Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017 Ran by Holly (17-03-2017 08:04:45) Run:1 Running from C:\Users\Holly\Downloads Loaded Profiles: Holly (Available Profiles: Holly) Boot Mode: Normal ============================================== fixlist content: ***************** HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\...\Run: [JoxeyUxudu] => regsvr32.exe "C:\ProgramData\JoxeyUxudu\QojxeTapog.nko" HKLM-x32\...\Run: [DLLSuite2016] => C:\Program Files (x86)\DLL Suite\DLLSuite.exe ProxyServer: [S-1-5-21-3491399957-4132394281-3865697256-1000] => http=127.0.0.1:12537 GroupPolicyScripts: Restriction <======= ATTENTION GroupPolicyScripts-x32: Restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={7FD07789-7AFB-4ABF-9E98-9A09BA14FFED}&mid=734d7442b75847cd8c0fa5ac05bde478-f51cedec47cacf3a1db5cfbbf1c1f42c9b524c30&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-05-12 19:55:53&v=4.3.7.452&pid=wtu&sg=&sap=hp HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3491399957-4132394281-3865697256-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = SearchScopes: HKU\S-1-5-21-3491399957-4132394281-3865697256-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={7FD07789-7AFB-4ABF-9E98-9A09BA14FFED}&mid=734d7442b75847cd8c0fa5ac05bde478-f51cedec47cacf3a1db5cfbbf1c1f42c9b524c30&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-05-12 19:55:53&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms} BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File Toolbar: HKU\S-1-5-21-3491399957-4132394281-3865697256-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File U3 idsvc; no ImagePath U3 wpcsvc; no ImagePath cmd: type C:\ProgramData\ghkjcghv.log 2015-01-30 12:51 - 2015-02-10 15:05 - 0000000 _____ () C:\Users\Holly\AppData\Local\nnryabvq.log 2015-01-27 20:14 - 2015-01-27 20:14 - 0000000 _____ () C:\Users\Holly\AppData\Local\ogfksojr.log 2015-01-27 20:15 - 2015-01-29 21:59 - 0000000 _____ () C:\Users\Holly\AppData\Local\quohpobk.log 2012-10-10 20:47 - 2012-10-10 20:47 - 0017408 _____ () C:\Users\Holly\AppData\Local\WebpageIcons.db 2015-01-27 20:08 - 2015-01-27 20:08 - 0000064 _____ () C:\ProgramData\ghkjcghv.log CustomCLSID: HKU\S-1-5-21-3491399957-4132394281-3865697256-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\rdpencom.dll => No File <==== ATTENTION CMD: type C:\Users\Holly\AppData\Local\Temp\launchie.vbs Task: {03AB2D45-BD42-499F-B197-0EAC35C702A0} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe Task: {08B4701A-52BB-46ED-8020-C69D4E65D597} - \ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon -> No File <==== ATTENTION Task: {09053192-97D6-472D-8807-2AA5E77CF4E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {0A1DEF39-36BA-43A7-AAA1-AF74118FF18D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION Task: {0CA14F60-87D0-4C32-805F-AEFEC13BC693} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {14602A37-CBD2-43C1-A0FE-17D49F7472EF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe Task: {1E8E6C44-C693-4B0F-97C3-29D831D85293} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe Task: {1EFB70EC-236E-4A48-BAB0-DA05176A8583} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe Task: {28E9D65F-28DB-408E-8ECB-6407A4D612D9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe Task: {32C2E8CC-1E6C-4B45-B400-791C3AC2ECFC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {377CAF9A-D82A-4C53-8FF4-5F98298B890F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe Task: {38AF8E04-6A19-492E-94B3-8628ECF53A78} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {3DC5FBBD-2276-4341-8179-BC2CDD874091} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION Task: {4448929B-213E-44CF-9193-6F05A7DEACB4} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {4C91DD99-4A30-43E5-A3B8-9F9F70A512CE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {4CAF7290-0C81-4D17-AFD3-274AE33EDA09} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe Task: {4EA62D17-948A-4454-BEE4-5BF692E60212} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe Task: {5BA0C3D7-6590-4C24-97D3-E0D903539E06} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {71C287B9-BE84-4C61-A990-39CA642C52A8} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {72B17259-5E8B-4E06-8BFF-34C4247082B5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {769CFCFA-D598-4EE3-BC6B-AA25099D5A49} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION Task: {77242815-18B6-41F8-87E6-C6C18196139F} - \ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d -> No File <==== ATTENTION Task: {797270F1-EB64-46EE-9046-3D55F0F6767C} - \MirageAgent -> No File <==== ATTENTION Task: {79FBF79C-AC73-41EF-B482-DE1122ED77AC} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {7FBF203A-77FE-4377-AB4C-47E1993AB8F7} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION Task: {8630F2A2-7597-4E9F-AEB8-554A592ABFF1} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION Task: {8E28FD27-9B94-4F77-BDB1-ABE4F150EFBC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe Task: {90C00DFC-D2B3-4FB6-8F74-F9E757E4C588} - System32\Tasks\TechUtilities => C:\Program Files\TechUtilities\TechUtilities.exe [2017-01-25] (Seven Servos Software, Pvt Ltd.) Task: {91E02FDE-0C6D-41C8-BCDC-994149CD0AFB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe Task: {9200E954-5008-4289-888C-989FDF4CFE12} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {950BD223-2723-45E2-8946-023B16FD4FCA} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => %SystemRoot%\System32\GWX\GWXUXWorker.exe Task: {96780DD9-B3F3-4D56-A9AF-E174D834754E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe Task: {9EC542EB-0353-4A4F-9FDB-AEDE82883F54} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe Task: {9F4802AB-08C1-4BD1-A0F7-5E778ABB731D} - \CreateChoiceProcessTask -> No File <==== ATTENTION Task: {A68A07DA-D726-4F43-9C23-BECA15DCD170} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {AD5F8642-5E11-4545-A683-89792813F988} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe Task: {B74B4BDB-BCC2-49B3-BC30-778E2A7398E6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe Task: {C474A469-15FE-477D-A418-367D91347D3D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe Task: {C6BB450B-27D2-4C36-A258-5DEAACD4B129} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe Task: {C8E1E41A-722B-48B9-85B2-632A5AAE4481} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION Task: {D8F31D14-198C-4809-AC27-38B73711A2DA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe Task: {DC8ECD79-5A38-4D31-9358-4F826C95CC78} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe Task: {DF886BEB-1784-467B-BC0F-75D6FAB3BF48} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {E266D999-BF25-4F03-B588-5AC7164063C1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {E9AB574A-E83E-41AD-8D9A-6FB6A47E3024} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe Task: {EB36F7EC-F15D-4688-8A71-75091BBB3776} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {EB99F1DA-8069-4BE0-B79E-A17E2C5E362E} - System32\Tasks\4701 => Wscript.exe C:\Users\Holly\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION Task: {F73AD4DB-A9B1-4217-B176-F83FFF9A4C28} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: C:\WINDOWS\Tasks\TechUtilities.job => C:\Program Files\TechUtilities\TechUtilities.exe -t C:\Program Files\TechUtilities\TechUtilities.exe C:\ProgramData\JoxeyUxudu C:\Users\Holly\AppData\Local\qafvynnf FirewallRules: [{9C33170B-2BCE-408D-AC5A-2A564C8C258E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{C1A1668D-0D94-4A6B-A752-D1D5312F1A6D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{07B8719D-5E74-4BC3-97AF-EF5314568E7C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{92543B6D-BF64-4D88-B3DC-918E9F0332C9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{DFF2D37E-DA45-4AD1-BB4C-DB9342FA6A35}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{FFB7D1CD-31EE-4D43-BC70-68070EC6010D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{C574EAD3-5E5A-4730-A4E9-28E1D252C201}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{FA6B7DFB-0C3D-4A80-897D-EDDA7499138D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{E7999DC6-4816-4081-92FB-3A99F4087BD6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{9ABA1007-100B-4D6E-AB46-E0879F68709D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{4646A121-D772-476F-B616-A6C4DE055139}] => (Allow) C:\Windows\System32\dmwu.exe FirewallRules: [{9F821BA3-4324-4A86-ADF2-2A22CF8A56D1}] => (Allow) C:\Windows\System32\dmwu.exe FirewallRules: [{B50C924F-7174-4341-B67B-8F21F3184727}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe FirewallRules: [{18025E02-06DD-48CC-88B2-BA0618FB1ECF}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe FirewallRules: [{CD53AC72-0B06-48BB-8A90-D34D097486C0}] => (Allow) C:\Windows\System32\dmwu.exe FirewallRules: [{A28128E4-3EE0-4116-90D1-0424B1E283A7}] => (Allow) C:\Windows\System32\dmwu.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service FirewallRules: [{39CD686F-DC21-49B8-9DE5-9E7BC229BBDC}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe FirewallRules: [{B4DD64A4-BEC4-4249-A030-CBB8F5264732}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe FirewallRules: [{78BA94A2-D691-41B3-907D-E760B8C389F0}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe FirewallRules: [{DC17A584-0D4D-42ED-91F5-A0D54E3FAE76}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe FirewallRules: [{F1A7B450-18B9-4590-B704-8595CA6F05C4}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe FirewallRules: [{0CD5F2E3-9BF9-42C3-A6CE-478D9B39CF78}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe 2016-10-29 14:32 - 2016-10-29 14:32 - 2892128 _____ (AVG Technologies) C:\Users\Holly\AppData\Local\Temp\avg-5c1bf30f-eaf5-4137-84c4-732e24298521.exe 2017-03-08 01:39 - 2017-03-08 01:39 - 2612600 _____ (Microsoft Corporation) C:\Users\Holly\AppData\Local\Temp\DefaultPack.EXE 2017-03-08 01:06 - 2017-03-08 02:35 - 0000000 _____ () C:\Users\Holly\AppData\Local\Temp\temp~.DLL 2017-03-08 01:06 - 2017-03-08 02:35 - 0000000 _____ () C:\Users\Holly\AppData\Local\Temp\temp~.EXE 2017-03-08 02:17 - 2017-03-08 02:37 - 00000460 _____ C:\WINDOWS\Tasks\TechUtilities.job 2017-03-08 02:17 - 2017-03-08 02:17 - 00003316 _____ C:\WINDOWS\System32\Tasks\TechUtilities 2017-03-08 02:17 - 2017-03-08 02:17 - 00000924 _____ C:\Users\Public\Desktop\TechUtilities.lnk 2017-03-08 02:17 - 2017-03-08 02:17 - 00000000 ____D C:\ProgramData\TechUtilities64 2017-03-08 02:17 - 2017-03-08 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechUtilities 2017-03-08 02:16 - 2017-03-08 02:17 - 00000000 ____D C:\Program Files\TechUtilities 2017-03-08 02:15 - 2017-03-08 02:16 - 02282656 _____ (Seven Servos Software Pvt Ltd. ) C:\Users\Holly\Downloads\TechUtilities_setup_1.9.exe 2017-03-08 02:06 - 2017-03-08 23:10 - 00000000 ____D C:\Program Files (x86)\DLL Suite 2017-03-08 02:04 - 2017-03-08 02:05 - 21289424 _____ ( ) C:\Users\Holly\Downloads\DLLSuite.exe 2017-03-08 01:56 - 2017-03-08 01:56 - 00000000 ____D C:\Users\Holly\Documents\DLL-Files Fixer 3.3.90.3079 (FULL + Crack) 2017-03-08 01:04 - 2017-03-08 01:58 - 00000000 ____D C:\Program Files (x86)\DLL Care CMD: for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1" reboot: ***************** HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\Software\Microsoft\Windows\CurrentVersion\Run\\JoxeyUxudu => value removed successfully HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DLLSuite2016 => value removed successfully HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully C:\WINDOWS\SysWOW64\GroupPolicy\Machine => moved successfully HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key removed successfully HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found. HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found. HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully idsvc => service removed successfully HKLM\System\CurrentControlSet\Services\wpcsvc => key removed successfully wpcsvc => service removed successfully ========= type C:\ProgramData\ghkjcghv.log ========= 51ee8c209c5aaa51362a42c3d4625f4e365eae3f11dc17aeb8ee4c3b50251fa7 ========= End of CMD: ========= C:\Users\Holly\AppData\Local\nnryabvq.log => moved successfully C:\Users\Holly\AppData\Local\ogfksojr.log => moved successfully C:\Users\Holly\AppData\Local\quohpobk.log => moved successfully C:\Users\Holly\AppData\Local\WebpageIcons.db => moved successfully C:\ProgramData\ghkjcghv.log => moved successfully HKU\S-1-5-21-3491399957-4132394281-3865697256-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A} => key removed successfully ========= type C:\Users\Holly\AppData\Local\Temp\launchie.vbs ========= The system cannot find the file specified. ========= End of CMD: ========= HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03AB2D45-BD42-499F-B197-0EAC35C702A0} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03AB2D45-BD42-499F-B197-0EAC35C702A0} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{08B4701A-52BB-46ED-8020-C69D4E65D597} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08B4701A-52BB-46ED-8020-C69D4E65D597} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09053192-97D6-472D-8807-2AA5E77CF4E7} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09053192-97D6-472D-8807-2AA5E77CF4E7} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A1DEF39-36BA-43A7-AAA1-AF74118FF18D} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A1DEF39-36BA-43A7-AAA1-AF74118FF18D} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0CA14F60-87D0-4C32-805F-AEFEC13BC693} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CA14F60-87D0-4C32-805F-AEFEC13BC693} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14602A37-CBD2-43C1-A0FE-17D49F7472EF} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14602A37-CBD2-43C1-A0FE-17D49F7472EF} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E8E6C44-C693-4B0F-97C3-29D831D85293} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E8E6C44-C693-4B0F-97C3-29D831D85293} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EFB70EC-236E-4A48-BAB0-DA05176A8583} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EFB70EC-236E-4A48-BAB0-DA05176A8583} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2 => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28E9D65F-28DB-408E-8ECB-6407A4D612D9} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28E9D65F-28DB-408E-8ECB-6407A4D612D9} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32C2E8CC-1E6C-4B45-B400-791C3AC2ECFC} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32C2E8CC-1E6C-4B45-B400-791C3AC2ECFC} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{377CAF9A-D82A-4C53-8FF4-5F98298B890F} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{377CAF9A-D82A-4C53-8FF4-5F98298B890F} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38AF8E04-6A19-492E-94B3-8628ECF53A78} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38AF8E04-6A19-492E-94B3-8628ECF53A78} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3DC5FBBD-2276-4341-8179-BC2CDD874091} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DC5FBBD-2276-4341-8179-BC2CDD874091} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4448929B-213E-44CF-9193-6F05A7DEACB4} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4448929B-213E-44CF-9193-6F05A7DEACB4} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C91DD99-4A30-43E5-A3B8-9F9F70A512CE} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C91DD99-4A30-43E5-A3B8-9F9F70A512CE} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CAF7290-0C81-4D17-AFD3-274AE33EDA09} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CAF7290-0C81-4D17-AFD3-274AE33EDA09} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EA62D17-948A-4454-BEE4-5BF692E60212} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EA62D17-948A-4454-BEE4-5BF692E60212} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5BA0C3D7-6590-4C24-97D3-E0D903539E06} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BA0C3D7-6590-4C24-97D3-E0D903539E06} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71C287B9-BE84-4C61-A990-39CA642C52A8} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71C287B9-BE84-4C61-A990-39CA642C52A8} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72B17259-5E8B-4E06-8BFF-34C4247082B5} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72B17259-5E8B-4E06-8BFF-34C4247082B5} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{769CFCFA-D598-4EE3-BC6B-AA25099D5A49} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{769CFCFA-D598-4EE3-BC6B-AA25099D5A49} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77242815-18B6-41F8-87E6-C6C18196139F} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77242815-18B6-41F8-87E6-C6C18196139F} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{797270F1-EB64-46EE-9046-3D55F0F6767C} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{797270F1-EB64-46EE-9046-3D55F0F6767C} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MirageAgent => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79FBF79C-AC73-41EF-B482-DE1122ED77AC} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79FBF79C-AC73-41EF-B482-DE1122ED77AC} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FBF203A-77FE-4377-AB4C-47E1993AB8F7} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FBF203A-77FE-4377-AB4C-47E1993AB8F7} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8630F2A2-7597-4E9F-AEB8-554A592ABFF1} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8630F2A2-7597-4E9F-AEB8-554A592ABFF1} => key removed successfully C:\WINDOWS\System32\Tasks\0 => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0 => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E28FD27-9B94-4F77-BDB1-ABE4F150EFBC} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E28FD27-9B94-4F77-BDB1-ABE4F150EFBC} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\StartRecording => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\StartRecording => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90C00DFC-D2B3-4FB6-8F74-F9E757E4C588} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90C00DFC-D2B3-4FB6-8F74-F9E757E4C588} => key removed successfully C:\WINDOWS\System32\Tasks\TechUtilities => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TechUtilities => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91E02FDE-0C6D-41C8-BCDC-994149CD0AFB} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91E02FDE-0C6D-41C8-BCDC-994149CD0AFB} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9200E954-5008-4289-888C-989FDF4CFE12} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9200E954-5008-4289-888C-989FDF4CFE12} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{950BD223-2723-45E2-8946-023B16FD4FCA} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{950BD223-2723-45E2-8946-023B16FD4FCA} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96780DD9-B3F3-4D56-A9AF-E174D834754E} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96780DD9-B3F3-4D56-A9AF-E174D834754E} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1 => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9EC542EB-0353-4A4F-9FDB-AEDE82883F54} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EC542EB-0353-4A4F-9FDB-AEDE82883F54} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F4802AB-08C1-4BD1-A0F7-5E778ABB731D} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F4802AB-08C1-4BD1-A0F7-5E778ABB731D} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateChoiceProcessTask => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A68A07DA-D726-4F43-9C23-BECA15DCD170} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A68A07DA-D726-4F43-9C23-BECA15DCD170} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AD5F8642-5E11-4545-A683-89792813F988} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD5F8642-5E11-4545-A683-89792813F988} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B74B4BDB-BCC2-49B3-BC30-778E2A7398E6} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B74B4BDB-BCC2-49B3-BC30-778E2A7398E6} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C474A469-15FE-477D-A418-367D91347D3D} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C474A469-15FE-477D-A418-367D91347D3D} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6BB450B-27D2-4C36-A258-5DEAACD4B129} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6BB450B-27D2-4C36-A258-5DEAACD4B129} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8E1E41A-722B-48B9-85B2-632A5AAE4481} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8E1E41A-722B-48B9-85B2-632A5AAE4481} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8F31D14-198C-4809-AC27-38B73711A2DA} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8F31D14-198C-4809-AC27-38B73711A2DA} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC8ECD79-5A38-4D31-9358-4F826C95CC78} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC8ECD79-5A38-4D31-9358-4F826C95CC78} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF886BEB-1784-467B-BC0F-75D6FAB3BF48} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF886BEB-1784-467B-BC0F-75D6FAB3BF48} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E266D999-BF25-4F03-B588-5AC7164063C1} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E266D999-BF25-4F03-B588-5AC7164063C1} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9AB574A-E83E-41AD-8D9A-6FB6A47E3024} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9AB574A-E83E-41AD-8D9A-6FB6A47E3024} => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB36F7EC-F15D-4688-8A71-75091BBB3776} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB36F7EC-F15D-4688-8A71-75091BBB3776} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB99F1DA-8069-4BE0-B79E-A17E2C5E362E} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB99F1DA-8069-4BE0-B79E-A17E2C5E362E} => key removed successfully C:\WINDOWS\System32\Tasks\4701 => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4701 => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F73AD4DB-A9B1-4217-B176-F83FFF9A4C28} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F73AD4DB-A9B1-4217-B176-F83FFF9A4C28} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => moved successfully C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => moved successfully C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => moved successfully C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => moved successfully C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => moved successfully C:\WINDOWS\Tasks\TechUtilities.job => moved successfully C:\ProgramData\JoxeyUxudu => moved successfully C:\Users\Holly\AppData\Local\qafvynnf => moved successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C33170B-2BCE-408D-AC5A-2A564C8C258E} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1A1668D-0D94-4A6B-A752-D1D5312F1A6D} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{07B8719D-5E74-4BC3-97AF-EF5314568E7C} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{92543B6D-BF64-4D88-B3DC-918E9F0332C9} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DFF2D37E-DA45-4AD1-BB4C-DB9342FA6A35} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FFB7D1CD-31EE-4D43-BC70-68070EC6010D} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C574EAD3-5E5A-4730-A4E9-28E1D252C201} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FA6B7DFB-0C3D-4A80-897D-EDDA7499138D} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E7999DC6-4816-4081-92FB-3A99F4087BD6} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9ABA1007-100B-4D6E-AB46-E0879F68709D} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4646A121-D772-476F-B616-A6C4DE055139} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F821BA3-4324-4A86-ADF2-2A22CF8A56D1} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B50C924F-7174-4341-B67B-8F21F3184727} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18025E02-06DD-48CC-88B2-BA0618FB1ECF} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CD53AC72-0B06-48BB-8A90-D34D097486C0} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A28128E4-3EE0-4116-90D1-0424B1E283A7} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{39CD686F-DC21-49B8-9DE5-9E7BC229BBDC} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B4DD64A4-BEC4-4249-A030-CBB8F5264732} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{78BA94A2-D691-41B3-907D-E760B8C389F0} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DC17A584-0D4D-42ED-91F5-A0D54E3FAE76} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1A7B450-18B9-4590-B704-8595CA6F05C4} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0CD5F2E3-9BF9-42C3-A6CE-478D9B39CF78} => value removed successfully C:\Users\Holly\AppData\Local\Temp\avg-5c1bf30f-eaf5-4137-84c4-732e24298521.exe => moved successfully C:\Users\Holly\AppData\Local\Temp\DefaultPack.EXE => moved successfully C:\Users\Holly\AppData\Local\Temp\temp~.DLL => moved successfully C:\Users\Holly\AppData\Local\Temp\temp~.EXE => moved successfully "C:\WINDOWS\Tasks\TechUtilities.job" => not found. "C:\WINDOWS\System32\Tasks\TechUtilities" => not found. C:\Users\Public\Desktop\TechUtilities.lnk => moved successfully C:\ProgramData\TechUtilities64 => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechUtilities => moved successfully C:\Program Files\TechUtilities => moved successfully C:\Users\Holly\Downloads\TechUtilities_setup_1.9.exe => moved successfully C:\Program Files (x86)\DLL Suite => moved successfully C:\Users\Holly\Downloads\DLLSuite.exe => moved successfully C:\Users\Holly\Documents\DLL-Files Fixer 3.3.90.3079 (FULL + Crack) => moved successfully C:\Program Files (x86)\DLL Care => moved successfully ========= for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1" ========= Failed to clear log Microsoft-Windows-LiveId/Analytic. Access is denied. Failed to clear log Microsoft-Windows-LiveId/Operational. Access is denied. Failed to clear log Microsoft-Windows-USBVideo/Analytic. The instance name passed was not recognized as valid by a WMI data provider. ========= End of CMD: ========= The system needed a reboot. ==== End of Fixlog 08:05:32 ====