP)
DRV:*64bit:* - [2009/07/13 20:01:19 | 000,651,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
DRV:*64bit:* - [2009/07/13 19:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
DRV:*64bit:* - [2009/07/13 19:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:*64bit:* - [2009/07/13 19:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:*64bit:* - [2009/07/13 19:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV:*64bit:* - [2009/07/13 19:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPCDD.sys -- (RDPCDD)
DRV:*64bit:* - [2009/07/13 19:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:*64bit:* - [2009/07/13 19:10:48 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:*64bit:* - [2009/07/13 19:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:*64bit:* - [2009/07/13 19:10:25 | 000,083,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp)
DRV:*64bit:* - [2009/07/13 19:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn)
DRV:*64bit:* - [2009/07/13 19:10:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
DRV:*64bit:* - [2009/07/13 19:10:13 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)
DRV:*64bit:* - [2009/07/13 19:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
DRV:*64bit:* - [2009/07/13 19:10:03 | 000,116,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
DRV:*64bit:* - [2009/07/13 19:10:00 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
DRV:*64bit:* - [2009/07/13 19:09:48 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:*64bit:* - [2009/07/13 19:09:26 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
DRV:*64bit:* - [2009/07/13 19:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:*64bit:* - [2009/07/13 19:09:09 | 000,093,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smb.sys -- (Smb)
DRV:*64bit:* - [2009/07/13 19:08:59 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:*64bit:* - [2009/07/13 19:08:51 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
DRV:*64bit:* - [2009/07/13 19:08:51 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
DRV:*64bit:* - [2009/07/13 19:08:25 | 000,077,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:*64bit:* - [2009/07/13 19:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:*64bit:* - [2009/07/13 19:07:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)
DRV:*64bit:* - [2009/07/13 19:07:23 | 000,318,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
DRV:*64bit:* - [2009/07/13 19:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:*64bit:* - [2009/07/13 19:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:*64bit:* - [2009/07/13 19:06:52 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:*64bit:* - [2009/07/13 19:06:52 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:*64bit:* - [2009/07/13 19:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:*64bit:* - [2009/07/13 19:06:45 | 000,072,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ohci1394.sys -- (ohci1394)
DRV:*64bit:* - [2009/07/13 19:06:34 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:*64bit:* - [2009/07/13 19:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:*64bit:* - [2009/07/13 19:06:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:*64bit:* - [2009/07/13 19:06:16 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:*64bit:* - [2009/07/13 19:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:*64bit:* - [2009/07/13 19:02:07 | 000,027,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:*64bit:* - [2009/07/13 19:01:03 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:*64bit:* - [2009/07/13 19:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:*64bit:* - [2009/07/13 19:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:*64bit:* - [2009/07/13 19:00:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)
DRV:*64bit:* - [2009/07/13 19:00:54 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)
DRV:*64bit:* - [2009/07/13 19:00:41 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:*64bit:* - [2009/07/13 19:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:*64bit:* - [2009/07/13 19:00:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:*64bit:* - [2009/07/13 19:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)
DRV:*64bit:* - [2009/07/13 19:00:20 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:*64bit:* - [2009/07/13 19:00:19 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:*64bit:* - [2009/07/13 19:00:18 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
DRV:*64bit:* - [2009/07/13 19:00:17 | 000,008,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
DRV:*64bit:* - [2009/07/13 19:00:17 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
DRV:*64bit:* - [2009/07/13 19:00:17 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
DRV:*64bit:* - [2009/07/13 19:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\windows\SysNative\drivers\beep.sys -- (Beep)
DRV:*64bit:* - [2009/07/13 18:38:52 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)
DRV:*64bit:* - [2009/07/13 18:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:*64bit:* - [2009/07/13 18:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vgapnp.sys -- (vga)
DRV:*64bit:* - [2009/07/13 18:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:*64bit:* - [2009/07/13 18:35:59 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:*64bit:* - [2009/07/13 18:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:*64bit:* - [2009/07/13 18:31:04 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:*64bit:* - [2009/07/13 18:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:*64bit:* - [2009/07/13 18:31:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:*64bit:* - [2009/07/13 18:26:13 | 000,113,152 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:*64bit:* - [2009/07/13 18:25:40 | 000,034,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:*64bit:* - [2009/07/13 18:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\windows\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:*64bit:* - [2009/07/13 18:23:29 | 000,195,072 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\windows\SysNative\drivers\exfat.sys -- (exfat)
DRV:*64bit:* - [2009/07/13 18:21:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:*64bit:* - [2009/07/13 18:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)
DRV:*64bit:* - [2009/07/13 18:19:48 | 000,044,032 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\windows\SysNative\drivers\npfs.sys -- (Npfs)
DRV:*64bit:* - [2009/07/13 18:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:*64bit:* - [2009/07/13 18:19:47 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\windows\SysNative\drivers\msfs.sys -- (Msfs)
DRV:*64bit:* - [2009/07/13 18:19:38 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\windows\SysNative\drivers\null.sys -- (Null)
DRV:*64bit:* - [2009/07/13 18:19:25 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:*64bit:* - [2009/07/13 18:19:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)
DRV:*64bit:* - [2009/07/13 18:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:*64bit:* - [2009/07/13 18:19:25 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:*64bit:* - [2009/07/07 11:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:*64bit:* - [2009/06/10 15:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV:*64bit:* - [2009/06/10 15:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV:*64bit:* - [2009/06/10 15:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV:*64bit:* - [2009/06/10 15:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV:*64bit:* - [2009/06/10 15:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV:*64bit:* - [2009/06/10 15:37:19 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\windows\SysNative\drivers\secdrv.sys -- (secdrv)
DRV:*64bit:* - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:*64bit:* - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:*64bit:* - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:*64bit:* - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/07/10 12:16:22 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

< End of report >


----------



## eddie5659 (Mar 19, 2001)

Okay, before I look through the list, I see that you deleted the extension, but two more have worked their way in. So, lets see what they are 

It may be legit, as there is a program that uses similar naming, but as it looks a little odd, just want to double-check 

Download suspicious file packer from http://www.safer-networking.org/files/sfp.zip

Unzip it to desktop, open it & paste in the contents of the quote box below, press next & it will create an archive (zip/cab file) on desktop.

Please upload that to http://www.thespykiller.co.uk/index.php?board=1.0 so we can examine the files.

Just Register, press new topic, fill in the needed details and just give a link to your post here & then press the browse button and then navigate to & select the files on your computer, When the file is listed in the windows press send to upload the file:


```
[b]
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected]
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\extensions\[email protected]
[/b]
```
Let me know when its uploaded


----------



## lavenderchef45 (Jul 24, 2013)

I think I was able to upload the info. Let me know if I did it correctly. Its your weekend. Hope its not as cold in Bradford as it is in Virginia. Cheers for all you do! Angela


----------



## dvk01 (Dec 14, 2002)

They are both what appear to be legitimate ad blockers 
one blocks ads on facebook timeline and one on gmail 

Whether or not they were legitimately installed is the question, but I have not previously seen any ad blockers installed by stealth or malware


----------



## eddie5659 (Mar 19, 2001)

Thanks Derek :up:

Okay, taken me a while to go through this, as you may have guessed. Now, I see plenty of legit entries that may be the cause, but there is one file I just want to check further.

Also, did you install Peerblock?

So, firstly can you run a scan here on the file:


Please go to  VirSCAN.org FREE on-line scan service
Copy and paste the following file path into the *"Suspicious files to scan"*box on the top of the page:

*C:\windows\SysNative\drivers\secdrv.sys*

 Click on the *Upload* button
 Once the Scan is completed, click on the "*Copy to Clipboard*" button. This will copy the link of the report into the Clipboard.
 Paste the contents of the Clipboard in your next reply.

-----

Then, can you run SystemLook again, as follows. Just in case you don't have it still, posting the full bit here 

Please download *SystemLook* from one of the links below and save it to your Desktop.
*Download Mirror #1
Download Mirror #2*

Double-click *SystemLook.exe* to run it.
Copy the content of the following codebox into the main textfield:


```
:file
C:\windows\SysNative\drivers\secdrv.sys
:filefind
*secdrv.sys
*_exception.nls
:reg
HKLM\SYSTEM\CurrentControlSet\Services\Runtime
```

Click the *Look* button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
*Note:* The log can also be found at on your Desktop entitled *SystemLook.txt*

eddie


----------



## lavenderchef45 (Jul 24, 2013)

Scanner results Scanner results : Scanners did not find malware!  Time : 2014/02/04 19:45:38 (EST) Scanner  Engine Ver Sig Ver Sig Date Scan result Time a-squared 5.1.0.4 00050000000000 0005-00-00 -
16.791 AhnLab V3 2013.05.28.00 2013.05.28 2013-05-28 -
3.255 AntiVir 8.2.10.202 7.11.50.58 2012-11-16 -
10.440 Antiy 2.0.18 2.0.18. 0002-18-00 -
0.302 Arcavir 2011 201402040317 2014-02-04 -
7.197 Authentium 5.3.14 5.3.14 0005-14-00 -
0.702 AVAST! 4.7.4 140204-0 2014-02-04 -
0.238 AVG 10.0.1405 2109/6561 2014-02-04 -
0.277 BitDefender 7.90123.11044305 7.53045 2014-02-05 -
6.692 ClamAV 0.97.8 18438 2014-02-05 -
0.282 Comodo 5.1 15023 2013-12-15 -
2.337 CP Secure 1.3.0.5 2013.10.19 2013-10-19 -
0.207 Dr.Web 5.0.2.3300 2014.02.05 2014-02-05 -
26.613 F-Prot 4.6.2.117 20140201 2014-02-01 -
0.798 F-Secure 7.02.73807 2014.02.04.06 2014-02-04 -
3.932 Fortinet 4.3.392 16.549 2014-01-06 -
0.141 GData 22.14422 20131216 2013-12-16 -
10.386 Ikarus T3.1.32.10.0 ..1.32.10.0. --1.32.10.0 -
3.458 JiangMin 16.0.100 2013.02.09 2013-02-09 -
27.432 Kaspersky 5.5.10 2013.07.09 2013-07-09 -
0.000 KingSoft 2009.2.5.15 2014.1.3.9 2014-01-03 -
0.906 McAfee 5400.1158 5805 2009-11-17 -
4.866 Microsoft 1.10100 2013.12.15 2013-12-15 -
5.761 NOD32 3.0.21 9357 2014-01-30 -
0.221 Norman 6.8.3 201305031020 2013-05-03 -
0.223 nProtect 20131227.01 16183671 2013-12-27 -
8.206 Panda 9.05.01 2013.01.22 2013-01-22 -
6.507 Quick Heal 11.00 2014.01.03 2014-01-03 -
1.804 Rising 20.0 24.46.00.03 2013-01-21 -
0.255 Sophos 3.16.1 4.62 2014-02-05 -
3.013 Sunbelt 24328 24328 2013-12-13 -
0.348 Symantec 1.3.0.24 20130909.001 2013-09-09 -
0.466 The Hacker 6.8.0.5 v00379 2013-12-15 -
0.755 Trend Micro 9.500-1005 10.584.07 2014-02-04 -
0.247 VBA32 3.12.24.3 20140203.0745 2014-02-03 -
2.525 ViRobot 20140103 2014.01.03 2014-01-03 -
0.496 VirusBuster 5.5.2.13 15.0.698.0/15323818 2014-02-04 -
10.410 ■Heuristic/Suspicious ■Exact
Note: This file has been scanned before. Therefore, this file's scan result will not be stored in the database.


----------



## lavenderchef45 (Jul 24, 2013)

SystemLook 30.07.11 by jpshortstuff
Log created at 20:00 on 04/02/2014 by Lisa
Administrator - Elevation successful

========== file ==========

C:\windows\SysNative\drivers\secdrv.sys - Unable to find/read file.

========== filefind ==========

Searching for "*secdrv.sys"
C:\Windows\System32\drivers\secdrv.sys --a---- 23040 bytes [02:36 14/07/2009] [20:37 10/06/2009] 3EA8A16169C26AFBEB544E0E48421186
C:\Windows\winsxs\amd64_macrovision-protection-safedisc_31bf3856ad364e35_6.1.7600.16385_none_b9a1c8f4d6f69273\secdrv.sys --a---- 23040 bytes [20:37 10/06/2009] [20:37 10/06/2009] 3EA8A16169C26AFBEB544E0E48421186

Searching for "*_exception.nls"
No files found.

========== reg ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Runtime]
(Unable to open key - key not found)

-= EOF =-


----------



## lavenderchef45 (Jul 24, 2013)

Happy New Year! We have had horrible weather here. Pipes froze 3 X in 3 wks. Didnt get an aml from u so finally went on Tech Guy & found recent instruct. Still no Windows firewall. Yes I am using peer Block Had it for yrs. Probably does not do a thing for me. At wits end, ,standing on roof laptop in hand!

In my mind! Thanks for hanging in there! Angela


----------



## eddie5659 (Mar 19, 2001)

Sorry for the lateness, been a bit ill. Still feel a bit lousy still, may ring in and have the day off tomorrow 

I'm just glad I'm not in the South of England, they've been flooded for nearly 3 months 

Okay, this is certainly one of those that I need to solve, for both of our sanity's 

Now, I know you said that sometimes it looks like its sharing, so lets have a look at that, as that may be the reason for the firewall issue. If you have done this already, that's fine. Just trying new things 

Open Network Connections by clicking the *Start* button, and then clicking *Control Panel. In the search box (top right), type adapter, and then, under Network and Sharing Center, click View network connections.

Right-click the connection that you want to share, and then click Properties. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.

Click the Sharing tab, and then de-select the Allow other network users to connect through this computers Internet connection check box.

This is about it here, with a piccy:

http://windows.microsoft.com/en-gb/windows/using-internet-connection-sharing#1TC=windows-7

Now, I didn't see ICS in your Services so the above may not work, but worth a try.

-------

I remember a while back you said a file sharing program looks like its running. Do you know what it is? Hover the mouse over the icon and the name should popup.

Now, looking back, I see you tried these:

Sunbelt Personal Firewall
Comodo firewall

Was that all you tried? Am I right in assuming that these are both now uninstalled?

If they are, then lets see if they have remains. I'll dig out the uninstall tools. Also, are you still using VIPRE antivirus?

eddie*


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie:

The above is what pops up whenever I attempt to open properties in network adapter. Have tried multiple times in the past.

So sorry you are ill! Take care of yourself first. I will perservere. No rush here!

Interesting development during the holidays. I never use IE. Only Firefox. One day IDK why, I attempted to open IE. My system froze! Could not shut down. Turned off my laptop. When I booted up I attempted to repair IE. No luck there. Uninstalled IE, went to Microsoft & installed most recent version for Win 7. Booted up & could not open Firefox! So, uninstalled & reinstalled FFox. Now Fox works but IE is totally out of order. Does not even go to a webpage when I try. Not touching that one. I lost all my bookmarks when I uninstalled FFox. Remembered a lot,but lost many. 

I uninstalled Vipre Internet Security & Sunbelt some time ago. 

Crazy No?

Feel Better!

Angela


----------



## eddie5659 (Mar 19, 2001)

Well, I thought I was okay, went to work today, and everyone said I looked pasty, off colour. My stomach is not happy, wants to get out 

So, went home at 12, been plodding around, will see tomorrow but have a feeling I'll be at home. Still, my new cd arrived, so listening to that:

Shantel - Disko Partizani

Good songs: the title, and Disko Boy. Listening to it for the first time now, kinda Balken music. Never really heard anything like this, but enjoying it 

So, you have uninstalled the above, but do you have any other firewall/antivirus?

Can you re-run Security Check, curious what comes up. I'll repost in a min with some cleanup tools. Strange about IE, but it may be linked.

Off I go a-reading 

Download *Security Check* from *here*.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called *checkup.txt*; please post the contents of that document.


----------



## eddie5659 (Mar 19, 2001)

btw, the reason I asked about PeerBlock was because of this:



> As for Allow programs to communicate through Windows Firewall there are some doozies in there that I NEVER enabled or even saw before. Two are @peerdistsh.dll,-10002 & 10004. Enabled on both Home/Work (Private) & Public. Next is File & Printer Sharing Public which is checked & greyed out. Lastly HomeGroup in Home/Work (Private). I have never enabled anything but Core Networking in Win Firewall!


http://forums.techguy.org/8792421-post65.html

The @peerdistsh.dll is related to PeerBlock 

---

Okay for the Network thing, see if this helps:

Click *Start*, and then click *Run*
In the *Open* box, type *regsvr32 %systemroot%\system32\netshell.dll*, and then click OK.
In the *RegSvr32* dialog box, click *OK*.

Test to see if you can open the properties of the network connection in the Network Connections folder.

If not, redo the above again, but this time type *regsvr32 %systemroot%\system32\ole32.dll*

You can copy/paste the bits above, so that no mistakes are made. See if that helps


----------



## lavenderchef45 (Jul 24, 2013)

Results of screen317's Security Check version 0.99.79 
Windows 7 Service Pack 1 x64 (UAC is enabled) 
Internet Explorer 11 
*``````````````Antivirus/Firewall Check:``````````````* 
Windows Firewall Disabled! 
WMI entry may not exist for antivirus; attempting automatic update. 
*`````````Anti-malware/Other Utilities Check:`````````* 
Malwarebytes Anti-Malware version 1.75.0.1300 
Adobe Flash Player 12.0.0.43 *Flash Player out of Date!* 
Mozilla Firefox (26.0) 
*````````Process Check: objlist.exe by Laurent````````* 
AVAST Software Avast AvastSvc.exe 
AVAST Software Avast AvastUI.exe 
*`````````````````System Health check`````````````````* 
Total Fragmentation on Drive C: 1% 
*````````````````````End of Log``````````````````````*


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie:

I hope you are on the mend! Green tea with honey & lemon does wonders. 
I have Avast Antivirus free, MalwareBytes but did not download a firewall again.

Best Regards,

Angela


----------



## lavenderchef45 (Jul 24, 2013)

*RegSvr32*
"The module "C\windows\system32\ole32.dll"was loaded but the call to DllRegisterServer failed with error code 0x80070005."

For more information about this problem, search online blah blah blah.
The first code u gave me appeared to work but I still could not open network connections. !!!!!!!!!!


----------



## lavenderchef45 (Jul 24, 2013)

Forgot to tell you, as soon as I read your info regarding @peerdsh I uninstalled PeerBlock and rebooted.


----------



## lavenderchef45 (Jul 24, 2013)

Love Shantel Disco Partizan! Sent a youtube connection to my daughter in Brooklyn


----------



## eddie5659 (Mar 19, 2001)

Sorry for the lateness again, was ill till last Friday. Not sure what it was, but I had a rollercoaster in my stomach, and that was all. So, playing catchup now.

The Disco Partizan is a strange album, but Disko Boy is a great track.

Now that you uninstalled PeerBlock, is this now different:



> As for Allow programs to communicate through Windows Firewall there are some doozies in there that I NEVER enabled or even saw before. Two are @peerdistsh.dll,-10002 & 10004. Enabled on both Home/Work (Private) & Public. Next is File & Printer Sharing Public which is checked & greyed out. Lastly HomeGroup in Home/Work (Private). I have never enabled anything but Core Networking in Win Firewall!


As for the DllRegisterServer error, it points to Admin use. I know you're the only one on this computer, and looking at your OTL shows you're logged in as an Admin, so not sure why its not working.

I'll reply as soon as I get home, where I can research easier


----------



## lavenderchef45 (Jul 24, 2013)

I followed your instructions to the letter. Box popped up advising me that the dllRegisterServer in C:\windows\system32\netshell.dll
succeeded. But the door is still locked tight.


----------



## eddie5659 (Mar 19, 2001)

Its okay, it all depends on the type of file, and where it writes to etc. So, this time we're going to try an elevated command.

Go to Start | Programs | Accessories.

Right-click on *Command Prompt*, and select *Run as Administrator.*

Select *Yes* on the prompt that pops up.

Now, type the following and press enter afterwards:

*regsvr32.exe ole32.dll*

If that comes back with an error etc, let me know what it is. It may be a case of moving the file to register it, but we'll try that after the above 

Close the *Command Prompt* by pressing the X in the top right corner as normal


----------



## lavenderchef45 (Jul 24, 2013)

Just like before RegSvr32 box reads: DllRegisterServer in ole32.dll succeeded.

But still not unable to open properties.


----------



## eddie5659 (Mar 19, 2001)

Hmmmm, can you see if it opens in Safe Mode with Networking. Restart the computer, tapping the F8 key. Then, when it gives the options, select Safe Mode With Networking. Wait for the desktop to appear, then see if you can open it.


----------



## lavenderchef45 (Jul 24, 2013)

C:\windows\system32>netsh firewall show openmode

Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable

Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable

IMPORTANT: Command executed successfully.
However, "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at http://go.microsoft.com/fwlink/?linkid=121488 .

C:\windows\system32>


----------



## eddie5659 (Mar 19, 2001)

Did that work? Never seen that before, looks like I need to do some learning now :up:


----------



## lavenderchef45 (Jul 24, 2013)

C:\windows\system32>netsh firewall show openmode

Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable

Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable

IMPORTANT: Command executed successfully.
However, "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at http://go.microsoft.com/fwlink/?linkid=121488 .

C:\windows\system32>

However, I still have absolutely NO control to open or uncheck the 3 peerdistsh.dll's, Network Discovery

or Remote Assistance (which I NEVER enable). Something tells me I am no longer the Administrator of my system.


----------



## eddie5659 (Mar 19, 2001)

I'll read this link fully tonight, but when you enabled the firewall, which command did you use?

Did you use the elevated command prompt?

I'll delve deeper when home.


----------



## lavenderchef45 (Jul 24, 2013)

Yes, I hace to use an elevated command prompt. I still am unable do un tick the boxes or change anything in the firewall.

http://windowsitpro.com/windows-server/top-10-windows-firewall-netsh-commands


----------



## eddie5659 (Mar 19, 2001)

I was going to reply yesterday, but had a migrain. Still got the remains of it today, so off work for a bit 



> However, I still have absolutely NO control to open or uncheck the 3 peerdistsh.dll's, Network Discovery
> 
> or Remote Assistance (which I NEVER enable). Something tells me I am no longer the Administrator of my system.


Now, you must still be an admin, as to do any of the commands you've done, you have to be part of the Admin group.

For the Network Discovery, can you get to disable it this way?

http://windows.microsoft.com/en-gb/windows/enable-disable-network-discovery#1TC=windows-7

As it says, by default it blocks it, but if you can see if the above way shows it enabled, you can close it.

As for the peerdistsh.dll's, I thought you said earlier that you uninstalled Peerblock, as these are related?

Remote Assistance normally only gets enabled when you agree to it


----------



## lavenderchef45 (Jul 24, 2013)

Hi Eddie:
I was very sad to hear of your migraine problem. Had them from childhood into my 20's. Terrible malise!
We are both having a hard spring. I have had quite a bit of dental surgery.

Anyhow, last week while staying at a daughter's home in Richmond,va post-surgery I checked my firewall again. Its totally off & I cant change a thing in Network & Sharing Center. I'm wondering if something has happened to my Guest account as there does no longer appear to be one. And I cant add a guest acct. Should I just learn how to save my files on a flash drive and order a win 7 dvd to start over?

Beyond Wits End! Angela


----------



## eddie5659 (Mar 19, 2001)

Hi

Hope the surgery went okay.

It certainly looks like something isn't right. I'm going to ask some techies that may have some idea about this, but backig up may be a good idea. When we go that route, I can walk you through any of the things you need to backup etc.

Let me post, and I'll see what they come back with. May take a few days, as I need to make a summary of what we've tried throughout this thread.

I'll let you know as soon as I can


----------



## eddie5659 (Mar 19, 2001)

Posted now, will see if anyone has any ideas


----------



## eddie5659 (Mar 19, 2001)

Hi, got some ideas already, but at work our network is slow 

So, will reply when I get home, but we may have a few solutions


----------



## eddie5659 (Mar 19, 2001)

*Run Windows All-In-One*

Download Windows Repair (all in one) from *this site*. Under the *Installer (4.96 MB)* click the *Download* button beside *Direct Download* and save the *tweaking.com_windows_repair_aio_setup.exe* file to the desktop.

*Close the browser and all open windows*

 Right click the *tweaking.com_windows_repair_aio_setup.exe* file, click *Run as Administrator* and allow any UAC prompts to install the program. Let it install to the default locations. After the program has been installed:

 Right click the * Windows Repair (All-In-One)* icon on the desktop, click *Run as Administrator* and OK any UAC prompts to launch the program.

 Once that is done go to Step 3, click the *Do It* button and allow it to run *SFC*










 Go to Step 4 to create a Restore point and backup the Registry










 Under *System Restore* click the *Restore* button. You will see a message saying that system Restore is creating a Restore point. when it is finished you will see a message saying that the Restore point wes created.
 Under *Registry Backup *click the *Backup* button. When it is finished you will see the message telling you that the Registry is backed up.








 Click the *Next* button. You will be taken to the *Start Repairs* screen.

 On the *Start Repairs* tab click *Start*.










You will see a *Repair Options* screen like the image below with the Default options checked"










*Please make the following changes:*
 Remove the checks in all of the boxes except these:
*
05
25
26
*


 In the lower right corner click the box beside *Shutdown/Restart System when Finished* and tick the radio button beside *Restart System*.
 Click the *Start* button.
*NOTE:* These repairs will take some time to complete depending on the speed of the system, the number of files and the number of registry keys. On a few systems it is possible for these repairs to get stuck in an infinite loop and thus never complete. This is because of symbolic links. Symbolic links are a way for a folder or reg key to point to a different location. On a normal system this isn't a problem. But if a system has a bad link that points back to a parent path then everything it hits in that link it will hit it again and again forever.
IF the *repair option's* are running for a insane amount of time (about 15 mins) then they are most likely stuck in a loop. This is just for the final part of the above, the sfc etc may take some time, which is expected 
If that is the case stop the repairs and let me know.


----------



## lavenderchef45 (Jul 24, 2013)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 28 days old and could be outdated)
Ran by Lisa (administrator) on LISA-PC on 10-04-2014 00:21:21
Running from C:\Users\Lisa\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
() C:\Program Files (x86)\DFX\DFX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
() C:\Program Files (x86)\DFX\Universal\Apps\dfxItunesSong.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2588456 2010-11-11] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [KeyScrambler] - C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [508144 2013-11-14] (QFX Software Corporation)
HKLM-x32\...\Run: [DFX] - C:\Program Files (x86)\DFX\DFX.exe [1274840 2013-08-20] ()
HKLM-x32\...\Run: [Privatefirewall] - C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\PFGUI.exe [3048480 2013-12-17] (Privacyware/PWI, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-03-10] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-16] (Advanced Micro Devices, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ
SearchScopes: HKLM-x32 - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ
SearchScopes: HKCU - C5879625A899472F8231C4DAF8D55DC1 URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ_enUS529
SearchScopes: HKCU - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: No Name - {FFCB3198-32F3-4E8B-9539-4324694ED663} - No File
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: No Name - {FFCB3198-32F3-4E8B-9539-4324694ED663} - No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default
FF NewTab: user_pref("browser.newtab.url", "");
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Yahoo
FF Homepage: about:home
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Extension: WOT - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-31]
FF Extension: Ad-blocker for Gmail - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\Extensions\[email protected] [2014-01-01]
FF Extension: QCLean - Remove Facebook Ads Suggested Pages and Posts - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\Extensions\[email protected] [2014-01-02]
FF Extension: ShowIP - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\Extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}.xpi [2013-12-31]
FF Extension: NoScript - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\145ix1m0.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-31]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-10]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-10] (AVAST Software)
R2 PFNet; C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\pfsvc.exe [374600 2013-12-17] (Privacyware/PWI, Inc.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S2 !SASCORE; No ImagePath

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-03-10] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2014-03-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-10] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1034464 2014-03-10] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [422216 2014-03-10] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [79672 2014-03-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-03-10] ()
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)
S3 catchme; \??\C:\lavenderchef123\catchme.sys [X]
S3 pbfilter; \??\C:\Program Files\PeerBlock\pbfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-10 00:21 - 2014-04-10 00:22 - 00010436 _____ () C:\Users\Lisa\Desktop\FRST.txt
2014-04-10 00:19 - 2014-04-10 00:21 - 00000000 ____D () C:\FRST
2014-04-10 00:17 - 2014-04-10 00:18 - 02157056 _____ (Farbar) C:\Users\Lisa\Desktop\FRST64.exe
2014-04-09 10:01 - 2014-03-30 21:16 - 23134208 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-09 10:01 - 2014-03-30 21:13 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-09 10:01 - 2014-03-30 20:13 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-09 10:01 - 2014-03-30 19:57 - 17073152 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-09 09:52 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 09:52 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-04-09 09:52 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-04-09 09:52 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-04-09 09:52 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-04-09 09:52 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-04-09 09:52 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-09 09:52 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-04-09 09:52 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-04-09 09:52 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-04-09 09:52 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-04-09 09:52 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-09 09:52 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-09 09:52 - 2014-02-03 22:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-09 09:52 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-09 09:52 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-04-09 09:52 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-08 12:26 - 2014-04-08 12:26 - 00003278 _____ () C:\windows\iis7.log
2014-04-08 02:18 - 2014-04-08 02:18 - 00064024 _____ () C:\Users\Lisa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-08 02:16 - 2014-04-09 21:42 - 00000672 _____ () C:\windows\setupact.log
2014-04-08 02:16 - 2014-04-08 02:16 - 00294032 _____ () C:\windows\system32\FNTCACHE.DAT
2014-04-08 02:16 - 2014-04-08 02:16 - 00000000 _____ () C:\windows\setuperr.log
2014-04-06 18:57 - 2012-06-01 01:39 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\wamregps.dll
2014-04-06 18:57 - 2012-06-01 01:36 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\iisRtl.dll
2014-04-06 18:57 - 2012-06-01 01:36 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\iisrstap.dll
2014-04-06 18:57 - 2012-06-01 01:35 - 00060928 _____ (Microsoft Corporation) C:\windows\system32\ahadmin.dll
2014-04-06 18:57 - 2012-06-01 01:34 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\admwprox.dll
2014-04-06 18:57 - 2012-06-01 01:33 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\iisreset.exe
2014-04-06 18:57 - 2012-06-01 00:40 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wamregps.dll
2014-04-06 18:57 - 2012-06-01 00:37 - 00154624 _____ (Microsoft Corporation) C:\windows\SysWOW64\iisRtl.dll
2014-04-06 18:57 - 2012-06-01 00:37 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\iisrstap.dll
2014-04-06 18:57 - 2012-06-01 00:35 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\admwprox.dll
2014-04-06 18:57 - 2012-06-01 00:35 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ahadmin.dll
2014-04-06 18:57 - 2012-06-01 00:34 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\iisreset.exe
2014-04-06 03:59 - 2014-04-06 03:59 - 00000000 ____D () C:\windows\SysWOW64\BestPractices
2014-04-06 03:59 - 2014-04-06 03:59 - 00000000 ____D () C:\windows\system32\BestPractices
2014-04-06 03:59 - 2014-04-06 03:59 - 00000000 ____D () C:\inetpub
2014-04-05 09:48 - 2014-04-05 09:48 - 00001958 _____ () C:\Users\Lisa\Desktop\RKreport[0]_D_04052014_094810.txt
2014-04-05 09:45 - 2014-04-05 09:45 - 00001861 _____ () C:\Users\Lisa\Desktop\RKreport[0]_S_04052014_094501.txt
2014-04-04 20:22 - 2014-04-04 20:27 - 04865720 _____ () C:\Users\Lisa\Desktop\os2013260a_TC00561800B.exe
2014-03-31 10:28 - 2014-03-31 10:28 - 00021357 _____ () C:\Users\Lisa\Desktop\dorothy job.odt
2014-03-30 10:06 - 2014-03-30 10:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-30 01:05 - 2014-03-30 01:08 - 00002408 _____ () C:\Users\Lisa\Desktop\Rkill.txt
2014-03-30 01:05 - 2014-03-30 01:05 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Lisa\Desktop\rkill.exe
2014-03-30 00:38 - 2014-03-30 00:38 - 00001171 _____ () C:\Users\Lisa\Desktop\malwbyte 03.30.txt
2014-03-29 23:44 - 2014-04-06 18:28 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-29 23:44 - 2014-03-29 23:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-29 23:44 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-03-29 23:44 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-03-29 23:44 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-03-29 12:02 - 2014-03-29 12:02 - 00012068 _____ () C:\Users\Lisa\Desktop\dorothy apps.odt
2014-03-28 07:40 - 2014-03-28 07:40 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Desktop\mbam-setup-2.0.0.1000.exe
2014-03-12 12:23 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-03-12 12:23 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-12 12:23 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-12 12:23 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-03-12 12:23 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-12 12:23 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-12 12:23 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-12 12:23 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-03-12 12:23 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-03-12 12:23 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-03-12 12:23 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-12 12:23 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-12 12:23 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-12 12:23 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-12 12:23 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-03-12 12:23 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-03-12 12:23 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-12 12:23 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-03-12 12:23 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-03-12 12:23 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-12 12:23 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-03-12 12:23 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-03-12 12:23 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-03-12 12:23 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-03-12 12:23 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-12 12:23 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-03-12 12:23 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-12 12:23 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-12 12:23 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-12 12:23 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-03-12 12:23 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-12 12:23 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-12 12:23 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-12 12:23 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-12 12:23 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-03-12 12:23 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-03-12 10:36 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-03-12 10:36 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-03-12 10:36 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-03-12 10:36 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-03-12 10:32 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-03-12 10:32 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-03-12 10:32 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-03-12 10:32 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll

==================== One Month Modified Files and Folders =======

2014-04-10 00:22 - 2014-04-10 00:21 - 00010436 _____ () C:\Users\Lisa\Desktop\FRST.txt
2014-04-10 00:21 - 2014-04-10 00:19 - 00000000 ____D () C:\FRST
2014-04-10 00:18 - 2014-04-10 00:17 - 02157056 _____ (Farbar) C:\Users\Lisa\Desktop\FRST64.exe
2014-04-10 00:00 - 2013-08-08 15:22 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-10 00:00 - 2013-03-25 12:29 - 01578548 _____ () C:\windows\WindowsUpdate.log
2014-04-09 21:47 - 2009-07-14 00:45 - 00024608 _____ () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-09 21:47 - 2009-07-14 00:45 - 00024608 _____ () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-09 21:42 - 2014-04-08 02:16 - 00000672 _____ () C:\windows\setupact.log
2014-04-09 21:42 - 2013-08-08 15:22 - 00000890 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-09 21:42 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-09 12:47 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2014-04-09 11:55 - 2014-01-01 21:09 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-04-09 10:05 - 2013-07-26 19:54 - 00000000 ____D () C:\windows\system32\MRT
2014-04-09 10:03 - 2013-03-25 13:31 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-08 12:26 - 2014-04-08 12:26 - 00003278 _____ () C:\windows\iis7.log
2014-04-08 12:26 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\inetsrv
2014-04-08 12:25 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\inetsrv
2014-04-08 02:18 - 2014-04-08 02:18 - 00064024 _____ () C:\Users\Lisa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-08 02:16 - 2014-04-08 02:16 - 00294032 _____ () C:\windows\system32\FNTCACHE.DAT
2014-04-08 02:16 - 2014-04-08 02:16 - 00000000 _____ () C:\windows\setuperr.log
2014-04-07 19:37 - 2009-07-14 01:13 - 00884588 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-06 20:30 - 2014-03-10 00:03 - 00038016 _____ () C:\Users\Lisa\Desktop\employee-timesheet.ods
2014-04-06 18:28 - 2014-03-29 23:44 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-06 18:03 - 2013-03-25 11:16 - 00836688 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-04-06 17:59 - 2011-03-29 22:53 - 00000000 ____D () C:\Program Files (x86)\Toshiba
2014-04-06 03:59 - 2014-04-06 03:59 - 00000000 ____D () C:\windows\SysWOW64\BestPractices
2014-04-06 03:59 - 2014-04-06 03:59 - 00000000 ____D () C:\windows\system32\BestPractices
2014-04-06 03:59 - 2014-04-06 03:59 - 00000000 ____D () C:\inetpub
2014-04-06 03:59 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\spool
2014-04-06 03:59 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-04-06 00:25 - 2011-03-29 22:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-06 00:22 - 2014-01-02 20:37 - 00000206 _____ () C:\TMachInfo.log
2014-04-05 22:01 - 2013-05-19 23:54 - 00000000 ____D () C:\windows\Minidump
2014-04-05 09:48 - 2014-04-05 09:48 - 00001958 _____ () C:\Users\Lisa\Desktop\RKreport[0]_D_04052014_094810.txt
2014-04-05 09:48 - 2013-11-11 19:02 - 00000000 ____D () C:\Users\Lisa\Desktop\RK_Quarantine
2014-04-05 09:45 - 2014-04-05 09:45 - 00001861 _____ () C:\Users\Lisa\Desktop\RKreport[0]_S_04052014_094501.txt
2014-04-04 20:27 - 2014-04-04 20:22 - 04865720 _____ () C:\Users\Lisa\Desktop\os2013260a_TC00561800B.exe
2014-04-03 17:58 - 2014-01-07 23:06 - 00000000 ____D () C:\Users\Lisa\Desktop\Galati
2014-03-31 10:28 - 2014-03-31 10:28 - 00021357 _____ () C:\Users\Lisa\Desktop\dorothy job.odt
2014-03-30 21:16 - 2014-04-09 10:01 - 23134208 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-30 21:13 - 2014-04-09 10:01 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-30 20:13 - 2014-04-09 10:01 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-03-30 19:57 - 2014-04-09 10:01 - 17073152 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-30 10:06 - 2014-03-30 10:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-30 02:55 - 2013-06-29 17:09 - 00000000 ____D () C:\Users\Lisa\Desktop\Buffet Selections
2014-03-30 01:08 - 2014-03-30 01:05 - 00002408 _____ () C:\Users\Lisa\Desktop\Rkill.txt
2014-03-30 01:05 - 2014-03-30 01:05 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Lisa\Desktop\rkill.exe
2014-03-30 00:38 - 2014-03-30 00:38 - 00001171 _____ () C:\Users\Lisa\Desktop\malwbyte 03.30.txt
2014-03-30 00:12 - 2009-07-14 01:08 - 00032538 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-03-30 00:11 - 2013-09-18 23:39 - 00000000 ____D () C:\AdwCleaner
2014-03-29 23:44 - 2014-03-29 23:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-29 23:44 - 2013-07-18 15:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 12:02 - 2014-03-29 12:02 - 00012068 _____ () C:\Users\Lisa\Desktop\dorothy apps.odt
2014-03-29 09:57 - 2013-12-21 00:37 - 00000000 ____D () C:\Users\Lisa\Desktop\0 0ff
2014-03-28 18:55 - 2013-08-08 15:22 - 00003890 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-28 18:55 - 2013-08-08 15:22 - 00003638 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-28 07:40 - 2014-03-28 07:40 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Desktop\mbam-setup-2.0.0.1000.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-09 12:38

==================== End Of Log ============================


----------



## lavenderchef45 (Jul 24, 2013)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Lisa at 2014-04-10 00:23:23
Running from C:\Users\Lisa\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Privatefirewall (Enabled) {16337F50-A853-219F-6DEC-E7BDA0A7E8E7}

==================== Installed Programs ======================

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.43 - Adobe Systems Incorporated)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{1D27E8CF-7546-F200-4CA3-CD2F39909F5A}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2011 - Avast Software)
Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0216.726.13233 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0216.726.13233 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0216.726.13233 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help English (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help French (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help German (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0216.0725.13233 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0216.726.13233 - ATI) Hidden
ccc-utility64 (Version: 2011.0216.726.13233 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.1.0 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
DFX (HKLM-x32\...\DFX) (Version: 11.112.0.0 - Power Technology)
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
ETDWare PS/2-X64 8.0.8.0_R01 (HKLM\...\Elantech) (Version: 8.0.8.0 - ELAN Microelectronic Corp.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.3.0.0 - QFX Software Corporation)
[email protected] 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Malwarebytes Anti-Malware version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{51071D66-D034-4239-94E0-723FCA10B6FE}) (Version: 3.4.9590 - OpenOffice.org)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Privatefirewall 7.0 (HKLM-x32\...\{E8EA933E-03A2-4E62-9F52-812C72BE2A6B}) (Version: 7.0.30.3 - PWI, Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.93 (HKLM-x32\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.3.2 - Krzysztof Kowalczyk)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{92C7DC44-DAD3-49FE-B89B-F92C6BA9A331}) (Version: 2.2.6775 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.08.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.14 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.16.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.16.64 - TOSHIBA Corporation) Hidden
TOSHIBA Supervisor Password (HKLM-x32\...\{073B89C3-BA88-41B5-965F-B35A88EAE838}) (Version: 2.00.07 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.22.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.22.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.22.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.1.1 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.1.1 - TOSHIBA Corporation) Hidden
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden

==================== Restore Points =========================

12-03-2014 20:05:15 Windows Update
18-03-2014 05:59:28 Windows Update
22-03-2014 07:21:20 Windows Update
26-03-2014 02:51:03 Windows Update
28-03-2014 11:35:48 Revo Uninstaller's restore point - Malwarebytes Anti-Malware version 1.75.0.1300
03-04-2014 04:29:33 Windows Update
06-04-2014 04:21:14 Revo Uninstaller's restore point - TOSHIBA Service Station
06-04-2014 05:12:02 Windows Modules Installer
06-04-2014 05:28:51 Windows Modules Installer
08-04-2014 15:09:46 Windows Update
09-04-2014 14:01:59 Windows Update
10-04-2014 03:27:49 Installed AutorunCleanUpTool
10-04-2014 03:31:33 Revo Uninstaller's restore point - AutorunCleanUpTool
10-04-2014 03:32:10 Removed AutorunCleanUpTool

==================== Hosts content: ==========================

2009-07-13 22:34 - 2013-11-14 01:54 - 00000741 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {2AEBA752-5BA6-4540-A380-D1383CB9368B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {7082F0F1-EBAE-400D-92C8-294A1A38A26E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08] (Google Inc.)
Task: {AC8927D9-3485-411D-BAFB-1DD73AD504E0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-10] (AVAST Software)
Task: {CF60A60B-46A7-4808-9EB8-71FFDAB5B324} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08] (Google Inc.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-04-07 19:07 - 2010-04-07 19:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 16:26 - 2009-11-03 16:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2011-03-29 22:48 - 2009-06-22 18:40 - 00022328 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2009-03-12 22:08 - 2009-03-12 22:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 20:38 - 2009-07-25 20:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2013-08-20 13:03 - 2013-08-20 13:03 - 01274840 _____ () C:\Program Files (x86)\DFX\DFX.exe
2011-02-16 10:25 - 2011-02-16 10:25 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-10-19 17:15 - 2010-10-19 17:15 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-08-20 13:12 - 2013-08-20 13:12 - 00130520 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
2013-08-20 13:16 - 2013-08-20 13:16 - 00132056 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
2013-08-20 13:35 - 2013-08-20 13:35 - 00048088 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared64.dll
2013-08-20 13:06 - 2013-08-20 13:06 - 00167384 _____ () C:\Program Files (x86)\DFX\Universal\Apps\dfxItunesSong.exe
2010-02-05 20:44 - 2010-02-05 20:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-04-09 11:55 - 2014-04-09 10:53 - 02192384 _____ () C:\Program Files\AVAST Software\Avast\defs\14040902\algo.dll
2014-04-09 21:46 - 2014-04-09 15:56 - 02192384 _____ () C:\Program Files\AVAST Software\Avast\defs\14040903\algo.dll
2013-08-20 13:31 - 2013-08-20 13:31 - 00049112 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared32.dll
2014-03-10 22:19 - 2014-03-10 22:19 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-30 10:06 - 2014-03-30 10:06 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-26 19:25 - 2014-01-26 19:25 - 16287624 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\29667784.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\29667784.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/06/2014 01:28:54 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service TMachInfo since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (04/06/2014 01:12:04 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service TMachInfo since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (04/06/2014 00:55:15 AM) (Source: MsiInstaller) (User: Lisa-PC)
Description: Product: TOSHIBA Service Station -- The operating system is not adequate for running TOSHIBA Service Station.

Error: (04/06/2014 00:28:42 AM) (Source: MsiInstaller) (User: Lisa-PC)
Description: Product: TOSHIBA Service Station -- The operating system is not adequate for running TOSHIBA Service Station.

Error: (04/06/2014 00:27:54 AM) (Source: Service1) (User: )
Description: Service cannot be started. The service process could not connect to the service controller

Error: (04/06/2014 00:22:46 AM) (Source: TOSHIBA Service Station) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (04/06/2014 00:03:24 AM) (Source: TOSHIBA Service Station) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (04/04/2014 08:28:42 PM) (Source: MsiInstaller) (User: Lisa-PC)
Description: Product: TOSHIBA Service Station -- The operating system is not adequate for running TOSHIBA Service Station.

Error: (04/04/2014 08:18:29 PM) (Source: TOSHIBA Service Station) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (04/04/2014 09:43:59 AM) (Source: Service1) (User: )
Description: Service cannot be started. The service process could not connect to the service controller

System errors:
=============
Error: (04/09/2014 09:42:49 PM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (04/09/2014 09:42:29 PM) (Source: Service Control Manager) (User: )
Description: The !SASCORE service failed to start due to the following error: 
%%3

Error: (04/09/2014 09:42:29 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service failed to start due to the following error: 
%%1079

Error: (04/09/2014 11:55:14 AM) (Source: Service Control Manager) (User: )
Description: The !SASCORE service failed to start due to the following error: 
%%3

Error: (04/09/2014 11:55:14 AM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service failed to start due to the following error: 
%%1079

Error: (04/09/2014 10:48:04 AM) (Source: Service Control Manager) (User: )
Description: The !SASCORE service failed to start due to the following error: 
%%3

Error: (04/09/2014 10:48:04 AM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service failed to start due to the following error: 
%%1079

Error: (04/09/2014 10:45:04 AM) (Source: Service Control Manager) (User: )
Description: The !SASCORE service failed to start due to the following error: 
%%3

Error: (04/09/2014 10:45:04 AM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service failed to start due to the following error: 
%%1079

Error: (04/09/2014 10:01:44 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Microsoft Office Sessions:
=========================
Error: (04/06/2014 01:28:54 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service TMachInfo since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (04/06/2014 01:12:04 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service TMachInfo since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (04/06/2014 00:55:15 AM) (Source: MsiInstaller)(User: Lisa-PC)
Description: Product: TOSHIBA Service Station -- The operating system is not adequate for running TOSHIBA Service Station.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/06/2014 00:28:42 AM) (Source: MsiInstaller)(User: Lisa-PC)
Description: Product: TOSHIBA Service Station -- The operating system is not adequate for running TOSHIBA Service Station.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/06/2014 00:27:54 AM) (Source: Service1)(User: )
Description: Service cannot be started. The service process could not connect to the service controller

Error: (04/06/2014 00:22:46 AM) (Source: TOSHIBA Service Station)(User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (04/06/2014 00:03:24 AM) (Source: TOSHIBA Service Station)(User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (04/04/2014 08:28:42 PM) (Source: MsiInstaller)(User: Lisa-PC)
Description: Product: TOSHIBA Service Station -- The operating system is not adequate for running TOSHIBA Service Station.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/04/2014 08:18:29 PM) (Source: TOSHIBA Service Station)(User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (04/04/2014 09:43:59 AM) (Source: Service1)(User: )
Description: Service cannot be started. The service process could not connect to the service controller

CodeIntegrity Errors:
===================================
Date: 2013-08-13 03:05:06.656
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\lavenderchef123\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-08-13 03:05:06.532
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\lavenderchef123\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-06-28 12:14:28.055
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-06-28 12:14:27.915
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 57%
Total physical RAM: 2662.87 MB
Available physical RAM: 1125.84 MB
Total Pagefile: 5323.91 MB
Available Pagefile: 3450.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (TI106147W0C) (Fixed) (Total:285.29 GB) (Free:253.41 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: E4AE5E69)

Partition: GPT Partition Type.

==================== End Of Log ============================


----------



## lavenderchef45 (Jul 24, 2013)

I will run the Tweaking Program tomorrow. Thank you for the info. Let me know if the Farbar Program logs shed any light.


----------



## eddie5659 (Mar 19, 2001)

I'll have a look at the Farbar logs, but it does seem that a repair is in order, so that's why I posted the Tweaking Program to do


----------



## lavenderchef45 (Jul 24, 2013)

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: LISA-PC
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\Lisa
Current Profile SID: S-1-5-21-3278135505-1108507621-254113999-1000
Current Profile Classes: S-1-5-21-3278135505-1108507621-254113999-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Lisa\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:46:01

Process Count: 57
Commit Total: 1.16 GB
Commit Limit: 5.20 GB
Commit Peak: 1.98 GB
Handle Count: 16103
Kernel Total: 223.25 MB
Kernel Paged: 162.77 MB
Kernel Non Paged: 60.48 MB
System Cache: 1.27 GB
Thread Count: 644
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.60 GB
Memory Used: 830.97 MB(31.2059%)
Memory Avail.: 1.79 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.60 GB
Memory Used: 690.71 MB(25.9385%)
Memory Avail.: 1.93 GB
--------------------------------------------------------------------------------

Starting Repairs...
Start (4/11/2014 10:52:46 AM)

05 - Repair Windows Firewall
Start (4/11/2014 10:52:46 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2014 10:53:34 AM)

25 - Restore Important Windows Services
Start (4/11/2014 10:53:34 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2014 10:54:31 AM)

26 - Set Windows Services To Default Startup
Start (4/11/2014 10:54:31 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/11/2014 10:54:54 AM)

Cleaning up empty logs...

All Selected Repairs Done.
Done (4/11/2014 10:54:54 AM)
Total Repair Time: 00:02:10


...YOU MUST RESTART YOUR SYSTEM...
Running Repair Under Current User Account


----------



## lavenderchef45 (Jul 24, 2013)

The Windows Firewall service is not started.

More help is available by typing NET HELPMSG 3521.

The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

The following services are dependent on the Base Filtering Engine service.
Stopping the Base Filtering Engine service will also stop these services.

IPsec Policy Agent
IKE and AuthIP IPsec Keying Modules

The IPsec Policy Agent service is stopping..
The IPsec Policy Agent service was stopped successfully.

The IKE and AuthIP IPsec Keying Modules service is stopping.
The IKE and AuthIP IPsec Keying Modules service was stopped successfully.

The Base Filtering Engine service is stopping.
The Base Filtering Engine service was stopped successfully.

[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
The Base Filtering Engine service is starting.
The Base Filtering Engine service was started successfully.

System error 1068 has occurred.

The dependency service or group failed to start.

The Windows Firewall service is starting.
The Windows Firewall service was started successfully.

The Windows Firewall service is stopping.
The Windows Firewall service was stopped successfully.

The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

The following services are dependent on the Base Filtering Engine service.
Stopping the Base Filtering Engine service will also stop these services.

IPsec Policy Agent
IKE and AuthIP IPsec Keying Modules

The IPsec Policy Agent service is stopping...
The IPsec Policy Agent service was stopped successfully.

The IKE and AuthIP IPsec Keying Modules service is stopping.
The IKE and AuthIP IPsec Keying Modules service was stopped successfully.

The Base Filtering Engine service is stopping.
The Base Filtering Engine service was stopped successfully.

[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
The Base Filtering Engine service is starting.
The Base Filtering Engine service was started successfully.

System error 1068 has occurred.

The dependency service or group failed to start.

The Windows Firewall service is starting.
The Windows Firewall service was started successfully.


----------



## lavenderchef45 (Jul 24, 2013)

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The process cannot access the file because it is being used by another process.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The process cannot access the file because it is being used by another process.

Error: The process cannot access the file because it is being used by another process.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The process cannot access the file because it is being used by another process.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The process cannot access the file because it is being used by another process.

Error: The process cannot access the file because it is being used by another process.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.

Error: The file or directory is not a reparse point.


----------



## lavenderchef45 (Jul 24, 2013)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)


----------



## lavenderchef45 (Jul 24, 2013)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{cac88484-7515-4c03-82e6-71a87abac361}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{cac88484-7515-4c03-82e6-71a87abac361}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{cac88484-7515-4c03-82e6-71a87abac361}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{cac88484-7515-4c03-82e6-71a87abac361}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{cac88484-7515-4c03-82e6-71a87abac361}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceOverrides\CIRCLASS#IrDeviceV2\LocationPaths\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceOverrides\RSUSBSTOR#GenDisk\LocationPaths\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceOverrides\USB#VID_0BDA&PID_0138&REV_3882\LocationPaths\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)


----------



## lavenderchef45 (Jul 24, 2013)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Enum\Root\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Enum\Root\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Enum\Root\* : registry key is skipped (contains wildcard)

HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswMonFlt : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswRdr : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswRvrt : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswSnx : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswSP : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswStm : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswVmm : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\avast! Antivirus : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\PFNet - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Instances - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Instances\pwipf6 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{00BB99C2-4DE1-4021-8A5A-DB02E06D6EA5} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{00BB99C2-4DE1-4021-8A5A-DB02E06D6EA5}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{00DAE0C0-FA7F-4EB2-9C2B-06350486C6E7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{00DAE0C0-FA7F-4EB2-9C2B-06350486C6E7}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0102042A-EB27-40B3-B853-3F6AAD680997} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0102042A-EB27-40B3-B853-3F6AAD680997}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{01B071F8-013C-47BA-BD2A-4898FC614768} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{01B071F8-013C-47BA-BD2A-4898FC614768}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{03657A0B-E641-4DBB-B1FA-46947BCE9DD0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{03657A0B-E641-4DBB-B1FA-46947BCE9DD0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0491E058-016A-4B42-912B-60074AB0F3CE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0491E058-016A-4B42-912B-60074AB0F3CE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{05232212-2802-448B-9C00-95ED68D4A36B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{05232212-2802-448B-9C00-95ED68D4A36B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0656FE01-B544-42C6-A71E-E88DFC0FA5C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0656FE01-B544-42C6-A71E-E88DFC0FA5C3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0884FEBE-5199-4F5E-A139-7A8E2356B6B4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0884FEBE-5199-4F5E-A139-7A8E2356B6B4}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0A6AE135-4BDA-4096-9F2F-CADC26ABFAA0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0A6AE135-4BDA-4096-9F2F-CADC26ABFAA0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0B8EF117-59E7-45BA-BBD3-65875556883C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0B8EF117-59E7-45BA-BBD3-65875556883C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0C278710-C451-43A7-B8A5-55DD79417C89} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0C278710-C451-43A7-B8A5-55DD79417C89}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{12496030-686B-413D-B9CB-5D2538ACB422} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{12496030-686B-413D-B9CB-5D2538ACB422}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{14708749-7A4C-42CB-81E8-6DB51AD2615B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{14708749-7A4C-42CB-81E8-6DB51AD2615B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{15F7DC48-2BA7-4EB1-A95D-E9A999C57C42} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{15F7DC48-2BA7-4EB1-A95D-E9A999C57C42}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{19710E1D-2971-4C51-99F8-E4B3FC757570} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{19710E1D-2971-4C51-99F8-E4B3FC757570}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1A38D7B5-3C9E-4AC8-BBA3-5908BE3F63A3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1A38D7B5-3C9E-4AC8-BBA3-5908BE3F63A3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1A3C04C2-0C3F-4AC2-A4CF-EBDADC98B20A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1A3C04C2-0C3F-4AC2-A4CF-EBDADC98B20A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1C263854-88BF-4E3E-A253-79A5F4772E36} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1C263854-88BF-4E3E-A253-79A5F4772E36}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1D86067B-2695-4432-8D8D-DF106DB88C40} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1D86067B-2695-4432-8D8D-DF106DB88C40}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{20703FA9-7B00-4B11-A34F-9D1851505D20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{20703FA9-7B00-4B11-A34F-9D1851505D20}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{20ED22BC-37D2-4E55-BB29-B6904EAFD2F5} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{20ED22BC-37D2-4E55-BB29-B6904EAFD2F5}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{223F8F2B-5BD6-42D8-A39A-674FBBDC99D9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{223F8F2B-5BD6-42D8-A39A-674FBBDC99D9}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{22FF1F10-2F60-44C6-84A5-D039F4B652A0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{22FF1F10-2F60-44C6-84A5-D039F4B652A0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2627A471-6748-431E-9E4B-A1AB7CD80D69} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2627A471-6748-431E-9E4B-A1AB7CD80D69}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{26A48BAF-86F5-48CF-89A3-BBA28835E6FE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{26A48BAF-86F5-48CF-89A3-BBA28835E6FE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2D368B49-C8D2-4364-A5FF-F08329493F03} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2D368B49-C8D2-4364-A5FF-F08329493F03}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2DE2570B-E3EC-4710-8106-0A862FF3A321} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2DE2570B-E3EC-4710-8106-0A862FF3A321}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2DF13FD2-F5C3-4F34-9DEE-AFC29CF85669} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2DF13FD2-F5C3-4F34-9DEE-AFC29CF85669}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2ECE6F57-6027-4620-A153-913D6F8E27CD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2ECE6F57-6027-4620-A153-913D6F8E27CD}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{316721EC-BFAE-4EDA-930F-8BFC672F6A21} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{316721EC-BFAE-4EDA-930F-8BFC672F6A21}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{330FF765-798F-49FF-B63B-D89031A1E0C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{330FF765-798F-49FF-B63B-D89031A1E0C3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{35EFAB13-D191-4D59-84E9-974D026662A8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{35EFAB13-D191-4D59-84E9-974D026662A8}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{37740F1C-F189-4C4A-9EA0-A816038C7188} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{37740F1C-F189-4C4A-9EA0-A816038C7188}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{37EE4C9B-DE2F-4BE3-8934-BFEB91DF2DD7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{37EE4C9B-DE2F-4BE3-8934-BFEB91DF2DD7}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{3EF79FF2-8AA2-4489-BC7B-BAF6931324C2} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{3EF79FF2-8AA2-4489-BC7B-BAF6931324C2}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{3FF26964-488F-4432-B1FC-D7E1278C7484} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{3FF26964-488F-4432-B1FC-D7E1278C7484}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{407F0095-8F13-48E5-8741-663FEFC72C7D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{407F0095-8F13-48E5-8741-663FEFC72C7D}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{412140A1-6784-4FE4-BD6E-BF15EA05DF39} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{412140A1-6784-4FE4-BD6E-BF15EA05DF39}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{41C31C55-7A5D-4714-9F18-B8EF1BFE9A20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{41C31C55-7A5D-4714-9F18-B8EF1BFE9A20}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{43DC3CC9-EA7C-4F9B-9B79-E1CC0FF5469C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{43DC3CC9-EA7C-4F9B-9B79-E1CC0FF5469C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{457E21DA-537A-4D69-8622-2062FFA5EC91} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{457E21DA-537A-4D69-8622-2062FFA5EC91}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{4EBF92E9-B36A-4F8B-8905-28FD81A02205} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{4EBF92E9-B36A-4F8B-8905-28FD81A02205}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{4FF5CA03-2F2C-4A5B-92DA-94F5BF5C439C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{4FF5CA03-2F2C-4A5B-92DA-94F5BF5C439C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{50A5FD00-6EA2-4359-BC16-1F83A104AE01} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{50A5FD00-6EA2-4359-BC16-1F83A104AE01}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{543C5A73-556F-4944-BC93-8FD12FE3F7D1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{543C5A73-556F-4944-BC93-8FD12FE3F7D1}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{58C8566A-73E8-4387-8716-6D85820CD149} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{58C8566A-73E8-4387-8716-6D85820CD149}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{596955D7-55D3-4D81-BC39-B40AF77B54F8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{596955D7-55D3-4D81-BC39-B40AF77B54F8}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{5D08D61E-6FDF-4E64-A318-FC14C6C3D6FE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{5D08D61E-6FDF-4E64-A318-FC14C6C3D6FE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{5DF98E70-6233-45FA-85F7-7CA6748070A0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{5DF98E70-6233-45FA-85F7-7CA6748070A0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{5E7B9612-773D-4214-852B-A801CC1DDB0E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{5E7B9612-773D-4214-852B-A801CC1DDB0E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{60D13A25-17B4-4F7B-84BC-5739AC590B5F} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{60D13A25-17B4-4F7B-84BC-5739AC590B5F}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{64FD4FB6-367F-4AA2-B3D1-66F270FDD4A6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{64FD4FB6-367F-4AA2-B3D1-66F270FDD4A6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{65F00C5B-DB29-41C4-8B3F-7D010182457E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{65F00C5B-DB29-41C4-8B3F-7D010182457E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6609B9EF-EA03-41D4-963C-9A0AB8AD6CFB} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6609B9EF-EA03-41D4-963C-9A0AB8AD6CFB}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6660B455-8673-49EB-A732-A11DE82BEFD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6660B455-8673-49EB-A732-A11DE82BEFD6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{677E8195-8970-4B88-AD34-4F763D30D296} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{677E8195-8970-4B88-AD34-4F763D30D296}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{68465E2A-DA0A-4277-878C-B316B9824575} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{68465E2A-DA0A-4277-878C-B316B9824575}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6A9C3A8E-4F5E-4016-B7BE-A31829BA3A4B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6A9C3A8E-4F5E-4016-B7BE-A31829BA3A4B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6D4D596F-AEE4-4DC5-A578-ED14AD0C8C51} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6D4D596F-AEE4-4DC5-A578-ED14AD0C8C51}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6D9855E6-79CB-4E58-9693-D68DE991B28D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6D9855E6-79CB-4E58-9693-D68DE991B28D}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{708678AE-A0D0-4AF6-BA84-D7F8B956C2EF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{708678AE-A0D0-4AF6-BA84-D7F8B956C2EF}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7270C4EF-F580-4DED-ABB5-00F0239CED61} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7270C4EF-F580-4DED-ABB5-00F0239CED61}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{72A2A9D3-45AA-4F1D-93A3-0CB9A3F35207} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{72A2A9D3-45AA-4F1D-93A3-0CB9A3F35207}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{737FD183-DD56-42DD-BAB5-A953C8E3F9DE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{737FD183-DD56-42DD-BAB5-A953C8E3F9DE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7497DBA8-9E6A-4987-9DEB-E539FC832D01} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7497DBA8-9E6A-4987-9DEB-E539FC832D01}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7A564958-306E-468E-9694-6A4806CB86C8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7A564958-306E-468E-9694-6A4806CB86C8}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7B57B8DD-C1DD-4D8F-BFCD-A8567209AA2A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7B57B8DD-C1DD-4D8F-BFCD-A8567209AA2A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7BB0F0FA-7E1F-4ED9-BE0F-D2013767FDCA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7BB0F0FA-7E1F-4ED9-BE0F-D2013767FDCA}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7C816DA5-9F12-49A4-952D-BD7E7488AE77} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7C816DA5-9F12-49A4-952D-BD7E7488AE77}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7F7A21E5-61DB-4633-9590-680C523F5D46} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7F7A21E5-61DB-4633-9590-680C523F5D46}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7FAE985D-E6B9-409B-A1D7-EAD877F37C0D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7FAE985D-E6B9-409B-A1D7-EAD877F37C0D}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7FD98228-69C7-42DB-8EFC-1DDDE271DDAE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7FD98228-69C7-42DB-8EFC-1DDDE271DDAE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{83459029-0F25-4AD0-84B5-61A454B6CF5C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{83459029-0F25-4AD0-84B5-61A454B6CF5C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{83F412E2-1D7C-431E-A0DA-B616A51962D1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{83F412E2-1D7C-431E-A0DA-B616A51962D1}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{878A29C1-EB9A-43E6-B2E6-B0BEBE134223} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{878A29C1-EB9A-43E6-B2E6-B0BEBE134223}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{87BB1333-0337-40AE-9472-C75D508D4A4E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{87BB1333-0337-40AE-9472-C75D508D4A4E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{89DEDA1B-E999-4004-929E-BE949567A812} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{89DEDA1B-E999-4004-929E-BE949567A812}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8B966250-E61F-4BDC-9C1E-5207C0EA1088} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8B966250-E61F-4BDC-9C1E-5207C0EA1088}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8C25603E-0DFF-47B4-9493-CE5399A13E18} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8C25603E-0DFF-47B4-9493-CE5399A13E18}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8CAB506D-A14A-4025-80E2-63948D6ED04D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8CAB506D-A14A-4025-80E2-63948D6ED04D}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8E3B672A-4B97-4AC1-A99D-51873C167D4E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8E3B672A-4B97-4AC1-A99D-51873C167D4E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{93D9BF5A-59B2-49C6-82EE-F2BD299E6E9E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{93D9BF5A-59B2-49C6-82EE-F2BD299E6E9E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{94746698-4720-4160-9A2B-9749FA389C36} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{94746698-4720-4160-9A2B-9749FA389C36}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{95B3935C-4EDF-4019-8C79-4F11D6B043C0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{95B3935C-4EDF-4019-8C79-4F11D6B043C0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{95C17A14-FD44-4DCC-9B58-19A74A9EAC97} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{95C17A14-FD44-4DCC-9B58-19A74A9EAC97}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{9621704C-2E93-4FDA-BEC8-FFFFEE187E02} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{9621704C-2E93-4FDA-BEC8-FFFFEE187E02}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{9E7AF68A-D5A7-4EE8-9C11-88E217E18590} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{9E7AF68A-D5A7-4EE8-9C11-88E217E18590}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A06C4FEB-A16C-43CD-ADE5-0A91E08AF063} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A06C4FEB-A16C-43CD-ADE5-0A91E08AF063}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A09B250D-B748-4785-86CD-6FC4E463A805} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A09B250D-B748-4785-86CD-6FC4E463A805}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A15AB336-7C62-4E05-B350-5008984D826F} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A15AB336-7C62-4E05-B350-5008984D826F}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A1FCB317-2FF4-4B91-940F-002213999E42} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A1FCB317-2FF4-4B91-940F-002213999E42}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A2567D55-A983-4868-8396-2F19613FA360} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A2567D55-A983-4868-8396-2F19613FA360}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A2950CE7-E3DF-4080-991B-A3A061DB63DD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A2950CE7-E3DF-4080-991B-A3A061DB63DD}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A33997CE-5D37-4515-BA86-1515DC91E64A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A33997CE-5D37-4515-BA86-1515DC91E64A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A4F1C5FC-9DD3-4B4E-BAA1-53A55B0C3BD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A4F1C5FC-9DD3-4B4E-BAA1-53A55B0C3BD6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{AA4AFF15-728E-41B5-92DC-965B561820E2} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{AA4AFF15-728E-41B5-92DC-965B561820E2}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{AAE0DD6E-7D37-40CD-A98A-E7017A7B9497} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{AAE0DD6E-7D37-40CD-A98A-E7017A7B9497}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{AC3DFD29-EFEF-40ED-B4A4-6F9ED528C276} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{AC3DFD29-EFEF-40ED-B4A4-6F9ED528C276}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{B2A3FFE8-A3ED-48B1-B546-69F92F9CF7FA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{B2A3FFE8-A3ED-48B1-B546-69F92F9CF7FA}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{B492490C-9C7F-4926-A221-C1FDC9EB141B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{B492490C-9C7F-4926-A221-C1FDC9EB141B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{B5D9343E-613D-40A9-8B9C-CAD607F3283E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{B5D9343E-613D-40A9-8B9C-CAD607F3283E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{BBE90BD2-92E7-4CC6-B4D4-6275C94781AF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{BBE90BD2-92E7-4CC6-B4D4-6275C94781AF}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C18B94B6-D3F3-4F02-AE72-165B0953468E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C18B94B6-D3F3-4F02-AE72-165B0953468E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C2D44CDE-5D2F-4C1A-9A75-2A436F2A2D99} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C2D44CDE-5D2F-4C1A-9A75-2A436F2A2D99}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C45F8916-44A9-4630-B7E0-B38EE4E69146} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C45F8916-44A9-4630-B7E0-B38EE4E69146}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C604E51D-11E7-4DEF-8C84-E0E4B6D45BE9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C604E51D-11E7-4DEF-8C84-E0E4B6D45BE9}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C81F7A04-DAE4-4579-93F7-7BA1694B4305} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C81F7A04-DAE4-4579-93F7-7BA1694B4305}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C8F2508F-7757-4D74-8B33-1E7F575FEDB9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C8F2508F-7757-4D74-8B33-1E7F575FEDB9}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{CC16714B-BEA0-476A-B3C1-24C7CA7944A6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{CC16714B-BEA0-476A-B3C1-24C7CA7944A6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D0B72A8D-E5FE-4C0F-A731-ECCBD63E6077} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D0B72A8D-E5FE-4C0F-A731-ECCBD63E6077}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D165663B-D7B5-4E41-9472-25710C503C02} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D165663B-D7B5-4E41-9472-25710C503C02}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D1A9B278-F6FA-411B-A6F8-4BBBF54E8484} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D1A9B278-F6FA-411B-A6F8-4BBBF54E8484}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D25AEC4B-3CBE-41AE-A5C6-6FF8E36320FD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D25AEC4B-3CBE-41AE-A5C6-6FF8E36320FD}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D611F930-8ACB-4D7A-B55F-183C060B0C8A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D611F930-8ACB-4D7A-B55F-183C060B0C8A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D64081B3-F5B4-4206-8B84-FDA322B32349} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D64081B3-F5B4-4206-8B84-FDA322B32349}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{DDB27D4C-06E9-4B72-979B-BF2FAE1BE75B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{DDB27D4C-06E9-4B72-979B-BF2FAE1BE75B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{DE31B097-94C2-4F93-98D9-E6B3363C6FEA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{DE31B097-94C2-4F93-98D9-E6B3363C6FEA}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{DF7E53BD-052F-4BE2-910C-0D8D58AA2E0A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{DF7E53BD-052F-4BE2-910C-0D8D58AA2E0A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E2280776-A9D7-427B-B302-B8A5F343B1B7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E2280776-A9D7-427B-B302-B8A5F343B1B7}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E54DB066-CBA9-493C-B1D3-872360AAE9D3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E54DB066-CBA9-493C-B1D3-872360AAE9D3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E6E5EDF7-50B9-472E-97D2-DA32D25C4D5E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E6E5EDF7-50B9-472E-97D2-DA32D25C4D5E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E9305E8E-2269-4FEF-9E75-A27CCE9B0A55} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E9305E8E-2269-4FEF-9E75-A27CCE9B0A55}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E9818A2F-E34E-4452-A214-43FC7BC9D5B0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E9818A2F-E34E-4452-A214-43FC7BC9D5B0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EF3C1FB9-1BB3-4A49-A99C-C04531C65C54} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EF3C1FB9-1BB3-4A49-A99C-C04531C65C54}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EF569DB8-671D-4FC9-8201-2E4731A8167C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EF569DB8-671D-4FC9-8201-2E4731A8167C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EF65E06F-C38B-40E7-94B1-38BDF7E4875C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EF65E06F-C38B-40E7-94B1-38BDF7E4875C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EFB2AF80-E9E7-4FAB-9311-72539ED9FE59} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EFB2AF80-E9E7-4FAB-9311-72539ED9FE59}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F13BE0DE-512F-4C72-8EE4-9173BAB6B324} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F13BE0DE-512F-4C72-8EE4-9173BAB6B324}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F1AA7018-91A0-4710-85A9-65482756DC69} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F1AA7018-91A0-4710-85A9-65482756DC69}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F4AB8E56-51AE-4364-93CD-FE9273774DD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F4AB8E56-51AE-4364-93CD-FE9273774DD6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F714EB3A-9117-440F-9439-ECCA61F8A9A8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F714EB3A-9117-440F-9439-ECCA61F8A9A8}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F78B4E18-0676-40B1-A727-87DBF3D86971} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F78B4E18-0676-40B1-A727-87DBF3D86971}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F889EA43-9959-4A62-983F-BE5C4D3702C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F889EA43-9959-4A62-983F-BE5C4D3702C3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{FC2A70BF-2A63-43F5-9291-6FC1D46EC1E4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{FC2A70BF-2A63-43F5-9291-6FC1D46EC1E4}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{FFFA8EDA-16C6-4228-81BC-1F2EF795E468} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{FFFA8EDA-16C6-4228-81BC-1F2EF795E468}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{00BB99C2-4DE1-4021-8A5A-DB02E06D6EA5} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{00DAE0C0-FA7F-4EB2-9C2B-06350486C6E7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0102042A-EB27-40B3-B853-3F6AAD680997} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{01B071F8-013C-47BA-BD2A-4898FC614768} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{03657A0B-E641-4DBB-B1FA-46947BCE9DD0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0491E058-016A-4B42-912B-60074AB0F3CE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{05232212-2802-448B-9C00-95ED68D4A36B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0656FE01-B544-42C6-A71E-E88DFC0FA5C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0884FEBE-5199-4F5E-A139-7A8E2356B6B4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0A6AE135-4BDA-4096-9F2F-CADC26ABFAA0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0B7AB491-B316-4687-9CEC-11EB7360EEC7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0B8EF117-59E7-45BA-BBD3-65875556883C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0C278710-C451-43A7-B8A5-55DD79417C89} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{122FC130-E4C4-4019-A32D-5E20201762A7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{12496030-686B-413D-B9CB-5D2538ACB422} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{14708749-7A4C-42CB-81E8-6DB51AD2615B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{15F7DC48-2BA7-4EB1-A95D-E9A999C57C42} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{166ACA65-2305-4C31-9AE7-BA52F46B70E9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{193AE675-3C91-4ACE-AFF8-FF090703AE09} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{19710E1D-2971-4C51-99F8-E4B3FC757570} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{1A38D7B5-3C9E-4AC8-BBA3-5908BE3F63A3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{1A3C04C2-0C3F-4AC2-A4CF-EBDADC98B20A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{1C263854-88BF-4E3E-A253-79A5F4772E36} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{1D86067B-2695-4432-8D8D-DF106DB88C40} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{20703FA9-7B00-4B11-A34F-9D1851505D20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{20ED22BC-37D2-4E55-BB29-B6904EAFD2F5} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{223F8F2B-5BD6-42D8-A39A-674FBBDC99D9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{22FF1F10-2F60-44C6-84A5-D039F4B652A0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{2627A471-6748-431E-9E4B-A1AB7CD80D69} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{26A48BAF-86F5-48CF-89A3-BBA28835E6FE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{2CAA64ED-BAA3-4473-B637-DEC65A14C8AA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{2D368B49-C8D2-4364-A5FF-F08329493F03} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{2DE2570B-E3EC-4710-8106-0A862FF3A321} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{2DF13FD2-F5C3-4F34-9DEE-AFC29CF85669} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{2ECE6F57-6027-4620-A153-913D6F8E27CD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{316721EC-BFAE-4EDA-930F-8BFC672F6A21} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{330FF765-798F-49FF-B63B-D89031A1E0C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{35141C14-6A63-4BE1-B19B-F2CF029F9664} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{35EFAB13-D191-4D59-84E9-974D026662A8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{37740F1C-F189-4C4A-9EA0-A816038C7188} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{37EE4C9B-DE2F-4BE3-8934-BFEB91DF2DD7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{3E36C79D-6F36-4103-AE18-6DB27AA47B20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{3EF79FF2-8AA2-4489-BC7B-BAF6931324C2} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{3F2D4926-9457-4FB2-8668-A29BDBCB3F5D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{3FF26964-488F-4432-B1FC-D7E1278C7484} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{407F0095-8F13-48E5-8741-663FEFC72C7D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{412140A1-6784-4FE4-BD6E-BF15EA05DF39} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{41C31C55-7A5D-4714-9F18-B8EF1BFE9A20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{43DC3CC9-EA7C-4F9B-9B79-E1CC0FF5469C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{457E21DA-537A-4D69-8622-2062FFA5EC91} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{4EBF92E9-B36A-4F8B-8905-28FD81A02205} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{4FF5CA03-2F2C-4A5B-92DA-94F5BF5C439C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{50A5FD00-6EA2-4359-BC16-1F83A104AE01} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{543C5A73-556F-4944-BC93-8FD12FE3F7D1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{58C8566A-73E8-4387-8716-6D85820CD149} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{596955D7-55D3-4D81-BC39-B40AF77B54F8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{5A4DE87F-FA08-4475-BB67-FC7397CEA7C7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{5BF54C7E-91DA-457D-80BF-333677D7E316} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{5D08D61E-6FDF-4E64-A318-FC14C6C3D6FE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{5DF98E70-6233-45FA-85F7-7CA6748070A0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{5E7B9612-773D-4214-852B-A801CC1DDB0E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{60D13A25-17B4-4F7B-84BC-5739AC590B5F} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{64FD4FB6-367F-4AA2-B3D1-66F270FDD4A6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{65F00C5B-DB29-41C4-8B3F-7D010182457E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{6609B9EF-EA03-41D4-963C-9A0AB8AD6CFB} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{6660B455-8673-49EB-A732-A11DE82BEFD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{677E8195-8970-4B88-AD34-4F763D30D296} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{68465E2A-DA0A-4277-878C-B316B9824575} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{6A9C3A8E-4F5E-4016-B7BE-A31829BA3A4B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{6AD5CD60-6AAC-49D2-8100-C4A40146738B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{6D4D596F-AEE4-4DC5-A578-ED14AD0C8C51} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{6D9855E6-79CB-4E58-9693-D68DE991B28D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{708678AE-A0D0-4AF6-BA84-D7F8B956C2EF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7270C4EF-F580-4DED-ABB5-00F0239CED61} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{72A2A9D3-45AA-4F1D-93A3-0CB9A3F35207} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{737FD183-DD56-42DD-BAB5-A953C8E3F9DE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7497DBA8-9E6A-4987-9DEB-E539FC832D01} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{79A5DECF-9D21-49D3-991B-1B6E95BCBDA1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7A564958-306E-468E-9694-6A4806CB86C8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7B57B8DD-C1DD-4D8F-BFCD-A8567209AA2A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7BB0F0FA-7E1F-4ED9-BE0F-D2013767FDCA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7C816DA5-9F12-49A4-952D-BD7E7488AE77} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7F7A21E5-61DB-4633-9590-680C523F5D46} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7FAE985D-E6B9-409B-A1D7-EAD877F37C0D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7FD98228-69C7-42DB-8EFC-1DDDE271DDAE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{83459029-0F25-4AD0-84B5-61A454B6CF5C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{83F412E2-1D7C-431E-A0DA-B616A51962D1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{878A29C1-EB9A-43E6-B2E6-B0BEBE134223} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{87BB1333-0337-40AE-9472-C75D508D4A4E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{89DEDA1B-E999-4004-929E-BE949567A812} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{8B966250-E61F-4BDC-9C1E-5207C0EA1088} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{8C25603E-0DFF-47B4-9493-CE5399A13E18} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{8CAB506D-A14A-4025-80E2-63948D6ED04D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{8E3B672A-4B97-4AC1-A99D-51873C167D4E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{93D9BF5A-59B2-49C6-82EE-F2BD299E6E9E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{93F306AF-5ED9-45DD-829A-E4D5E3B3ED10} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{94746698-4720-4160-9A2B-9749FA389C36} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{95B3935C-4EDF-4019-8C79-4F11D6B043C0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{95C17A14-FD44-4DCC-9B58-19A74A9EAC97} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{9621704C-2E93-4FDA-BEC8-FFFFEE187E02} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{9A399D81-2EAD-4F23-BCDD-637FC13DCD51} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{9E7AF68A-D5A7-4EE8-9C11-88E217E18590} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{9FAC96BC-7846-489B-891D-598B08F252DC} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A06C4FEB-A16C-43CD-ADE5-0A91E08AF063} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A09B250D-B748-4785-86CD-6FC4E463A805} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A15AB336-7C62-4E05-B350-5008984D826F} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A1FCB317-2FF4-4B91-940F-002213999E42} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A2567D55-A983-4868-8396-2F19613FA360} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A2950CE7-E3DF-4080-991B-A3A061DB63DD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A33997CE-5D37-4515-BA86-1515DC91E64A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A4F1C5FC-9DD3-4B4E-BAA1-53A55B0C3BD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A727E71F-89ED-4BB5-89F2-8F751484FBBF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{AA4AFF15-728E-41B5-92DC-965B561820E2} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{AAE0DD6E-7D37-40CD-A98A-E7017A7B9497} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{AC3DFD29-EFEF-40ED-B4A4-6F9ED528C276} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{AC3ED15E-236D-4415-A968-9F1B3857F229} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{B275931F-1DA8-4ACA-ACDB-6B41020AB4BE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{B2A3FFE8-A3ED-48B1-B546-69F92F9CF7FA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{B492490C-9C7F-4926-A221-C1FDC9EB141B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{B5D9343E-613D-40A9-8B9C-CAD607F3283E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{B979651F-4F73-49A4-BEC5-3D59F26F82D8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{BBE90BD2-92E7-4CC6-B4D4-6275C94781AF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{BDAEDFF2-737A-4D35-B282-A375C9719CD0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{C18B94B6-D3F3-4F02-AE72-165B0953468E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{C2D44CDE-5D2F-4C1A-9A75-2A436F2A2D99} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{C45F8916-44A9-4630-B7E0-B38EE4E69146} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{C604E51D-11E7-4DEF-8C84-E0E4B6D45BE9} - RegSetKeySecurity Error : 5 Access is denied.


----------



## lavenderchef45 (Jul 24, 2013)

HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{C81F7A04-DAE4-4579-93F7-7BA1694B4305} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{C8F2508F-7757-4D74-8B33-1E7F575FEDB9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{CC11064D-9B2C-490C-8E42-DAD53F862C85} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{CC16714B-BEA0-476A-B3C1-24C7CA7944A6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{CD6E30CA-85CF-4690-95EA-F5104BD64CC8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{D0B72A8D-E5FE-4C0F-A731-ECCBD63E6077} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{D165663B-D7B5-4E41-9472-25710C503C02} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{D1A9B278-F6FA-411B-A6F8-4BBBF54E8484} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{D25AEC4B-3CBE-41AE-A5C6-6FF8E36320FD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{D611F930-8ACB-4D7A-B55F-183C060B0C8A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{D64081B3-F5B4-4206-8B84-FDA322B32349} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{DDB27D4C-06E9-4B72-979B-BF2FAE1BE75B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{DE31B097-94C2-4F93-98D9-E6B3363C6FEA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{DF7E53BD-052F-4BE2-910C-0D8D58AA2E0A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E2280776-A9D7-427B-B302-B8A5F343B1B7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E54DB066-CBA9-493C-B1D3-872360AAE9D3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E6E5EDF7-50B9-472E-97D2-DA32D25C4D5E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E82E8D21-C98D-443D-BC41-B45DEF799706} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E9305E8E-2269-4FEF-9E75-A27CCE9B0A55} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E9818A2F-E34E-4452-A214-43FC7BC9D5B0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E9DBDB07-C25A-40AA-B02D-C5C5D0288EC4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{EF3C1FB9-1BB3-4A49-A99C-C04531C65C54} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{EF569DB8-671D-4FC9-8201-2E4731A8167C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{EF65E06F-C38B-40E7-94B1-38BDF7E4875C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{EFB2AF80-E9E7-4FAB-9311-72539ED9FE59} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F13BE0DE-512F-4C72-8EE4-9173BAB6B324} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F1AA7018-91A0-4710-85A9-65482756DC69} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F4AB8E56-51AE-4364-93CD-FE9273774DD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F5027D71-11B3-4C16-B2D6-64B12E3C394E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F714EB3A-9117-440F-9439-ECCA61F8A9A8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F78B4E18-0676-40B1-A727-87DBF3D86971} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F889EA43-9959-4A62-983F-BE5C4D3702C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{FC2A70BF-2A63-43F5-9291-6FC1D46EC1E4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{FFFA8EDA-16C6-4228-81BC-1F2EF795E468} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Enum - RegSetKeySecurity Error : 5 Access is denied.


----------



## lavenderchef45 (Jul 24, 2013)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\0011\Ndi\Params\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\CriticalDeviceDatabase\* : registry key is skipped (contains wildcard)


----------



## lavenderchef45 (Jul 24, 2013)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{cac88484-7515-4c03-82e6-71a87abac361}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{cac88484-7515-4c03-82e6-71a87abac361}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{cac88484-7515-4c03-82e6-71a87abac361}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{cac88484-7515-4c03-82e6-71a87abac361}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceClasses\{cac88484-7515-4c03-82e6-71a87abac361}\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceOverrides\CIRCLASS#IrDeviceV2\LocationPaths\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceOverrides\RSUSBSTOR#GenDisk\LocationPaths\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\DeviceOverrides\USB#VID_0BDA&PID_0138&REV_3882\LocationPaths\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\WDI\Scenarios\{fd5aa730-b53f-4b39-84e5-cb4303621d74}\Instrumentation\* : registry key is skipped (contains wildcard)


----------



## lavenderchef45 (Jul 24, 2013)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Enum\Root\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Enum\Root\* : registry key is skipped (contains wildcard)

WARNING HKEY_LOCAL_MACHINE\System\CurrentControlset\Enum\Root\* : registry key is skipped (contains wildcard)

HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswMonFlt : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswRdr : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswRvrt : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswSnx : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswSP : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswStm : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\aswVmm : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\avast! Antivirus : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\PFNet - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Instances - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Instances\pwipf6 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{00BB99C2-4DE1-4021-8A5A-DB02E06D6EA5} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{00BB99C2-4DE1-4021-8A5A-DB02E06D6EA5}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{00DAE0C0-FA7F-4EB2-9C2B-06350486C6E7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{00DAE0C0-FA7F-4EB2-9C2B-06350486C6E7}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0102042A-EB27-40B3-B853-3F6AAD680997} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0102042A-EB27-40B3-B853-3F6AAD680997}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{01B071F8-013C-47BA-BD2A-4898FC614768} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{01B071F8-013C-47BA-BD2A-4898FC614768}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{03657A0B-E641-4DBB-B1FA-46947BCE9DD0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{03657A0B-E641-4DBB-B1FA-46947BCE9DD0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0491E058-016A-4B42-912B-60074AB0F3CE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0491E058-016A-4B42-912B-60074AB0F3CE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{05232212-2802-448B-9C00-95ED68D4A36B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{05232212-2802-448B-9C00-95ED68D4A36B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0656FE01-B544-42C6-A71E-E88DFC0FA5C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0656FE01-B544-42C6-A71E-E88DFC0FA5C3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0884FEBE-5199-4F5E-A139-7A8E2356B6B4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0884FEBE-5199-4F5E-A139-7A8E2356B6B4}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0A6AE135-4BDA-4096-9F2F-CADC26ABFAA0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0A6AE135-4BDA-4096-9F2F-CADC26ABFAA0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0B8EF117-59E7-45BA-BBD3-65875556883C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0B8EF117-59E7-45BA-BBD3-65875556883C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0C278710-C451-43A7-B8A5-55DD79417C89} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{0C278710-C451-43A7-B8A5-55DD79417C89}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{12496030-686B-413D-B9CB-5D2538ACB422} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{12496030-686B-413D-B9CB-5D2538ACB422}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{14708749-7A4C-42CB-81E8-6DB51AD2615B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{14708749-7A4C-42CB-81E8-6DB51AD2615B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{15F7DC48-2BA7-4EB1-A95D-E9A999C57C42} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{15F7DC48-2BA7-4EB1-A95D-E9A999C57C42}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{19710E1D-2971-4C51-99F8-E4B3FC757570} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{19710E1D-2971-4C51-99F8-E4B3FC757570}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1A38D7B5-3C9E-4AC8-BBA3-5908BE3F63A3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1A38D7B5-3C9E-4AC8-BBA3-5908BE3F63A3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1A3C04C2-0C3F-4AC2-A4CF-EBDADC98B20A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1A3C04C2-0C3F-4AC2-A4CF-EBDADC98B20A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1C263854-88BF-4E3E-A253-79A5F4772E36} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1C263854-88BF-4E3E-A253-79A5F4772E36}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1D86067B-2695-4432-8D8D-DF106DB88C40} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{1D86067B-2695-4432-8D8D-DF106DB88C40}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{20703FA9-7B00-4B11-A34F-9D1851505D20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{20703FA9-7B00-4B11-A34F-9D1851505D20}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{20ED22BC-37D2-4E55-BB29-B6904EAFD2F5} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{20ED22BC-37D2-4E55-BB29-B6904EAFD2F5}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{223F8F2B-5BD6-42D8-A39A-674FBBDC99D9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{223F8F2B-5BD6-42D8-A39A-674FBBDC99D9}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{22FF1F10-2F60-44C6-84A5-D039F4B652A0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{22FF1F10-2F60-44C6-84A5-D039F4B652A0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2627A471-6748-431E-9E4B-A1AB7CD80D69} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2627A471-6748-431E-9E4B-A1AB7CD80D69}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{26A48BAF-86F5-48CF-89A3-BBA28835E6FE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{26A48BAF-86F5-48CF-89A3-BBA28835E6FE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2D368B49-C8D2-4364-A5FF-F08329493F03} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2D368B49-C8D2-4364-A5FF-F08329493F03}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2DE2570B-E3EC-4710-8106-0A862FF3A321} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2DE2570B-E3EC-4710-8106-0A862FF3A321}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2DF13FD2-F5C3-4F34-9DEE-AFC29CF85669} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2DF13FD2-F5C3-4F34-9DEE-AFC29CF85669}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2ECE6F57-6027-4620-A153-913D6F8E27CD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{2ECE6F57-6027-4620-A153-913D6F8E27CD}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{316721EC-BFAE-4EDA-930F-8BFC672F6A21} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{316721EC-BFAE-4EDA-930F-8BFC672F6A21}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{330FF765-798F-49FF-B63B-D89031A1E0C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{330FF765-798F-49FF-B63B-D89031A1E0C3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{35EFAB13-D191-4D59-84E9-974D026662A8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{35EFAB13-D191-4D59-84E9-974D026662A8}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{37740F1C-F189-4C4A-9EA0-A816038C7188} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{37740F1C-F189-4C4A-9EA0-A816038C7188}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{37EE4C9B-DE2F-4BE3-8934-BFEB91DF2DD7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{37EE4C9B-DE2F-4BE3-8934-BFEB91DF2DD7}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{3EF79FF2-8AA2-4489-BC7B-BAF6931324C2} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{3EF79FF2-8AA2-4489-BC7B-BAF6931324C2}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{3FF26964-488F-4432-B1FC-D7E1278C7484} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{3FF26964-488F-4432-B1FC-D7E1278C7484}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{407F0095-8F13-48E5-8741-663FEFC72C7D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{407F0095-8F13-48E5-8741-663FEFC72C7D}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{412140A1-6784-4FE4-BD6E-BF15EA05DF39} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{412140A1-6784-4FE4-BD6E-BF15EA05DF39}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{41C31C55-7A5D-4714-9F18-B8EF1BFE9A20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{41C31C55-7A5D-4714-9F18-B8EF1BFE9A20}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{43DC3CC9-EA7C-4F9B-9B79-E1CC0FF5469C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{43DC3CC9-EA7C-4F9B-9B79-E1CC0FF5469C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{457E21DA-537A-4D69-8622-2062FFA5EC91} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{457E21DA-537A-4D69-8622-2062FFA5EC91}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{4EBF92E9-B36A-4F8B-8905-28FD81A02205} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{4EBF92E9-B36A-4F8B-8905-28FD81A02205}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{4FF5CA03-2F2C-4A5B-92DA-94F5BF5C439C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{4FF5CA03-2F2C-4A5B-92DA-94F5BF5C439C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{50A5FD00-6EA2-4359-BC16-1F83A104AE01} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{50A5FD00-6EA2-4359-BC16-1F83A104AE01}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{543C5A73-556F-4944-BC93-8FD12FE3F7D1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{543C5A73-556F-4944-BC93-8FD12FE3F7D1}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{58C8566A-73E8-4387-8716-6D85820CD149} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{58C8566A-73E8-4387-8716-6D85820CD149}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{596955D7-55D3-4D81-BC39-B40AF77B54F8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{596955D7-55D3-4D81-BC39-B40AF77B54F8}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{5D08D61E-6FDF-4E64-A318-FC14C6C3D6FE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{5D08D61E-6FDF-4E64-A318-FC14C6C3D6FE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{5DF98E70-6233-45FA-85F7-7CA6748070A0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{5DF98E70-6233-45FA-85F7-7CA6748070A0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{5E7B9612-773D-4214-852B-A801CC1DDB0E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{5E7B9612-773D-4214-852B-A801CC1DDB0E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{60D13A25-17B4-4F7B-84BC-5739AC590B5F} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{60D13A25-17B4-4F7B-84BC-5739AC590B5F}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{64FD4FB6-367F-4AA2-B3D1-66F270FDD4A6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{64FD4FB6-367F-4AA2-B3D1-66F270FDD4A6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{65F00C5B-DB29-41C4-8B3F-7D010182457E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{65F00C5B-DB29-41C4-8B3F-7D010182457E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6609B9EF-EA03-41D4-963C-9A0AB8AD6CFB} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6609B9EF-EA03-41D4-963C-9A0AB8AD6CFB}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6660B455-8673-49EB-A732-A11DE82BEFD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6660B455-8673-49EB-A732-A11DE82BEFD6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{677E8195-8970-4B88-AD34-4F763D30D296} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{677E8195-8970-4B88-AD34-4F763D30D296}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{68465E2A-DA0A-4277-878C-B316B9824575} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{68465E2A-DA0A-4277-878C-B316B9824575}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6A9C3A8E-4F5E-4016-B7BE-A31829BA3A4B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6A9C3A8E-4F5E-4016-B7BE-A31829BA3A4B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6D4D596F-AEE4-4DC5-A578-ED14AD0C8C51} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6D4D596F-AEE4-4DC5-A578-ED14AD0C8C51}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6D9855E6-79CB-4E58-9693-D68DE991B28D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{6D9855E6-79CB-4E58-9693-D68DE991B28D}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{708678AE-A0D0-4AF6-BA84-D7F8B956C2EF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{708678AE-A0D0-4AF6-BA84-D7F8B956C2EF}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7270C4EF-F580-4DED-ABB5-00F0239CED61} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7270C4EF-F580-4DED-ABB5-00F0239CED61}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{72A2A9D3-45AA-4F1D-93A3-0CB9A3F35207} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{72A2A9D3-45AA-4F1D-93A3-0CB9A3F35207}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{737FD183-DD56-42DD-BAB5-A953C8E3F9DE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{737FD183-DD56-42DD-BAB5-A953C8E3F9DE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7497DBA8-9E6A-4987-9DEB-E539FC832D01} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7497DBA8-9E6A-4987-9DEB-E539FC832D01}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7A564958-306E-468E-9694-6A4806CB86C8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7A564958-306E-468E-9694-6A4806CB86C8}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7B57B8DD-C1DD-4D8F-BFCD-A8567209AA2A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7B57B8DD-C1DD-4D8F-BFCD-A8567209AA2A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7BB0F0FA-7E1F-4ED9-BE0F-D2013767FDCA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7BB0F0FA-7E1F-4ED9-BE0F-D2013767FDCA}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7C816DA5-9F12-49A4-952D-BD7E7488AE77} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7C816DA5-9F12-49A4-952D-BD7E7488AE77}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7F7A21E5-61DB-4633-9590-680C523F5D46} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7F7A21E5-61DB-4633-9590-680C523F5D46}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7FAE985D-E6B9-409B-A1D7-EAD877F37C0D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7FAE985D-E6B9-409B-A1D7-EAD877F37C0D}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7FD98228-69C7-42DB-8EFC-1DDDE271DDAE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{7FD98228-69C7-42DB-8EFC-1DDDE271DDAE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{83459029-0F25-4AD0-84B5-61A454B6CF5C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{83459029-0F25-4AD0-84B5-61A454B6CF5C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{83F412E2-1D7C-431E-A0DA-B616A51962D1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{83F412E2-1D7C-431E-A0DA-B616A51962D1}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{878A29C1-EB9A-43E6-B2E6-B0BEBE134223} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{878A29C1-EB9A-43E6-B2E6-B0BEBE134223}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{87BB1333-0337-40AE-9472-C75D508D4A4E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{87BB1333-0337-40AE-9472-C75D508D4A4E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{89DEDA1B-E999-4004-929E-BE949567A812} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{89DEDA1B-E999-4004-929E-BE949567A812}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8B966250-E61F-4BDC-9C1E-5207C0EA1088} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8B966250-E61F-4BDC-9C1E-5207C0EA1088}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8C25603E-0DFF-47B4-9493-CE5399A13E18} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8C25603E-0DFF-47B4-9493-CE5399A13E18}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8CAB506D-A14A-4025-80E2-63948D6ED04D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8CAB506D-A14A-4025-80E2-63948D6ED04D}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8E3B672A-4B97-4AC1-A99D-51873C167D4E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{8E3B672A-4B97-4AC1-A99D-51873C167D4E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{93D9BF5A-59B2-49C6-82EE-F2BD299E6E9E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{93D9BF5A-59B2-49C6-82EE-F2BD299E6E9E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{94746698-4720-4160-9A2B-9749FA389C36} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{94746698-4720-4160-9A2B-9749FA389C36}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{95B3935C-4EDF-4019-8C79-4F11D6B043C0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{95B3935C-4EDF-4019-8C79-4F11D6B043C0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{95C17A14-FD44-4DCC-9B58-19A74A9EAC97} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{95C17A14-FD44-4DCC-9B58-19A74A9EAC97}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{9621704C-2E93-4FDA-BEC8-FFFFEE187E02} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{9621704C-2E93-4FDA-BEC8-FFFFEE187E02}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{9E7AF68A-D5A7-4EE8-9C11-88E217E18590} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{9E7AF68A-D5A7-4EE8-9C11-88E217E18590}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A06C4FEB-A16C-43CD-ADE5-0A91E08AF063} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A06C4FEB-A16C-43CD-ADE5-0A91E08AF063}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A09B250D-B748-4785-86CD-6FC4E463A805} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A09B250D-B748-4785-86CD-6FC4E463A805}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A15AB336-7C62-4E05-B350-5008984D826F} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A15AB336-7C62-4E05-B350-5008984D826F}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A1FCB317-2FF4-4B91-940F-002213999E42} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A1FCB317-2FF4-4B91-940F-002213999E42}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A2567D55-A983-4868-8396-2F19613FA360} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A2567D55-A983-4868-8396-2F19613FA360}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A2950CE7-E3DF-4080-991B-A3A061DB63DD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A2950CE7-E3DF-4080-991B-A3A061DB63DD}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A33997CE-5D37-4515-BA86-1515DC91E64A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A33997CE-5D37-4515-BA86-1515DC91E64A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A4F1C5FC-9DD3-4B4E-BAA1-53A55B0C3BD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{A4F1C5FC-9DD3-4B4E-BAA1-53A55B0C3BD6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{AA4AFF15-728E-41B5-92DC-965B561820E2} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{AA4AFF15-728E-41B5-92DC-965B561820E2}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{AAE0DD6E-7D37-40CD-A98A-E7017A7B9497} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{AAE0DD6E-7D37-40CD-A98A-E7017A7B9497}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{AC3DFD29-EFEF-40ED-B4A4-6F9ED528C276} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{AC3DFD29-EFEF-40ED-B4A4-6F9ED528C276}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{B2A3FFE8-A3ED-48B1-B546-69F92F9CF7FA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{B2A3FFE8-A3ED-48B1-B546-69F92F9CF7FA}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{B492490C-9C7F-4926-A221-C1FDC9EB141B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{B492490C-9C7F-4926-A221-C1FDC9EB141B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{B5D9343E-613D-40A9-8B9C-CAD607F3283E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{B5D9343E-613D-40A9-8B9C-CAD607F3283E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{BBE90BD2-92E7-4CC6-B4D4-6275C94781AF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{BBE90BD2-92E7-4CC6-B4D4-6275C94781AF}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C18B94B6-D3F3-4F02-AE72-165B0953468E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C18B94B6-D3F3-4F02-AE72-165B0953468E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C2D44CDE-5D2F-4C1A-9A75-2A436F2A2D99} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C2D44CDE-5D2F-4C1A-9A75-2A436F2A2D99}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C45F8916-44A9-4630-B7E0-B38EE4E69146} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C45F8916-44A9-4630-B7E0-B38EE4E69146}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C604E51D-11E7-4DEF-8C84-E0E4B6D45BE9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C604E51D-11E7-4DEF-8C84-E0E4B6D45BE9}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C81F7A04-DAE4-4579-93F7-7BA1694B4305} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C81F7A04-DAE4-4579-93F7-7BA1694B4305}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C8F2508F-7757-4D74-8B33-1E7F575FEDB9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{C8F2508F-7757-4D74-8B33-1E7F575FEDB9}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{CC16714B-BEA0-476A-B3C1-24C7CA7944A6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{CC16714B-BEA0-476A-B3C1-24C7CA7944A6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D0B72A8D-E5FE-4C0F-A731-ECCBD63E6077} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D0B72A8D-E5FE-4C0F-A731-ECCBD63E6077}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D165663B-D7B5-4E41-9472-25710C503C02} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D165663B-D7B5-4E41-9472-25710C503C02}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D1A9B278-F6FA-411B-A6F8-4BBBF54E8484} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D1A9B278-F6FA-411B-A6F8-4BBBF54E8484}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D25AEC4B-3CBE-41AE-A5C6-6FF8E36320FD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D25AEC4B-3CBE-41AE-A5C6-6FF8E36320FD}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D611F930-8ACB-4D7A-B55F-183C060B0C8A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D611F930-8ACB-4D7A-B55F-183C060B0C8A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D64081B3-F5B4-4206-8B84-FDA322B32349} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{D64081B3-F5B4-4206-8B84-FDA322B32349}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{DDB27D4C-06E9-4B72-979B-BF2FAE1BE75B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{DDB27D4C-06E9-4B72-979B-BF2FAE1BE75B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{DE31B097-94C2-4F93-98D9-E6B3363C6FEA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{DE31B097-94C2-4F93-98D9-E6B3363C6FEA}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{DF7E53BD-052F-4BE2-910C-0D8D58AA2E0A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{DF7E53BD-052F-4BE2-910C-0D8D58AA2E0A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E2280776-A9D7-427B-B302-B8A5F343B1B7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E2280776-A9D7-427B-B302-B8A5F343B1B7}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E54DB066-CBA9-493C-B1D3-872360AAE9D3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E54DB066-CBA9-493C-B1D3-872360AAE9D3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E6E5EDF7-50B9-472E-97D2-DA32D25C4D5E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E6E5EDF7-50B9-472E-97D2-DA32D25C4D5E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E9305E8E-2269-4FEF-9E75-A27CCE9B0A55} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E9305E8E-2269-4FEF-9E75-A27CCE9B0A55}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E9818A2F-E34E-4452-A214-43FC7BC9D5B0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{E9818A2F-E34E-4452-A214-43FC7BC9D5B0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EF3C1FB9-1BB3-4A49-A99C-C04531C65C54} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EF3C1FB9-1BB3-4A49-A99C-C04531C65C54}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EF569DB8-671D-4FC9-8201-2E4731A8167C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EF569DB8-671D-4FC9-8201-2E4731A8167C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EF65E06F-C38B-40E7-94B1-38BDF7E4875C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EF65E06F-C38B-40E7-94B1-38BDF7E4875C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EFB2AF80-E9E7-4FAB-9311-72539ED9FE59} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{EFB2AF80-E9E7-4FAB-9311-72539ED9FE59}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F13BE0DE-512F-4C72-8EE4-9173BAB6B324} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F13BE0DE-512F-4C72-8EE4-9173BAB6B324}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F1AA7018-91A0-4710-85A9-65482756DC69} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F1AA7018-91A0-4710-85A9-65482756DC69}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F4AB8E56-51AE-4364-93CD-FE9273774DD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F4AB8E56-51AE-4364-93CD-FE9273774DD6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F714EB3A-9117-440F-9439-ECCA61F8A9A8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F714EB3A-9117-440F-9439-ECCA61F8A9A8}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F78B4E18-0676-40B1-A727-87DBF3D86971} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F78B4E18-0676-40B1-A727-87DBF3D86971}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F889EA43-9959-4A62-983F-BE5C4D3702C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{F889EA43-9959-4A62-983F-BE5C4D3702C3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{FC2A70BF-2A63-43F5-9291-6FC1D46EC1E4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{FC2A70BF-2A63-43F5-9291-6FC1D46EC1E4}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{FFFA8EDA-16C6-4228-81BC-1F2EF795E468} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\Adapters\{FFFA8EDA-16C6-4228-81BC-1F2EF795E468}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


----------



## lavenderchef45 (Jul 24, 2013)

KEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{00BB99C2-4DE1-4021-8A5A-DB02E06D6EA5} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{00DAE0C0-FA7F-4EB2-9C2B-06350486C6E7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0102042A-EB27-40B3-B853-3F6AAD680997} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{01B071F8-013C-47BA-BD2A-4898FC614768} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{03657A0B-E641-4DBB-B1FA-46947BCE9DD0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0491E058-016A-4B42-912B-60074AB0F3CE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{05232212-2802-448B-9C00-95ED68D4A36B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0656FE01-B544-42C6-A71E-E88DFC0FA5C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0884FEBE-5199-4F5E-A139-7A8E2356B6B4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0A6AE135-4BDA-4096-9F2F-CADC26ABFAA0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0B7AB491-B316-4687-9CEC-11EB7360EEC7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0B8EF117-59E7-45BA-BBD3-65875556883C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{0C278710-C451-43A7-B8A5-55DD79417C89} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{122FC130-E4C4-4019-A32D-5E20201762A7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{12496030-686B-413D-B9CB-5D2538ACB422} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{14708749-7A4C-42CB-81E8-6DB51AD2615B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{15F7DC48-2BA7-4EB1-A95D-E9A999C57C42} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{166ACA65-2305-4C31-9AE7-BA52F46B70E9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{193AE675-3C91-4ACE-AFF8-FF090703AE09} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{19710E1D-2971-4C51-99F8-E4B3FC757570} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{1A38D7B5-3C9E-4AC8-BBA3-5908BE3F63A3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{1A3C04C2-0C3F-4AC2-A4CF-EBDADC98B20A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{1C263854-88BF-4E3E-A253-79A5F4772E36} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{1D86067B-2695-4432-8D8D-DF106DB88C40} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{20703FA9-7B00-4B11-A34F-9D1851505D20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{20ED22BC-37D2-4E55-BB29-B6904EAFD2F5} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{223F8F2B-5BD6-42D8-A39A-674FBBDC99D9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{22FF1F10-2F60-44C6-84A5-D039F4B652A0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{2627A471-6748-431E-9E4B-A1AB7CD80D69} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{26A48BAF-86F5-48CF-89A3-BBA28835E6FE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{2CAA64ED-BAA3-4473-B637-DEC65A14C8AA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{2D368B49-C8D2-4364-A5FF-F08329493F03} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{2DE2570B-E3EC-4710-8106-0A862FF3A321} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{2DF13FD2-F5C3-4F34-9DEE-AFC29CF85669} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{2ECE6F57-6027-4620-A153-913D6F8E27CD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{316721EC-BFAE-4EDA-930F-8BFC672F6A21} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{330FF765-798F-49FF-B63B-D89031A1E0C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{35141C14-6A63-4BE1-B19B-F2CF029F9664} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{35EFAB13-D191-4D59-84E9-974D026662A8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{37740F1C-F189-4C4A-9EA0-A816038C7188} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{37EE4C9B-DE2F-4BE3-8934-BFEB91DF2DD7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{3E36C79D-6F36-4103-AE18-6DB27AA47B20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{3EF79FF2-8AA2-4489-BC7B-BAF6931324C2} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{3F2D4926-9457-4FB2-8668-A29BDBCB3F5D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{3FF26964-488F-4432-B1FC-D7E1278C7484} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{407F0095-8F13-48E5-8741-663FEFC72C7D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{412140A1-6784-4FE4-BD6E-BF15EA05DF39} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{41C31C55-7A5D-4714-9F18-B8EF1BFE9A20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{43DC3CC9-EA7C-4F9B-9B79-E1CC0FF5469C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{457E21DA-537A-4D69-8622-2062FFA5EC91} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{4EBF92E9-B36A-4F8B-8905-28FD81A02205} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{4FF5CA03-2F2C-4A5B-92DA-94F5BF5C439C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{50A5FD00-6EA2-4359-BC16-1F83A104AE01} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{543C5A73-556F-4944-BC93-8FD12FE3F7D1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{58C8566A-73E8-4387-8716-6D85820CD149} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{596955D7-55D3-4D81-BC39-B40AF77B54F8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{5A4DE87F-FA08-4475-BB67-FC7397CEA7C7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{5BF54C7E-91DA-457D-80BF-333677D7E316} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{5D08D61E-6FDF-4E64-A318-FC14C6C3D6FE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{5DF98E70-6233-45FA-85F7-7CA6748070A0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{5E7B9612-773D-4214-852B-A801CC1DDB0E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{60D13A25-17B4-4F7B-84BC-5739AC590B5F} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{64FD4FB6-367F-4AA2-B3D1-66F270FDD4A6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{65F00C5B-DB29-41C4-8B3F-7D010182457E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{6609B9EF-EA03-41D4-963C-9A0AB8AD6CFB} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{6660B455-8673-49EB-A732-A11DE82BEFD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{677E8195-8970-4B88-AD34-4F763D30D296} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{68465E2A-DA0A-4277-878C-B316B9824575} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{6A9C3A8E-4F5E-4016-B7BE-A31829BA3A4B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{6AD5CD60-6AAC-49D2-8100-C4A40146738B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{6D4D596F-AEE4-4DC5-A578-ED14AD0C8C51} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{6D9855E6-79CB-4E58-9693-D68DE991B28D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{708678AE-A0D0-4AF6-BA84-D7F8B956C2EF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7270C4EF-F580-4DED-ABB5-00F0239CED61} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{72A2A9D3-45AA-4F1D-93A3-0CB9A3F35207} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{737FD183-DD56-42DD-BAB5-A953C8E3F9DE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7497DBA8-9E6A-4987-9DEB-E539FC832D01} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{79A5DECF-9D21-49D3-991B-1B6E95BCBDA1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7A564958-306E-468E-9694-6A4806CB86C8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7B57B8DD-C1DD-4D8F-BFCD-A8567209AA2A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7BB0F0FA-7E1F-4ED9-BE0F-D2013767FDCA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7C816DA5-9F12-49A4-952D-BD7E7488AE77} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7F7A21E5-61DB-4633-9590-680C523F5D46} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7FAE985D-E6B9-409B-A1D7-EAD877F37C0D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{7FD98228-69C7-42DB-8EFC-1DDDE271DDAE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{83459029-0F25-4AD0-84B5-61A454B6CF5C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{83F412E2-1D7C-431E-A0DA-B616A51962D1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{878A29C1-EB9A-43E6-B2E6-B0BEBE134223} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{87BB1333-0337-40AE-9472-C75D508D4A4E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{89DEDA1B-E999-4004-929E-BE949567A812} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{8B966250-E61F-4BDC-9C1E-5207C0EA1088} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{8C25603E-0DFF-47B4-9493-CE5399A13E18} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{8CAB506D-A14A-4025-80E2-63948D6ED04D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{8E3B672A-4B97-4AC1-A99D-51873C167D4E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{93D9BF5A-59B2-49C6-82EE-F2BD299E6E9E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{93F306AF-5ED9-45DD-829A-E4D5E3B3ED10} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{94746698-4720-4160-9A2B-9749FA389C36} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{95B3935C-4EDF-4019-8C79-4F11D6B043C0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{95C17A14-FD44-4DCC-9B58-19A74A9EAC97} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{9621704C-2E93-4FDA-BEC8-FFFFEE187E02} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{9A399D81-2EAD-4F23-BCDD-637FC13DCD51} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{9E7AF68A-D5A7-4EE8-9C11-88E217E18590} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{9FAC96BC-7846-489B-891D-598B08F252DC} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A06C4FEB-A16C-43CD-ADE5-0A91E08AF063} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A09B250D-B748-4785-86CD-6FC4E463A805} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A15AB336-7C62-4E05-B350-5008984D826F} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A1FCB317-2FF4-4B91-940F-002213999E42} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A2567D55-A983-4868-8396-2F19613FA360} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A2950CE7-E3DF-4080-991B-A3A061DB63DD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A33997CE-5D37-4515-BA86-1515DC91E64A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A4F1C5FC-9DD3-4B4E-BAA1-53A55B0C3BD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{A727E71F-89ED-4BB5-89F2-8F751484FBBF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{AA4AFF15-728E-41B5-92DC-965B561820E2} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{AAE0DD6E-7D37-40CD-A98A-E7017A7B9497} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{AC3DFD29-EFEF-40ED-B4A4-6F9ED528C276} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{AC3ED15E-236D-4415-A968-9F1B3857F229} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{B275931F-1DA8-4ACA-ACDB-6B41020AB4BE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{B2A3FFE8-A3ED-48B1-B546-69F92F9CF7FA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{B492490C-9C7F-4926-A221-C1FDC9EB141B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{B5D9343E-613D-40A9-8B9C-CAD607F3283E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{B979651F-4F73-49A4-BEC5-3D59F26F82D8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{BBE90BD2-92E7-4CC6-B4D4-6275C94781AF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{BDAEDFF2-737A-4D35-B282-A375C9719CD0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{C18B94B6-D3F3-4F02-AE72-165B0953468E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{C2D44CDE-5D2F-4C1A-9A75-2A436F2A2D99} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{C45F8916-44A9-4630-B7E0-B38EE4E69146} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{C604E51D-11E7-4DEF-8C84-E0E4B6D45BE9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{C81F7A04-DAE4-4579-93F7-7BA1694B4305} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{C8F2508F-7757-4D74-8B33-1E7F575FEDB9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{CC11064D-9B2C-490C-8E42-DAD53F862C85} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{CC16714B-BEA0-476A-B3C1-24C7CA7944A6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{CD6E30CA-85CF-4690-95EA-F5104BD64CC8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{D0B72A8D-E5FE-4C0F-A731-ECCBD63E6077} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{D165663B-D7B5-4E41-9472-25710C503C02} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{D1A9B278-F6FA-411B-A6F8-4BBBF54E8484} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{D25AEC4B-3CBE-41AE-A5C6-6FF8E36320FD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{D611F930-8ACB-4D7A-B55F-183C060B0C8A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{D64081B3-F5B4-4206-8B84-FDA322B32349} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{DDB27D4C-06E9-4B72-979B-BF2FAE1BE75B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{DE31B097-94C2-4F93-98D9-E6B3363C6FEA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{DF7E53BD-052F-4BE2-910C-0D8D58AA2E0A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E2280776-A9D7-427B-B302-B8A5F343B1B7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E54DB066-CBA9-493C-B1D3-872360AAE9D3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E6E5EDF7-50B9-472E-97D2-DA32D25C4D5E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E82E8D21-C98D-443D-BC41-B45DEF799706} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E9305E8E-2269-4FEF-9E75-A27CCE9B0A55} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E9818A2F-E34E-4452-A214-43FC7BC9D5B0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{E9DBDB07-C25A-40AA-B02D-C5C5D0288EC4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{EF3C1FB9-1BB3-4A49-A99C-C04531C65C54} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{EF569DB8-671D-4FC9-8201-2E4731A8167C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{EF65E06F-C38B-40E7-94B1-38BDF7E4875C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{EFB2AF80-E9E7-4FAB-9311-72539ED9FE59} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F13BE0DE-512F-4C72-8EE4-9173BAB6B324} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F1AA7018-91A0-4710-85A9-65482756DC69} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F4AB8E56-51AE-4364-93CD-FE9273774DD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F5027D71-11B3-4C16-B2D6-64B12E3C394E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F714EB3A-9117-440F-9439-ECCA61F8A9A8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F78B4E18-0676-40B1-A727-87DBF3D86971} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{F889EA43-9959-4A62-983F-BE5C4D3702C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{FC2A70BF-2A63-43F5-9291-6FC1D46EC1E4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Parameters\NdisAdapters\{FFFA8EDA-16C6-4228-81BC-1F2EF795E468} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\services\pwipf6\Enum - RegSetKeySecurity Error : 5 Access is denied.


----------



## lavenderchef45 (Jul 24, 2013)

HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\aswMonFlt : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\aswRdr : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\aswRvrt : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\aswSnx : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\aswSP : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\aswStm : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\aswVmm : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\avast! Antivirus : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\PFNet - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Instances - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Instances\pwipf6 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{00BB99C2-4DE1-4021-8A5A-DB02E06D6EA5} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{00BB99C2-4DE1-4021-8A5A-DB02E06D6EA5}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{00DAE0C0-FA7F-4EB2-9C2B-06350486C6E7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{00DAE0C0-FA7F-4EB2-9C2B-06350486C6E7}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0102042A-EB27-40B3-B853-3F6AAD680997} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0102042A-EB27-40B3-B853-3F6AAD680997}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{01B071F8-013C-47BA-BD2A-4898FC614768} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{01B071F8-013C-47BA-BD2A-4898FC614768}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{03657A0B-E641-4DBB-B1FA-46947BCE9DD0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{03657A0B-E641-4DBB-B1FA-46947BCE9DD0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0491E058-016A-4B42-912B-60074AB0F3CE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0491E058-016A-4B42-912B-60074AB0F3CE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{05232212-2802-448B-9C00-95ED68D4A36B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{05232212-2802-448B-9C00-95ED68D4A36B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0656FE01-B544-42C6-A71E-E88DFC0FA5C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0656FE01-B544-42C6-A71E-E88DFC0FA5C3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0884FEBE-5199-4F5E-A139-7A8E2356B6B4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0884FEBE-5199-4F5E-A139-7A8E2356B6B4}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0A6AE135-4BDA-4096-9F2F-CADC26ABFAA0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0A6AE135-4BDA-4096-9F2F-CADC26ABFAA0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0B8EF117-59E7-45BA-BBD3-65875556883C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0B8EF117-59E7-45BA-BBD3-65875556883C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0C278710-C451-43A7-B8A5-55DD79417C89} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{0C278710-C451-43A7-B8A5-55DD79417C89}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{12496030-686B-413D-B9CB-5D2538ACB422} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{12496030-686B-413D-B9CB-5D2538ACB422}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{14708749-7A4C-42CB-81E8-6DB51AD2615B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{14708749-7A4C-42CB-81E8-6DB51AD2615B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{15F7DC48-2BA7-4EB1-A95D-E9A999C57C42} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{15F7DC48-2BA7-4EB1-A95D-E9A999C57C42}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{19710E1D-2971-4C51-99F8-E4B3FC757570} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{19710E1D-2971-4C51-99F8-E4B3FC757570}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{1A38D7B5-3C9E-4AC8-BBA3-5908BE3F63A3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{1A38D7B5-3C9E-4AC8-BBA3-5908BE3F63A3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{1A3C04C2-0C3F-4AC2-A4CF-EBDADC98B20A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{1A3C04C2-0C3F-4AC2-A4CF-EBDADC98B20A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{1C263854-88BF-4E3E-A253-79A5F4772E36} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{1C263854-88BF-4E3E-A253-79A5F4772E36}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{1D86067B-2695-4432-8D8D-DF106DB88C40} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{1D86067B-2695-4432-8D8D-DF106DB88C40}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{20703FA9-7B00-4B11-A34F-9D1851505D20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{20703FA9-7B00-4B11-A34F-9D1851505D20}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{20ED22BC-37D2-4E55-BB29-B6904EAFD2F5} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{20ED22BC-37D2-4E55-BB29-B6904EAFD2F5}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{223F8F2B-5BD6-42D8-A39A-674FBBDC99D9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{223F8F2B-5BD6-42D8-A39A-674FBBDC99D9}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{22FF1F10-2F60-44C6-84A5-D039F4B652A0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{22FF1F10-2F60-44C6-84A5-D039F4B652A0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{2627A471-6748-431E-9E4B-A1AB7CD80D69} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{2627A471-6748-431E-9E4B-A1AB7CD80D69}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{26A48BAF-86F5-48CF-89A3-BBA28835E6FE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{26A48BAF-86F5-48CF-89A3-BBA28835E6FE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{2D368B49-C8D2-4364-A5FF-F08329493F03} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{2D368B49-C8D2-4364-A5FF-F08329493F03}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{2DE2570B-E3EC-4710-8106-0A862FF3A321} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{2DE2570B-E3EC-4710-8106-0A862FF3A321}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{2DF13FD2-F5C3-4F34-9DEE-AFC29CF85669} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{2DF13FD2-F5C3-4F34-9DEE-AFC29CF85669}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{2ECE6F57-6027-4620-A153-913D6F8E27CD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{2ECE6F57-6027-4620-A153-913D6F8E27CD}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{316721EC-BFAE-4EDA-930F-8BFC672F6A21} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{316721EC-BFAE-4EDA-930F-8BFC672F6A21}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{330FF765-798F-49FF-B63B-D89031A1E0C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{330FF765-798F-49FF-B63B-D89031A1E0C3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{35EFAB13-D191-4D59-84E9-974D026662A8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{35EFAB13-D191-4D59-84E9-974D026662A8}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{37740F1C-F189-4C4A-9EA0-A816038C7188} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{37740F1C-F189-4C4A-9EA0-A816038C7188}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{37EE4C9B-DE2F-4BE3-8934-BFEB91DF2DD7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{37EE4C9B-DE2F-4BE3-8934-BFEB91DF2DD7}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{3EF79FF2-8AA2-4489-BC7B-BAF6931324C2} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{3EF79FF2-8AA2-4489-BC7B-BAF6931324C2}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{3FF26964-488F-4432-B1FC-D7E1278C7484} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{3FF26964-488F-4432-B1FC-D7E1278C7484}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{407F0095-8F13-48E5-8741-663FEFC72C7D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{407F0095-8F13-48E5-8741-663FEFC72C7D}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{412140A1-6784-4FE4-BD6E-BF15EA05DF39} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{412140A1-6784-4FE4-BD6E-BF15EA05DF39}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{41C31C55-7A5D-4714-9F18-B8EF1BFE9A20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{41C31C55-7A5D-4714-9F18-B8EF1BFE9A20}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{43DC3CC9-EA7C-4F9B-9B79-E1CC0FF5469C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{43DC3CC9-EA7C-4F9B-9B79-E1CC0FF5469C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{457E21DA-537A-4D69-8622-2062FFA5EC91} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{457E21DA-537A-4D69-8622-2062FFA5EC91}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{4EBF92E9-B36A-4F8B-8905-28FD81A02205} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{4EBF92E9-B36A-4F8B-8905-28FD81A02205}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{4FF5CA03-2F2C-4A5B-92DA-94F5BF5C439C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{4FF5CA03-2F2C-4A5B-92DA-94F5BF5C439C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{50A5FD00-6EA2-4359-BC16-1F83A104AE01} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{50A5FD00-6EA2-4359-BC16-1F83A104AE01}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{543C5A73-556F-4944-BC93-8FD12FE3F7D1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{543C5A73-556F-4944-BC93-8FD12FE3F7D1}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{58C8566A-73E8-4387-8716-6D85820CD149} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{58C8566A-73E8-4387-8716-6D85820CD149}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{596955D7-55D3-4D81-BC39-B40AF77B54F8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{596955D7-55D3-4D81-BC39-B40AF77B54F8}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{5D08D61E-6FDF-4E64-A318-FC14C6C3D6FE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{5D08D61E-6FDF-4E64-A318-FC14C6C3D6FE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{5DF98E70-6233-45FA-85F7-7CA6748070A0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{5DF98E70-6233-45FA-85F7-7CA6748070A0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{5E7B9612-773D-4214-852B-A801CC1DDB0E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{5E7B9612-773D-4214-852B-A801CC1DDB0E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{60D13A25-17B4-4F7B-84BC-5739AC590B5F} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{60D13A25-17B4-4F7B-84BC-5739AC590B5F}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{64FD4FB6-367F-4AA2-B3D1-66F270FDD4A6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{64FD4FB6-367F-4AA2-B3D1-66F270FDD4A6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{65F00C5B-DB29-41C4-8B3F-7D010182457E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{65F00C5B-DB29-41C4-8B3F-7D010182457E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{6609B9EF-EA03-41D4-963C-9A0AB8AD6CFB} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{6609B9EF-EA03-41D4-963C-9A0AB8AD6CFB}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{6660B455-8673-49EB-A732-A11DE82BEFD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{6660B455-8673-49EB-A732-A11DE82BEFD6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{677E8195-8970-4B88-AD34-4F763D30D296} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{677E8195-8970-4B88-AD34-4F763D30D296}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{68465E2A-DA0A-4277-878C-B316B9824575} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{68465E2A-DA0A-4277-878C-B316B9824575}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{6A9C3A8E-4F5E-4016-B7BE-A31829BA3A4B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{6A9C3A8E-4F5E-4016-B7BE-A31829BA3A4B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{6D4D596F-AEE4-4DC5-A578-ED14AD0C8C51} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{6D4D596F-AEE4-4DC5-A578-ED14AD0C8C51}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{6D9855E6-79CB-4E58-9693-D68DE991B28D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{6D9855E6-79CB-4E58-9693-D68DE991B28D}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{708678AE-A0D0-4AF6-BA84-D7F8B956C2EF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{708678AE-A0D0-4AF6-BA84-D7F8B956C2EF}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7270C4EF-F580-4DED-ABB5-00F0239CED61} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7270C4EF-F580-4DED-ABB5-00F0239CED61}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{72A2A9D3-45AA-4F1D-93A3-0CB9A3F35207} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{72A2A9D3-45AA-4F1D-93A3-0CB9A3F35207}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{737FD183-DD56-42DD-BAB5-A953C8E3F9DE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{737FD183-DD56-42DD-BAB5-A953C8E3F9DE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7497DBA8-9E6A-4987-9DEB-E539FC832D01} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7497DBA8-9E6A-4987-9DEB-E539FC832D01}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7A564958-306E-468E-9694-6A4806CB86C8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7A564958-306E-468E-9694-6A4806CB86C8}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7B57B8DD-C1DD-4D8F-BFCD-A8567209AA2A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7B57B8DD-C1DD-4D8F-BFCD-A8567209AA2A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7BB0F0FA-7E1F-4ED9-BE0F-D2013767FDCA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7BB0F0FA-7E1F-4ED9-BE0F-D2013767FDCA}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7C816DA5-9F12-49A4-952D-BD7E7488AE77} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7C816DA5-9F12-49A4-952D-BD7E7488AE77}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7F7A21E5-61DB-4633-9590-680C523F5D46} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7F7A21E5-61DB-4633-9590-680C523F5D46}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7FAE985D-E6B9-409B-A1D7-EAD877F37C0D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7FAE985D-E6B9-409B-A1D7-EAD877F37C0D}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7FD98228-69C7-42DB-8EFC-1DDDE271DDAE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{7FD98228-69C7-42DB-8EFC-1DDDE271DDAE}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{83459029-0F25-4AD0-84B5-61A454B6CF5C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{83459029-0F25-4AD0-84B5-61A454B6CF5C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{83F412E2-1D7C-431E-A0DA-B616A51962D1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{83F412E2-1D7C-431E-A0DA-B616A51962D1}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{878A29C1-EB9A-43E6-B2E6-B0BEBE134223} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{878A29C1-EB9A-43E6-B2E6-B0BEBE134223}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{87BB1333-0337-40AE-9472-C75D508D4A4E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{87BB1333-0337-40AE-9472-C75D508D4A4E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{89DEDA1B-E999-4004-929E-BE949567A812} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{89DEDA1B-E999-4004-929E-BE949567A812}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{8B966250-E61F-4BDC-9C1E-5207C0EA1088} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{8B966250-E61F-4BDC-9C1E-5207C0EA1088}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{8C25603E-0DFF-47B4-9493-CE5399A13E18} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{8C25603E-0DFF-47B4-9493-CE5399A13E18}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{8CAB506D-A14A-4025-80E2-63948D6ED04D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{8CAB506D-A14A-4025-80E2-63948D6ED04D}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{8E3B672A-4B97-4AC1-A99D-51873C167D4E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{8E3B672A-4B97-4AC1-A99D-51873C167D4E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{93D9BF5A-59B2-49C6-82EE-F2BD299E6E9E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{93D9BF5A-59B2-49C6-82EE-F2BD299E6E9E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{94746698-4720-4160-9A2B-9749FA389C36} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{94746698-4720-4160-9A2B-9749FA389C36}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{95B3935C-4EDF-4019-8C79-4F11D6B043C0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{95B3935C-4EDF-4019-8C79-4F11D6B043C0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{95C17A14-FD44-4DCC-9B58-19A74A9EAC97} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{95C17A14-FD44-4DCC-9B58-19A74A9EAC97}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{9621704C-2E93-4FDA-BEC8-FFFFEE187E02} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{9621704C-2E93-4FDA-BEC8-FFFFEE187E02}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{9E7AF68A-D5A7-4EE8-9C11-88E217E18590} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{9E7AF68A-D5A7-4EE8-9C11-88E217E18590}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A06C4FEB-A16C-43CD-ADE5-0A91E08AF063} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A06C4FEB-A16C-43CD-ADE5-0A91E08AF063}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A09B250D-B748-4785-86CD-6FC4E463A805} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A09B250D-B748-4785-86CD-6FC4E463A805}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A15AB336-7C62-4E05-B350-5008984D826F} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A15AB336-7C62-4E05-B350-5008984D826F}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A1FCB317-2FF4-4B91-940F-002213999E42} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A1FCB317-2FF4-4B91-940F-002213999E42}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A2567D55-A983-4868-8396-2F19613FA360} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A2567D55-A983-4868-8396-2F19613FA360}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A2950CE7-E3DF-4080-991B-A3A061DB63DD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A2950CE7-E3DF-4080-991B-A3A061DB63DD}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A33997CE-5D37-4515-BA86-1515DC91E64A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A33997CE-5D37-4515-BA86-1515DC91E64A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A4F1C5FC-9DD3-4B4E-BAA1-53A55B0C3BD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{A4F1C5FC-9DD3-4B4E-BAA1-53A55B0C3BD6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{AA4AFF15-728E-41B5-92DC-965B561820E2} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{AA4AFF15-728E-41B5-92DC-965B561820E2}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{AAE0DD6E-7D37-40CD-A98A-E7017A7B9497} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{AAE0DD6E-7D37-40CD-A98A-E7017A7B9497}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{AC3DFD29-EFEF-40ED-B4A4-6F9ED528C276} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{AC3DFD29-EFEF-40ED-B4A4-6F9ED528C276}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{B2A3FFE8-A3ED-48B1-B546-69F92F9CF7FA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{B2A3FFE8-A3ED-48B1-B546-69F92F9CF7FA}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{B492490C-9C7F-4926-A221-C1FDC9EB141B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{B492490C-9C7F-4926-A221-C1FDC9EB141B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{B5D9343E-613D-40A9-8B9C-CAD607F3283E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{B5D9343E-613D-40A9-8B9C-CAD607F3283E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{BBE90BD2-92E7-4CC6-B4D4-6275C94781AF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{BBE90BD2-92E7-4CC6-B4D4-6275C94781AF}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{C18B94B6-D3F3-4F02-AE72-165B0953468E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{C18B94B6-D3F3-4F02-AE72-165B0953468E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{C2D44CDE-5D2F-4C1A-9A75-2A436F2A2D99} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{C2D44CDE-5D2F-4C1A-9A75-2A436F2A2D99}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{C45F8916-44A9-4630-B7E0-B38EE4E69146} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{C45F8916-44A9-4630-B7E0-B38EE4E69146}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{C604E51D-11E7-4DEF-8C84-E0E4B6D45BE9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{C604E51D-11E7-4DEF-8C84-E0E4B6D45BE9}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{C81F7A04-DAE4-4579-93F7-7BA1694B4305} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{C81F7A04-DAE4-4579-93F7-7BA1694B4305}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{C8F2508F-7757-4D74-8B33-1E7F575FEDB9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{C8F2508F-7757-4D74-8B33-1E7F575FEDB9}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{CC16714B-BEA0-476A-B3C1-24C7CA7944A6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{CC16714B-BEA0-476A-B3C1-24C7CA7944A6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{D0B72A8D-E5FE-4C0F-A731-ECCBD63E6077} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{D0B72A8D-E5FE-4C0F-A731-ECCBD63E6077}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{D165663B-D7B5-4E41-9472-25710C503C02} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{D165663B-D7B5-4E41-9472-25710C503C02}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{D1A9B278-F6FA-411B-A6F8-4BBBF54E8484} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{D1A9B278-F6FA-411B-A6F8-4BBBF54E8484}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{D25AEC4B-3CBE-41AE-A5C6-6FF8E36320FD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{D25AEC4B-3CBE-41AE-A5C6-6FF8E36320FD}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{D611F930-8ACB-4D7A-B55F-183C060B0C8A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{D611F930-8ACB-4D7A-B55F-183C060B0C8A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{D64081B3-F5B4-4206-8B84-FDA322B32349} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{D64081B3-F5B4-4206-8B84-FDA322B32349}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{DDB27D4C-06E9-4B72-979B-BF2FAE1BE75B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{DDB27D4C-06E9-4B72-979B-BF2FAE1BE75B}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{DE31B097-94C2-4F93-98D9-E6B3363C6FEA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{DE31B097-94C2-4F93-98D9-E6B3363C6FEA}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{DF7E53BD-052F-4BE2-910C-0D8D58AA2E0A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{DF7E53BD-052F-4BE2-910C-0D8D58AA2E0A}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{E2280776-A9D7-427B-B302-B8A5F343B1B7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{E2280776-A9D7-427B-B302-B8A5F343B1B7}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{E54DB066-CBA9-493C-B1D3-872360AAE9D3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{E54DB066-CBA9-493C-B1D3-872360AAE9D3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{E6E5EDF7-50B9-472E-97D2-DA32D25C4D5E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{E6E5EDF7-50B9-472E-97D2-DA32D25C4D5E}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{E9305E8E-2269-4FEF-9E75-A27CCE9B0A55} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{E9305E8E-2269-4FEF-9E75-A27CCE9B0A55}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{E9818A2F-E34E-4452-A214-43FC7BC9D5B0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{E9818A2F-E34E-4452-A214-43FC7BC9D5B0}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{EF3C1FB9-1BB3-4A49-A99C-C04531C65C54} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{EF3C1FB9-1BB3-4A49-A99C-C04531C65C54}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{EF569DB8-671D-4FC9-8201-2E4731A8167C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{EF569DB8-671D-4FC9-8201-2E4731A8167C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{EF65E06F-C38B-40E7-94B1-38BDF7E4875C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{EF65E06F-C38B-40E7-94B1-38BDF7E4875C}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{EFB2AF80-E9E7-4FAB-9311-72539ED9FE59} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{EFB2AF80-E9E7-4FAB-9311-72539ED9FE59}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{F13BE0DE-512F-4C72-8EE4-9173BAB6B324} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{F13BE0DE-512F-4C72-8EE4-9173BAB6B324}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{F1AA7018-91A0-4710-85A9-65482756DC69} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{F1AA7018-91A0-4710-85A9-65482756DC69}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{F4AB8E56-51AE-4364-93CD-FE9273774DD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{F4AB8E56-51AE-4364-93CD-FE9273774DD6}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{F714EB3A-9117-440F-9439-ECCA61F8A9A8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{F714EB3A-9117-440F-9439-ECCA61F8A9A8}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{F78B4E18-0676-40B1-A727-87DBF3D86971} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{F78B4E18-0676-40B1-A727-87DBF3D86971}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{F889EA43-9959-4A62-983F-BE5C4D3702C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{F889EA43-9959-4A62-983F-BE5C4D3702C3}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{FC2A70BF-2A63-43F5-9291-6FC1D46EC1E4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{FC2A70BF-2A63-43F5-9291-6FC1D46EC1E4}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{FFFA8EDA-16C6-4228-81BC-1F2EF795E468} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\Adapters\{FFFA8EDA-16C6-4228-81BC-1F2EF795E468}\{5CBF81BD-5055-47CD-9055-A76B2B4E3697}-0000 - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{00BB99C2-4DE1-4021-8A5A-DB02E06D6EA5} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{00DAE0C0-FA7F-4EB2-9C2B-06350486C6E7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{0102042A-EB27-40B3-B853-3F6AAD680997} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{01B071F8-013C-47BA-BD2A-4898FC614768} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{03657A0B-E641-4DBB-B1FA-46947BCE9DD0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{0491E058-016A-4B42-912B-60074AB0F3CE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{05232212-2802-448B-9C00-95ED68D4A36B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{0656FE01-B544-42C6-A71E-E88DFC0FA5C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{0884FEBE-5199-4F5E-A139-7A8E2356B6B4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{0A6AE135-4BDA-4096-9F2F-CADC26ABFAA0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{0B7AB491-B316-4687-9CEC-11EB7360EEC7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{0B8EF117-59E7-45BA-BBD3-65875556883C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{0C278710-C451-43A7-B8A5-55DD79417C89} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{122FC130-E4C4-4019-A32D-5E20201762A7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{12496030-686B-413D-B9CB-5D2538ACB422} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{14708749-7A4C-42CB-81E8-6DB51AD2615B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{15F7DC48-2BA7-4EB1-A95D-E9A999C57C42} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{166ACA65-2305-4C31-9AE7-BA52F46B70E9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{193AE675-3C91-4ACE-AFF8-FF090703AE09} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{19710E1D-2971-4C51-99F8-E4B3FC757570} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{1A38D7B5-3C9E-4AC8-BBA3-5908BE3F63A3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{1A3C04C2-0C3F-4AC2-A4CF-EBDADC98B20A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{1C263854-88BF-4E3E-A253-79A5F4772E36} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{1D86067B-2695-4432-8D8D-DF106DB88C40} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{20703FA9-7B00-4B11-A34F-9D1851505D20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{20ED22BC-37D2-4E55-BB29-B6904EAFD2F5} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{223F8F2B-5BD6-42D8-A39A-674FBBDC99D9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{22FF1F10-2F60-44C6-84A5-D039F4B652A0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{2627A471-6748-431E-9E4B-A1AB7CD80D69} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{26A48BAF-86F5-48CF-89A3-BBA28835E6FE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{2CAA64ED-BAA3-4473-B637-DEC65A14C8AA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{2D368B49-C8D2-4364-A5FF-F08329493F03} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{2DE2570B-E3EC-4710-8106-0A862FF3A321} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{2DF13FD2-F5C3-4F34-9DEE-AFC29CF85669} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{2ECE6F57-6027-4620-A153-913D6F8E27CD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{316721EC-BFAE-4EDA-930F-8BFC672F6A21} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{330FF765-798F-49FF-B63B-D89031A1E0C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{35141C14-6A63-4BE1-B19B-F2CF029F9664} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{35EFAB13-D191-4D59-84E9-974D026662A8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{37740F1C-F189-4C4A-9EA0-A816038C7188} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{37EE4C9B-DE2F-4BE3-8934-BFEB91DF2DD7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{3E36C79D-6F36-4103-AE18-6DB27AA47B20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{3EF79FF2-8AA2-4489-BC7B-BAF6931324C2} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{3F2D4926-9457-4FB2-8668-A29BDBCB3F5D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{3FF26964-488F-4432-B1FC-D7E1278C7484} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{407F0095-8F13-48E5-8741-663FEFC72C7D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{412140A1-6784-4FE4-BD6E-BF15EA05DF39} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{41C31C55-7A5D-4714-9F18-B8EF1BFE9A20} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{43DC3CC9-EA7C-4F9B-9B79-E1CC0FF5469C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{457E21DA-537A-4D69-8622-2062FFA5EC91} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{4EBF92E9-B36A-4F8B-8905-28FD81A02205} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{4FF5CA03-2F2C-4A5B-92DA-94F5BF5C439C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{50A5FD00-6EA2-4359-BC16-1F83A104AE01} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{543C5A73-556F-4944-BC93-8FD12FE3F7D1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{58C8566A-73E8-4387-8716-6D85820CD149} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{596955D7-55D3-4D81-BC39-B40AF77B54F8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{5A4DE87F-FA08-4475-BB67-FC7397CEA7C7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{5BF54C7E-91DA-457D-80BF-333677D7E316} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{5D08D61E-6FDF-4E64-A318-FC14C6C3D6FE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{5DF98E70-6233-45FA-85F7-7CA6748070A0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{5E7B9612-773D-4214-852B-A801CC1DDB0E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{60D13A25-17B4-4F7B-84BC-5739AC590B5F} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{64FD4FB6-367F-4AA2-B3D1-66F270FDD4A6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{65F00C5B-DB29-41C4-8B3F-7D010182457E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{6609B9EF-EA03-41D4-963C-9A0AB8AD6CFB} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{6660B455-8673-49EB-A732-A11DE82BEFD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{677E8195-8970-4B88-AD34-4F763D30D296} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{68465E2A-DA0A-4277-878C-B316B9824575} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{6A9C3A8E-4F5E-4016-B7BE-A31829BA3A4B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{6AD5CD60-6AAC-49D2-8100-C4A40146738B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{6D4D596F-AEE4-4DC5-A578-ED14AD0C8C51} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{6D9855E6-79CB-4E58-9693-D68DE991B28D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{708678AE-A0D0-4AF6-BA84-D7F8B956C2EF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{7270C4EF-F580-4DED-ABB5-00F0239CED61} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{72A2A9D3-45AA-4F1D-93A3-0CB9A3F35207} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{737FD183-DD56-42DD-BAB5-A953C8E3F9DE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{7497DBA8-9E6A-4987-9DEB-E539FC832D01} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{79A5DECF-9D21-49D3-991B-1B6E95BCBDA1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{7A564958-306E-468E-9694-6A4806CB86C8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{7B57B8DD-C1DD-4D8F-BFCD-A8567209AA2A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{7BB0F0FA-7E1F-4ED9-BE0F-D2013767FDCA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{7C816DA5-9F12-49A4-952D-BD7E7488AE77} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{7F7A21E5-61DB-4633-9590-680C523F5D46} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{7FAE985D-E6B9-409B-A1D7-EAD877F37C0D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{7FD98228-69C7-42DB-8EFC-1DDDE271DDAE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{83459029-0F25-4AD0-84B5-61A454B6CF5C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{83F412E2-1D7C-431E-A0DA-B616A51962D1} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{878A29C1-EB9A-43E6-B2E6-B0BEBE134223} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{87BB1333-0337-40AE-9472-C75D508D4A4E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{89DEDA1B-E999-4004-929E-BE949567A812} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{8B966250-E61F-4BDC-9C1E-5207C0EA1088} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{8C25603E-0DFF-47B4-9493-CE5399A13E18} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{8CAB506D-A14A-4025-80E2-63948D6ED04D} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{8E3B672A-4B97-4AC1-A99D-51873C167D4E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{93D9BF5A-59B2-49C6-82EE-F2BD299E6E9E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{93F306AF-5ED9-45DD-829A-E4D5E3B3ED10} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{94746698-4720-4160-9A2B-9749FA389C36} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{95B3935C-4EDF-4019-8C79-4F11D6B043C0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{95C17A14-FD44-4DCC-9B58-19A74A9EAC97} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{9621704C-2E93-4FDA-BEC8-FFFFEE187E02} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{9A399D81-2EAD-4F23-BCDD-637FC13DCD51} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{9E7AF68A-D5A7-4EE8-9C11-88E217E18590} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{9FAC96BC-7846-489B-891D-598B08F252DC} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{A06C4FEB-A16C-43CD-ADE5-0A91E08AF063} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{A09B250D-B748-4785-86CD-6FC4E463A805} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{A15AB336-7C62-4E05-B350-5008984D826F} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{A1FCB317-2FF4-4B91-940F-002213999E42} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{A2567D55-A983-4868-8396-2F19613FA360} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{A2950CE7-E3DF-4080-991B-A3A061DB63DD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{A33997CE-5D37-4515-BA86-1515DC91E64A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{A4F1C5FC-9DD3-4B4E-BAA1-53A55B0C3BD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{A727E71F-89ED-4BB5-89F2-8F751484FBBF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{AA4AFF15-728E-41B5-92DC-965B561820E2} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{AAE0DD6E-7D37-40CD-A98A-E7017A7B9497} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{AC3DFD29-EFEF-40ED-B4A4-6F9ED528C276} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{AC3ED15E-236D-4415-A968-9F1B3857F229} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{B275931F-1DA8-4ACA-ACDB-6B41020AB4BE} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{B2A3FFE8-A3ED-48B1-B546-69F92F9CF7FA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{B492490C-9C7F-4926-A221-C1FDC9EB141B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{B5D9343E-613D-40A9-8B9C-CAD607F3283E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{B979651F-4F73-49A4-BEC5-3D59F26F82D8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{BBE90BD2-92E7-4CC6-B4D4-6275C94781AF} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{BDAEDFF2-737A-4D35-B282-A375C9719CD0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{C18B94B6-D3F3-4F02-AE72-165B0953468E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{C2D44CDE-5D2F-4C1A-9A75-2A436F2A2D99} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{C45F8916-44A9-4630-B7E0-B38EE4E69146} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{C604E51D-11E7-4DEF-8C84-E0E4B6D45BE9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{C81F7A04-DAE4-4579-93F7-7BA1694B4305} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{C8F2508F-7757-4D74-8B33-1E7F575FEDB9} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{CC11064D-9B2C-490C-8E42-DAD53F862C85} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{CC16714B-BEA0-476A-B3C1-24C7CA7944A6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{CD6E30CA-85CF-4690-95EA-F5104BD64CC8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{D0B72A8D-E5FE-4C0F-A731-ECCBD63E6077} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{D165663B-D7B5-4E41-9472-25710C503C02} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{D1A9B278-F6FA-411B-A6F8-4BBBF54E8484} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{D25AEC4B-3CBE-41AE-A5C6-6FF8E36320FD} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{D611F930-8ACB-4D7A-B55F-183C060B0C8A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{D64081B3-F5B4-4206-8B84-FDA322B32349} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{DDB27D4C-06E9-4B72-979B-BF2FAE1BE75B} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{DE31B097-94C2-4F93-98D9-E6B3363C6FEA} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{DF7E53BD-052F-4BE2-910C-0D8D58AA2E0A} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{E2280776-A9D7-427B-B302-B8A5F343B1B7} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{E54DB066-CBA9-493C-B1D3-872360AAE9D3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{E6E5EDF7-50B9-472E-97D2-DA32D25C4D5E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{E82E8D21-C98D-443D-BC41-B45DEF799706} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{E9305E8E-2269-4FEF-9E75-A27CCE9B0A55} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{E9818A2F-E34E-4452-A214-43FC7BC9D5B0} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{E9DBDB07-C25A-40AA-B02D-C5C5D0288EC4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{EF3C1FB9-1BB3-4A49-A99C-C04531C65C54} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{EF569DB8-671D-4FC9-8201-2E4731A8167C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{EF65E06F-C38B-40E7-94B1-38BDF7E4875C} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{EFB2AF80-E9E7-4FAB-9311-72539ED9FE59} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{F13BE0DE-512F-4C72-8EE4-9173BAB6B324} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{F1AA7018-91A0-4710-85A9-65482756DC69} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{F4AB8E56-51AE-4364-93CD-FE9273774DD6} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{F5027D71-11B3-4C16-B2D6-64B12E3C394E} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{F714EB3A-9117-440F-9439-ECCA61F8A9A8} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{F78B4E18-0676-40B1-A727-87DBF3D86971} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{F889EA43-9959-4A62-983F-BE5C4D3702C3} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{FC2A70BF-2A63-43F5-9291-6FC1D46EC1E4} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Parameters\NdisAdapters\{FFFA8EDA-16C6-4228-81BC-1F2EF795E468} - RegSetKeySecurity Error : 5 Access is denied.


HKEY_LOCAL_MACHINE\System\CurrentControlset\Services\pwipf6\Enum - RegSetKeySecurity Error : 5 Access is denied.


----------



## eddie5659 (Mar 19, 2001)

Okay, let me read all of this, and see what needs to be tried next


----------



## lavenderchef45 (Jul 24, 2013)

I think we should blow it up.


----------



## eddie5659 (Mar 19, 2001)

I'm asking others as they have given me some ideas already, so we'll get there, even if I pull the last hair from my head


----------



## eddie5659 (Mar 19, 2001)

Okay, lets see what we have. Can you re-run Farbar Service Scanner again. You should still have it, but just in case you don't, here it is again, and what you need to do 

Please download *Farbar Service Scanner* and run it on the computer with the issue.
Make sure the following options are checked:
*Internet Services*
*Windows Firewall*
*System Restore*
*Security Center*
*Windows Update*

Press "*Scan*".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


----------



## lavenderchef45 (Jul 24, 2013)

Farbar Service Scanner Version: 25-02-2014
Ran by Lisa (administrator) on 26-04-2014 at 10:33:39
Running from "C:\Users\Lisa\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============

System Restore Disabled Policy: 
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****


----------



## eddie5659 (Mar 19, 2001)

Thanks 

Just before we try anything else, as the FSS log look good, can you enable the firewall now? If not, we have other things to try


----------



## lavenderchef45 (Jul 24, 2013)

all has been inoperable for a yr.


----------



## lavenderchef45 (Jul 24, 2013)

And, user account control is also inoperable. I can not ad to or alter it in any way.


----------



## eddie5659 (Mar 19, 2001)

Sorry, was away for the long weekend. I'll have a looksee at both, will double-check with someone first


----------



## eddie5659 (Mar 19, 2001)

Okay, lets try this fix

*Run Windows All-In-One*


 Right click the * Windows Repair (All-In-One)* icon on the desktop, click *Run as Administrator* and OK any UAC prompts to launch the program.

 Go to Step 4 to create a Restore point and backup the Registry










 Under *System Restore* click the *Restore* button. You will see a message saying that system Restore is creating a Restore point. when it is finished you will see a message saying that the Restore point wes created.
 Under *Registry Backup *click the *Backup* button. When it is finished you will see the message telling you that the Registry is backed up.








 Click the *Next* button. You will be taken to the *Start Repairs* screen.

 On the *Start Repairs* tab click *Start*.










You will see a *Repair Options* screen like the image below with the Default options checked"










*Please make the following changes:*
 Remove the checks in all of the boxes except these:
*
01
04
09
05
25
26
*


 In the lower right corner click the box beside *Shutdown/Restart System when Finished* and tick the radio button beside *Restart System*.
 Click the *Start* button.
*NOTE:* These repairs will take some time to complete depending on the speed of the system, the number of files and the number of registry keys. On a few systems it is possible for these repairs to get stuck in an infinite loop and thus never complete. This is because of symbolic links. Symbolic links are a way for a folder or reg key to point to a different location. On a normal system this isn't a problem. But if a system has a bad link that points back to a parent path then everything it hits in that link it will hit it again and again forever.
IF the *repair option's* are running for a insane amount of time (about 15 mins) then they are most likely stuck in a loop. This is just for the final part of the above, the sfc etc may take some time, which is expected 
If that is the case stop the repairs and let me know.


----------

