Fix result of Farbar Recovery Scan Tool (x64) Version:12-06-2016 01 Ran by pc user (2016-06-13 23:37:45) Run:1 Running from C:\Users\pc user\Downloads Loaded Profiles: pc user (Available Profiles: pc user & Guest) Boot Mode: Normal ============================================== fixlist content: ***************** HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0 HKLM\...\Policies\Explorer: [HideSCAHealth] 0 HKU\S-1-5-21-857764097-2768608196-515561602-1001\...\Run: [Evvtion] => regsvr32.exe "C:\Users\pc user\AppData\Local\Evvtion\AddonCommsType.dll" <===== ATTENTION HKU\S-1-5-21-857764097-2768608196-515561602-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-857764097-2768608196-515561602-1001\...\Run: [Ad-Aware Search Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\AASearchCompanion.exe HKU\S-1-5-21-857764097-2768608196-515561602-1001\...\Policies\Explorer: [TaskbarNoNotification] 0 HKU\S-1-5-21-857764097-2768608196-515561602-1001\...\Policies\Explorer: [HideSCAHealth] 0 HKU\S-1-5-21-857764097-2768608196-515561602-1001\...\MountPoints2: {1180c521-0d24-11e6-82fd-c03fd54840db} - "E:\Setup.exe" HKU\S-1-5-21-857764097-2768608196-515561602-1001\...\MountPoints2: {909d08ed-2ee4-11e6-8307-c03fd54840db} - "E:\Setup.exe" HKU\S-1-5-21-857764097-2768608196-515561602-1001\...\MountPoints2: {909d09e6-2ee4-11e6-8307-c03fd54840db} - "E:\Setup.exe" HKU\S-1-5-21-857764097-2768608196-515561602-1001\...\MountPoints2: {e04aa14c-cbf7-11e5-82e7-c03fd54840db} - "E:\Setup.exe" /s Startup: C:\Users\pc user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-08-05] ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (No File) GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\pc user\AppData\Roaming\BrowserExtensions\Coupons64.dll => No File BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-11] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-11] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-11] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-11] (Oracle Corporation) FF Extension: CeuTTTHePricoe - C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\dp71wocd.default\Extensions\gKy@t.org [2015-12-23] [not signed] FF Extension: PSFactoryBuffer - C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\dp71wocd.default\Extensions\{14FF0F3D-8FCD-778F-D0A8-D76E1FF8B3FA} [2015-11-25] [not signed] FF Extension: "Extension Ball - C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@23CF0DB7E7561D1197B45A39688A1A0123CF.xpi [2016-01-06] [not signed] FF Extension: CeuTTTHePricoe - C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\gKy@t.org [2015-12-23] [not signed] FF Extension: PSFactoryBuffer - C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{14FF0F3D-8FCD-778F-D0A8-D76E1FF8B3FA} [2015-12-23] [not signed] FF Extension: Start Page - C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{3c59c791-aeec-44bb-af60-ff112eea18e3} [2016-06-11] FF Extension: Slick Savings - C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{51aa69f8-8825-4def-916a-a766c5e3c0fd} [2016-06-11] FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!23CF0DB7E7561D1197B45A39688A1A0123CF.js [2015-12-23] <==== ATTENTION FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\23CF0DB7E7561D1197B45A39688A1A0123CF [2015-12-23] <==== ATTENTION CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHFFBJFhdUw1HDFERdg0VVQ5DQhhCIg4OTFwUFAUXIVxcWFxCExNBNARaUUtXUUEeGGlxR1dMc1BPIU1dBWkDTlJRIVQ=" CHR Extension: (Ask Search) - C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf [2015-12-23] CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-12-23] CHR Extension: (Skype) - C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-23] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) S2 ADSafeSvc; C:\Program Files (x86)\ADSafe\ADSafeSvc.exe [X] S2 UnsignedThemes; C:\Windows\unsignedthemes.exe [X] R2 Seablue_protect; C:\ProgramData\Seablue\protect\protect.exe [302976 2016-05-13] () S2 Seablue_update; C:\Program Files (x86)\Seablue\Seablue\bin\Seablue_server.exe [492416 2016-05-13] () S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-16] () S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X] R3 gkernel; \??\C:\Users\PCUSER~1\AppData\Local\Temp\gkernel.sys [X] S1 jflthvvb; \??\C:\Windows\system32\drivers\jflthvvb.sys [X] S1 tdegpfsf; \??\C:\Windows\system32\drivers\tdegpfsf.sys [X] S2 uxstyle; \??\C:\Windows\system32\Drivers\uxstyle.sys [X] S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X] S3 X6va031; \??\C:\Windows\SysWOW64\Drivers\X6va031 [X] S3 X6va060; \??\C:\Windows\SysWOW64\Drivers\X6va060 [X] S3 X6va062; \??\C:\Windows\SysWOW64\Drivers\X6va062 [X] 2016-05-19 21:29 - 2016-05-19 21:29 - 00014744 _____ C:\Windows\System32\Tasks\SeablueBrowserUpdateUA 2016-05-19 21:29 - 2016-05-19 21:29 - 00014738 _____ C:\Windows\System32\Tasks\SeablueCheckTask 2016-05-19 21:29 - 2016-05-19 21:29 - 00003804 _____ C:\Windows\System32\Tasks\SeablueBrowserUpdateCore 2016-05-19 21:29 - 2016-05-19 21:29 - 00000000 ____D C:\Users\Public\Documents\Seablue 2016-05-19 21:29 - 2016-05-19 21:29 - 00000000 ____D C:\ProgramData\Seablue 2016-05-19 21:18 - 2016-06-13 16:53 - 00000000 ____D C:\Program Files (x86)\Seablue C:\Windows\Tasks\{33D39030-3DFD-5EAE-A377-7FC91AB574CE}.job C:\Users\pc user\AppData\Local\Temp\ADSafe.30619-10.exe C:\Users\pc user\AppData\Local\Temp\ADSafe.30619-12.exe C:\Users\pc user\AppData\Local\Temp\AutoUI.exe C:\Users\pc user\AppData\Local\Temp\BaiduAn.Setup.0528.4.0.0.8029_1050123308.exe C:\Users\pc user\AppData\Local\Temp\HY_Setup_duba04.exe C:\Users\pc user\AppData\Local\Temp\jre-8u71-windows-au.exe C:\Users\pc user\AppData\Local\Temp\jre-8u73-windows-au.exe C:\Users\pc user\AppData\Local\Temp\libeay32.dll C:\Users\pc user\AppData\Local\Temp\msvcr120.dll C:\Users\pc user\AppData\Local\Temp\PH_160505to160506.exe C:\Users\pc user\AppData\Local\Temp\PH_160506to160519.exe C:\Users\pc user\AppData\Local\Temp\qqpcmgr_v11.1.16908.217_78223_Silence.exe C:\Users\pc user\AppData\Local\Temp\qqpcmgr_v11.1.16923.222_72545_Silence.exe C:\Users\pc user\AppData\Local\Temp\qqpcmgr_v11.1.16923.222_72547_Silence.exe C:\Users\pc user\AppData\Local\Temp\qqpcmgr_v11.1.16923.222_72549_Silence.exe C:\Users\pc user\AppData\Local\Temp\qqpcmgr_v11.2.17063.223_73589_Silence.exe C:\Users\pc user\AppData\Local\Temp\SkypeSetup.exe C:\Users\pc user\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll C:\Users\pc user\AppData\Local\Temp\sqlite3.dll C:\Users\pc user\AppData\Local\Temp\TwinklyUgandan.dll C:\Users\pc user\AppData\Local\Temp\uninst.exe C:\Users\pc user\AppData\Local\Temp\WebCompanionInstaller.exe C:\Users\pc user\AppData\Local\Temp\ytb.exe C:\Users\pc user\AppData\Local\Temp\{096F62AF-3705-4BBF-8D36-0E500F0EC071}.dll C:\Users\pc user\AppData\Local\Temp\{0A311363-F5A7-48F2-A442-E2549B328F2D}.dll C:\Users\pc user\AppData\Local\Temp\{166F6336-9F04-4764-9B56-665A6F45A61E}.dll C:\Users\pc user\AppData\Local\Temp\{19CAB985-2C95-47FA-B8B3-63FA5FDE5A27}.dll C:\Users\pc user\AppData\Local\Temp\{1F384ADB-89D0-4461-B6CC-7287549980F8}.dll C:\Users\pc user\AppData\Local\Temp\{23646C90-F133-44A3-A5DC-BF922814B163}.dll C:\Users\pc user\AppData\Local\Temp\{284B205E-FC56-4605-8A27-AC968F4BBDEB}.dll C:\Users\pc user\AppData\Local\Temp\{2B1531AC-D465-44C6-B86D-E4BC5D314244}.dll C:\Users\pc user\AppData\Local\Temp\{2CD5E6B6-FFEA-41A0-B566-D4C8EE6EDAF1}.dll C:\Users\pc user\AppData\Local\Temp\{2E986700-C5DD-4B65-9073-BF002E4E3134}.dll C:\Users\pc user\AppData\Local\Temp\{33875205-CAFF-4B35-95BB-FD968C4A2446}.dll C:\Users\pc user\AppData\Local\Temp\{35576FB5-A863-4522-88B7-28B6FAFAF56E}.dll C:\Users\pc user\AppData\Local\Temp\{36A01A3E-ECE0-4C3D-BB13-5E3637718BAB}.dll C:\Users\pc user\AppData\Local\Temp\{3A7CA92D-CBDC-4460-A724-94DF3C19D6E8}.dll C:\Users\pc user\AppData\Local\Temp\{419EFC88-9BC1-47CD-A518-EE95102E0342}.dll C:\Users\pc user\AppData\Local\Temp\{466DFD1B-9DD6-4CD9-B683-4171018E3BCA}.dll C:\Users\pc user\AppData\Local\Temp\{4AE1FD6D-5E83-4BF2-B0D1-E91D627F25A5}.dll C:\Users\pc user\AppData\Local\Temp\{59E09975-09D9-4446-8D36-11D137FC51D5}.dll C:\Users\pc user\AppData\Local\Temp\{6468A887-34EB-49B3-A2A4-2B34EDC49A4B}.dll C:\Users\pc user\AppData\Local\Temp\{64DAE3FD-36A3-4DB6-8DB6-91856F38007B}.dll C:\Users\pc user\AppData\Local\Temp\{6DAA8633-B042-47E0-8584-82F4FCC14253}.dll C:\Users\pc user\AppData\Local\Temp\{70D43CC8-1AA4-4851-90A7-5AA9257E6CB4}.dll C:\Users\pc user\AppData\Local\Temp\{7705897A-9999-4EE8-B90E-7AE313339D8B}.dll C:\Users\pc user\AppData\Local\Temp\{79732A6E-4A25-40C5-B325-7A1D15EED688}.dll C:\Users\pc user\AppData\Local\Temp\{7B437477-0543-42F3-B29D-144FE738EC33}.dll C:\Users\pc user\AppData\Local\Temp\{7C429103-5581-4007-841A-DE17FE1934C4}.dll C:\Users\pc user\AppData\Local\Temp\{7CC2989D-B051-47F6-9C17-0D4E9DAECC5A}.dll C:\Users\pc user\AppData\Local\Temp\{879BFDF9-A88A-44E9-B451-549970E66ABE}.dll C:\Users\pc user\AppData\Local\Temp\{979842C1-2DCB-4362-B3BB-93CE323F731A}.dll C:\Users\pc user\AppData\Local\Temp\{A1A30823-57F9-4498-B524-0CAF1821D694}.dll C:\Users\pc user\AppData\Local\Temp\{AA89F54D-298A-4126-B852-3ED0BB41F8EC}.dll C:\Users\pc user\AppData\Local\Temp\{AE6916DB-D0D8-4FA5-B95D-2834EF29926A}.dll C:\Users\pc user\AppData\Local\Temp\{B3006AB4-8DDC-4A51-BEF1-D9B567F208CD}.dll C:\Users\pc user\AppData\Local\Temp\{B8FD3891-EE2B-479E-9BF4-DCDF1D2AC3B3}.dll C:\Users\pc user\AppData\Local\Temp\{B905C6C0-0831-4DA1-A4CF-CF6BBB965DD9}.dll C:\Users\pc user\AppData\Local\Temp\{C2B64548-0962-40AA-9A1F-DD9AD0ECFE52}.dll C:\Users\pc user\AppData\Local\Temp\{C6D01889-62D4-45B2-A707-DBA1D80AF5D9}.dll C:\Users\pc user\AppData\Local\Temp\{C865E543-1881-4F03-8DE3-49BBE406DB20}.dll C:\Users\pc user\AppData\Local\Temp\{D8BED6D6-D66A-46F7-A081-ED7169548C2A}.dll C:\Users\pc user\AppData\Local\Temp\{E26C1BB4-CE9E-4EB1-9E66-F44EB1FC41C3}.dll C:\Users\pc user\AppData\Local\Temp\{E2E09D9B-29AE-46B9-A2C1-A803BE9885A3}.dll C:\Users\pc user\AppData\Local\Temp\{E7154392-98A3-48FF-A88A-89AB015FF5B2}.dll C:\Users\pc user\AppData\Local\Temp\{E7A6D082-8E10-4985-B0D4-13A8C3F59E62}.dll C:\Users\pc user\AppData\Local\Temp\{F01BAC7F-D52E-4CAD-BF60-AC136621CFE8}.dll C:\Users\pc user\AppData\Local\Temp\{F4099261-07CB-488A-9DB9-312211F0448F}.dll C:\Users\pc user\AppData\Local\Temp\{F6D7CC8F-AD87-4628-8241-8E2EC1116FB7}.dll C:\Users\pc user\AppData\Local\Temp\{F7BB008E-D64F-4F30-8DFB-292804A73D1F}.dll C:\Users\pc user\AppData\Local\Temp\{FB30BD43-66F6-414A-837F-54E14B12275C}.dll C:\Users\pc user\AppData\Local\Temp\{FD61FAAA-E081-4B07-A1BF-4D33761374BE}.dll Task: {254E9D06-C9BE-40C9-8DDA-4171E096DAE8} - System32\Tasks\{36266844-B8D1-43AD-B817-B91A9F8E82C5} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.109/en/abandoninstall?page=tsProgressBar Task: {2AEA1DB5-D3A8-40B1-A381-A663E6C1F1C9} - System32\Tasks\pc userDermaCratonsV2 => Rundll32.exe TwinklyUgandan.dll,main 7 1 <==== ATTENTION Task: {358DFC79-339A-4146-AE3D-67D4FFDD260A} - System32\Tasks\SeablueBrowserUpdateCore => C:\Program Files (x86)\Seablue\Seablue\bin\Seablue_server.exe [2016-05-13] () <==== ATTENTION Task: {7C46EBE2-2139-4FED-8599-344D72BBA7C8} - System32\Tasks\{33D39030-3DFD-5EAE-A377-7FC91AB574CE} => C:\Users\pc user\AppData\Local\{4F9079CC-6B38-1574-06A0-309C22C8CC04}\uninstall.exe [2013-05-07] () <==== ATTENTION Task: {AE66BDE9-3F33-4586-9CD9-DEABAAC08F47} - System32\Tasks\SeablueCheckTask => C:\Program Files (x86)\Seablue\Seablue\bin\Seablue_server.exe [2016-05-13] () <==== ATTENTION Task: {D51F40A6-F36B-4178-889B-3A0593F41097} - System32\Tasks\SeablueBrowserUpdateUA => C:\Program Files (x86)\Seablue\Seablue\bin\Seablue_server.exe [2016-05-13] () <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SeablueBrowserUpdateCore.job => C:\Program Files (x86)\Seablue\Seablue\bin\Seablue_server.exe <==== ATTENTION Task: C:\Windows\Tasks\SeablueBrowserUpdateUA.job => C:\Program Files (x86)\Seablue\Seablue\bin\Seablue_server.exe <==== ATTENTION Task: C:\Windows\Tasks\SeablueCheckTask.job => C:\Program Files (x86)\Seablue\Seablue\bin\Seablue_server.exe <==== ATTENTION Task: C:\Windows\Tasks\{33D39030-3DFD-5EAE-A377-7FC91AB574CE}.job => C:\Users\PCUSER~1\AppData\Local\{4F907~1\UNINST~1.EXE <==== ATTENTION Shortcut: C:\Users\pc user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\MAUL - Chrome.lnk -> C:\Program Files (x86)\Seablue\Seablue\chrome.exe (Google Inc.) Shortcut: C:\Users\pc user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Seablue\Seablue\chrome.exe (Google Inc.) 2016-05-19 21:29 - 2016-05-13 17:02 - 00302976 _____ () C:\ProgramData\Seablue\protect\protect.exe HKLM\...\regfile\DefaultIcon: C:\Windows\regedit.exe,1 <===== ATTENTION HKLM\...\batfile\DefaultIcon: C:\Windows\SysWow64\imageres.dll,-68 <===== ATTENTION HKLM\...\cmdfile\DefaultIcon: C:\Windows\SysWow64\imageres.dll,-68 <===== ATTENTION IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-857764097-2768608196-515561602-1001\...\localhost -> localhost FirewallRules: [{DCE2A5A2-8129-4B20-8C3D-98BD1617C4D6}] => (Allow) C:\Program Files (x86)\Seablue\Seablue\chrome.exe FirewallRules: [{84E8CA52-AE46-4738-A9DF-9EF9ADE93816}] => (Allow) C:\Program Files (x86)\Seablue\Seablue\bin\Seablue_server.exe FirewallRules: [{CC00AF4A-6D88-42F6-B9F4-00ECF445664F}] => (Allow) C:\ProgramData\Seablue\protect\protect.exe C:\Program Files (x86)\Seablue CMD: for /f "tokens=*" %1 in ('wevtutil.exe el') do wevtutil.exe cl "%1" ***************** HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value removed successfully HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value removed successfully HKU\S-1-5-21-857764097-2768608196-515561602-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Evvtion => value removed successfully HKU\S-1-5-21-857764097-2768608196-515561602-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully HKU\S-1-5-21-857764097-2768608196-515561602-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Ad-Aware Search Companion => value removed successfully HKU\S-1-5-21-857764097-2768608196-515561602-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value removed successfully HKU\S-1-5-21-857764097-2768608196-515561602-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value removed successfully "HKU\S-1-5-21-857764097-2768608196-515561602-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1180c521-0d24-11e6-82fd-c03fd54840db}" => key removed successfully HKCR\CLSID\{1180c521-0d24-11e6-82fd-c03fd54840db} => key not found. "HKU\S-1-5-21-857764097-2768608196-515561602-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{909d08ed-2ee4-11e6-8307-c03fd54840db}" => key removed successfully HKCR\CLSID\{909d08ed-2ee4-11e6-8307-c03fd54840db} => key not found. "HKU\S-1-5-21-857764097-2768608196-515561602-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{909d09e6-2ee4-11e6-8307-c03fd54840db}" => key removed successfully HKCR\CLSID\{909d09e6-2ee4-11e6-8307-c03fd54840db} => key not found. "HKU\S-1-5-21-857764097-2768608196-515561602-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e04aa14c-cbf7-11e5-82e7-c03fd54840db}" => key removed successfully HKCR\CLSID\{e04aa14c-cbf7-11e5-82e7-c03fd54840db} => key not found. C:\Users\pc user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk => moved successfully C:\Program Files\Rainmeter\Rainmeter.exe => not found. C:\Windows\system32\GroupPolicy\Machine => moved successfully C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully "HKLM\SOFTWARE\Policies\Google" => key removed successfully HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" => key removed successfully "HKCR\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully "HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully "HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully "HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully "HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully "HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully "HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found. "HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully "HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.73.2" => key removed successfully C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll => moved successfully "HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.73.2" => key removed successfully C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll => moved successfully C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\dp71wocd.default\Extensions\gKy@t.org => moved successfully C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\dp71wocd.default\Extensions\{14FF0F3D-8FCD-778F-D0A8-D76E1FF8B3FA} => moved successfully C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@23CF0DB7E7561D1197B45A39688A1A0123CF.xpi => moved successfully C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\gKy@t.org => moved successfully C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{14FF0F3D-8FCD-778F-D0A8-D76E1FF8B3FA} => moved successfully C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{3c59c791-aeec-44bb-af60-ff112eea18e3} => moved successfully C:\Users\pc user\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{51aa69f8-8825-4def-916a-a766c5e3c0fd} => moved successfully C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => moved successfully C:\Program Files (x86)\mozilla firefox\defaults\pref\!23CF0DB7E7561D1197B45A39688A1A0123CF.js => moved successfully C:\Program Files (x86)\mozilla firefox\23CF0DB7E7561D1197B45A39688A1A0123CF => moved successfully Chrome RestoreOnStartup => removed successfully C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf => moved successfully C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd => moved successfully C:\Users\pc user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => moved successfully "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => moved successfully c2cautoupdatesvc => Unable to stop service. c2cautoupdatesvc => service removed successfully c2cpnrsvc => Unable to stop service. c2cpnrsvc => service removed successfully ADSafeSvc => service removed successfully UnsignedThemes => service removed successfully Seablue_protect => Unable to stop service. Seablue_protect => service removed successfully Seablue_update => service removed successfully EsgScanner => service removed successfully EagleX64 => service removed successfully GGSAFERDriver => service removed successfully gkernel => Unable to stop service. gkernel => service removed successfully jflthvvb => service removed successfully tdegpfsf => service removed successfully uxstyle => service removed successfully X6va029 => service removed successfully X6va031 => service removed successfully X6va060 => service removed successfully X6va062 => service removed successfully C:\Windows\System32\Tasks\SeablueBrowserUpdateUA => moved successfully C:\Windows\System32\Tasks\SeablueCheckTask => moved successfully C:\Windows\System32\Tasks\SeablueBrowserUpdateCore => moved successfully C:\Users\Public\Documents\Seablue => moved successfully C:\ProgramData\Seablue => moved successfully C:\Program Files (x86)\Seablue => moved successfully C:\Windows\Tasks\{33D39030-3DFD-5EAE-A377-7FC91AB574CE}.job => moved successfully C:\Users\pc user\AppData\Local\Temp\ADSafe.30619-10.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\ADSafe.30619-12.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\AutoUI.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\BaiduAn.Setup.0528.4.0.0.8029_1050123308.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\HY_Setup_duba04.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\jre-8u71-windows-au.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\jre-8u73-windows-au.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\libeay32.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\msvcr120.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\PH_160505to160506.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\PH_160506to160519.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\qqpcmgr_v11.1.16908.217_78223_Silence.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\qqpcmgr_v11.1.16923.222_72545_Silence.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\qqpcmgr_v11.1.16923.222_72547_Silence.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\qqpcmgr_v11.1.16923.222_72549_Silence.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\qqpcmgr_v11.2.17063.223_73589_Silence.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\SkypeSetup.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\sqlite3.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\TwinklyUgandan.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\uninst.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\WebCompanionInstaller.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\ytb.exe => moved successfully C:\Users\pc user\AppData\Local\Temp\{096F62AF-3705-4BBF-8D36-0E500F0EC071}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{0A311363-F5A7-48F2-A442-E2549B328F2D}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{166F6336-9F04-4764-9B56-665A6F45A61E}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{19CAB985-2C95-47FA-B8B3-63FA5FDE5A27}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{1F384ADB-89D0-4461-B6CC-7287549980F8}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{23646C90-F133-44A3-A5DC-BF922814B163}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{284B205E-FC56-4605-8A27-AC968F4BBDEB}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{2B1531AC-D465-44C6-B86D-E4BC5D314244}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{2CD5E6B6-FFEA-41A0-B566-D4C8EE6EDAF1}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{2E986700-C5DD-4B65-9073-BF002E4E3134}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{33875205-CAFF-4B35-95BB-FD968C4A2446}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{35576FB5-A863-4522-88B7-28B6FAFAF56E}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{36A01A3E-ECE0-4C3D-BB13-5E3637718BAB}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{3A7CA92D-CBDC-4460-A724-94DF3C19D6E8}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{419EFC88-9BC1-47CD-A518-EE95102E0342}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{466DFD1B-9DD6-4CD9-B683-4171018E3BCA}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{4AE1FD6D-5E83-4BF2-B0D1-E91D627F25A5}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{59E09975-09D9-4446-8D36-11D137FC51D5}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{6468A887-34EB-49B3-A2A4-2B34EDC49A4B}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{64DAE3FD-36A3-4DB6-8DB6-91856F38007B}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{6DAA8633-B042-47E0-8584-82F4FCC14253}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{70D43CC8-1AA4-4851-90A7-5AA9257E6CB4}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{7705897A-9999-4EE8-B90E-7AE313339D8B}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{79732A6E-4A25-40C5-B325-7A1D15EED688}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{7B437477-0543-42F3-B29D-144FE738EC33}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{7C429103-5581-4007-841A-DE17FE1934C4}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{7CC2989D-B051-47F6-9C17-0D4E9DAECC5A}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{879BFDF9-A88A-44E9-B451-549970E66ABE}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{979842C1-2DCB-4362-B3BB-93CE323F731A}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{A1A30823-57F9-4498-B524-0CAF1821D694}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{AA89F54D-298A-4126-B852-3ED0BB41F8EC}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{AE6916DB-D0D8-4FA5-B95D-2834EF29926A}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{B3006AB4-8DDC-4A51-BEF1-D9B567F208CD}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{B8FD3891-EE2B-479E-9BF4-DCDF1D2AC3B3}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{B905C6C0-0831-4DA1-A4CF-CF6BBB965DD9}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{C2B64548-0962-40AA-9A1F-DD9AD0ECFE52}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{C6D01889-62D4-45B2-A707-DBA1D80AF5D9}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{C865E543-1881-4F03-8DE3-49BBE406DB20}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{D8BED6D6-D66A-46F7-A081-ED7169548C2A}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{E26C1BB4-CE9E-4EB1-9E66-F44EB1FC41C3}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{E2E09D9B-29AE-46B9-A2C1-A803BE9885A3}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{E7154392-98A3-48FF-A88A-89AB015FF5B2}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{E7A6D082-8E10-4985-B0D4-13A8C3F59E62}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{F01BAC7F-D52E-4CAD-BF60-AC136621CFE8}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{F4099261-07CB-488A-9DB9-312211F0448F}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{F6D7CC8F-AD87-4628-8241-8E2EC1116FB7}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{F7BB008E-D64F-4F30-8DFB-292804A73D1F}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{FB30BD43-66F6-414A-837F-54E14B12275C}.dll => moved successfully C:\Users\pc user\AppData\Local\Temp\{FD61FAAA-E081-4B07-A1BF-4D33761374BE}.dll => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{254E9D06-C9BE-40C9-8DDA-4171E096DAE8}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{254E9D06-C9BE-40C9-8DDA-4171E096DAE8}" => key removed successfully C:\Windows\System32\Tasks\{36266844-B8D1-43AD-B817-B91A9F8E82C5} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{36266844-B8D1-43AD-B817-B91A9F8E82C5}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2AEA1DB5-D3A8-40B1-A381-A663E6C1F1C9}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AEA1DB5-D3A8-40B1-A381-A663E6C1F1C9}" => key removed successfully C:\Windows\System32\Tasks\pc userDermaCratonsV2 => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pc userDermaCratonsV2" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{358DFC79-339A-4146-AE3D-67D4FFDD260A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{358DFC79-339A-4146-AE3D-67D4FFDD260A}" => key removed successfully C:\Windows\System32\Tasks\SeablueBrowserUpdateCore => not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SeablueBrowserUpdateCore" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C46EBE2-2139-4FED-8599-344D72BBA7C8}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C46EBE2-2139-4FED-8599-344D72BBA7C8}" => key removed successfully C:\Windows\System32\Tasks\{33D39030-3DFD-5EAE-A377-7FC91AB574CE} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{33D39030-3DFD-5EAE-A377-7FC91AB574CE}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE66BDE9-3F33-4586-9CD9-DEABAAC08F47}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE66BDE9-3F33-4586-9CD9-DEABAAC08F47}" => key removed successfully C:\Windows\System32\Tasks\SeablueCheckTask => not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SeablueCheckTask" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D51F40A6-F36B-4178-889B-3A0593F41097}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D51F40A6-F36B-4178-889B-3A0593F41097}" => key removed successfully C:\Windows\System32\Tasks\SeablueBrowserUpdateUA => not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SeablueBrowserUpdateUA" => key removed successfully C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully C:\Windows\Tasks\SeablueBrowserUpdateCore.job => moved successfully C:\Windows\Tasks\SeablueBrowserUpdateUA.job => moved successfully C:\Windows\Tasks\SeablueCheckTask.job => moved successfully C:\Windows\Tasks\{33D39030-3DFD-5EAE-A377-7FC91AB574CE}.job => not found. Shortcut: C:\Users\pc user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\MAUL - Chrome.lnk -> C:\Program Files (x86)\Seablue\Seablue\chrome.exe (Google Inc.) => Error: No automatic fix found for this entry. Shortcut: C:\Users\pc user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Seablue\Seablue\chrome.exe (Google Inc.) => Error: No automatic fix found for this entry. "C:\ProgramData\Seablue\protect\protect.exe" => not found. HKLM\Software\Classes\regfile\DefaultIcon\\Default => value restored successfully HKLM\...\batfile\DefaultIcon: C:\Windows\SysWow64\imageres.dll,-68 <===== ATTENTION => Error: No automatic fix found for this entry. HKLM\Software\Classes\cmdfile\DefaultIcon\\Default => value restored successfully "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost" => key removed successfully "HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com" => key removed successfully "HKU\S-1-5-21-857764097-2768608196-515561602-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost" => key removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DCE2A5A2-8129-4B20-8C3D-98BD1617C4D6} => value not found. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{84E8CA52-AE46-4738-A9DF-9EF9ADE93816} => value not found. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CC00AF4A-6D88-42F6-B9F4-00ECF445664F} => value removed successfully "C:\Program Files (x86)\Seablue" => not found. ========= for /f "tokens=*" %1 in ('wevtutil.exe el') do wevtutil.exe cl "%1" ========= Failed to clear log DebugChannel. The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation. Failed to clear log Microsoft-RMS-MSIPC/Debug. The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation. ========= End of CMD: ========= The system needed a reboot. ==== End of Fixlog 23:38:23 ====