Fix result of Farbar Recovery Scan Tool (x64) Version:13-04-2016
Ran by Caroline (2016-04-17 21:54:27) Run:1
Running from C:\Users\Caroline\Desktop
Loaded Profiles: Caroline (Available Profiles: Caroline)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint: 
HKLM\...\Run: [IDSCCOMZ22] => "C:\Program Files (x86)\Max Driver Updater\idsccom_Z22.exe"
HKLM\...\Run: [cpuminer] => C:\Users\Caroline\AppData\Roaming\cpuminer\cpm.exe
HKLM-x32\...\Run: [dply_en_015020294] => C:\Program Files (x86)\dply_en_015020294\dply_en_015020294.exe [4336816 2016-04-10] ()
HKLM-x32\...\Run: [rec_gb_247] => C:\Program Files (x86)\rec_gb_247\rec_gb_247.exe [3972272 2016-04-03] ()
HKLM-x32\...\Run: [mbot_en_037050293] => [X]
HKLM-x32\...\RunOnce: [updply_en_015020294.exe] => C:\Users\Caroline\AppData\Local\dply_en_015020294\updply_en_015020294.exe [3320496 2016-04-10] ()
HKLM\...\Winlogon: [Userinit] wscript C:\WINDOWS\run.vbs,
HKU\S-1-5-21-219877153-197691950-3609309316-1001\...\Policies\Explorer: [] 
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [249104 2016-04-03] (Client Connect LTD)
AppInit_DLLs:  C:\ProgramData\Ronzap\Zundintom.dll => C:\ProgramData\Ronzap\Zundintom.dll [361984 2016-04-14] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [221456 2016-04-03] (Client Connect LTD)
AppInit_DLLs-x32:  C:\ProgramData\Ronzap\Quotecof.dll => C:\ProgramData\Ronzap\Quotecof.dll [257536 2016-04-14] ()
AutoConfigURL: [S-1-5-21-219877153-197691950-3609309316-1001] => hxxp://un-stop.biz/wpad.dat?69a3ec30733689a2829c1537dc212a068684954
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\zdengine.dll [297109 2016-04-10] (zdengine)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\zdengine.dll [297109 2016-04-10] (zdengine)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\zdengine.dll [297109 2016-04-10] (zdengine)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\zdengine.dll [297109 2016-04-10] (zdengine)
Winsock: Catalog9 17 C:\WINDOWS\SysWOW64\zdengine.dll [297109 2016-04-10] (zdengine)
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\zdengine64.dll [346005 2016-04-10] (zdengine)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\zdengine64.dll [346005 2016-04-10] (zdengine)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\zdengine64.dll [346005 2016-04-10] (zdengine)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\zdengine64.dll [346005 2016-04-10] (zdengine)
Winsock: Catalog9-x64 17 C:\WINDOWS\system32\zdengine64.dll [346005 2016-04-10] (zdengine)
HKU\S-1-5-21-219877153-197691950-3609309316-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWrPzQENNZPocWT1fX7EbMokABF_0bw2ndCvJKYQao0JejHg-_jUL3pb2MIc-PXrjLCvdIpkY_KyK6I1l1swOCS6xkEWrWB-EYLvMhOIvsF2V8aylCPEr64Yf-lQemxzx0LptoX-k4lx3Ahm_XG5L31J3eTiXHF45pICNLKCkx&q={searchTerms}
HKU\S-1-5-21-219877153-197691950-3609309316-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWrPzQENNZPocWT1fX7EbMokABF_0bw2ndCvJKYQao0JejHg-_jUL3pb2MIc-PXrjLCvdIpkY_KyK6I1l1swOCS6xkEWrWB-EYLvMhOIvsF2V8aylCPEr64Yf-lQemxzx0LptoX-k4lx3Ahm_XG5L31J3eTiXHF45pICNLKCkx&q={searchTerms}
HKU\S-1-5-21-219877153-197691950-3609309316-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWrPzQENNZPocWT1fX7EbMokABF_0bw2ndCvJKYQao0JejHg-_jUL3pb2MIc-PXrjLCvdIpkY_KyK6I1l1swOCS6xkEWrWB-EYLvMhOIvsF2V8aylCPEr64Yf-lQemxzx0LptoX-k4lx3Ahm_XG5L31J3eTiXHF45pICNLKCkx&q={searchTerms}
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWrPzQENNZPocWT1fX7EbMokABF_0bw2ndCvJKYQao0JejHg-_jUL3pb2MIc-PXrjLCvdIpkY_KyK6I1l1swOCS6xkEWrWB-EYLvMhOIvsF2V8aylCPEr64Yf-lQemxzx0LptoX-k4lx3Ahm_XG5L31J3eTiXHF45pICNLKCkx&q={searchTerms}
SearchScopes: HKU\S-1-5-21-219877153-197691950-3609309316-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWrPzQENNZPocWT1fX7EbMokABF_0bw2ndCvJKYQao0JejHg-_jUL3pb2MIc-PXrjLCvdIpkY_KyK6I1l1swOCS6xkEWrWB-EYLvMhOIvsF2V8aylCPEr64Yf-lQemxzx0LptoX-k4lx3Ahm_XG5L31J3eTiXHF45pICNLKCkx&q={searchTerms}
SearchScopes: HKU\S-1-5-21-219877153-197691950-3609309316-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWrPzQENNZPocWT1fX7EbMokABF_0bw2ndCvJKYQao0JejHg-_jUL3pb2MIc-PXrjLCvdIpkY_KyK6I1l1swOCS6xkEWrWB-EYLvMhOIvsF2V8aylCPEr64Yf-lQemxzx0LptoX-k4lx3Ahm_XG5L31J3eTiXHF45pICNLKCkx&q={searchTerms}
BHO-x32: Oasis Space 1.0.0.7 -> {567dbf58-4713-45f4-a623-e7b41f898209} -> C:\Program Files (x86)\Oasis Space\OasisSpacebho.dll [2016-04-07] (Oasis Space)
BHO-x32: Checked List 1.0.0.7 -> {7ff0f7e7-8b1e-4e90-8bd5-f60cfdd71ecc} -> C:\Program Files (x86)\Checked List\CheckedListbho.dll [2016-04-07] (Checked List)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Parental Controls.lnk [2014-06-30]
ShortcutTarget: McAfee Parental Controls.lnk -> C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe (McAfee, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
S2 AppVerifier; C:\ProgramData\Appverifier\AppVerifierService.exe [39424 2016-04-04] (AppVerifierService) [File not signed]
R2 Bejfhojia; C:\Users\Caroline\AppData\Roaming\Reofh\Reofh.exe [174456 2016-04-10] ()
R2 brsrv; C:\Users\Caroline\AppData\Local\brsrv\brsrv.exe [104448 2016-03-06] () [File not signed]
S2 BugreportW; C:\Program Files (x86)\SpeedSearchesbnd\Bugreportauclt.exe [1627600 2016-04-09] ()
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3253520 2016-04-03] (Client Connect LTD)
S3 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2782392 2013-12-31] (McAfee, Inc.)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-04-10] (DotC United Inc)
R2 nowuedctep; C:\Users\Caroline\AppData\Local\Statlux.exe [28160 2016-04-14] () [File not signed]
R2 rihelecezbt; C:\Program Files (x86)\DDB727A0-1460291042-11E2-824E-30F9EDC4D4EB\knsdBDF.tmp [250368 2016-04-11] () [File not signed]
R2 rijufoze; C:\Program Files (x86)\DDB727A0-1460291042-11E2-824E-30F9EDC4D4EB\hnsoF2DC.tmp [138240 2016-04-10] () [File not signed]
R2 rocufyky; C:\Program Files (x86)\DDB727A0-1460291042-11E2-824E-30F9EDC4D4EB\jnsuDC06.tmp [389632 2016-04-10] () [File not signed]
R2 Ronzap; C:\ProgramData\\Ronzap\\Ronzap.exe [1200128 2016-04-14] () [File not signed]
S2 rsYVIpYm; C:\ProgramData\IseTPBjVl\rsYVIpYm.exe [3001832 2016-04-10] (Time Lapse Solutions)
R2 SMUpd; C:\Program Files\Common Files\Soobzo\GDUpdate\smu.exe [2454016 2016-04-06] (Search Module Ltd.) [File not signed]
S2 Update Checked List; C:\Program Files (x86)\Checked List\updateCheckedList.exe [654536 2016-04-14] ()
S2 Util Checked List; C:\Program Files (x86)\Checked List\bin\utilCheckedList.exe [654536 2016-04-14] ()
S2 Util Oasis Space; C:\Program Files (x86)\Oasis Space\bin\utilOasisSpace.exe [648392 2016-04-14] ()
S2 Update Oasis Space; C:\Program Files (x86)\Oasis Space\updateOasisSpace.exe [648392 2016-04-14] ()
R2 zigipyro; C:\Users\Caroline\AppData\Local\DDB727A0-1460669759-11E2-824E-30F9EDC4D4EB\qnst630F.tmp [158720 2015-12-26] () [File not signed]
S2 Iapisni; "C:\Users\Caroline\AppData\Roaming\LumdEpuyatv\Thupietr.exe" -cms [X]
S2 zdengine; C:\Program Files (x86)\QuickSearch\zdengine.exe [X]
R1 bsdriver; C:\WINDOWS\system32\drivers\bsdriver.sys [34720 2016-04-10] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc.)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-04-10] (DotC United Inc)
R2 zdwfp; C:\WINDOWS\system32\Drivers\zdwfp64.sys [46352 2016-03-04] (zdengine)
R1 {8fd16984-f872-41a4-8820-246c3230d450}Gw64; C:\Windows\System32\drivers\{8fd16984-f872-41a4-8820-246c3230d450}Gw64.sys [48744 2016-04-14] (StdLib)
R1 {dfdc7730-be9e-4dcb-ac28-14383da4b8a3}Gw64; C:\Windows\System32\drivers\{dfdc7730-be9e-4dcb-ac28-14383da4b8a3}Gw64.sys [48744 2016-04-14] (StdLib)
R1 {f2dc76ff-8604-4585-8824-8df11d37bd06}Gw64; C:\Windows\System32\drivers\{f2dc76ff-8604-4585-8824-8df11d37bd06}Gw64.sys [48744 2016-04-10] (StdLib)
R1 {fc3cdbfe-8a8e-406c-954a-8cb7370cfc8e}Gw64; C:\Windows\System32\drivers\{fc3cdbfe-8a8e-406c-954a-8cb7370cfc8e}Gw64.sys [48744 2016-04-10] (StdLib)
2016-04-14 21:46 - 2016-04-14 21:47 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2016-04-14 21:46 - 2016-04-14 21:46 - 00000000 ____D C:\Users\Caroline\AppData\Local\SearchProtect
2016-04-14 21:35 - 2016-04-14 21:36 - 00000000 ____D C:\Users\Caroline\AppData\Local\DDB727A0-1460669759-11E2-824E-30F9EDC4D4EB
2016-04-14 21:08 - 2016-04-14 21:08 - 00041472 _____ C:\Users\Caroline\AppData\Local\Statlux.dat
2016-04-14 21:08 - 2016-04-14 21:08 - 00028160 _____ C:\Users\Caroline\AppData\Local\Statlux.exe
2016-04-14 21:08 - 2016-04-14 21:08 - 00002397 _____ C:\WINDOWS\SysWOW64\findit.xml
2016-04-14 21:08 - 2016-04-14 21:08 - 00000187 _____ C:\Users\Caroline\AppData\Local\Statlux.exe.config
2016-04-14 21:08 - 2016-04-14 21:08 - 00000000 ____D C:\ProgramData\Ronzaps
2016-04-14 21:07 - 2016-04-14 21:46 - 00000000 ____D C:\ProgramData\Ronzap
2016-04-14 21:07 - 2016-04-14 21:07 - 06494208 _____ C:\Users\Caroline\AppData\Roaming\agent.dat
2016-04-14 21:07 - 2016-04-14 21:07 - 01626777 _____ C:\Users\Caroline\AppData\Roaming\Consoft.tst
2016-04-14 21:07 - 2016-04-14 21:07 - 00189558 _____ () C:\Users\Caroline\AppData\Roaming\Lamex.bin
2016-04-14 21:07 - 2016-04-14 21:07 - 00126464 _____ C:\Users\Caroline\AppData\Roaming\noah.dat
2016-04-14 21:07 - 2016-04-14 21:07 - 00126464 _____ C:\Users\Caroline\AppData\Roaming\lobby.dat
2016-04-14 21:07 - 2016-04-14 21:07 - 00072717 _____ C:\Users\Caroline\AppData\Roaming\Bamity.tst
2016-04-14 21:07 - 2016-04-14 21:07 - 00065568 _____ C:\Users\Caroline\AppData\Roaming\Config.xml
2016-04-14 21:07 - 2016-04-14 21:07 - 00054272 _____ C:\Users\Caroline\AppData\Roaming\ApplicationHosting.dat
2016-04-14 21:07 - 2016-04-14 21:07 - 00018432 _____ C:\Users\Caroline\AppData\Roaming\Main.dat
2016-04-14 21:07 - 2016-04-14 21:05 - 01200128 _____ C:\Users\Caroline\AppData\Roaming\Consoft.exe
2016-04-14 21:07 - 2016-04-14 21:05 - 01200128 _____ C:\Users\Caroline\AppData\Roaming\Bamity.exe
2016-04-14 21:06 - 2016-04-14 21:06 - 00848437 _____ C:\Users\Caroline\AppData\Roaming\Daltzap.bin
2016-04-14 21:05 - 2016-04-14 21:06 - 00016992 _____ C:\Users\Caroline\AppData\Roaming\InstallationConfiguration.xml
2016-04-14 21:05 - 2016-04-14 21:05 - 00258813 _____ C:\Users\Caroline\AppData\Roaming\inst.lat
2016-04-14 21:05 - 2016-04-14 21:05 - 00127488 _____ C:\Users\Caroline\AppData\Roaming\Installer.dat
2016-04-14 21:05 - 2016-04-14 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-04-14 21:07 - 2016-04-14 21:07 - 00005568 _____ C:\Users\Caroline\AppData\Roaming\md.xml
2016-04-14 20:59 - 2016-04-14 20:59 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser.lnk
2016-04-14 20:59 - 2016-04-14 20:59 - 00002201 _____ C:\Users\Public\Desktop\speed browser.lnk
2016-04-14 20:59 - 2016-04-14 20:59 - 00000000 ____D C:\Users\Caroline\AppData\Local\speed browser
2016-04-14 20:59 - 2016-04-14 20:59 - 00000000 ____D C:\Program Files (x86)\speed browser
2016-04-14 20:54 - 2016-04-14 21:08 - 00003166 _____ C:\WINDOWS\System32\Tasks\Advanced PC-Care_Logon
2016-04-14 20:53 - 2016-04-14 20:53 - 00000000 ____D C:\Users\Caroline\AppData\Roaming\Advancedpccare.net
2016-04-14 20:52 - 2016-04-14 20:53 - 00000000 ____D C:\ProgramData\Appverifier
2016-04-14 20:52 - 2016-04-14 20:52 - 00000878 _____ C:\Users\Public\Desktop\Advanced PC-Care.lnk
2016-04-14 20:52 - 2016-04-14 20:52 - 00000000 ____D C:\Users\Caroline\AppData\Roaming\efo
2016-04-14 20:52 - 2016-04-14 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced PC-Care
2016-04-14 20:52 - 2016-04-14 20:52 - 00000000 ____D C:\ProgramData\advancedpccare.net
2016-04-14 20:52 - 2016-04-14 20:52 - 00000000 ____D C:\Program Files\Advanced PC-Care
2016-04-14 20:51 - 2016-04-14 11:24 - 00048744 _____ (StdLib) C:\WINDOWS\system32\Drivers\{dfdc7730-be9e-4dcb-ac28-14383da4b8a3}Gw64.sys
2016-04-14 20:51 - 2016-04-14 10:30 - 00048744 _____ (StdLib) C:\WINDOWS\system32\Drivers\{8fd16984-f872-41a4-8820-246c3230d450}Gw64.sys
2016-04-11 19:06 - 2016-04-11 19:06 - 00130144 _____ C:\Users\Caroline\Downloads\adobe_flash_setup-15806568.exe
2016-04-11 10:19 - 2016-04-11 10:19 - 00003268 _____ C:\WINDOWS\System32\Tasks\{95530276-13B0-4CDE-852F-1EADDC5B099F}
2016-04-11 10:18 - 2016-04-11 10:18 - 00003584 _____ C:\WINDOWS\System32\Tasks\IBUpd
2016-04-11 10:18 - 2016-04-11 10:18 - 00003330 _____ C:\WINDOWS\System32\Tasks\IBUpd2
2016-04-11 10:18 - 2016-04-11 10:18 - 00000000 ____D C:\Users\Caroline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserAir
2016-04-11 10:17 - 2016-04-11 10:17 - 00000000 ____D C:\Users\Caroline\AppData\Local\brsrv
2016-04-11 10:14 - 2016-04-11 10:14 - 00000000 ____D C:\ProgramData\Browser
2016-04-10 17:21 - 2016-04-14 20:55 - 00003522 _____ C:\WINDOWS\System32\Tasks\Uurxreumruw
2016-04-10 17:21 - 2016-04-10 17:21 - 00000000 ____D C:\Users\Caroline\AppData\Roaming\MCorp
2016-04-10 17:21 - 2016-04-10 17:21 - 00000000 ____D C:\ProgramData\Uurxreumruw
2016-04-10 17:19 - 2016-04-10 17:19 - 00000000 ____D C:\Users\Caroline\AppData\Local\ZombieNews
2016-04-10 17:16 - 2016-04-10 17:18 - 00000000 ____D C:\ProgramData\IseTPBjVl
2016-04-10 17:16 - 2016-04-10 17:17 - 00000000 ____D C:\Users\Caroline\AppData\Roaming\gplyra
2016-04-10 17:15 - 2016-04-10 17:17 - 00000000 ____D C:\ProgramData\ZombieNews
2016-04-10 14:48 - 2016-04-14 21:05 - 00001798 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-04-10 13:59 - 2016-04-10 17:26 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-04-10 13:57 - 2016-04-10 13:57 - 00000000 ____D C:\WINDOWS\system32\lat
2016-04-10 13:42 - 2016-04-14 21:08 - 00000000 ____D C:\Users\Caroline\AppData\Local\app
2016-04-10 13:40 - 2016-04-11 19:04 - 00000000 ____D C:\Users\Caroline\AppData\Local\bvyvave
2016-04-10 13:40 - 2016-04-10 17:26 - 00012696 _____ C:\WINDOWS\SysWOW64\zdengineOff.ini
2016-04-10 13:40 - 2016-04-10 17:26 - 00012696 _____ C:\WINDOWS\system32\zdengineOff.ini
2016-04-10 13:40 - 2016-04-10 13:41 - 00003518 _____ C:\WINDOWS\System32\Tasks\bvyvave
2016-04-10 13:40 - 2016-04-10 13:40 - 00003316 _____ C:\WINDOWS\System32\Tasks\runTask
2016-04-10 13:40 - 2016-04-10 13:40 - 00003226 _____ C:\WINDOWS\System32\Tasks\updateTask
2016-04-10 13:40 - 2016-04-10 13:40 - 00002044 _____ C:\WINDOWS\System32\Tasks\kze3024
2016-04-10 13:40 - 2016-04-10 13:40 - 00000296 _____ C:\task.vbs
2016-04-10 13:40 - 2016-03-04 15:13 - 00046352 _____ (zdengine) C:\WINDOWS\system32\Drivers\zdwfp64.sys
2016-04-10 13:39 - 2016-04-14 21:09 - 00000364 ____H C:\WINDOWS\Tasks\PCBRFPTQWUBWXJMS.job
2016-04-10 13:39 - 2016-04-14 21:05 - 00000364 ____H C:\WINDOWS\Tasks\YPBXJRASSJNPNGFR.job
2016-04-10 13:39 - 2016-04-14 21:05 - 00000352 _____ C:\WINDOWS\Tasks\KLPAT1.job
2016-04-10 13:39 - 2016-04-14 21:04 - 00000376 _____ C:\WINDOWS\Tasks\FYJHMJXE1.job
2016-04-10 13:39 - 2016-04-10 17:29 - 00000000 ____D C:\Users\Caroline\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-10 13:39 - 2016-04-10 14:48 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-04-10 13:39 - 2016-04-10 13:39 - 00346005 _____ (zdengine) C:\WINDOWS\system32\zdengine64.dll
2016-04-10 13:39 - 2016-04-10 13:39 - 00297109 _____ (zdengine) C:\WINDOWS\SysWOW64\zdengine.dll
2016-04-10 13:39 - 2016-04-10 13:39 - 00060136 _____ (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-04-10 13:39 - 2016-04-10 13:39 - 00015116 _____ C:\WINDOWS\System32\Tasks\WinTsks
2016-04-10 13:39 - 2016-04-10 13:39 - 00003446 _____ C:\WINDOWS\System32\Tasks\YPBXJRASSJNPNGFR
2016-04-10 13:39 - 2016-04-10 13:39 - 00003446 _____ C:\WINDOWS\System32\Tasks\PCBRFPTQWUBWXJMS
2016-04-10 13:39 - 2016-04-10 13:39 - 00003402 _____ C:\WINDOWS\System32\Tasks\Ootocm
2016-04-10 13:39 - 2016-04-10 13:39 - 00002944 _____ C:\WINDOWS\System32\Tasks\FYJHMJXE1
2016-04-10 13:39 - 2016-04-10 13:39 - 00002914 _____ C:\WINDOWS\System32\Tasks\KLPAT1
2016-04-10 13:39 - 2016-04-10 13:39 - 00001922 _____ C:\Users\Public\Desktop\Play Games.lnk
2016-04-10 13:39 - 2016-04-10 13:39 - 00000000 ____D C:\Program Files (x86)\WinTsks
2016-04-10 13:39 - 2016-04-10 13:39 - 00000000 ____D C:\Program Files (x86)\WinSvces
2016-04-10 13:39 - 2016-04-10 13:39 - 00000000 ____D C:\extensions
2016-04-10 13:38 - 2016-04-11 10:26 - 00000000 ____D C:\Program Files\Mespem
2016-04-10 13:38 - 2016-04-10 13:39 - 00000000 ____D C:\ProgramData\TomorrowGames
2016-04-10 13:38 - 2016-04-10 13:39 - 00000000 ____D C:\ProgramData\FlashBeat
2016-04-10 13:38 - 2016-04-10 13:39 - 00000000 ____D C:\Program Files (x86)\SpeedSearchesbnd
2016-04-10 13:38 - 2016-04-10 13:38 - 00034720 _____ () C:\WINDOWS\system32\Drivers\bsdriver.sys
2016-04-10 13:38 - 2016-04-10 13:38 - 00000000 ____D C:\Users\Caroline\AppData\Roaming\Reofh
2016-04-10 13:38 - 2016-04-10 13:38 - 00000000 ____D C:\Users\Caroline\AppData\LocalLow\Company
2016-04-10 13:38 - 2016-04-10 13:38 - 00000000 ____D C:\Users\Caroline\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-04-10 13:38 - 2016-04-10 13:42 - 00000000 ____D C:\Program Files (x86)\CleanBrowser
2016-04-10 13:38 - 2016-04-10 13:38 - 00000000 ____D C:\ProgramData\Service1291
2016-04-10 13:38 - 2016-04-10 13:38 - 00000000 ____D C:\ProgramData\Service1104
2016-04-10 13:38 - 2016-04-10 13:38 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2016-04-10 13:38 - 2016-04-10 13:38 - 00000000 ____D C:\ProgramData\19a87fa1ec024bbcbb41931263354405
2016-04-10 13:28 - 2016-04-10 13:28 - 00000000 ____D C:\Users\Caroline\AppData\Local\DDB727A0-1460294904-11E2-824E-30F9EDC4D4EB
2016-04-10 13:24 - 2016-04-14 20:47 - 00000000 ____D C:\Program Files (x86)\DDB727A0-1460291042-11E2-824E-30F9EDC4D4EB
2016-04-10 13:24 - 2016-04-10 13:24 - 00000000 ____D C:\Users\Caroline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
2016-04-10 13:24 - 2016-04-10 13:24 - 00000000 ____D C:\Users\Caroline\AppData\Roaming\ASPackage
2016-04-10 13:24 - 2016-04-10 13:24 - 00000000 ____D C:\Users\Caroline\AppData\Local\rec_gb_247
2016-04-10 13:24 - 2016-04-10 13:24 - 00000000 ____D C:\Program Files (x86)\rec_gb_247
2016-04-10 13:24 - 2016-04-10 13:24 - 00000000 ____D C:\Program Files (x86)\DesktopPlay
2016-04-10 13:24 - 2016-04-10 04:57 - 00048744 _____ (StdLib) C:\WINDOWS\system32\Drivers\{f2dc76ff-8604-4585-8824-8df11d37bd06}Gw64.sys
2016-04-10 13:23 - 2016-04-10 04:04 - 00048744 _____ (StdLib) C:\WINDOWS\system32\Drivers\{fc3cdbfe-8a8e-406c-954a-8cb7370cfc8e}Gw64.sys
2016-04-10 13:22 - 2016-04-14 20:51 - 00000000 ____D C:\Program Files (x86)\Oasis Space
2016-04-10 13:21 - 2016-04-14 21:08 - 00000000 ____D C:\Users\Caroline\AppData\Local\dply_en_015020294
2016-04-10 13:21 - 2016-04-14 20:54 - 00000000 ____D C:\Program Files (x86)\Checked List
2016-04-10 13:21 - 2016-04-11 10:17 - 00004402 _____ C:\WINDOWS\System32\Tasks\SMW_UpdateTask_Time_3431393738342d344a414155342a2a236c6c5a
2016-04-10 13:21 - 2016-04-10 13:21 - 00000000 ____D C:\Users\Caroline\AppData\Roaming\SpringFiles
2016-04-10 13:21 - 2016-04-10 13:21 - 00000000 ____D C:\Users\Caroline\AppData\Local\csdi_monetize_120160408
2016-04-10 13:21 - 2016-04-10 13:21 - 00000000 ____D C:\ProgramData\SearchModule
2016-04-10 13:21 - 2016-04-10 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\SrpnFiles
2016-04-10 13:21 - 2016-04-10 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DESKTOPPLAY
2016-04-10 13:21 - 2016-04-10 13:21 - 00000000 ____D C:\ProgramData\b9bc5e5f-3757-0
2016-04-10 13:21 - 2016-04-10 13:21 - 00000000 ____D C:\ProgramData\b9bc5e5f-36f3-1
2016-04-10 13:21 - 2016-04-10 13:21 - 00000000 ____D C:\Program Files\Common Files\Soobzo
2016-04-10 13:21 - 2016-04-10 13:21 - 00000000 ____D C:\Program Files (x86)\dply_en_015020294
2016-04-10 13:20 - 2016-04-11 10:17 - 00271872 _____ C:\ProgramData\smp2.exe
2016-04-10 13:20 - 2016-04-11 10:17 - 00004242 _____ C:\WINDOWS\System32\Tasks\SMW_P
2016-04-10 13:20 - 2016-04-10 13:20 - 00026420 _____ C:\WINDOWS\System32\Tasks\DNSWILLISTON
2016-04-10 13:20 - 2016-04-10 13:20 - 00003840 _____ C:\WINDOWS\System32\Tasks\DNS Monitoring
2016-04-10 13:20 - 2016-04-10 13:20 - 00000000 ____D C:\ProgramData\131dbb3d-1777-0
2016-04-10 13:20 - 2016-04-10 13:20 - 00000000 ____D C:\ProgramData\131dbb3d-07e7-1
2016-04-10 13:20 - 2016-04-10 13:20 - 00000000 ____D C:\Program Files (x86)\DNS Unlocker
2016-04-10 01:40 - 2016-04-10 13:38 - 00065856 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\cherimoya.sys
2016-04-06 14:09 - 2016-04-06 14:09 - 00694272 _____ C:\WINDOWS\system32\bi.exe
2015-11-11 16:35 - 2015-11-11 16:35 - 0371704 _____ () C:\Program Files\setup.exe
2016-04-14 21:07 - 2016-04-14 21:07 - 6494208 _____ () C:\Users\Caroline\AppData\Roaming\agent.dat
2016-04-14 21:07 - 2016-04-14 21:07 - 0054272 _____ () C:\Users\Caroline\AppData\Roaming\ApplicationHosting.dat
2016-04-14 21:07 - 2016-04-14 21:05 - 1200128 _____ () C:\Users\Caroline\AppData\Roaming\Bamity.exe
2016-04-14 21:07 - 2016-04-14 21:07 - 0072717 _____ () C:\Users\Caroline\AppData\Roaming\Bamity.tst
2016-04-14 21:07 - 2016-04-14 21:07 - 0065568 _____ () C:\Users\Caroline\AppData\Roaming\Config.xml
2016-04-14 21:07 - 2016-04-14 21:05 - 1200128 _____ () C:\Users\Caroline\AppData\Roaming\Consoft.exe
2016-04-14 21:07 - 2016-04-14 21:07 - 1626777 _____ () C:\Users\Caroline\AppData\Roaming\Consoft.tst
2016-04-14 21:06 - 2016-04-14 21:06 - 0848437 _____ () C:\Users\Caroline\AppData\Roaming\Daltzap.bin
2016-04-14 21:05 - 2016-04-14 21:05 - 0258813 _____ () C:\Users\Caroline\AppData\Roaming\inst.lat
2016-04-14 21:05 - 2016-04-14 21:06 - 0016992 _____ () C:\Users\Caroline\AppData\Roaming\InstallationConfiguration.xml
2016-04-14 21:05 - 2016-04-14 21:05 - 0127488 _____ () C:\Users\Caroline\AppData\Roaming\Installer.dat
2016-04-14 21:07 - 2016-04-14 21:07 - 0189558 _____ () C:\Users\Caroline\AppData\Roaming\Lamex.bin
2016-04-14 21:07 - 2016-04-14 21:07 - 0126464 _____ () C:\Users\Caroline\AppData\Roaming\lobby.dat
2016-04-14 21:07 - 2016-04-14 21:07 - 0018432 _____ () C:\Users\Caroline\AppData\Roaming\Main.dat
2016-04-14 21:07 - 2016-04-14 21:07 - 0005568 _____ () C:\Users\Caroline\AppData\Roaming\md.xml
2016-04-14 21:07 - 2016-04-14 21:07 - 0126464 _____ () C:\Users\Caroline\AppData\Roaming\noah.dat
2016-04-14 21:08 - 2016-04-14 21:08 - 0001150 _____ () C:\Users\Caroline\AppData\Roaming\uninstall_temp.ico
2016-04-14 21:08 - 2016-04-14 21:08 - 0041472 _____ () C:\Users\Caroline\AppData\Local\Statlux.dat
2016-04-14 21:08 - 2016-04-14 21:08 - 0028160 _____ () C:\Users\Caroline\AppData\Local\Statlux.exe
2016-04-14 21:08 - 2016-04-14 21:08 - 0000187 _____ () C:\Users\Caroline\AppData\Local\Statlux.exe.config
2014-11-19 16:39 - 2014-11-19 16:39 - 0000000 _____ () C:\Users\Caroline\AppData\Local\Temptable.xml
2016-04-10 13:20 - 2016-04-11 10:17 - 0271872 _____ () C:\ProgramData\smp2.exe
C:\Program Files (x86)\MPC Cleaner
C:\Users\Caroline\AppData\Local\brsrv
C:\Program Files (x86)\DDB727A0-1460291042-11E2-824E-30F9EDC4D4EB
C:\Users\Caroline\AppData\Roaming\Reofh
C:\Program Files (x86)\CleanBrowser
C:\Users\Caroline\AppData\Local\dply_en_015020294
C:\ProgramData\FlashBeat
C:\Program Files (x86)\rec_gb_247
C:\ProgramData\Ronzap
C:\Users\Caroline\AppData\Local\Statlux.exe
C:\Program Files (x86)\DNS Unlocker
C:\Program Files\Common Files\Soobzo
C:\Users\Caroline\AppData\Local\DDB727A0-1460669759-11E2-824E-30F9EDC4D4EB
C:\Windows\Temp\BC4D.tmp
C:\ProgramData\Uurxreumruw
C:\Program Files (x86)\SearchProtect
C:\Program Files (x86)\Max Driver Updater
C:\Users\Caroline\AppData\Roaming\cpuminer
C:\WINDOWS\run.vbs
C:\WINDOWS\system32\zdengine64.dll
C:\WINDOWS\SysWOW64\zdengine.dll
C:\Program Files (x86)\Oasis Space
C:\Program Files (x86)\Checked List
C:\Program Files\McAfeeEx
C:\Program Files (x86)\McAfee
C:\ProgramData\Appverifier
C:\Program Files (x86)\SpeedSearchesbnd
C:\ProgramData\IseTPBjVl
C:\Program Files\Common Files\Soobzo
C:\Users\Caroline\AppData\Roaming\LumdEpuyatv
C:\Program Files (x86)\QuickSearch
C:\WINDOWS\system32\drivers\bsdriver.sys
C:\Windows\System32\drivers\{8fd16984-f872-41a4-8820-246c3230d450}Gw64.sys
C:\Windows\System32\drivers\{dfdc7730-be9e-4dcb-ac28-14383da4b8a3}Gw64.sys 
C:\Windows\System32\drivers\{f2dc76ff-8604-4585-8824-8df11d37bd06}Gw64.sys
C:\Windows\System32\drivers\{fc3cdbfe-8a8e-406c-954a-8cb7370cfc8e}Gw64.sys
Task: {0040746B-E290-4C92-8CC2-B0CF9D60285A} - System32\Tasks\DNS Monitoring => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~2\DNSUNL~1\DNSMON~1.DLL" <==== ATTENTION
Task: {1D4231D8-685A-47B3-BD70-BFCC59E8B582} - System32\Tasks\Ootocm => C:\PROGRA~1\Mespem\Egihb.bat
Task: {20B38221-0014-4129-A168-E73866D39822} - System32\Tasks\psv_Goldentone => /c regedit.exe /s "C:\ProgramData\Ronzap\Superlab.reg" &amp; del "C:\ProgramData\Ronzap\Superlab.reg" &amp; SCHTASKS /Delete /TN "psv_Goldentone" /F <==== ATTENTION
Task: {20BD2F60-F469-4B3A-9C92-859FD5B56811} - System32\Tasks\Uurxreumruw => C:\ProgramData\Uurxreumruw\1.0.7.1\oxeeawaa.exe [2016-04-10] ()
Task: {32C0D955-597C-4DD2-991E-272DCDF6D00E} - System32\Tasks\snf => C:\ProgramData\Ronzap\Ronzap.exe [2016-04-14] () <==== ATTENTION
Task: {390DF9F1-BD47-4CB8-BF2E-F0105FD697F9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3F1A5612-7BF7-494F-B106-53C0A1A7A76E} - System32\Tasks\DNSWILLISTON => C:\Program Files (x86)\DNS Unlocker\dnswilliston.exe [2016-03-01] () <==== ATTENTION
Task: {4802332D-6244-4572-9A64-7ECBEF1769B8} - System32\Tasks\snp => C:\ProgramData\Ronzap\Ronzap.exe [2016-04-14] () <==== ATTENTION
Task: {49DE2610-87BD-4580-95A1-251E68A1518B} - System32\Tasks\WinTsks => C:\Program Files (x86)\WinTsks\WinTsks\WinTsks.exe [2016-04-09] () <==== ATTENTION
Task: {54DCDF9B-4965-43F6-B170-31978F2D7E95} - System32\Tasks\FYJHMJXE1 => C:\ProgramData\TomorrowGames\TomorrowGames.exe [2016-03-30] (TomorrowGames) <==== ATTENTION
Task: {54FC6816-57C0-4164-ACC3-60E4A712B63A} - System32\Tasks\runTask => C:\Users\Caroline\AppData\Local\Temp/Updater.exe
Task: {5C5AA52F-4F6F-4234-98B3-EBF639DE6A8E} - System32\Tasks\kze3024 => C:\Program Files (x86)\QuickSearch\kze3024.exe <==== ATTENTION
Task: {5EA66C6A-24D8-4927-969B-4BF80FE4ABE1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {64B3F8D6-DB2B-47D8-B536-BE3A2D21222F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {682F1402-FE24-4B3A-AE20-4D2CBEF919AD} - System32\Tasks\YPBXJRASSJNPNGFR => C:\ProgramData\Service1291\Service1291.exe [2016-04-10] () <==== ATTENTION
Task: {7E403F81-11E4-48DE-9845-C7FEFEBB964D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {829A0D03-45BF-4F35-BF30-9D7304CDD169} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {88EC4727-D281-4593-9920-FE018CDDFE69} - System32\Tasks\{95530276-13B0-4CDE-852F-1EADDC5B099F} => pcalua.exe -a "C:\Program Files (x86)\Max Driver Updater\uninstaller.exe"
Task: {8F385A2B-FBA6-4147-88D9-66E33492E8B9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {937FBE2B-6A94-47AE-9A36-C46D780FDCF8} - System32\Tasks\PCBRFPTQWUBWXJMS => C:\ProgramData\Service1104\Service1104.exe [2016-04-10] () <==== ATTENTION
Task: {96E3650D-E9DA-4A7F-8D40-C1E76FE55AF9} - System32\Tasks\updateTask => c:\task.vbs [2016-04-10] ()
Task: {9969C594-6DC4-40C4-8448-B3540A6F709E} - System32\Tasks\psv_Fixqvolight => /c regedit.exe /s "C:\ProgramData\Ronzap\DuoOvefax.reg" &amp; del "C:\ProgramData\Ronzap\DuoOvefax.reg" &amp; SCHTASKS /Delete /TN "psv_Fixqvolight" /F <==== ATTENTION
Task: {A347C45E-BE26-4431-A904-9548E07BDA6B} - System32\Tasks\SMW_UpdateTask_Time_3431393738342d344a414155342a2a236c6c5a => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {B5413CCF-3595-4B89-8D83-C8A0EA58DDC9} - System32\Tasks\bvyvave => C:\Users\Caroline\AppData\Local\bvyvave\bvyvave.exe [2016-04-03] () <==== ATTENTION
Task: {B93DCC03-2707-48AE-97EB-8802A6FE1BB4} - System32\Tasks\IBUpd => C:\Users\Caroline\AppData\Local\BrowserAir\47.0.0.5\updater.exe <==== ATTENTION
Task: {C1CE3D83-12B3-4648-B5FE-341A7EB0D446} - System32\Tasks\KLPAT1 => C:\ProgramData\FlashBeat\FlashBeat.exe [2016-03-29] (FlashBeat) <==== ATTENTION
Task: {C9B5782B-5091-4545-8CF9-F23D3007A6DD} - System32\Tasks\psv_HotTough => /c regedit.exe /s "C:\ProgramData\Ronzap\Volsailing.reg" &amp; del "C:\ProgramData\Ronzap\Volsailing.reg" &amp; SCHTASKS /Delete /TN "psv_HotTough" /F <==== ATTENTION
Task: {CD5DB6BC-869E-420E-8457-480D257F4877} - System32\Tasks\SMW_P => C:\ProgramData\smp2.exe [2016-04-11] () <==== ATTENTION
Task: {CF684CBF-DED1-4A64-805B-1BB0DF297282} - System32\Tasks\IBUpd2 => C:\Users\Caroline\AppData\Local\BrowserAir\47.0.0.5\updater.exe <==== ATTENTION
Task: {D05BA2A6-FACF-491B-9F75-17DBF7923B4B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {DD4A92B8-EAAA-4F71-A72A-C72CF2051762} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E8B8B4C5-A286-4A9F-A414-9CE50335A343} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {EA2D070E-C88E-4B4E-B056-D9A1641DA7AD} - System32\Tasks\Advanced PC-Care_Logon => C:\Program Files\Advanced PC-Care\apc.exe [2016-04-04] (Advancedpccare.net)
Task: {F27EB141-0CBF-4BEB-BAAD-2C333E546671} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FD254CBD-0B7F-4EEE-9D75-4CEFAD2C967C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\FYJHMJXE1.job => C:\ProgramData\TomorrowGames\TomorrowGames.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\KLPAT1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PCBRFPTQWUBWXJMS.job => C:\ProgramData\Service1104\Service1104.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\YPBXJRASSJNPNGFR.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
ShortcutWithArgument: C:\Users\Caroline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1460290689&a=1003081&src=sh&uuid=e19ba70c-2273-405a-88a0-2cfda6261bec"
ShortcutWithArgument: C:\Users\Caroline\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\SpeedSearchesbnd\ShortCccBoost.exe () -> %SNP%
ShortcutWithArgument: C:\Users\Caroline\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\Caroline\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\SpeedSearchesbnd\ShortCccBoost.exe () -> %SNP%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\Users\Public\Desktop\Play Games.lnk -> C:\Windows\System32\LaunchWinApp.exe (Microsoft Corporation) -> hxxp://www.gumigun.com/
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"
 Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON 
CMD: ipconfig /flushdns 
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt 
CMD: ipconfig /release
CMD: ipconfig /renew 
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
cmd: sfc /scanfile=C:\Windows\system32\dnsapi.dll
cmd: sfc /scanfile=C:\Windows\SysWOW64\dnsapi.dll
EmptyTemp: 
CMD: bitsadmin /reset /allusers

*****************

Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\IDSCCOMZ22 => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\cpuminer => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\dply_en_015020294 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\rec_gb_247 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_en_037050293 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\updply_en_015020294.exe => value removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => value restored successfully
HKU\S-1-5-21-219877153-197691950-3609309316-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll" => Value data not found.
" C:\ProgramData\Ronzap\Zundintom.dll" => Value data not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll" => Value data not found.
" C:\ProgramData\Ronzap\Quotecof.dll" => Value data not found.
HKU\S-1-5-21-219877153-197691950-3609309316-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000017" => key removed successfully
HKU\S-1-5-21-219877153-197691950-3609309316-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-219877153-197691950-3609309316-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-219877153-197691950-3609309316-1001\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch" => key removed successfully
HKCR\Wow6432Node\CLSID\ielnksrch => key not found. 
HKU\S-1-5-21-219877153-197691950-3609309316-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-219877153-197691950-3609309316-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}" => key removed successfully
HKCR\CLSID\{ielnksrch} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{567dbf58-4713-45f4-a623-e7b41f898209}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{567dbf58-4713-45f4-a623-e7b41f898209}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7ff0f7e7-8b1e-4e90-8bd5-f60cfdd71ecc}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{7ff0f7e7-8b1e-4e90-8bd5-f60cfdd71ecc}" => key removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Parental Controls.lnk => moved successfully
C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe => moved successfully
"HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10" => key removed successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value removed successfully
AppVerifier => service removed successfully
Bejfhojia => Unable to stop service.
Bejfhojia => service removed successfully
brsrv => Unable to stop service.
brsrv => service removed successfully
BugreportW => service removed successfully
CltMngSvc => Unable to stop service.
CltMngSvc => service removed successfully
mfeicfcoreocp => service removed successfully
MPCProtectService => Unable to stop service.
MPCProtectService => service could not remove
nowuedctep => Unable to stop service.
nowuedctep => service removed successfully
rihelecezbt => service not found.
rijufoze => Unable to stop service.
rijufoze => service removed successfully
rocufyky => Unable to stop service.
rocufyky => service removed successfully
Ronzap => Unable to stop service.
Ronzap => service removed successfully
rsYVIpYm => service removed successfully
SMUpd => Unable to stop service.
SMUpd => service removed successfully
Update Checked List => service removed successfully
Util Checked List => service removed successfully
Util Oasis Space => service removed successfully
Update Oasis Space => service removed successfully
zigipyro => Unable to stop service.
zigipyro => service removed successfully
Iapisni => service removed successfully
zdengine => service removed successfully
bsdriver => Unable to stop service.
bsdriver => service could not remove
HipShieldK => service removed successfully
mferkdet => service removed successfully
MPCKpt => Unable to stop service.
MPCKpt => service could not remove
zdwfp => Unable to stop service.
zdwfp => service removed successfully
{8fd16984-f872-41a4-8820-246c3230d450}Gw64 => Unable to stop service.
{8fd16984-f872-41a4-8820-246c3230d450}Gw64 => service removed successfully
{dfdc7730-be9e-4dcb-ac28-14383da4b8a3}Gw64 => Unable to stop service.
{dfdc7730-be9e-4dcb-ac28-14383da4b8a3}Gw64 => service removed successfully
{f2dc76ff-8604-4585-8824-8df11d37bd06}Gw64 => Unable to stop service.
{f2dc76ff-8604-4585-8824-8df11d37bd06}Gw64 => service removed successfully
{fc3cdbfe-8a8e-406c-954a-8cb7370cfc8e}Gw64 => Unable to stop service.
{fc3cdbfe-8a8e-406c-954a-8cb7370cfc8e}Gw64 => service removed successfully

"C:\Program Files (x86)\SearchProtect" folder move:

Could not move "C:\Program Files (x86)\SearchProtect" => Scheduled to move on reboot.


"C:\Users\Caroline\AppData\Local\SearchProtect" folder move:

Could not move "C:\Users\Caroline\AppData\Local\SearchProtect" => Scheduled to move on reboot.

C:\Users\Caroline\AppData\Local\DDB727A0-1460669759-11E2-824E-30F9EDC4D4EB => moved successfully
C:\Users\Caroline\AppData\Local\Statlux.dat => moved successfully
C:\Users\Caroline\AppData\Local\Statlux.exe => moved successfully
C:\WINDOWS\SysWOW64\findit.xml => moved successfully
C:\Users\Caroline\AppData\Local\Statlux.exe.config => moved successfully
C:\ProgramData\Ronzaps => moved successfully

"C:\ProgramData\Ronzap" folder move:

Could not move "C:\ProgramData\Ronzap" => Scheduled to move on reboot.

C:\Users\Caroline\AppData\Roaming\agent.dat => moved successfully
C:\Users\Caroline\AppData\Roaming\Consoft.tst => moved successfully
C:\Users\Caroline\AppData\Roaming\Lamex.bin => moved successfully
C:\Users\Caroline\AppData\Roaming\noah.dat => moved successfully
C:\Users\Caroline\AppData\Roaming\lobby.dat => moved successfully
C:\Users\Caroline\AppData\Roaming\Bamity.tst => moved successfully
C:\Users\Caroline\AppData\Roaming\Config.xml => moved successfully
C:\Users\Caroline\AppData\Roaming\ApplicationHosting.dat => moved successfully
C:\Users\Caroline\AppData\Roaming\Main.dat => moved successfully
C:\Users\Caroline\AppData\Roaming\Consoft.exe => moved successfully
C:\Users\Caroline\AppData\Roaming\Bamity.exe => moved successfully
C:\Users\Caroline\AppData\Roaming\Daltzap.bin => moved successfully
C:\Users\Caroline\AppData\Roaming\InstallationConfiguration.xml => moved successfully
C:\Users\Caroline\AppData\Roaming\inst.lat => moved successfully
C:\Users\Caroline\AppData\Roaming\Installer.dat => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC => moved successfully
C:\Users\Caroline\AppData\Roaming\md.xml => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser.lnk => moved successfully
C:\Users\Public\Desktop\speed browser.lnk => moved successfully
C:\Users\Caroline\AppData\Local\speed browser => moved successfully
C:\Program Files (x86)\speed browser => moved successfully
C:\WINDOWS\System32\Tasks\Advanced PC-Care_Logon => moved successfully
C:\Users\Caroline\AppData\Roaming\Advancedpccare.net => moved successfully
C:\ProgramData\Appverifier => moved successfully
C:\Users\Public\Desktop\Advanced PC-Care.lnk => moved successfully
C:\Users\Caroline\AppData\Roaming\efo => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced PC-Care => moved successfully
C:\ProgramData\advancedpccare.net => moved successfully
C:\Program Files\Advanced PC-Care => moved successfully
C:\WINDOWS\system32\Drivers\{dfdc7730-be9e-4dcb-ac28-14383da4b8a3}Gw64.sys => moved successfully
C:\WINDOWS\system32\Drivers\{8fd16984-f872-41a4-8820-246c3230d450}Gw64.sys => moved successfully
C:\Users\Caroline\Downloads\adobe_flash_setup-15806568.exe => moved successfully
C:\WINDOWS\System32\Tasks\{95530276-13B0-4CDE-852F-1EADDC5B099F} => moved successfully
C:\WINDOWS\System32\Tasks\IBUpd => moved successfully
C:\WINDOWS\System32\Tasks\IBUpd2 => moved successfully
C:\Users\Caroline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserAir => moved successfully
C:\Users\Caroline\AppData\Local\brsrv => moved successfully
C:\ProgramData\Browser => moved successfully
C:\WINDOWS\System32\Tasks\Uurxreumruw => moved successfully
C:\Users\Caroline\AppData\Roaming\MCorp => moved successfully
C:\ProgramData\Uurxreumruw => moved successfully
C:\Users\Caroline\AppData\Local\ZombieNews => moved successfully
C:\ProgramData\IseTPBjVl => moved successfully
C:\Users\Caroline\AppData\Roaming\gplyra => moved successfully
C:\ProgramData\ZombieNews => moved successfully
C:\Users\Public\Desktop\MPC Cleaner.lnk => moved successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
C:\WINDOWS\system32\lat => moved successfully
C:\Users\Caroline\AppData\Local\app => moved successfully
"C:\Users\Caroline\AppData\Local\bvyvave" => not found.
C:\WINDOWS\SysWOW64\zdengineOff.ini => moved successfully
C:\WINDOWS\system32\zdengineOff.ini => moved successfully
"C:\WINDOWS\System32\Tasks\bvyvave" => not found.
C:\WINDOWS\System32\Tasks\runTask => moved successfully
C:\WINDOWS\System32\Tasks\updateTask => moved successfully
C:\WINDOWS\System32\Tasks\kze3024 => moved successfully
C:\task.vbs => moved successfully
C:\WINDOWS\system32\Drivers\zdwfp64.sys => moved successfully
C:\WINDOWS\Tasks\PCBRFPTQWUBWXJMS.job => moved successfully
C:\WINDOWS\Tasks\YPBXJRASSJNPNGFR.job => moved successfully
C:\WINDOWS\Tasks\KLPAT1.job => moved successfully
C:\WINDOWS\Tasks\FYJHMJXE1.job => moved successfully
C:\Users\Caroline\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 => moved successfully

"C:\Program Files (x86)\MPC Cleaner" folder move:

Could not move "C:\Program Files (x86)\MPC Cleaner" => Scheduled to move on reboot.

C:\WINDOWS\system32\zdengine64.dll => moved successfully
C:\WINDOWS\SysWOW64\zdengine.dll => moved successfully
Could not move "C:\WINDOWS\system32\Drivers\MPCKpt.sys" => Scheduled to move on reboot.
C:\WINDOWS\System32\Tasks\WinTsks => moved successfully
C:\WINDOWS\System32\Tasks\YPBXJRASSJNPNGFR => moved successfully
C:\WINDOWS\System32\Tasks\PCBRFPTQWUBWXJMS => moved successfully
C:\WINDOWS\System32\Tasks\Ootocm => moved successfully
C:\WINDOWS\System32\Tasks\FYJHMJXE1 => moved successfully
C:\WINDOWS\System32\Tasks\KLPAT1 => moved successfully
C:\Users\Public\Desktop\Play Games.lnk => moved successfully
C:\Program Files (x86)\WinTsks => moved successfully
C:\Program Files (x86)\WinSvces => moved successfully
C:\extensions => moved successfully
C:\Program Files\Mespem => moved successfully

"C:\ProgramData\TomorrowGames" folder move:

Could not move "C:\ProgramData\TomorrowGames" => Scheduled to move on reboot.


"C:\ProgramData\FlashBeat" folder move:

Could not move "C:\ProgramData\FlashBeat" => Scheduled to move on reboot.

C:\Program Files (x86)\SpeedSearchesbnd => moved successfully
Could not move "C:\WINDOWS\system32\Drivers\bsdriver.sys" => Scheduled to move on reboot.

"C:\Users\Caroline\AppData\Roaming\Reofh" folder move:

Could not move "C:\Users\Caroline\AppData\Roaming\Reofh" => Scheduled to move on reboot.

C:\Users\Caroline\AppData\LocalLow\Company => moved successfully
C:\Users\Caroline\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} => moved successfully
C:\Program Files (x86)\CleanBrowser => moved successfully
C:\ProgramData\Service1291 => moved successfully
C:\ProgramData\Service1104 => moved successfully
C:\ProgramData\28341ff220e0446c9fff27c4493d622e => moved successfully
C:\ProgramData\19a87fa1ec024bbcbb41931263354405 => moved successfully
C:\Users\Caroline\AppData\Local\DDB727A0-1460294904-11E2-824E-30F9EDC4D4EB => moved successfully
C:\Program Files (x86)\DDB727A0-1460291042-11E2-824E-30F9EDC4D4EB => moved successfully
C:\Users\Caroline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage => moved successfully
C:\Users\Caroline\AppData\Roaming\ASPackage => moved successfully
C:\Users\Caroline\AppData\Local\rec_gb_247 => moved successfully
C:\Program Files (x86)\rec_gb_247 => moved successfully
C:\Program Files (x86)\DesktopPlay => moved successfully
C:\WINDOWS\system32\Drivers\{f2dc76ff-8604-4585-8824-8df11d37bd06}Gw64.sys => moved successfully
C:\WINDOWS\system32\Drivers\{fc3cdbfe-8a8e-406c-954a-8cb7370cfc8e}Gw64.sys => moved successfully
C:\Program Files (x86)\Oasis Space => moved successfully
C:\Users\Caroline\AppData\Local\dply_en_015020294 => moved successfully
C:\Program Files (x86)\Checked List => moved successfully
C:\WINDOWS\System32\Tasks\SMW_UpdateTask_Time_3431393738342d344a414155342a2a236c6c5a => moved successfully
C:\Users\Caroline\AppData\Roaming\SpringFiles => moved successfully
C:\Users\Caroline\AppData\Local\csdi_monetize_120160408 => moved successfully
C:\ProgramData\SearchModule => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\SrpnFiles => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DESKTOPPLAY => moved successfully
C:\ProgramData\b9bc5e5f-3757-0 => moved successfully
C:\ProgramData\b9bc5e5f-36f3-1 => moved successfully
C:\Program Files\Common Files\Soobzo => moved successfully
C:\Program Files (x86)\dply_en_015020294 => moved successfully
C:\ProgramData\smp2.exe => moved successfully
C:\WINDOWS\System32\Tasks\SMW_P => moved successfully
C:\WINDOWS\System32\Tasks\DNSWILLISTON => moved successfully
C:\WINDOWS\System32\Tasks\DNS Monitoring => moved successfully
C:\ProgramData\131dbb3d-1777-0 => moved successfully
C:\ProgramData\131dbb3d-07e7-1 => moved successfully

"C:\Program Files (x86)\DNS Unlocker" folder move:

Could not move "C:\Program Files (x86)\DNS Unlocker" => Scheduled to move on reboot.

Could not move "C:\WINDOWS\system32\Drivers\cherimoya.sys" => Scheduled to move on reboot.
C:\WINDOWS\system32\bi.exe => moved successfully
C:\Program Files\setup.exe => moved successfully
"C:\Users\Caroline\AppData\Roaming\agent.dat" => not found.
"C:\Users\Caroline\AppData\Roaming\ApplicationHosting.dat" => not found.
"C:\Users\Caroline\AppData\Roaming\Bamity.exe" => not found.
"C:\Users\Caroline\AppData\Roaming\Bamity.tst" => not found.
"C:\Users\Caroline\AppData\Roaming\Config.xml" => not found.
"C:\Users\Caroline\AppData\Roaming\Consoft.exe" => not found.
"C:\Users\Caroline\AppData\Roaming\Consoft.tst" => not found.
"C:\Users\Caroline\AppData\Roaming\Daltzap.bin" => not found.
"C:\Users\Caroline\AppData\Roaming\inst.lat" => not found.
"C:\Users\Caroline\AppData\Roaming\InstallationConfiguration.xml" => not found.
"C:\Users\Caroline\AppData\Roaming\Installer.dat" => not found.
"C:\Users\Caroline\AppData\Roaming\Lamex.bin" => not found.
"C:\Users\Caroline\AppData\Roaming\lobby.dat" => not found.
"C:\Users\Caroline\AppData\Roaming\Main.dat" => not found.
"C:\Users\Caroline\AppData\Roaming\md.xml" => not found.
"C:\Users\Caroline\AppData\Roaming\noah.dat" => not found.
C:\Users\Caroline\AppData\Roaming\uninstall_temp.ico => moved successfully
"C:\Users\Caroline\AppData\Local\Statlux.dat" => not found.
"C:\Users\Caroline\AppData\Local\Statlux.exe" => not found.
"C:\Users\Caroline\AppData\Local\Statlux.exe.config" => not found.
C:\Users\Caroline\AppData\Local\Temptable.xml => moved successfully
"C:\ProgramData\smp2.exe" => not found.

"C:\Program Files (x86)\MPC Cleaner" folder move:

Could not move "C:\Program Files (x86)\MPC Cleaner" => Scheduled to move on reboot.

"C:\Users\Caroline\AppData\Local\brsrv" => not found.
"C:\Program Files (x86)\DDB727A0-1460291042-11E2-824E-30F9EDC4D4EB" => not found.

"C:\Users\Caroline\AppData\Roaming\Reofh" folder move:

Could not move "C:\Users\Caroline\AppData\Roaming\Reofh" => Scheduled to move on reboot.

"C:\Program Files (x86)\CleanBrowser" => not found.
"C:\Users\Caroline\AppData\Local\dply_en_015020294" => not found.

"C:\ProgramData\FlashBeat" folder move:

Could not move "C:\ProgramData\FlashBeat" => Scheduled to move on reboot.

"C:\Program Files (x86)\rec_gb_247" => not found.

"C:\ProgramData\Ronzap" folder move:

Could not move "C:\ProgramData\Ronzap" => Scheduled to move on reboot.

"C:\Users\Caroline\AppData\Local\Statlux.exe" => not found.

"C:\Program Files (x86)\DNS Unlocker" folder move:

Could not move "C:\Program Files (x86)\DNS Unlocker" => Scheduled to move on reboot.

"C:\Program Files\Common Files\Soobzo" => not found.
"C:\Users\Caroline\AppData\Local\DDB727A0-1460669759-11E2-824E-30F9EDC4D4EB" => not found.
"C:\Windows\Temp\BC4D.tmp" => not found.
"C:\ProgramData\Uurxreumruw" => not found.

"C:\Program Files (x86)\SearchProtect" folder move:

Could not move "C:\Program Files (x86)\SearchProtect" => Scheduled to move on reboot.

"C:\Program Files (x86)\Max Driver Updater" => not found.
"C:\Users\Caroline\AppData\Roaming\cpuminer" => not found.
C:\WINDOWS\run.vbs => moved successfully
"C:\WINDOWS\system32\zdengine64.dll" => not found.
"C:\WINDOWS\SysWOW64\zdengine.dll" => not found.
"C:\Program Files (x86)\Oasis Space" => not found.
"C:\Program Files (x86)\Checked List" => not found.
C:\Program Files\McAfeeEx => moved successfully
"C:\Program Files (x86)\McAfee" => not found.
"C:\ProgramData\Appverifier" => not found.
"C:\Program Files (x86)\SpeedSearchesbnd" => not found.
"C:\ProgramData\IseTPBjVl" => not found.
"C:\Program Files\Common Files\Soobzo" => not found.
"C:\Users\Caroline\AppData\Roaming\LumdEpuyatv" => not found.
"C:\Program Files (x86)\QuickSearch" => not found.
Could not move "C:\WINDOWS\system32\drivers\bsdriver.sys" => Scheduled to move on reboot.
"C:\Windows\System32\drivers\{8fd16984-f872-41a4-8820-246c3230d450}Gw64.sys" => not found.
"C:\Windows\System32\drivers\{dfdc7730-be9e-4dcb-ac28-14383da4b8a3}Gw64.sys" => not found.
"C:\Windows\System32\drivers\{f2dc76ff-8604-4585-8824-8df11d37bd06}Gw64.sys" => not found.
"C:\Windows\System32\drivers\{fc3cdbfe-8a8e-406c-954a-8cb7370cfc8e}Gw64.sys" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0040746B-E290-4C92-8CC2-B0CF9D60285A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0040746B-E290-4C92-8CC2-B0CF9D60285A}" => key removed successfully
C:\WINDOWS\System32\Tasks\DNS Monitoring => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DNS Monitoring" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D4231D8-685A-47B3-BD70-BFCC59E8B582}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D4231D8-685A-47B3-BD70-BFCC59E8B582}" => key removed successfully
C:\WINDOWS\System32\Tasks\Ootocm => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ootocm" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20B38221-0014-4129-A168-E73866D39822} => key not found. 
C:\WINDOWS\System32\Tasks\psv_Goldentone => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\psv_Goldentone => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{20BD2F60-F469-4B3A-9C92-859FD5B56811}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20BD2F60-F469-4B3A-9C92-859FD5B56811}" => key removed successfully
C:\WINDOWS\System32\Tasks\Uurxreumruw => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uurxreumruw" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32C0D955-597C-4DD2-991E-272DCDF6D00E} => key not found. 
C:\WINDOWS\System32\Tasks\snf => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\snf => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{390DF9F1-BD47-4CB8-BF2E-F0105FD697F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{390DF9F1-BD47-4CB8-BF2E-F0105FD697F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3F1A5612-7BF7-494F-B106-53C0A1A7A76E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F1A5612-7BF7-494F-B106-53C0A1A7A76E}" => key removed successfully
C:\WINDOWS\System32\Tasks\DNSWILLISTON => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DNSWILLISTON" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4802332D-6244-4572-9A64-7ECBEF1769B8} => key not found. 
C:\WINDOWS\System32\Tasks\snp => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\snp => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49DE2610-87BD-4580-95A1-251E68A1518B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49DE2610-87BD-4580-95A1-251E68A1518B}" => key removed successfully
C:\WINDOWS\System32\Tasks\WinTsks => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinTsks" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{54DCDF9B-4965-43F6-B170-31978F2D7E95}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54DCDF9B-4965-43F6-B170-31978F2D7E95}" => key removed successfully
C:\WINDOWS\System32\Tasks\FYJHMJXE1 => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FYJHMJXE1" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54FC6816-57C0-4164-ACC3-60E4A712B63A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54FC6816-57C0-4164-ACC3-60E4A712B63A}" => key removed successfully
C:\WINDOWS\System32\Tasks\runTask => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\runTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C5AA52F-4F6F-4234-98B3-EBF639DE6A8E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C5AA52F-4F6F-4234-98B3-EBF639DE6A8E}" => key removed successfully
C:\WINDOWS\System32\Tasks\kze3024 => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\kze3024" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5EA66C6A-24D8-4927-969B-4BF80FE4ABE1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EA66C6A-24D8-4927-969B-4BF80FE4ABE1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64B3F8D6-DB2B-47D8-B536-BE3A2D21222F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64B3F8D6-DB2B-47D8-B536-BE3A2D21222F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{682F1402-FE24-4B3A-AE20-4D2CBEF919AD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{682F1402-FE24-4B3A-AE20-4D2CBEF919AD}" => key removed successfully
C:\WINDOWS\System32\Tasks\YPBXJRASSJNPNGFR => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YPBXJRASSJNPNGFR" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7E403F81-11E4-48DE-9845-C7FEFEBB964D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E403F81-11E4-48DE-9845-C7FEFEBB964D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{829A0D03-45BF-4F35-BF30-9D7304CDD169}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{829A0D03-45BF-4F35-BF30-9D7304CDD169}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88EC4727-D281-4593-9920-FE018CDDFE69}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88EC4727-D281-4593-9920-FE018CDDFE69}" => key removed successfully
C:\WINDOWS\System32\Tasks\{95530276-13B0-4CDE-852F-1EADDC5B099F} => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{95530276-13B0-4CDE-852F-1EADDC5B099F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F385A2B-FBA6-4147-88D9-66E33492E8B9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F385A2B-FBA6-4147-88D9-66E33492E8B9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{937FBE2B-6A94-47AE-9A36-C46D780FDCF8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{937FBE2B-6A94-47AE-9A36-C46D780FDCF8}" => key removed successfully
C:\WINDOWS\System32\Tasks\PCBRFPTQWUBWXJMS => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCBRFPTQWUBWXJMS" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96E3650D-E9DA-4A7F-8D40-C1E76FE55AF9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96E3650D-E9DA-4A7F-8D40-C1E76FE55AF9}" => key removed successfully
C:\WINDOWS\System32\Tasks\updateTask => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\updateTask" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9969C594-6DC4-40C4-8448-B3540A6F709E} => key not found. 
C:\WINDOWS\System32\Tasks\psv_Fixqvolight => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\psv_Fixqvolight => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A347C45E-BE26-4431-A904-9548E07BDA6B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A347C45E-BE26-4431-A904-9548E07BDA6B}" => key removed successfully
C:\WINDOWS\System32\Tasks\SMW_UpdateTask_Time_3431393738342d344a414155342a2a236c6c5a => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_UpdateTask_Time_3431393738342d344a414155342a2a236c6c5a" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5413CCF-3595-4B89-8D83-C8A0EA58DDC9} => key not found. 
C:\WINDOWS\System32\Tasks\bvyvave => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bvyvave => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B93DCC03-2707-48AE-97EB-8802A6FE1BB4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B93DCC03-2707-48AE-97EB-8802A6FE1BB4}" => key removed successfully
C:\WINDOWS\System32\Tasks\IBUpd => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IBUpd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C1CE3D83-12B3-4648-B5FE-341A7EB0D446}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1CE3D83-12B3-4648-B5FE-341A7EB0D446}" => key removed successfully
C:\WINDOWS\System32\Tasks\KLPAT1 => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KLPAT1" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9B5782B-5091-4545-8CF9-F23D3007A6DD} => key not found. 
C:\WINDOWS\System32\Tasks\psv_HotTough => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\psv_HotTough => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CD5DB6BC-869E-420E-8457-480D257F4877}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD5DB6BC-869E-420E-8457-480D257F4877}" => key removed successfully
C:\WINDOWS\System32\Tasks\SMW_P => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_P" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CF684CBF-DED1-4A64-805B-1BB0DF297282}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF684CBF-DED1-4A64-805B-1BB0DF297282}" => key removed successfully
C:\WINDOWS\System32\Tasks\IBUpd2 => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IBUpd2" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D05BA2A6-FACF-491B-9F75-17DBF7923B4B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D05BA2A6-FACF-491B-9F75-17DBF7923B4B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DD4A92B8-EAAA-4F71-A72A-C72CF2051762}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD4A92B8-EAAA-4F71-A72A-C72CF2051762}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8B8B4C5-A286-4A9F-A414-9CE50335A343}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8B8B4C5-A286-4A9F-A414-9CE50335A343}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EA2D070E-C88E-4B4E-B056-D9A1641DA7AD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA2D070E-C88E-4B4E-B056-D9A1641DA7AD}" => key removed successfully
C:\WINDOWS\System32\Tasks\Advanced PC-Care_Logon => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced PC-Care_Logon" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F27EB141-0CBF-4BEB-BAAD-2C333E546671}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F27EB141-0CBF-4BEB-BAAD-2C333E546671}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD254CBD-0B7F-4EEE-9D75-4CEFAD2C967C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD254CBD-0B7F-4EEE-9D75-4CEFAD2C967C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
C:\WINDOWS\Tasks\FYJHMJXE1.job => not found.
C:\WINDOWS\Tasks\KLPAT1.job => not found.
C:\WINDOWS\Tasks\PCBRFPTQWUBWXJMS.job => not found.
C:\WINDOWS\Tasks\YPBXJRASSJNPNGFR.job => not found.
C:\Users\Caroline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk => Shortcut argument removed successfully.
C:\Users\Caroline\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Shortcut argument removed successfully.
C:\Users\Caroline\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Shortcut argument removed successfully.
C:\Users\Caroline\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Shortcut argument removed successfully.
C:\Users\Public\Desktop\Play Games.lnk => not found.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\zdengine" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\zdwfp" => key removed successfully

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.


========= End of Reg: =========


========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.


========= End of Reg: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-219877153-197691950-3609309316-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value removed successfully
HKU\S-1-5-21-219877153-197691950-3609309316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-219877153-197691950-3609309316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========


=========  netsh advfirewall reset =========

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107
Ok.


========= End of CMD: =========


=========  netsh advfirewall set allprofiles state ON =========

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107
Ok.


========= End of CMD: =========


=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========  netsh winsock reset catalog =========

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


=========  netsh int ip reset c:\resetlog.txt =========

Resetting Global, OK!
Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


=========  ipconfig /release =========


Windows IP Configuration

No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 11 while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

Wireless LAN adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::38fd:7f28:ebdd:bb10%5
   Default Gateway . . . . . . . . . : 

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

========= End of CMD: =========


=========  ipconfig /renew =========


Windows IP Configuration

No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 11 while it has its media disconnected.
An error occurred while renewing interface Wi-Fi : The operation was canceled by the user.
 
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.

========= End of CMD: =========


=========  netsh int ipv4 reset =========

Resetting , failed.
Access is denied.

There's no user specified settings to be reset.


========= End of CMD: =========


=========  netsh int ipv6 reset =========

Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


=========  sfc /scanfile=C:\Windows\system32\dnsapi.dll =========

 
   
 W i n d o w s   R e s o u r c e   P r o t e c t i o n   f o u n d   c o r r u p t   f i l e s   a n d   s u c c e s s f u l l y   r e p a i r e d     
 t h e m .   D e t a i l s   a r e   i n c l u d e d   i n   t h e   C B S . L o g   w i n d i r \ L o g s \ C B S \ C B S . l o g .   F o r     
 e x a m p l e   C : \ W i n d o w s \ L o g s \ C B S \ C B S . l o g .   N o t e   t h a t   l o g g i n g   i s   c u r r e n t l y   n o t     
 s u p p o r t e d   i n   o f f l i n e   s e r v i c i n g   s c e n a r i o s .   
   
 T h e   s y s t e m   f i l e   r e p a i r   c h a n g e s   w i l l   t a k e   e f f e c t   a f t e r   t h e   n e x t   r e b o o t .   
 
========= End of CMD: =========


=========  sfc /scanfile=C:\Windows\SysWOW64\dnsapi.dll =========

 
   
 T h e r e   i s   a   s y s t e m   r e p a i r   p e n d i n g   w h i c h   r e q u i r e s   r e b o o t   t o   c o m p l e t e .     R e s t a r t     
 W i n d o w s   a n d   r u n   s f c   a g a i n .   
 
========= End of CMD: =========


=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.8.10586 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {C2591C63-2E88-41FF-833D-99BF2BF4C9F8}.
{960A3BCA-5BE9-4662-B38C-BB9FF46F3161} canceled.
{465512F1-20DF-45C1-ADB2-319B8D8F5326} canceled.
{EB713ABA-6527-4DB7-8CFF-BDE1A5D34865} canceled.
{021FB789-39F1-44E4-BF6D-1BF70A1386C6} canceled.
{7E1F4ED4-581C-4A56-8329-721D0B9146A0} canceled.
5 out of 6 jobs canceled.

========= End of CMD: =========


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-04-17 22:08:23)

==> ATTENTION: System is not rebooted.
"C:\Program Files (x86)\SearchProtect" => Could not move
"C:\Users\Caroline\AppData\Local\SearchProtect" => Could not move
"C:\ProgramData\Ronzap" => Could not move
"C:\Program Files (x86)\MPC Cleaner" => Could not move
"C:\WINDOWS\system32\Drivers\MPCKpt.sys" => Could not move
"C:\ProgramData\TomorrowGames" => Could not move
"C:\ProgramData\FlashBeat" => Could not move
"C:\WINDOWS\system32\Drivers\bsdriver.sys" => Could not move
"C:\Users\Caroline\AppData\Roaming\Reofh" => Could not move
"C:\Program Files (x86)\DNS Unlocker" => Could not move
"C:\WINDOWS\system32\Drivers\cherimoya.sys" => Could not move
"C:\Program Files (x86)\MPC Cleaner" => Could not move
"C:\Users\Caroline\AppData\Roaming\Reofh" => Could not move
"C:\ProgramData\FlashBeat" => Could not move
"C:\ProgramData\Ronzap" => Could not move
"C:\Program Files (x86)\DNS Unlocker" => Could not move
"C:\Program Files (x86)\SearchProtect" => Could not move
"C:\WINDOWS\system32\drivers\bsdriver.sys" => Could not move

==== End of Fixlog 22:08:53 ====