Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

chrome virus adware - salus virus [Solved]

Started by sadpaddy , Mar 29 2015 06:10 PM
chrome redirect chrome

  • This topic is locked This topic is locked

#1
sadpaddy
Posted 29 March 2015 - 06:10 PM

sadpaddy

    New Member

  • Member
  • Pip
  • 8 posts
I accidentally downloaded a virus. The name of the original virus folder was called Salus. I used malwarebytes and followed a bunch of youtube videos but a week later it returned on start-up. Can anybody help? I am very depressed from this, thank you for any help.
------------------------------------------------------------------------
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by PC (administrator) on PC-PC on 29-03-2015 19:51:00
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available profiles: PC)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Users\PC\AppData\Roaming\F9430B45-1427288629-0132-FCA3-300ED5BE4CC1\nsw681B.tmp
( ) C:\Windows\System32\lxctcoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Users\PC\AppData\Roaming\F9430B45-1427288629-0132-FCA3-300ED5BE4CC1\jnsu470F.tmp
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 5400 Series\ezprint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-20] (Realtek Semiconductor)
HKLM\...\Run: [lxctmon.exe] => C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe [291760 2006-11-22] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark 5400 Series\ezprint.exe [82864 2006-11-22] (Lexmark International Inc.)
HKLM\...\Run: [LXCTCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXCTtime.dll,RunDLLEntry
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-03-05] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Lexmark 5400 Series] => C:\Program Files (x86)\Lexmark 5400 Series\fm3032.exe [304048 2006-11-22] ()
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-03-17] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4214078751-2823816069-1577084461-1000\...\Run: [HitsBlender] => "C:\Program Files (x86)\HitsBlender\app\hitsblender.exe" -s
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-4214078751-2823816069-1577084461-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-ca/?ocid=iehp
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000 -> DefaultScope {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
SearchScopes: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-23] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-03-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-23] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-03-23] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-23] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4214078751-2823816069-1577084461-1000: @citrixonline.com/appdetectorplugin -> C:\Users\PC\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-03-25] (Citrix Online)
 
Chrome: 
=======
CHR StartupUrls: Profile 1 -> "hxxp://www.yahoo.com/"
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-18]
CHR Extension: (Default-Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\akfphecggdoefopaooikpjihabjbmjea [2015-03-25]
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-18]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-18]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-18]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-18]
CHR Extension: (Google Sheets) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-18]
CHR Extension: (Google Wallet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-18]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-18]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-29]
CHR Extension: (Default-Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\akfphecggdoefopaooikpjihabjbmjea [2015-03-29]
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-29]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-29]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-29]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-29]
CHR Extension: (Google Sheets) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-29]
CHR Extension: (Google Wallet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-29]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [akfphecggdoefopaooikpjihabjbmjea] - https://clients2.goo...ice/update2/crx
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-03-19] (Adobe Systems) [File not signed]
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-13] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [70656 2010-11-20] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [679424 2010-11-20] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [679424 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation) [File not signed]
R2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [136192 2010-11-20] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [177152 2010-11-20] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [136192 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2010-11-20] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation) [File not signed]
R2 EFS; C:\Windows\System32\lsass.exe [31232 2015-01-14] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation) [File not signed]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-13] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation) [File not signed]
S3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation) [File not signed]
S3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [1137664 2010-11-20] (Microsoft Corporation) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-20] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-13] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-11] (Microsoft Corporation) [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2010-11-20] (Microsoft Corporation) [File not signed]
S3 KeyIso; C:\Windows\system32\lsass.exe [31232 2015-01-14] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation) [File not signed]
R2 lxct_device; C:\Windows\system32\lxctcoms.exe [566192 2006-11-22] ( )
R2 lxct_device; C:\Windows\SysWOW64\lxctcoms.exe [537520 2006-11-22] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-20] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2015-01-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-13] (Microsoft Corporation) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303616 2010-11-20] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation) [File not signed]
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation) [File not signed]
S3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation) [File not signed]
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-13] (Microsoft Corporation) [File not signed]
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-20] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2010-11-20] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation) [File not signed]
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-13] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2010-11-20] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2015-01-14] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-13] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2015-01-14] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-13] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2010-11-20] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [680960 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-13] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2015-01-14] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-13] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-13] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [258560 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [204800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-20] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018304 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation) [File not signed]
R3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-13] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [593408 2009-07-13] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [428032 2009-07-13] (Microsoft Corporation) [File not signed]
R2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [78848 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-13] (Microsoft Corporation) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [499712 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2009-07-13] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [60928 2009-07-13] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-20] (Microsoft Corporation) [File not signed]
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation) [File not signed]
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) [File not signed]
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) [File not signed]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2009-07-13] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-20] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-13] (Microsoft Corporation) [File not signed]
S3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation) [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-13] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation) [File not signed]
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation) [File not signed]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed]
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-13] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] (Microsoft Corporation) [File not signed]
R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation) [File not signed]
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [4221440 2014-01-22] (Intel Corporation) [File not signed]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
S3 kbdhid; C:\Windows\system32\drivers\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation) [File not signed]
S3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2010-11-20] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2010-11-20] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [287744 2010-11-20] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2010-11-20] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation) [File not signed]
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation) [File not signed]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation) [File not signed]
U0 oucq; C:\Windows\System32\drivers\ynhkutcb.sys [79064 2015-03-29] (Malwarebytes Corporation)
S3 Parport; C:\Windows\system32\drivers\parport.sys [97280 2009-07-13] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] (Microsoft Corporation) [File not signed]
S3 rdpbus; C:\Windows\system32\drivers\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation) [File not signed]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [468992 2010-11-20] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [413184 2010-11-20] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [167936 2010-11-20] (Microsoft Corporation) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45056 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-13] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-20] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39424 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [31232 2010-11-20] (Microsoft Corporation) [File not signed]
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-13] (Microsoft Corporation) [File not signed]
R3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109696 2010-11-20] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2010-11-20] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100352 2009-07-13] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [52224 2010-11-20] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2010-11-20] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2009-07-13] (Microsoft Corporation) [File not signed]
R3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation) [File not signed]
R3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-13] (Microsoft Corporation) [File not signed]
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2010-11-20] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2009-07-13] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation) [File not signed]
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2010-11-20] (Microsoft Corporation) [File not signed]
R3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 FXDrv32; \??\D:\FXDrv64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-29 19:51 - 2015-03-29 19:51 - 00046309 _____ () C:\Users\PC\Desktop\FRST.txt
2015-03-29 19:50 - 2015-03-29 19:51 - 00000000 ____D () C:\FRST
2015-03-29 19:50 - 2015-03-29 19:50 - 02095616 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-03-29 19:47 - 2015-03-29 19:47 - 02095616 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe
2015-03-29 19:40 - 2015-03-29 19:40 - 00464491 _____ () C:\Users\PC\Downloads\RootRepeal.zip
2015-03-29 16:17 - 2015-03-29 16:17 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\ynhkutcb.sys
2015-03-29 16:04 - 2015-03-29 16:04 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-29 16:03 - 2015-03-29 16:03 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-29 16:03 - 2015-03-29 16:03 - 00003634 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-29 16:03 - 2015-03-29 16:03 - 00000000 ____D () C:\Users\PC\AppData\Local\Deployment
2015-03-29 16:03 - 2015-03-29 16:03 - 00000000 ____D () C:\Users\PC\AppData\Local\Apps\2.0
2015-03-29 15:58 - 2015-03-29 15:58 - 00006120 _____ () C:\Windows\system32\PerfStringBackup.TMP
2015-03-29 12:16 - 2015-03-29 12:16 - 00880208 _____ (Google Inc.) C:\Users\PC\Downloads\ChromeSetup.exe
2015-03-29 12:12 - 2015-03-29 18:26 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-29 12:11 - 2015-03-29 12:11 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\PC\Downloads\mbam-setup-2.1.4.1018 (1).exe
2015-03-29 12:11 - 2015-03-29 12:11 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-29 12:11 - 2015-03-29 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-29 12:11 - 2015-03-29 12:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-29 12:11 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-29 12:11 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-29 12:11 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-29 12:03 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-03-29 12:03 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-03-29 12:03 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-03-29 12:03 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-03-29 12:03 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-03-29 12:03 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-03-29 12:02 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-03-29 12:02 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-03-29 10:02 - 2015-02-03 23:16 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-29 10:02 - 2015-02-03 22:54 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-29 10:02 - 2015-01-14 02:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-29 10:02 - 2015-01-14 02:09 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-29 10:02 - 2015-01-14 02:09 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-29 10:02 - 2015-01-14 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-29 10:02 - 2015-01-14 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-29 10:02 - 2015-01-14 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-29 10:02 - 2015-01-14 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-29 10:02 - 2015-01-14 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-29 10:02 - 2015-01-14 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-29 10:02 - 2015-01-14 02:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-29 10:02 - 2015-01-14 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-29 10:02 - 2015-01-14 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-29 10:02 - 2015-01-14 02:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-29 10:02 - 2015-01-14 02:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-29 10:02 - 2015-01-14 01:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-29 10:02 - 2015-01-14 01:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-29 10:02 - 2015-01-14 01:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-29 10:02 - 2015-01-14 01:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-29 10:02 - 2015-01-14 01:41 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-29 10:02 - 2015-01-14 01:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-29 10:02 - 2015-01-14 01:40 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-29 10:02 - 2015-01-14 01:38 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-29 10:02 - 2015-01-14 01:37 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-29 10:02 - 2015-01-14 01:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-29 10:02 - 2014-12-29 21:23 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-29 10:02 - 2014-11-10 23:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-29 10:02 - 2014-11-10 22:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-29 10:02 - 2014-09-19 05:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-29 10:02 - 2014-09-19 05:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-29 10:02 - 2014-09-19 05:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-29 10:02 - 2014-09-19 05:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-29 10:02 - 2014-09-19 05:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-29 10:02 - 2014-09-19 05:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-29 10:02 - 2014-09-19 05:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-29 10:02 - 2014-09-19 05:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-29 10:02 - 2014-09-19 05:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-29 10:02 - 2014-09-19 05:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-29 10:02 - 2014-09-19 05:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-29 10:02 - 2014-09-19 05:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-29 10:02 - 2013-10-11 22:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-03-29 10:02 - 2013-10-11 22:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-03-29 10:02 - 2013-10-11 22:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-03-29 10:02 - 2013-10-11 22:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-03-29 10:02 - 2013-10-11 22:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-03-29 10:02 - 2013-08-01 22:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-29 10:02 - 2013-08-01 22:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-29 10:02 - 2013-08-01 21:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-29 10:02 - 2013-08-01 20:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-29 09:52 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-03-29 09:52 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-03-29 09:35 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-03-29 09:35 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-03-29 09:35 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-03-29 09:35 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-03-29 09:34 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-03-29 09:34 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-03-29 09:34 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-03-29 09:34 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-03-29 09:24 - 2015-03-29 09:24 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-03-29 09:24 - 2015-03-29 09:24 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-03-29 09:24 - 2015-03-29 09:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-03-29 09:23 - 2015-03-29 09:23 - 14160536 _____ (Microsoft Corporation) C:\Users\PC\Downloads\mseinstall (1).exe
2015-03-29 09:20 - 2015-03-29 09:24 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-03-29 09:19 - 2015-03-29 09:20 - 14160536 _____ (Microsoft Corporation) C:\Users\PC\Downloads\mseinstall.exe
2015-03-29 08:59 - 2015-03-29 08:59 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Opera Software
2015-03-29 08:59 - 2015-03-29 08:59 - 00000000 ____D () C:\Users\PC\AppData\Local\Opera Software
2015-03-29 08:59 - 2015-03-29 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reg Pro Cleaner
2015-03-27 18:20 - 2015-03-28 17:55 - 00000000 ____D () C:\Users\PC\Documents\Investments
2015-03-25 21:12 - 2015-03-25 21:12 - 00000000 ____D () C:\Users\PC\AppData\Local\soci
2015-03-25 21:12 - 2015-03-25 21:12 - 00000000 ____D () C:\Users\PC\AppData\Local\Setup14153861
2015-03-25 21:11 - 2015-03-25 21:30 - 00000000 ____D () C:\Users\PC\AppData\Local\Citrix
2015-03-25 14:45 - 2015-03-25 14:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\5 Clicks
2015-03-25 09:57 - 2015-03-25 09:57 - 00021976 _____ () C:\Windows\system32\Drivers\SPPD.sys
2015-03-25 09:56 - 2015-03-25 09:56 - 00000000 ____D () C:\Windows\SysWOW64\Flash
2015-03-25 09:53 - 2015-03-25 09:53 - 00613255 _____ (CMI Limited) C:\Users\PC\AppData\Local\nsj2B38.tmp
2015-03-25 09:36 - 2015-03-25 09:58 - 00000000 ____D () C:\Program Files (x86)\Assets Manager
2015-03-25 09:36 - 2015-03-25 09:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-25 09:35 - 2015-03-25 09:35 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\PC\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-25 09:03 - 2015-03-29 16:17 - 00000000 ____D () C:\Users\PC\AppData\Roaming\F9430B45-1427288629-0132-FCA3-300ED5BE4CC1
2015-03-25 09:01 - 2015-03-25 09:01 - 00000000 ____D () C:\Users\PC\AppData\Roaming\SimpleFiles
2015-03-25 09:01 - 2015-03-25 09:01 - 00000000 ____D () C:\Users\PC\AppData\Roaming\n2yzy2vxmws1bwf
2015-03-24 19:43 - 2015-03-24 19:43 - 00000000 ____D () C:\Users\PC\Documents\Amazon
2015-03-24 18:23 - 2015-03-24 18:23 - 01026932 _____ () C:\Windows\XSitePro2 Uninstaller.exe
2015-03-24 18:23 - 2015-03-24 18:23 - 00000824 _____ () C:\Users\PC\Desktop\XSitePro2.lnk
2015-03-24 18:23 - 2015-03-24 18:23 - 00000000 ____D () C:\Users\PC\Documents\XSitePro-Data
2015-03-24 18:23 - 2015-03-24 18:23 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XSitePro2
2015-03-24 18:23 - 2015-03-24 18:23 - 00000000 ____D () C:\Program Files\XSitePro2
2015-03-24 18:21 - 2015-03-24 18:22 - 52876939 _____ (Intellimon Ltd) C:\Users\PC\Downloads\xsitepro2-setup.exe
2015-03-24 17:07 - 2015-03-29 19:42 - 00000000 ____D () C:\Users\PC\Documents\2015
2015-03-23 20:16 - 2015-03-23 20:16 - 00002131 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-03-23 20:16 - 2015-03-23 20:16 - 00002104 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-03-23 20:16 - 2015-03-23 20:16 - 00002104 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-03-23 20:16 - 2015-03-23 20:16 - 00000000 ___RD () C:\Users\PC\OneDrive
2015-03-23 20:16 - 2015-03-23 20:16 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-03-23 20:16 - 2015-03-23 20:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2015-03-23 20:12 - 2015-03-23 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-23 20:11 - 2015-03-23 20:11 - 01075384 _____ (Microsoft Corporation) C:\Users\PC\Downloads\Setup.X86.en-US_O365HomePremRetail_7e0cb35b-d1e5-4e6b-956f-cdfd6e7d3945_TX_PR_.exe
2015-03-23 20:11 - 2015-03-23 20:11 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-23 09:20 - 2015-03-23 09:20 - 00000824 _____ () C:\Users\PC\Desktop\Handbrake.lnk
2015-03-23 09:20 - 2015-03-23 09:20 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-03-23 09:20 - 2015-03-23 09:20 - 00000000 ____D () C:\Users\PC\AppData\Roaming\HandBrake
2015-03-23 09:20 - 2015-03-23 09:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-03-23 09:20 - 2015-03-23 09:20 - 00000000 ____D () C:\Program Files\Handbrake
2015-03-23 09:19 - 2015-03-23 09:19 - 16753416 _____ () C:\Users\PC\Downloads\HandBrake-0.10.1-x86_64-Win_GUI.exe
2015-03-21 10:57 - 2015-03-21 10:57 - 05763912 _____ () C:\ProgramData\SPL7B37.tmp
2015-03-21 10:42 - 2015-03-21 10:42 - 05763912 _____ () C:\ProgramData\SPLA9B8.tmp
2015-03-21 08:40 - 2015-03-21 08:40 - 00000000 ____D () C:\Users\PC\AppData\Roaming\5400 Series
2015-03-20 12:48 - 2015-03-20 12:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-20 12:48 - 2015-03-20 12:48 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-03-20 08:59 - 2015-03-26 10:53 - 00000000 ____D () C:\Users\PC\Documents\Udemy
2015-03-20 08:46 - 2015-03-28 14:07 - 00000000 ____D () C:\Users\PC\AppData\Local\CrashDumps
2015-03-20 08:46 - 2015-03-20 08:46 - 00001081 _____ () C:\Users\Public\Desktop\Lexmark Imaging Studio - 5400 Series.LNK
2015-03-20 08:45 - 2015-03-29 15:53 - 00000000 ____D () C:\Program Files\Lx_cats
2015-03-20 08:44 - 2015-03-21 10:56 - 00023939 _____ () C:\Windows\system32\LexFiles.ulf
2015-03-20 08:44 - 2015-03-20 08:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 5400 Series
2015-03-20 08:44 - 2015-03-20 08:44 - 00000000 ____D () C:\ProgramData\5400 Series
2015-03-20 08:44 - 2015-03-20 08:44 - 00000000 ____D () C:\Program Files\Lexmark 5400 Series
2015-03-20 08:44 - 2015-03-20 08:44 - 00000000 ____D () C:\Program Files (x86)\Lexmark Toolbar
2015-03-20 08:44 - 2015-03-20 08:44 - 00000000 ____D () C:\Program Files (x86)\Lexmark 5400 Series
2015-03-20 08:44 - 2006-11-22 10:11 - 00566192 _____ ( ) C:\Windows\system32\lxctcoms.exe
2015-03-20 08:44 - 2006-11-22 10:11 - 00537520 _____ ( ) C:\Windows\SysWOW64\lxctcoms.exe
2015-03-20 08:44 - 2006-11-22 10:11 - 00385968 _____ ( ) C:\Windows\SysWOW64\lxctih.exe
2015-03-20 08:44 - 2006-11-22 10:11 - 00381872 _____ ( ) C:\Windows\SysWOW64\lxctcfg.exe
2015-03-20 08:44 - 2006-11-22 10:11 - 00235952 _____ ( ) C:\Windows\system32\lxctcfg.exe
2015-03-20 08:44 - 2006-11-22 10:11 - 00233392 _____ ( ) C:\Windows\system32\lxctih.exe
2015-03-20 08:44 - 2006-11-22 10:11 - 00181168 _____ ( ) C:\Windows\SysWOW64\lxctppls.exe
2015-03-20 08:44 - 2006-11-22 10:08 - 00001811 _____ () C:\Windows\SysWOW64\lxct.loc
2015-03-20 08:44 - 2006-11-22 10:08 - 00001811 _____ () C:\Windows\system32\lxct.loc
2015-03-20 08:44 - 2006-11-13 13:07 - 00091136 _____ (Lexmark International, Inc.) C:\Windows\system32\lxctinsr.dll
2015-03-20 08:44 - 2006-11-13 13:07 - 00023040 _____ (Lexmark International, Inc.) C:\Windows\system32\lxctcur.dll
2015-03-20 08:44 - 2006-11-13 13:05 - 00130560 _____ (Lexmark International, Inc.) C:\Windows\system32\lxctjswr.dll
2015-03-20 08:44 - 2006-11-13 13:01 - 00184320 _____ (Lexmark International, Inc.) C:\Windows\system32\lxctinsb.dll
2015-03-20 08:44 - 2006-11-13 13:00 - 00097280 _____ (Lexmark International, Inc.) C:\Windows\system32\lxctcu.dll
2015-03-20 08:44 - 2006-11-13 13:00 - 00067584 _____ (Lexmark International, Inc.) C:\Windows\system32\lxctcub.dll
2015-03-20 08:44 - 2006-11-13 12:59 - 00236032 _____ (Lexmark International, Inc.) C:\Windows\system32\lxctins.dll
2015-03-20 08:44 - 2006-11-13 12:58 - 00654336 _____ (Lexmark International, Inc.) C:\Windows\system32\lxctutil.dll
2015-03-20 08:44 - 2006-11-13 12:46 - 00294400 _____ () C:\Windows\system32\lxctgrd.dll
2015-03-20 08:44 - 2006-11-13 10:56 - 00106496 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxctinsr.dll
2015-03-20 08:44 - 2006-11-13 10:56 - 00036864 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxctcur.dll
2015-03-20 08:44 - 2006-11-13 10:54 - 00147456 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxctjswr.dll
2015-03-20 08:44 - 2006-11-13 10:50 - 00200704 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxctinsb.dll
2015-03-20 08:44 - 2006-11-13 10:50 - 00086016 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxctcub.dll
2015-03-20 08:44 - 2006-11-13 10:49 - 00077824 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxctcu.dll
2015-03-20 08:44 - 2006-11-13 10:48 - 00176128 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxctins.dll
2015-03-20 08:44 - 2006-11-13 10:45 - 00462848 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxctutil.dll
2015-03-20 08:44 - 2006-11-06 18:56 - 00409600 _____ ( ) C:\Windows\system32\lxctpmui.dll
2015-03-20 08:44 - 2006-11-06 18:53 - 01417728 _____ ( ) C:\Windows\system32\lxctserv.dll
2015-03-20 08:44 - 2006-11-06 18:38 - 00249856 _____ ( ) C:\Windows\system32\lxctcomm.dll
2015-03-20 08:44 - 2006-11-06 18:34 - 00487424 _____ ( ) C:\Windows\system32\lxctlmpm.dll
2015-03-20 08:44 - 2006-11-06 18:32 - 00194048 _____ () C:\Windows\system32\LXCTinst.dll
2015-03-20 08:44 - 2006-11-06 18:31 - 00226816 _____ ( ) C:\Windows\system32\lxctiesc.dll
2015-03-20 08:44 - 2006-11-06 18:27 - 00010752 _____ ( ) C:\Windows\system32\lxctpplc.dll
2015-03-20 08:44 - 2006-11-06 18:25 - 00695808 _____ ( ) C:\Windows\system32\lxctcomc.dll
2015-03-20 08:44 - 2006-11-06 18:24 - 00035328 _____ ( ) C:\Windows\system32\lxctprox.dll
2015-03-20 08:44 - 2006-11-06 18:14 - 00238592 _____ ( ) C:\Windows\system32\lxctinpa.dll
2015-03-20 08:44 - 2006-11-06 18:12 - 01099264 _____ ( ) C:\Windows\system32\lxctusb1.dll
2015-03-20 08:44 - 2006-11-06 18:05 - 00305152 _____ ( ) C:\Windows\system32\LXCThcp.dll
2015-03-20 08:44 - 2006-11-06 18:03 - 00659456 _____ ( ) C:\Windows\system32\lxcthbn3.dll
2015-03-20 08:44 - 2006-11-06 17:37 - 00643072 _____ ( ) C:\Windows\SysWOW64\lxctpmui.dll
2015-03-20 08:44 - 2006-11-06 17:35 - 01224704 _____ ( ) C:\Windows\SysWOW64\lxctserv.dll
2015-03-20 08:44 - 2006-11-06 17:28 - 00421888 _____ ( ) C:\Windows\SysWOW64\lxctcomm.dll
2015-03-20 08:44 - 2006-11-06 17:26 - 00585728 _____ ( ) C:\Windows\SysWOW64\lxctlmpm.dll
2015-03-20 08:44 - 2006-11-06 17:25 - 00274432 _____ () C:\Windows\SysWOW64\LXCTinst.dll
2015-03-20 08:44 - 2006-11-06 17:24 - 00397312 _____ ( ) C:\Windows\SysWOW64\lxctiesc.dll
2015-03-20 08:44 - 2006-11-06 17:21 - 00094208 _____ ( ) C:\Windows\SysWOW64\lxctpplc.dll
2015-03-20 08:44 - 2006-11-06 17:20 - 00684032 _____ ( ) C:\Windows\SysWOW64\lxctcomc.dll
2015-03-20 08:44 - 2006-11-06 17:20 - 00163840 _____ ( ) C:\Windows\SysWOW64\lxctprox.dll
2015-03-20 08:44 - 2006-11-06 17:12 - 00413696 _____ ( ) C:\Windows\SysWOW64\lxctinpa.dll
2015-03-20 08:44 - 2006-11-06 17:11 - 00991232 _____ ( ) C:\Windows\SysWOW64\lxctusb1.dll
2015-03-20 08:44 - 2006-11-06 17:07 - 00696320 _____ ( ) C:\Windows\SysWOW64\lxcthbn3.dll
2015-03-20 08:44 - 2006-10-18 07:24 - 00045056 _____ () C:\Windows\system32\lxctpmon.dll
2015-03-20 08:44 - 2006-10-18 07:24 - 00014336 _____ () C:\Windows\system32\LXCTFXPU.DLL
2015-03-20 08:44 - 2006-10-18 07:14 - 00003584 _____ (Lexmark International, Inc.) C:\Windows\system32\lxctpmrc.dll
2015-03-20 08:44 - 2006-09-06 06:19 - 00077824 _____ (Lexmark International) C:\Windows\SysWOW64\LXCTcfg.dll
2015-03-20 08:44 - 2006-09-06 06:19 - 00065024 _____ (Lexmark International) C:\Windows\system32\LXCTcfg.dll
2015-03-20 08:44 - 2006-07-12 17:37 - 00752383 _____ () C:\Windows\SysWOW64\lxcthelp.chm
2015-03-20 08:44 - 2006-07-12 17:37 - 00752383 _____ () C:\Windows\system32\lxcthelp.chm
2015-03-20 08:44 - 2006-04-25 02:57 - 00983107 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lxctgf.dll
2015-03-20 08:44 - 2006-04-25 02:57 - 00983107 _____ (Microsoft Corporation) C:\Windows\system32\lxctgf.dll
2015-03-20 08:43 - 2015-03-20 08:43 - 80481712 _____ () C:\Users\PC\Downloads\cjs5400EN.exe
2015-03-20 08:42 - 2015-03-20 08:42 - 00000000 ____D () C:\Users\PC\AppData\Local\Intel_Corporation
2015-03-19 14:08 - 2015-03-19 14:08 - 00074240 _____ () C:\Users\PC\Downloads\kdp-report-1-2014.xls
2015-03-19 14:07 - 2015-03-19 14:07 - 00067584 _____ () C:\Users\PC\Downloads\kdp-report-12-2013.xls
2015-03-19 13:51 - 2015-03-19 13:51 - 00054272 _____ () C:\Users\PC\Downloads\kdp-report-12-2014.xls
2015-03-19 13:02 - 2015-03-19 13:02 - 00000000 ____D () C:\Users\PC\AppData\Roaming\TechSmith
2015-03-19 13:01 - 2015-03-19 14:34 - 00000000 ____D () C:\Users\PC\Documents\Camtasia Studio
2015-03-19 13:01 - 2015-03-19 13:01 - 00000000 ____D () C:\Users\PC\AppData\Local\TechSmith
2015-03-19 13:00 - 2015-03-19 13:00 - 00001168 _____ () C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2015-03-19 13:00 - 2015-03-19 13:00 - 00000000 ____D () C:\ProgramData\TechSmith
2015-03-19 13:00 - 2015-03-19 13:00 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2015-03-19 13:00 - 2015-03-19 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-03-19 13:00 - 2015-03-19 13:00 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2015-03-19 13:00 - 2015-03-19 13:00 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-03-19 12:47 - 2015-03-19 12:47 - 00763706 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-19 12:39 - 2015-03-19 12:40 - 259562296 _____ () C:\Users\PC\Downloads\camtasia.exe
2015-03-19 12:19 - 2015-03-19 12:19 - 00000000 ____D () C:\Users\PC\Documents\Updater
2015-03-19 12:18 - 2015-03-19 12:19 - 00016426 _____ () C:\Users\PC\Documents\Photoshop Read Me.wri.txt
2015-03-19 12:17 - 2015-03-19 12:17 - 00002089 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2015-03-19 12:16 - 2015-03-20 12:49 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-19 12:16 - 2015-03-19 12:16 - 00002071 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2015-03-19 12:16 - 2015-03-19 12:16 - 00002045 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk
2015-03-19 12:16 - 2015-03-19 12:16 - 00002042 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
2015-03-19 12:16 - 2015-03-19 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-03-19 12:11 - 2015-03-19 12:13 - 356583291 _____ (Adobe Systems Inc. ) C:\Users\PC\Downloads\PhSp_CS2_English.exe
2015-03-19 11:52 - 2015-03-19 11:52 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Opera
2015-03-19 11:51 - 2015-03-20 12:49 - 00000000 ____D () C:\Users\PC\AppData\Local\Adobe
2015-03-19 11:39 - 2015-03-19 11:39 - 00000000 ____D () C:\ProgramData\Adobe Systems
2015-03-19 11:38 - 2015-03-20 12:48 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-19 11:38 - 2015-03-19 12:05 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2015-03-19 11:36 - 2015-03-19 12:13 - 00000000 ____D () C:\Program Files\Adobe
2015-03-19 00:26 - 2015-03-19 10:25 - 00000000 ____D () C:\Users\PC\Documents\VideoMakerFX
2015-03-19 00:26 - 2015-03-19 00:26 - 00000985 _____ () C:\Users\Public\Desktop\VideoMakerFX.lnk
2015-03-19 00:26 - 2015-03-19 00:26 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2015-03-19 00:26 - 2015-03-19 00:26 - 00000000 ____D () C:\ProgramData\regid.1995-09.com.example
2015-03-19 00:26 - 2015-03-19 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoMakerFX
2015-03-19 00:26 - 2015-03-19 00:26 - 00000000 ____D () C:\Program Files (x86)\VideoMakerFX
2015-03-19 00:23 - 2015-03-19 00:24 - 130314746 _____ (Webvati) C:\Users\PC\Downloads\VideoMakerFX-1.05-Setup.exe
2015-03-19 00:03 - 2015-03-29 13:08 - 00000000 ____D () C:\Users\PC\AppData\Local\Microsoft Games
2015-03-18 23:51 - 2015-03-18 23:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-03-18 22:40 - 2015-03-18 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-18 22:39 - 2015-03-29 19:50 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-18 22:39 - 2015-03-29 16:14 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-18 22:39 - 2015-03-29 16:04 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-18 22:39 - 2015-03-18 22:40 - 00000000 ____D () C:\Users\PC\AppData\Local\Google
2015-03-18 22:36 - 2015-03-23 21:09 - 00110656 _____ () C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-18 14:22 - 2015-03-21 14:06 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Adobe
2015-03-18 14:22 - 2015-03-18 14:22 - 00000000 ____D () C:\Users\PC\AppData\Roaming\VideoMakerFX
2015-03-18 14:22 - 2015-03-18 14:22 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Macromedia
2015-03-18 14:13 - 2015-03-18 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-03-18 14:12 - 2015-03-18 14:12 - 00000000 ____D () C:\Windows\PCHEALTH
2015-03-18 14:12 - 2015-03-18 14:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-03-18 14:12 - 2015-03-18 14:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2015-03-18 14:10 - 2015-03-18 14:10 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-03-18 14:10 - 2015-03-18 14:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2015-03-18 14:09 - 2015-03-23 20:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-03-18 14:09 - 2015-03-18 14:20 - 00000000 ____D () C:\Users\PC\AppData\Local\Microsoft Help
2015-03-18 14:09 - 2015-03-18 14:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-18 14:09 - 2015-03-18 14:09 - 00000000 __RHD () C:\MSOCache
2015-03-18 05:06 - 2015-03-18 01:12 - 00000000 ____D () C:\Windows\Panther
2015-03-18 01:25 - 2015-03-18 01:25 - 00015708 _____ () C:\Windows\system32\results.xml
2015-03-18 01:21 - 2015-03-18 01:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2015-03-18 01:21 - 2014-03-05 22:08 - 00791024 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2015-03-18 01:21 - 2014-03-05 22:08 - 00370672 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2015-03-18 01:21 - 2014-03-05 22:08 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2015-03-18 01:20 - 2015-03-18 01:20 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2015-03-18 01:20 - 2015-03-18 01:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-03-18 01:20 - 2015-03-18 01:20 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-18 01:20 - 2015-03-18 01:20 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-03-18 01:20 - 2015-03-18 01:20 - 00000000 ____D () C:\Users\PC\Intel
2015-03-18 01:20 - 2015-03-18 01:20 - 00000000 ____D () C:\ProgramData\Intel
2015-03-18 01:20 - 2015-03-18 01:20 - 00000000 ____D () C:\Program Files\Realtek
2015-03-18 01:20 - 2012-07-26 00:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-03-18 01:20 - 2012-07-26 00:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-03-18 01:20 - 2012-07-25 22:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-03-18 01:20 - 2012-06-02 10:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-03-18 01:19 - 2014-03-25 06:46 - 03903320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-03-18 01:19 - 2014-03-25 06:13 - 00948440 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-03-18 01:19 - 2014-03-25 05:46 - 56947712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-03-18 01:19 - 2014-03-25 03:08 - 00910648 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-03-18 01:19 - 2014-03-24 04:13 - 02797784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-03-18 01:19 - 2014-03-20 23:35 - 02101040 _____ () C:\Windows\system32\SStudio.dll
2015-03-18 01:19 - 2014-03-17 04:50 - 02832088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-03-18 01:19 - 2014-03-06 04:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-03-18 01:19 - 2014-03-04 17:11 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-03-18 01:19 - 2014-03-04 17:11 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-03-18 01:19 - 2014-03-04 17:11 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-03-18 01:19 - 2014-03-04 17:11 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-03-18 01:19 - 2014-03-04 05:19 - 00627928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-03-18 01:19 - 2014-03-03 08:21 - 01019608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-03-18 01:19 - 2014-02-27 08:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2015-03-18 01:19 - 2014-02-25 20:48 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2015-03-18 01:19 - 2014-02-25 20:47 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-03-18 01:19 - 2014-02-18 07:48 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-03-18 01:19 - 2014-02-18 07:48 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-03-18 01:19 - 2014-02-18 07:48 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-03-18 01:19 - 2014-02-18 06:12 - 01042520 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-03-18 01:19 - 2014-02-18 06:12 - 00882776 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2015-03-18 01:19 - 2014-02-18 05:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-03-18 01:19 - 2014-02-18 02:48 - 02396760 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-03-18 01:19 - 2014-02-18 02:48 - 01424984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-03-18 01:19 - 2014-02-18 02:48 - 01423960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-03-18 01:19 - 2014-02-16 08:30 - 28314200 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2015-03-18 01:19 - 2014-02-16 08:30 - 14742104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-03-18 01:19 - 2014-02-16 08:30 - 12816472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-03-18 01:19 - 2014-02-16 08:30 - 03927640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2015-03-18 01:19 - 2014-02-16 08:30 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-03-18 01:19 - 2014-02-16 08:30 - 02040920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-03-18 01:19 - 2014-02-16 08:30 - 01933400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2015-03-18 01:19 - 2014-02-05 23:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-03-18 01:19 - 2014-01-31 05:28 - 00938608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-03-18 01:19 - 2014-01-31 05:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2015-03-18 01:19 - 2014-01-27 23:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-03-18 01:19 - 2013-10-10 23:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-03-18 01:19 - 2013-10-06 12:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-03-18 01:19 - 2013-10-06 12:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-03-18 01:19 - 2013-10-06 12:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-03-18 01:19 - 2013-09-09 16:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-03-18 01:19 - 2013-08-20 05:37 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll
2015-03-18 01:19 - 2013-08-14 03:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-03-18 01:19 - 2013-08-14 03:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-03-18 01:19 - 2013-06-25 00:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-03-18 01:19 - 2013-06-25 00:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-03-18 01:19 - 2013-06-25 00:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-03-18 01:19 - 2013-04-03 02:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-03-18 01:19 - 2012-08-31 07:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-03-18 01:19 - 2012-08-31 07:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-03-18 01:19 - 2012-08-31 07:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-03-18 01:19 - 2012-08-31 07:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-03-18 01:19 - 2012-08-31 07:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-03-18 01:19 - 2012-01-29 23:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-03-18 01:19 - 2012-01-09 22:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-03-18 01:19 - 2011-12-20 03:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-03-18 01:19 - 2011-11-22 04:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-03-18 01:19 - 2011-09-02 02:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-03-18 01:19 - 2011-09-02 02:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-03-18 01:19 - 2011-09-02 02:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-03-18 01:19 - 2011-08-23 05:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-03-18 01:19 - 2011-05-30 21:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-03-18 01:19 - 2011-05-30 21:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-03-18 01:19 - 2011-05-30 21:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-03-18 01:19 - 2011-05-30 21:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-03-18 01:19 - 2011-05-30 21:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-03-18 01:19 - 2011-05-30 21:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-03-18 01:19 - 2011-05-30 21:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-03-18 01:19 - 2011-05-30 21:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-03-18 01:19 - 2011-05-30 21:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-03-18 01:19 - 2011-05-30 21:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-03-18 01:19 - 2011-05-30 21:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-03-18 01:19 - 2011-05-30 21:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-03-18 01:19 - 2011-03-17 00:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-03-18 01:19 - 2011-03-07 05:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-03-18 01:19 - 2010-11-07 19:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-03-18 01:19 - 2010-11-07 19:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-03-18 01:19 - 2010-11-07 19:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-03-18 01:19 - 2010-11-07 19:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-03-18 01:19 - 2010-11-07 19:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-03-18 01:19 - 2010-11-07 19:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-03-18 01:19 - 2010-11-03 06:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-03-18 01:19 - 2010-09-26 21:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-03-18 01:19 - 2010-07-22 04:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-03-18 01:19 - 2009-11-23 21:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-03-18 01:19 - 2009-11-23 21:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-03-18 01:19 - 2009-11-23 21:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-03-18 01:19 - 2009-11-23 21:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-03-18 01:18 - 2015-03-19 11:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-18 01:18 - 2015-03-18 01:20 - 00000206 _____ () C:\Audio.log
2015-03-18 01:18 - 2015-03-18 01:20 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-03-18 01:18 - 2015-03-18 01:19 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-03-18 01:18 - 2015-03-18 01:18 - 00000000 ____D () C:\Program Files\Intel
2015-03-18 01:18 - 2014-02-26 03:16 - 02080472 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-03-18 01:18 - 2014-01-22 02:35 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2015-03-18 01:18 - 2014-01-22 02:35 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2015-03-18 01:18 - 2013-10-15 15:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-03-18 01:18 - 2013-10-11 00:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-03-18 01:18 - 2013-09-09 16:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-03-18 01:18 - 2013-09-09 16:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-03-18 01:18 - 2013-09-09 16:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-03-18 01:18 - 2013-06-20 23:01 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2015-03-18 01:18 - 2012-03-07 23:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-03-18 01:17 - 2014-01-29 07:04 - 07597040 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2015-03-18 01:17 - 2014-01-29 07:04 - 00906224 _____ (Intel Corporation) C:\Windows\system32\igfxstarter.exe
2015-03-18 01:17 - 2014-01-29 07:04 - 00845296 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2015-03-18 01:17 - 2014-01-29 07:04 - 00771568 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2015-03-18 01:17 - 2014-01-29 07:04 - 00770544 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2015-03-18 01:17 - 2014-01-29 07:04 - 00755184 _____ (Intel Corporation) C:\Windows\system32\GfxUIHotKeyMenu.exe
2015-03-18 01:17 - 2014-01-29 07:04 - 00530928 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2015-03-18 01:17 - 2014-01-29 07:04 - 00397808 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2015-03-18 01:17 - 2014-01-29 07:04 - 00397296 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2015-03-18 01:17 - 2014-01-29 07:04 - 00391152 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2015-03-18 01:17 - 2014-01-29 07:04 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2015-03-18 01:17 - 2014-01-29 07:04 - 00153072 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2015-03-18 01:17 - 2014-01-22 02:57 - 00450520 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2015-03-18 01:17 - 2014-01-22 02:57 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3412.dll
2015-03-18 01:17 - 2014-01-22 02:54 - 00002944 _____ () C:\Windows\system32\iglhxs64.vp
2015-03-18 01:17 - 2014-01-22 02:51 - 21088256 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 19380224 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 09081856 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 07947776 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 04221440 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2015-03-18 01:17 - 2014-01-22 02:51 - 02384896 _____ () C:\Windows\system32\GfxRes.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 00733184 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 00624640 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 00548864 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 00527872 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00527360 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00526848 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00526336 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00525824 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00525312 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00524800 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00524288 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00523776 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00522240 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00521728 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00517632 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00516096 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00514048 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00513536 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00373760 _____ () C:\Windows\system32\igdmd64.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 00371200 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2015-03-18 01:17 - 2014-01-22 02:51 - 00346624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2015-03-18 01:17 - 2014-01-22 02:51 - 00267407 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00253466 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00243712 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 00235401 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00224256 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 00222208 _____ () C:\Windows\system32\igdde64.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 00201128 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00198725 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00194560 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 00192758 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00180936 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00180850 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00178473 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00178290 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00178123 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00176838 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00175862 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00175571 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00175067 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00174802 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00174269 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00173792 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00173276 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00173059 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00172833 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00172554 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00171691 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00168215 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00166833 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00166220 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00161534 _____ () C:\Windows\system32\Gfxres.en-US.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00160256 _____ () C:\Windows\system32\igdail64.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 00154805 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00152993 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2015-03-18 01:17 - 2014-01-22 02:51 - 00066560 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 00029696 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2015-03-18 01:17 - 2014-01-22 02:51 - 00012288 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2015-03-18 01:17 - 2014-01-22 02:48 - 25971712 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2015-03-18 01:17 - 2014-01-22 02:48 - 20433408 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2015-03-18 01:17 - 2014-01-22 02:48 - 18629632 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2015-03-18 01:17 - 2014-01-22 02:48 - 06289408 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll
2015-03-18 01:17 - 2014-01-22 02:48 - 03224064 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2015-03-18 01:17 - 2014-01-22 02:48 - 00493056 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2015-03-18 01:17 - 2014-01-22 02:48 - 00329216 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2015-03-18 01:17 - 2014-01-22 02:48 - 00320512 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2015-03-18 01:17 - 2014-01-22 02:48 - 00299520 _____ () C:\Windows\SysWOW64\igdmd32.dll
2015-03-18 01:17 - 2014-01-22 02:48 - 00182272 _____ () C:\Windows\SysWOW64\igdde32.dll
2015-03-18 01:17 - 2014-01-22 02:48 - 00142848 _____ () C:\Windows\SysWOW64\igdail32.dll
2015-03-18 01:17 - 2014-01-22 02:48 - 00025600 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2015-03-18 01:17 - 2014-01-22 02:44 - 20954112 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2015-03-18 01:17 - 2014-01-22 02:44 - 02896384 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2015-03-18 01:17 - 2014-01-22 02:44 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2015-03-18 01:17 - 2014-01-22 02:44 - 00265216 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 04474368 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 02813952 _____ () C:\Windows\system32\iglhxa64.cpa
2015-03-18 01:17 - 2014-01-22 02:35 - 02065920 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 01815040 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 01127424 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 01123328 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 00214528 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 00179712 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 00163328 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 00155136 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 00137728 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 00133120 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2015-03-18 01:17 - 2014-01-22 02:35 - 00044025 _____ () C:\Windows\system32\iglhxo64.vp
2015-03-18 01:17 - 2014-01-22 02:35 - 00043816 _____ () C:\Windows\system32\iglhxc64_dev.vp
2015-03-18 01:17 - 2014-01-22 02:35 - 00043494 _____ () C:\Windows\system32\iglhxc64.vp
2015-03-18 01:17 - 2014-01-22 02:35 - 00043298 _____ () C:\Windows\system32\iglhxg64_dev.vp
2015-03-18 01:17 - 2014-01-22 02:35 - 00043256 _____ () C:\Windows\system32\iglhxg64.vp
2015-03-18 01:17 - 2014-01-22 02:35 - 00042079 _____ () C:\Windows\system32\iglhxo64_dev.vp
2015-03-18 01:17 - 2014-01-22 02:35 - 00001125 _____ () C:\Windows\system32\iglhxa64.vp
2015-03-18 01:17 - 2014-01-22 02:34 - 03558912 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2015-03-18 01:16 - 2015-03-18 01:21 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-03-18 01:16 - 2013-12-15 19:57 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-03-18 01:15 - 2015-03-18 01:17 - 00000000 ____D () C:\Intel
2015-03-18 01:13 - 2015-03-29 16:01 - 01961252 _____ () C:\Windows\WindowsUpdate.log
2015-03-18 01:12 - 2015-03-29 09:18 - 00001447 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-18 01:12 - 2015-03-29 09:18 - 00001413 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-03-18 01:12 - 2015-03-23 20:16 - 00000000 ____D () C:\Users\PC
2015-03-18 01:12 - 2015-03-23 20:12 - 00000000 ____D () C:\Users\PC\AppData\Local\VirtualStore
2015-03-18 01:12 - 2015-03-18 01:12 - 00000020 ___SH () C:\Users\PC\ntuser.ini
2015-03-18 01:12 - 2009-07-14 00:54 - 00000000 ___RD () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-18 01:12 - 2009-07-14 00:49 - 00000000 ___RD () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-18 01:11 - 2015-03-18 01:11 - 00000000 __SHD () C:\Recovery
2015-03-18 01:09 - 2015-03-18 01:09 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-03-18 01:09 - 2015-03-18 01:09 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-03-18 01:08 - 2015-03-18 01:08 - 00001355 _____ () C:\Windows\TSSysprep.log
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-29 19:51 - 2009-07-14 00:45 - 00028320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-29 19:51 - 2009-07-14 00:45 - 00028320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-29 16:17 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\Performance
2015-03-29 15:53 - 2010-11-20 23:47 - 00503172 _____ () C:\Windows\PFRO.log
2015-03-29 15:53 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-29 15:53 - 2009-07-14 00:51 - 00034265 _____ () C:\Windows\setupact.log
2015-03-29 15:53 - 2009-07-13 23:20 - 00000000 __RSD () C:\Windows\Media
2015-03-29 11:11 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2015-03-25 09:19 - 2009-07-13 22:34 - 00000580 _____ () C:\Windows\win.ini
2015-03-25 09:16 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-24 06:30 - 2009-07-14 00:45 - 00439472 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-23 20:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-03-20 08:45 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-03-18 14:12 - 2011-04-12 04:28 - 00000000 ____D () C:\Windows\ShellNew
2015-03-18 14:12 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-03-18 05:06 - 2009-07-14 01:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-03-18 05:06 - 2009-07-14 01:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-03-18 01:19 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\restore
2015-03-18 01:09 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-18 01:09 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-18 01:08 - 2009-07-14 00:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2015-03-18 01:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-03-03 09:17 - 2010-11-20 23:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
==================== Files in the root of some directories =======
 
2015-03-25 09:53 - 2015-03-25 09:53 - 0613255 _____ (CMI Limited) C:\Users\PC\AppData\Local\nsj2B38.tmp
2015-03-18 01:20 - 2015-03-18 01:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-21 10:57 - 2015-03-21 10:57 - 5763912 _____ () C:\ProgramData\SPL7B37.tmp
2015-03-21 10:42 - 2015-03-21 10:42 - 5763912 _____ () C:\ProgramData\SPLA9B8.tmp
 
Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\21020uninstall.exe
C:\Users\PC\AppData\Local\Temp\33A3A626-871A-B2DB-77A9-2F5D4497CE8C.exe
C:\Users\PC\AppData\Local\Temp\7D89BEB2-E776-3BA8-0A06-DEECB6A10604.dll
C:\Users\PC\AppData\Local\Temp\7D89BEB2-E776-3BA8-0A06-DEECB6A10604.exe
C:\Users\PC\AppData\Local\Temp\AmCSjdHRJm.exe
C:\Users\PC\AppData\Local\Temp\default-search.DLL
C:\Users\PC\AppData\Local\Temp\m2QBPzSgNv.exe
C:\Users\PC\AppData\Local\Temp\ose00000.exe
C:\Users\PC\AppData\Local\Temp\Uninstall.exe
C:\Users\PC\AppData\Local\Temp\Wpa2cW7ukt.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-25 07:44
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by PC at 2015-03-29 19:52:01
Running from C:\Users\PC\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
5 Clicks (HKLM-x32\...\{EB327DC6-0203-402A-9611-71F7D78E8561}) (Version: 5.0.0 - Delaflex)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Camtasia Studio 8 (HKLM-x32\...\{A0FC961E-DC6D-4144-9277-ECDBB99D0AB9}) (Version: 8.5.1.1962 - TechSmith Corporation)
FaxRedist (HKLM-x32\...\{2C8CC208-965C-48A1-90A8-DFB484358F1C}) (Version: 1.0.0 -  )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.19 - Intel Corporation)
Lexmark 5400 Series (HKLM\...\Lexmark 5400 Series) (Version:  - Lexmark International, Inc.)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4214078751-2823816069-1577084461-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.80.218.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Reg Pro Cleaner version 2.0 (HKLM-x32\...\{6406DF9F-E9C8-4C2E-AB48-80352BDF5099}_is1) (Version: 2.0 - Regprocleaner)
Salus (HKLM-x32\...\Salus) (Version: 2.03.29.0 - Salus) <==== ATTENTION!
VideoMakerFX (HKLM-x32\...\VideoMakerFX 1.05) (Version: 1.05 - Webvati)
VideoMakerFX (x32 Version: 1.05 - Webvati) Hidden
XSitePro2 (HKLM\...\XSitePro2) (Version: 2.600 - Intellimon Ltd)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
18-03-2015 01:19:12 Installed Realtek Ethernet Controller Driver
18-03-2015 14:09:25 Installed Microsoft Office Ultimate 2007
19-03-2015 00:26:02 Installed VideoMakerFX
19-03-2015 12:16:18 Installed Adobe Photoshop CS2
19-03-2015 12:43:57 Windows Update
19-03-2015 12:49:00 Installed Camtasia Studio 8
19-03-2015 13:00:12 Installed Camtasia Studio 8
25-03-2015 14:45:18 Installed 5 Clicks
25-03-2015 21:30:46 Removed Citrix Online Launcher
29-03-2015 08:29:48 Removed 5 Clicks
29-03-2015 09:25:21 Windows Update
29-03-2015 09:34:41 Windows Update
29-03-2015 12:02:15 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {01EF7369-A63E-4CD2-BBCC-B76EC24E6173} - \Microsoft\Windows Defender\MP Scheduled Scan No Task File <==== ATTENTION
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - \Microsoft\Windows\Time Synchronization\SynchronizeTime No Task File <==== ATTENTION
Task: {05EACB95-3629-488C-B1D9-784C285250F9} - \Microsoft\Windows\SideShow\SessionAgent No Task File <==== ATTENTION
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 No Task File <==== ATTENTION
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 No Task File <==== ATTENTION
Task: {0F387EFD-8105-42B7-8CFC-4A7CEFCED300} - \Maintence Service No Task File <==== ATTENTION
Task: {1213775C-5D72-445D-97C6-65E2D4E55CA4} - \Opera scheduled Autoupdate 1427633983 No Task File <==== ATTENTION
Task: {194D8E0B-8865-4F09-9236-3D9E7F31DD01} - \Microsoft\Windows\Media Center\RegisterSearch No Task File <==== ATTENTION
Task: {1B77CC92-DFA3-408C-A8E5-E2110A3AA0F2} - \Microsoft\Windows\Media Center\UpdateRecordPath No Task File <==== ATTENTION
Task: {1C9B41EA-57A0-43C1-AB8C-9B465ADD583D} - \Microsoft\Windows\MobilePC\HotStart No Task File <==== ATTENTION
Task: {1F7B7221-AE8F-44F3-BA82-F7D260F51964} - \Microsoft\Windows\Task Manager\Interactive No Task File <==== ATTENTION
Task: {225B8974-666F-4264-9491-F25B4FE6F8DE} - \Microsoft\Windows\Media Center\ReindexSearchRoot No Task File <==== ATTENTION
Task: {2470470F-2634-478E-B181-571E98A789BB} - \Microsoft\Windows\Multimedia\SystemSoundsService No Task File <==== ATTENTION
Task: {28011108-68DF-4C73-B91B-57427D501BBA} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) No Task File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification No Task File <==== ATTENTION
Task: {34C637C7-AA9B-493C-B47C-1CEA42E43DE6} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask No Task File <==== ATTENTION
Task: {37F17573-E8F7-4A5A-B8A0-11CECAEDDEA0} - \RPC No Task File <==== ATTENTION
Task: {40C1D7B1-AC76-454E-A313-1D6501618E33} - \Microsoft\Windows\Media Center\PvrScheduleTask No Task File <==== ATTENTION
Task: {47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip No Task File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration No Task File <==== ATTENTION
Task: {4C8B01A2-11FF-4C41-848F-508EF4F00CF7} - \Microsoft\Windows\TextServicesFramework\MsCtfMonitor No Task File <==== ATTENTION
Task: {4D24A6CC-7299-41C1-99A8-C377C7AB9DF9} - \Microsoft\Office\Office Automatic Updates No Task File <==== ATTENTION
Task: {50FB1B16-F086-4422-BBB1-0EAFFD5968EF} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks No Task File <==== ATTENTION
Task: {58AF8D82-5FD9-4FC3-84FA-FAB9F035AC3D} - \OfficeSoftwareProtectionPlatform\SvcRestartTask No Task File <==== ATTENTION
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - \Microsoft\Windows\UPnP\UPnPHostConfig No Task File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls No Task File <==== ATTENTION
Task: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} - \Microsoft\Windows\Defrag\ScheduledDefrag No Task File <==== ATTENTION
Task: {5F5A18EB-DC73-4E45-A11C-B59043598412} - \Microsoft\Windows\CertificateServicesClient\SystemTask No Task File <==== ATTENTION
Task: {60A1F313-43D9-46C3-B90B-B1EAC62609CB} - \Microsoft\Windows\Media Center\PvrRecoveryTask No Task File <==== ATTENTION
Task: {613612BA-897D-44CE-8DC1-8FC283F9FD51} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) No Task File <==== ATTENTION
Task: {61EF6E9C-1AC2-4E7D-9361-9637D91DEB17} - \Adobe Acrobat Update Task No Task File <==== ATTENTION
Task: {6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF} - \Microsoft\Windows\User Profile Service\HiveUploadTask No Task File <==== ATTENTION
Task: {6EA5233E-4EB3-41EE-A009-A2DAA6DFA1AD} - \Microsoft\Windows\SideShow\GadgetManager No Task File <==== ATTENTION
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck No Task File <==== ATTENTION
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary No Task File <==== ATTENTION
Task: {75EF7C10-EF12-44CA-9F46-B0146F1C7D45} - \Microsoft\Office\Office Subscription Maintenance No Task File <==== ATTENTION
Task: {7AFCC0CA-7121-422A-AB45-B0E8D599FF08} - \Microsoft\Windows\CertificateServicesClient\UserTask No Task File <==== ATTENTION
Task: {7DD99B2A-EB32-48A5-BFBA-191EDAF64DA0} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector No Task File <==== ATTENTION
Task: {813E3867-3D58-4C56-84C6-19519CD7D0E9} - \Microsoft\Windows\Media Center\PeriodicScanRetry No Task File <==== ATTENTION
Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - \Microsoft\Windows\NetTrace\GatherNetworkInfo No Task File <==== ATTENTION
Task: {869A29C2-D2D8-4FBF-81A0-01AD06129BEF} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 No Task File <==== ATTENTION
Task: {882D18F3-CD54-44A8-9BD7-EFC94EF2FCF9} - \Update Service SimpleFiles No Task File <==== ATTENTION
Task: {8C1AD8DB-C7A7-4B8A-9C13-62020E322ADC} - \GlobalUpdate-n2yzy2vxmws1bwf No Task File <==== ATTENTION
Task: {8CD6F518-D375-447A-80D7-005E3B378AE7} - \Microsoft\Windows\Media Center\InstallPlayReady No Task File <==== ATTENTION
Task: {8DA1B5D9-FC1E-42F6-846F-4882266B7D0A} - \Microsoft\Windows\Media Center\ActivateWindowsSearch No Task File <==== ATTENTION
Task: {8DA71B18-E5C4-4765-BF94-D5F7452E9153} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService No Task File <==== ATTENTION
Task: {8DD0F9C0-2CF8-458E-BBD8-314144E917F2} - \Microsoft\Windows\Media Center\mcupdate No Task File <==== ATTENTION
Task: {9435F817-FED2-454E-88CD-7F78FDA62C48} - \Microsoft\Windows\WDI\ResolutionHost No Task File <==== ATTENTION
Task: {96905179-BA75-429A-A890-2E2BD029DA2B} - \Microsoft\Windows\Media Center\OCURActivate No Task File <==== ATTENTION
Task: {96B14261-6037-40DA-8EC4-62D9C8B0E955} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 No Task File <==== ATTENTION
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - \Microsoft\Windows\SystemRestore\SR No Task File <==== ATTENTION
Task: {9979CB83-103A-4105-9E5D-C74B0AF6D198} - \Microsoft\Windows\CertificateServicesClient\UserTask-Roam No Task File <==== ATTENTION
Task: {A2A8B102-56F4-4BFD-9305-DF0D88388A1A} - \Microsoft\Windows\Media Center\ehDRMInit No Task File <==== ATTENTION
Task: {A35BB7A6-5F0C-4C9F-8450-2B3BED532D51} - \Microsoft\Windows\WindowsColorSystem\Calibration Loader No Task File <==== ATTENTION
Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - \Microsoft\Windows\AppID\PolicyConverter No Task File <==== ATTENTION
Task: {A6774A65-B4BB-44CB-8721-9550AC089A9F} - \avaavxvyex No Task File <==== ATTENTION
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - \Microsoft\Windows\Location\Notifications No Task File <==== ATTENTION
Task: {A73082F9-4AA3-44D0-8B41-BA29CDDF2DAF} - \Microsoft\Windows\SideShow\SystemDataProviders No Task File <==== ATTENTION
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - \Microsoft\Windows\Application Experience\ProgramDataUpdater No Task File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent No Task File <==== ATTENTION
Task: {AC668097-4D6B-4093-AC14-014C09DBF820} - \Microsoft\Windows\Ras\MobilityManager No Task File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor No Task File <==== ATTENTION
Task: {B16384FD-1308-4C66-8DA5-BD6187EF0271} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask No Task File <==== ATTENTION
Task: {BA668F0C-A650-4DE2-9F56-D46ECA8BA45C} - \{D22F7AE8-8E44-4F62-9F05-00D10E74F762} No Task File <==== ATTENTION
Task: {BE669C13-8165-4536-96D0-6D6C39292AAE} - \Microsoft\Windows\Diagnosis\Scheduled No Task File <==== ATTENTION
Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator No Task File <==== ATTENTION
Task: {C4D64082-66DF-4A56-A03F-40A4F87750C9} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask No Task File <==== ATTENTION
Task: {CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E} - \Microsoft\Windows\Registry\RegIdleBackup No Task File <==== ATTENTION
Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask No Task File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector No Task File <==== ATTENTION
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - \Microsoft\Windows\Windows Error Reporting\QueueReporting No Task File <==== ATTENTION
Task: {D105A2C4-C9A1-489D-BB6F-8CEF37E12A9C} - \Microsoft\Office\Office ClickToRun Service Monitor No Task File <==== ATTENTION
Task: {D68E79E5-6B24-4CCE-8254-B9CF050D290B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29] (Google Inc.)
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - \Microsoft\Windows\Autochk\Proxy No Task File <==== ATTENTION
Task: {DA41DE71-8431-42FB-9DB0-EB64A961DEAD} - \Microsoft\Windows\Maintenance\WinSAT No Task File <==== ATTENTION
Task: {DC4ABE86-22DB-4EFB-8129-8B3034A0EF85} - \Microsoft\Windows\Media Center\OCURDiscovery No Task File <==== ATTENTION
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask No Task File <==== ATTENTION
Task: {E16F68E1-9A59-48C0-8D4A-F44EA8CDDD1F} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver No Task File <==== ATTENTION
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange No Task File <==== ATTENTION
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - \Microsoft\Windows\Bluetooth\UninstallDeviceTask No Task File <==== ATTENTION
Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask No Task File <==== ATTENTION
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {F3B2D9D5-5BCA-4661-916E-358DE741B76A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29] (Google Inc.)
Task: {F9B2B95D-7CF1-4456-A590-2BF0BB1A49F1} - \Microsoft\Windows\SideShow\AutoWake No Task File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector No Task File <==== ATTENTION
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem No Task File <==== ATTENTION
Task: {FC9A629A-1283-473C-9966-A2386332AE26} - \Microsoft\Windows\Media Center\RecordingRestart No Task File <==== ATTENTION
Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask No Task File <==== ATTENTION
Task: {FFB1C848-41F2-4C45-8FF6-291E6B41D6AC} - \Microsoft\Windows\Media Center\PBDADiscovery No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-03-20 08:44 - 2006-10-18 07:24 - 00045056 _____ () C:\Windows\System32\lxctpmon.dll
2015-03-20 08:44 - 2006-10-18 05:32 - 00081408 _____ () C:\Program Files (x86)\Lexmark 5400 Series\ipcmt64.dll
2015-03-20 08:44 - 2006-11-13 04:40 - 00146432 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxctdrpp.dll
2015-03-23 20:11 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-23 20:13 - 2015-03-23 20:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-28 20:52 - 2015-03-28 20:52 - 00126976 _____ () C:\Users\PC\AppData\Roaming\F9430B45-1427288629-0132-FCA3-300ED5BE4CC1\nsw681B.tmp
2006-08-08 16:21 - 2006-08-08 16:21 - 00732160 _____ () C:\Windows\system32\lxctdrs.dll
2006-08-14 17:17 - 2006-08-14 17:17 - 00025088 _____ () C:\Windows\system32\lxctcaps.dll
2006-05-03 14:31 - 2006-05-03 14:31 - 00054784 _____ () C:\Windows\system32\lxctcnv4.dll
2015-03-25 09:04 - 2015-03-25 09:04 - 00151552 _____ () C:\Users\PC\AppData\Roaming\F9430B45-1427288629-0132-FCA3-300ED5BE4CC1\jnsu470F.tmp
2015-03-20 08:44 - 2006-11-22 10:11 - 00291760 _____ () C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe
2006-11-13 04:41 - 2006-11-13 04:41 - 00135680 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxctdrui.dll
2006-11-13 04:39 - 2006-11-13 04:39 - 00197120 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\lxctdr.dll
2015-03-20 08:44 - 2006-08-08 15:54 - 00278528 _____ () C:\Program Files (x86)\Lexmark 5400 Series\lxctscw.dll
2015-03-20 08:44 - 2006-06-09 02:39 - 00143360 _____ () C:\Program Files (x86)\Lexmark 5400 Series\lxctdrec.dll
2015-03-20 08:44 - 2006-08-08 15:58 - 00692224 _____ () C:\Program Files (x86)\Lexmark 5400 Series\lxctDRS.dll
2015-03-20 08:44 - 2006-08-14 17:17 - 00065536 _____ () C:\Program Files (x86)\Lexmark 5400 Series\lxctcaps.dll
2015-03-20 08:44 - 2006-05-03 14:31 - 00061440 _____ () C:\Program Files (x86)\Lexmark 5400 Series\lxctcnv4.dll
2015-03-20 08:44 - 2006-05-25 16:20 - 00241664 _____ () C:\Program Files (x86)\Lexmark 5400 Series\iptk.dll
2015-03-29 16:04 - 2015-03-14 06:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-29 16:04 - 2015-03-14 06:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-29 16:04 - 2015-03-14 06:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
2015-03-23 20:11 - 2015-03-23 20:11 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-03-29 16:04 - 2015-03-14 06:12 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4214078751-2823816069-1577084461-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4214078751-2823816069-1577084461-500 - Administrator - Disabled)
Guest (S-1-5-21-4214078751-2823816069-1577084461-501 - Limited - Disabled)
PC (S-1-5-21-4214078751-2823816069-1577084461-1000 - Administrator - Enabled) => C:\Users\PC
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/29/2015 03:58:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.
 
Error: (03/29/2015 03:58:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.
 
Error: (03/29/2015 03:54:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/29/2015 00:28:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/29/2015 00:09:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/29/2015 11:48:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/29/2015 11:16:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/29/2015 09:23:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/29/2015 09:20:22 AM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: PC-PC)
Description: HRESULT:0x8004FF11
Description:Can’t install Microsoft Security Essentials on a computer running in safe mode. Your computer is currently running in safe mode. To install Security Essentials, your computer must be running in normal mode. Please restart your computer in normal mode, and then try to run the Security Essentials Setup Wizard again. Error code:0x8004FF11.
 
Error: (03/29/2015 09:17:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (03/29/2015 04:24:04 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {682159D9-C321-47CA-B3F1-30E36B2EC8B9}
 
Error: (03/29/2015 00:18:40 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error: 
%%5
 
Error: (03/29/2015 00:08:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:05:37 PM on ‎29/‎03/‎2015 was unexpected.
 
Error: (03/29/2015 11:45:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (03/29/2015 11:45:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (03/29/2015 11:45:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (03/29/2015 11:45:03 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068BITS{4991D34B-80A1-4291-83B6-3328366B9097}
 
Error: (03/29/2015 11:43:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (03/29/2015 11:43:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (03/29/2015 11:43:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® CPU G3220 @ 3.00GHz
Percentage of memory in use: 62%
Total physical RAM: 4017.33 MB
Available physical RAM: 1516.34 MB
Total Pagefile: 8032.84 MB
Available Pagefile: 5047.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.66 GB) (Free:427.7 GB) NTFS
Drive e: (KINGSTON) (Removable) (Total:28.8 GB) (Free:3.14 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D39085EB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 28.8 GB) (Disk ID: 465D6899)
Partition 1: (Active) - (Size=28.8 GB) - (Type=0B)
 
==================== End Of Log ============================

 


Edited by sadpaddy, 30 March 2015 - 05:06 AM.

  • 0

Advertisements

#2
zep516
Posted 30 March 2015 - 07:28 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

Please remove this program from you programs an features list. Click start, Control panel, programs an features and remove;
Salus

Let me know when that is done.

Thanks
Joe :)
  • 0

#3
sadpaddy
Posted 30 March 2015 - 07:35 PM

sadpaddy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Hello Joe! Thank you for the reply. I did as you requested.

--Patrick


  • 0

#4
zep516
Posted 30 March 2015 - 07:45 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad. Make sure you get it all.
 
start
CloseProcesses:
CreateRestorePoint:
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
SearchScopes: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000 -> DefaultScope {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
S3 FXDrv32; \??\D:\FXDrv64.sys [X]
2015-03-25 09:01 - 2015-03-25 09:01 - 00000000 ____D () C:\Users\PC\AppData\Roaming\SimpleFiles
2015-03-25 09:01 - 2015-03-25 09:01 - 00000000 ____D () C:\Users\PC\AppData\Roaming\n2yzy2vxmws1bwf
ask: {01EF7369-A63E-4CD2-BBCC-B76EC24E6173} - \Microsoft\Windows Defender\MP Scheduled Scan No Task File <==== ATTENTION
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - \Microsoft\Windows\Time Synchronization\SynchronizeTime No Task File <==== ATTENTION
Task: {05EACB95-3629-488C-B1D9-784C285250F9} - \Microsoft\Windows\SideShow\SessionAgent No Task File <==== ATTENTION
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 No Task File <==== ATTENTION
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 No Task File <==== ATTENTION
Task: {0F387EFD-8105-42B7-8CFC-4A7CEFCED300} - \Maintence Service No Task File <==== ATTENTION
Task: {1213775C-5D72-445D-97C6-65E2D4E55CA4} - \Opera scheduled Autoupdate 1427633983 No Task File <==== ATTENTION
Task: {194D8E0B-8865-4F09-9236-3D9E7F31DD01} - \Microsoft\Windows\Media Center\RegisterSearch No Task File <==== ATTENTION
Task: {1B77CC92-DFA3-408C-A8E5-E2110A3AA0F2} - \Microsoft\Windows\Media Center\UpdateRecordPath No Task File <==== ATTENTION
Task: {1C9B41EA-57A0-43C1-AB8C-9B465ADD583D} - \Microsoft\Windows\MobilePC\HotStart No Task File <==== ATTENTION
Task: {1F7B7221-AE8F-44F3-BA82-F7D260F51964} - \Microsoft\Windows\Task Manager\Interactive No Task File <==== ATTENTION
Task: {225B8974-666F-4264-9491-F25B4FE6F8DE} - \Microsoft\Windows\Media Center\ReindexSearchRoot No Task File <==== ATTENTION
Task: {2470470F-2634-478E-B181-571E98A789BB} - \Microsoft\Windows\Multimedia\SystemSoundsService No Task File <==== ATTENTION
Task: {28011108-68DF-4C73-B91B-57427D501BBA} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) No Task File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification No Task File <==== ATTENTION
Task: {34C637C7-AA9B-493C-B47C-1CEA42E43DE6} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask No Task File <==== ATTENTION
Task: {37F17573-E8F7-4A5A-B8A0-11CECAEDDEA0} - \RPC No Task File <==== ATTENTION
Task: {40C1D7B1-AC76-454E-A313-1D6501618E33} - \Microsoft\Windows\Media Center\PvrScheduleTask No Task File <==== ATTENTION
Task: {47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip No Task File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration No Task File <==== ATTENTION
Task: {4C8B01A2-11FF-4C41-848F-508EF4F00CF7} - \Microsoft\Windows\TextServicesFramework\MsCtfMonitor No Task File <==== ATTENTION
Task: {4D24A6CC-7299-41C1-99A8-C377C7AB9DF9} - \Microsoft\Office\Office Automatic Updates No Task File <==== ATTENTION
Task: {50FB1B16-F086-4422-BBB1-0EAFFD5968EF} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks No Task File <==== ATTENTION
Task: {58AF8D82-5FD9-4FC3-84FA-FAB9F035AC3D} - \OfficeSoftwareProtectionPlatform\SvcRestartTask No Task File <==== ATTENTION
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - \Microsoft\Windows\UPnP\UPnPHostConfig No Task File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls No Task File <==== ATTENTION
Task: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} - \Microsoft\Windows\Defrag\ScheduledDefrag No Task File <==== ATTENTION
Task: {5F5A18EB-DC73-4E45-A11C-B59043598412} - \Microsoft\Windows\CertificateServicesClient\SystemTask No Task File <==== ATTENTION
Task: {60A1F313-43D9-46C3-B90B-B1EAC62609CB} - \Microsoft\Windows\Media Center\PvrRecoveryTask No Task File <==== ATTENTION
Task: {613612BA-897D-44CE-8DC1-8FC283F9FD51} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) No Task File <==== ATTENTION
Task: {61EF6E9C-1AC2-4E7D-9361-9637D91DEB17} - \Adobe Acrobat Update Task No Task File <==== ATTENTION
Task: {6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF} - \Microsoft\Windows\User Profile Service\HiveUploadTask No Task File <==== ATTENTION
Task: {6EA5233E-4EB3-41EE-A009-A2DAA6DFA1AD} - \Microsoft\Windows\SideShow\GadgetManager No Task File <==== ATTENTION
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck No Task File <==== ATTENTION
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary No Task File <==== ATTENTION
Task: {75EF7C10-EF12-44CA-9F46-B0146F1C7D45} - \Microsoft\Office\Office Subscription Maintenance No Task File <==== ATTENTION
Task: {7AFCC0CA-7121-422A-AB45-B0E8D599FF08} - \Microsoft\Windows\CertificateServicesClient\UserTask No Task File <==== ATTENTION
Task: {7DD99B2A-EB32-48A5-BFBA-191EDAF64DA0} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector No Task File <==== ATTENTION
Task: {813E3867-3D58-4C56-84C6-19519CD7D0E9} - \Microsoft\Windows\Media Center\PeriodicScanRetry No Task File <==== ATTENTION
Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - \Microsoft\Windows\NetTrace\GatherNetworkInfo No Task File <==== ATTENTION
Task: {869A29C2-D2D8-4FBF-81A0-01AD06129BEF} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 No Task File <==== ATTENTION
Task: {882D18F3-CD54-44A8-9BD7-EFC94EF2FCF9} - \Update Service SimpleFiles No Task File <==== ATTENTION
Task: {8C1AD8DB-C7A7-4B8A-9C13-62020E322ADC} - \GlobalUpdate-n2yzy2vxmws1bwf No Task File <==== ATTENTION
Task: {8CD6F518-D375-447A-80D7-005E3B378AE7} - \Microsoft\Windows\Media Center\InstallPlayReady No Task File <==== ATTENTION
Task: {8DA1B5D9-FC1E-42F6-846F-4882266B7D0A} - \Microsoft\Windows\Media Center\ActivateWindowsSearch No Task File <==== ATTENTION
Task: {8DA71B18-E5C4-4765-BF94-D5F7452E9153} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService No Task File <==== ATTENTION
Task: {8DD0F9C0-2CF8-458E-BBD8-314144E917F2} - \Microsoft\Windows\Media Center\mcupdate No Task File <==== ATTENTION
Task: {9435F817-FED2-454E-88CD-7F78FDA62C48} - \Microsoft\Windows\WDI\ResolutionHost No Task File <==== ATTENTION
Task: {96905179-BA75-429A-A890-2E2BD029DA2B} - \Microsoft\Windows\Media Center\OCURActivate No Task File <==== ATTENTION
Task: {96B14261-6037-40DA-8EC4-62D9C8B0E955} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 No Task File <==== ATTENTION
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - \Microsoft\Windows\SystemRestore\SR No Task File <==== ATTENTION
Task: {9979CB83-103A-4105-9E5D-C74B0AF6D198} - \Microsoft\Windows\CertificateServicesClient\UserTask-Roam No Task File <==== ATTENTION
Task: {A2A8B102-56F4-4BFD-9305-DF0D88388A1A} - \Microsoft\Windows\Media Center\ehDRMInit No Task File <==== ATTENTION
Task: {A35BB7A6-5F0C-4C9F-8450-2B3BED532D51} - \Microsoft\Windows\WindowsColorSystem\Calibration Loader No Task File <==== ATTENTION
Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - \Microsoft\Windows\AppID\PolicyConverter No Task File <==== ATTENTION
Task: {A6774A65-B4BB-44CB-8721-9550AC089A9F} - \avaavxvyex No Task File <==== ATTENTION
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - \Microsoft\Windows\Location\Notifications No Task File <==== ATTENTION
Task: {A73082F9-4AA3-44D0-8B41-BA29CDDF2DAF} - \Microsoft\Windows\SideShow\SystemDataProviders No Task File <==== ATTENTION
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - \Microsoft\Windows\Application Experience\ProgramDataUpdater No Task File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent No Task File <==== ATTENTION
Task: {AC668097-4D6B-4093-AC14-014C09DBF820} - \Microsoft\Windows\Ras\MobilityManager No Task File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor No Task File <==== ATTENTION
Task: {B16384FD-1308-4C66-8DA5-BD6187EF0271} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask No Task File <==== ATTENTION
Task: {BA668F0C-A650-4DE2-9F56-D46ECA8BA45C} - \{D22F7AE8-8E44-4F62-9F05-00D10E74F762} No Task File <==== ATTENTION
Task: {BE669C13-8165-4536-96D0-6D6C39292AAE} - \Microsoft\Windows\Diagnosis\Scheduled No Task File <==== ATTENTION
Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator No Task File <==== ATTENTION
Task: {C4D64082-66DF-4A56-A03F-40A4F87750C9} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask No Task File <==== ATTENTION
Task: {CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E} - \Microsoft\Windows\Registry\RegIdleBackup No Task File <==== ATTENTION
Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask No Task File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector No Task File <==== ATTENTION
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - \Microsoft\Windows\Windows Error Reporting\QueueReporting No Task File <==== ATTENTION
Task: {D105A2C4-C9A1-489D-BB6F-8CEF37E12A9C} - \Microsoft\Office\Office ClickToRun Service Monitor No Task File <==== ATTENTION
Task: {D68E79E5-6B24-4CCE-8254-B9CF050D290B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29] (Google Inc.)
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - \Microsoft\Windows\Autochk\Proxy No Task File <==== ATTENTION
Task: {DA41DE71-8431-42FB-9DB0-EB64A961DEAD} - \Microsoft\Windows\Maintenance\WinSAT No Task File <==== ATTENTION
Task: {DC4ABE86-22DB-4EFB-8129-8B3034A0EF85} - \Microsoft\Windows\Media Center\OCURDiscovery No Task File <==== ATTENTION
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask No Task File <==== ATTENTION
Task: {E16F68E1-9A59-48C0-8D4A-F44EA8CDDD1F} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver No Task File <==== ATTENTION
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange No Task File <==== ATTENTION
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - \Microsoft\Windows\Bluetooth\UninstallDeviceTask No Task File <==== ATTENTION
Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask No Task File <==== ATTENTION
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {F3B2D9D5-5BCA-4661-916E-358DE741B76A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29] (Google Inc.)
Task: {F9B2B95D-7CF1-4456-A590-2BF0BB1A49F1} - \Microsoft\Windows\SideShow\AutoWake No Task File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector No Task File <==== ATTENTION
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem No Task File <==== ATTENTION
Task: {FC9A629A-1283-473C-9966-A2386332AE26} - \Microsoft\Windows\Media Center\RecordingRestart No Task File <==== ATTENTION
Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask No Task File <==== ATTENTION
Task: {FFB1C848-41F2-4C45-8FF6-291E6B41D6AC} - \Microsoft\Windows\Media Center\PBDADiscovery No Task File <==== ATTENTION
CMD: ipconfig /flushdns
hosts:
Emptytemp:
end
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

After the fix is run, a log called fixlog.txt is created on the desktop. Please post it in your next reply.

Thanks
Joe :)
  • 0

#5
sadpaddy
Posted 30 March 2015 - 08:58 PM

sadpaddy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Hi Joe, so far so good. It said it needed to reboot when done and it rebooted cleanly. Seems good. here is the fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by PC at 2015-03-30 22:42:03 Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available profiles: PC)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
CloseProcesses:
CreateRestorePoint:
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
SearchScopes: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000 -> DefaultScope {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-4214078751-2823816069-1577084461-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
S3 FXDrv32; \??\D:\FXDrv64.sys [X]
2015-03-25 09:01 - 2015-03-25 09:01 - 00000000 ____D () C:\Users\PC\AppData\Roaming\SimpleFiles
2015-03-25 09:01 - 2015-03-25 09:01 - 00000000 ____D () C:\Users\PC\AppData\Roaming\n2yzy2vxmws1bwf
ask: {01EF7369-A63E-4CD2-BBCC-B76EC24E6173} - \Microsoft\Windows Defender\MP Scheduled Scan No Task File <==== ATTENTION
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - \Microsoft\Windows\Time Synchronization\SynchronizeTime No Task File <==== ATTENTION
Task: {05EACB95-3629-488C-B1D9-784C285250F9} - \Microsoft\Windows\SideShow\SessionAgent No Task File <==== ATTENTION
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 No Task File <==== ATTENTION
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 No Task File <==== ATTENTION
Task: {0F387EFD-8105-42B7-8CFC-4A7CEFCED300} - \Maintence Service No Task File <==== ATTENTION
Task: {1213775C-5D72-445D-97C6-65E2D4E55CA4} - \Opera scheduled Autoupdate 1427633983 No Task File <==== ATTENTION
Task: {194D8E0B-8865-4F09-9236-3D9E7F31DD01} - \Microsoft\Windows\Media Center\RegisterSearch No Task File <==== ATTENTION
Task: {1B77CC92-DFA3-408C-A8E5-E2110A3AA0F2} - \Microsoft\Windows\Media Center\UpdateRecordPath No Task File <==== ATTENTION
Task: {1C9B41EA-57A0-43C1-AB8C-9B465ADD583D} - \Microsoft\Windows\MobilePC\HotStart No Task File <==== ATTENTION
Task: {1F7B7221-AE8F-44F3-BA82-F7D260F51964} - \Microsoft\Windows\Task Manager\Interactive No Task File <==== ATTENTION
Task: {225B8974-666F-4264-9491-F25B4FE6F8DE} - \Microsoft\Windows\Media Center\ReindexSearchRoot No Task File <==== ATTENTION
Task: {2470470F-2634-478E-B181-571E98A789BB} - \Microsoft\Windows\Multimedia\SystemSoundsService No Task File <==== ATTENTION
Task: {28011108-68DF-4C73-B91B-57427D501BBA} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) No Task File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification No Task File <==== ATTENTION
Task: {34C637C7-AA9B-493C-B47C-1CEA42E43DE6} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask No Task File <==== ATTENTION
Task: {37F17573-E8F7-4A5A-B8A0-11CECAEDDEA0} - \RPC No Task File <==== ATTENTION
Task: {40C1D7B1-AC76-454E-A313-1D6501618E33} - \Microsoft\Windows\Media Center\PvrScheduleTask No Task File <==== ATTENTION
Task: {47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip No Task File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration No Task File <==== ATTENTION
Task: {4C8B01A2-11FF-4C41-848F-508EF4F00CF7} - \Microsoft\Windows\TextServicesFramework\MsCtfMonitor No Task File <==== ATTENTION
Task: {4D24A6CC-7299-41C1-99A8-C377C7AB9DF9} - \Microsoft\Office\Office Automatic Updates No Task File <==== ATTENTION
Task: {50FB1B16-F086-4422-BBB1-0EAFFD5968EF} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks No Task File <==== ATTENTION
Task: {58AF8D82-5FD9-4FC3-84FA-FAB9F035AC3D} - \OfficeSoftwareProtectionPlatform\SvcRestartTask No Task File <==== ATTENTION
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - \Microsoft\Windows\UPnP\UPnPHostConfig No Task File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls No Task File <==== ATTENTION
Task: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} - \Microsoft\Windows\Defrag\ScheduledDefrag No Task File <==== ATTENTION
Task: {5F5A18EB-DC73-4E45-A11C-B59043598412} - \Microsoft\Windows\CertificateServicesClient\SystemTask No Task File <==== ATTENTION
Task: {60A1F313-43D9-46C3-B90B-B1EAC62609CB} - \Microsoft\Windows\Media Center\PvrRecoveryTask No Task File <==== ATTENTION
Task: {613612BA-897D-44CE-8DC1-8FC283F9FD51} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) No Task File <==== ATTENTION
Task: {61EF6E9C-1AC2-4E7D-9361-9637D91DEB17} - \Adobe Acrobat Update Task No Task File <==== ATTENTION
Task: {6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF} - \Microsoft\Windows\User Profile Service\HiveUploadTask No Task File <==== ATTENTION
Task: {6EA5233E-4EB3-41EE-A009-A2DAA6DFA1AD} - \Microsoft\Windows\SideShow\GadgetManager No Task File <==== ATTENTION
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck No Task File <==== ATTENTION
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary No Task File <==== ATTENTION
Task: {75EF7C10-EF12-44CA-9F46-B0146F1C7D45} - \Microsoft\Office\Office Subscription Maintenance No Task File <==== ATTENTION
Task: {7AFCC0CA-7121-422A-AB45-B0E8D599FF08} - \Microsoft\Windows\CertificateServicesClient\UserTask No Task File <==== ATTENTION
Task: {7DD99B2A-EB32-48A5-BFBA-191EDAF64DA0} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector No Task File <==== ATTENTION
Task: {813E3867-3D58-4C56-84C6-19519CD7D0E9} - \Microsoft\Windows\Media Center\PeriodicScanRetry No Task File <==== ATTENTION
Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - \Microsoft\Windows\NetTrace\GatherNetworkInfo No Task File <==== ATTENTION
Task: {869A29C2-D2D8-4FBF-81A0-01AD06129BEF} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 No Task File <==== ATTENTION
Task: {882D18F3-CD54-44A8-9BD7-EFC94EF2FCF9} - \Update Service SimpleFiles No Task File <==== ATTENTION
Task: {8C1AD8DB-C7A7-4B8A-9C13-62020E322ADC} - \GlobalUpdate-n2yzy2vxmws1bwf No Task File <==== ATTENTION
Task: {8CD6F518-D375-447A-80D7-005E3B378AE7} - \Microsoft\Windows\Media Center\InstallPlayReady No Task File <==== ATTENTION
Task: {8DA1B5D9-FC1E-42F6-846F-4882266B7D0A} - \Microsoft\Windows\Media Center\ActivateWindowsSearch No Task File <==== ATTENTION
Task: {8DA71B18-E5C4-4765-BF94-D5F7452E9153} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService No Task File <==== ATTENTION
Task: {8DD0F9C0-2CF8-458E-BBD8-314144E917F2} - \Microsoft\Windows\Media Center\mcupdate No Task File <==== ATTENTION
Task: {9435F817-FED2-454E-88CD-7F78FDA62C48} - \Microsoft\Windows\WDI\ResolutionHost No Task File <==== ATTENTION
Task: {96905179-BA75-429A-A890-2E2BD029DA2B} - \Microsoft\Windows\Media Center\OCURActivate No Task File <==== ATTENTION
Task: {96B14261-6037-40DA-8EC4-62D9C8B0E955} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 No Task File <==== ATTENTION
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - \Microsoft\Windows\SystemRestore\SR No Task File <==== ATTENTION
Task: {9979CB83-103A-4105-9E5D-C74B0AF6D198} - \Microsoft\Windows\CertificateServicesClient\UserTask-Roam No Task File <==== ATTENTION
Task: {A2A8B102-56F4-4BFD-9305-DF0D88388A1A} - \Microsoft\Windows\Media Center\ehDRMInit No Task File <==== ATTENTION
Task: {A35BB7A6-5F0C-4C9F-8450-2B3BED532D51} - \Microsoft\Windows\WindowsColorSystem\Calibration Loader No Task File <==== ATTENTION
Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - \Microsoft\Windows\AppID\PolicyConverter No Task File <==== ATTENTION
Task: {A6774A65-B4BB-44CB-8721-9550AC089A9F} - \avaavxvyex No Task File <==== ATTENTION
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - \Microsoft\Windows\Location\Notifications No Task File <==== ATTENTION
Task: {A73082F9-4AA3-44D0-8B41-BA29CDDF2DAF} - \Microsoft\Windows\SideShow\SystemDataProviders No Task File <==== ATTENTION
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - \Microsoft\Windows\Application Experience\ProgramDataUpdater No Task File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent No Task File <==== ATTENTION
Task: {AC668097-4D6B-4093-AC14-014C09DBF820} - \Microsoft\Windows\Ras\MobilityManager No Task File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor No Task File <==== ATTENTION
Task: {B16384FD-1308-4C66-8DA5-BD6187EF0271} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask No Task File <==== ATTENTION
Task: {BA668F0C-A650-4DE2-9F56-D46ECA8BA45C} - \{D22F7AE8-8E44-4F62-9F05-00D10E74F762} No Task File <==== ATTENTION
Task: {BE669C13-8165-4536-96D0-6D6C39292AAE} - \Microsoft\Windows\Diagnosis\Scheduled No Task File <==== ATTENTION
Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator No Task File <==== ATTENTION
Task: {C4D64082-66DF-4A56-A03F-40A4F87750C9} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask No Task File <==== ATTENTION
Task: {CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E} - \Microsoft\Windows\Registry\RegIdleBackup No Task File <==== ATTENTION
Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask No Task File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector No Task File <==== ATTENTION
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - \Microsoft\Windows\Windows Error Reporting\QueueReporting No Task File <==== ATTENTION
Task: {D105A2C4-C9A1-489D-BB6F-8CEF37E12A9C} - \Microsoft\Office\Office ClickToRun Service Monitor No Task File <==== ATTENTION
Task: {D68E79E5-6B24-4CCE-8254-B9CF050D290B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29] (Google Inc.)
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - \Microsoft\Windows\Autochk\Proxy No Task File <==== ATTENTION
Task: {DA41DE71-8431-42FB-9DB0-EB64A961DEAD} - \Microsoft\Windows\Maintenance\WinSAT No Task File <==== ATTENTION
Task: {DC4ABE86-22DB-4EFB-8129-8B3034A0EF85} - \Microsoft\Windows\Media Center\OCURDiscovery No Task File <==== ATTENTION
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask No Task File <==== ATTENTION
Task: {E16F68E1-9A59-48C0-8D4A-F44EA8CDDD1F} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver No Task File <==== ATTENTION
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange No Task File <==== ATTENTION
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - \Microsoft\Windows\Bluetooth\UninstallDeviceTask No Task File <==== ATTENTION
Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask No Task File <==== ATTENTION
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {F3B2D9D5-5BCA-4661-916E-358DE741B76A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-29] (Google Inc.)
Task: {F9B2B95D-7CF1-4456-A590-2BF0BB1A49F1} - \Microsoft\Windows\SideShow\AutoWake No Task File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector No Task File <==== ATTENTION
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem No Task File <==== ATTENTION
Task: {FC9A629A-1283-473C-9966-A2386332AE26} - \Microsoft\Windows\Media Center\RecordingRestart No Task File <==== ATTENTION
Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask No Task File <==== ATTENTION
Task: {FFB1C848-41F2-4C45-8FF6-291E6B41D6AC} - \Microsoft\Windows\Media Center\PBDADiscovery No Task File <==== ATTENTION
CMD: ipconfig /flushdns
hosts:
Emptytemp:
end
*****************
 
Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}" => Key deleted successfully.
HKCR\CLSID\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} => Key not found. 
HKU\S-1-5-21-4214078751-2823816069-1577084461-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-4214078751-2823816069-1577084461-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => Key deleted successfully.
HKCR\CLSID\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found. 
"HKU\S-1-5-21-4214078751-2823816069-1577084461-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}" => Key deleted successfully.
HKCR\CLSID\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} => Key not found. 
FXDrv32 => Service deleted successfully.
C:\Users\PC\AppData\Roaming\SimpleFiles => Moved successfully.
C:\Users\PC\AppData\Roaming\n2yzy2vxmws1bwf => Moved successfully.
ask: {01EF7369-A63E-4CD2-BBCC-B76EC24E6173} - \Microsoft\Windows Defender\MP Scheduled Scan No Task File <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Time Synchronization\SynchronizeTime" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{05EACB95-3629-488C-B1D9-784C285250F9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05EACB95-3629-488C-B1D9-784C285250F9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SessionAgent" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0F387EFD-8105-42B7-8CFC-4A7CEFCED300}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F387EFD-8105-42B7-8CFC-4A7CEFCED300}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Maintence Service" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1213775C-5D72-445D-97C6-65E2D4E55CA4} => Key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1427633983 => Key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{194D8E0B-8865-4F09-9236-3D9E7F31DD01}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{194D8E0B-8865-4F09-9236-3D9E7F31DD01}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B77CC92-DFA3-408C-A8E5-E2110A3AA0F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B77CC92-DFA3-408C-A8E5-E2110A3AA0F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C9B41EA-57A0-43C1-AB8C-9B465ADD583D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C9B41EA-57A0-43C1-AB8C-9B465ADD583D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\HotStart" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F7B7221-AE8F-44F3-BA82-F7D260F51964}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F7B7221-AE8F-44F3-BA82-F7D260F51964}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Task Manager\Interactive" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{225B8974-666F-4264-9491-F25B4FE6F8DE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{225B8974-666F-4264-9491-F25B4FE6F8DE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2470470F-2634-478E-B181-571E98A789BB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2470470F-2634-478E-B181-571E98A789BB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SystemSoundsService" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{28011108-68DF-4C73-B91B-57427D501BBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28011108-68DF-4C73-B91B-57427D501BBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34C637C7-AA9B-493C-B47C-1CEA42E43DE6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34C637C7-AA9B-493C-B47C-1CEA42E43DE6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37F17573-E8F7-4A5A-B8A0-11CECAEDDEA0} => Key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RPC => Key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40C1D7B1-AC76-454E-A313-1D6501618E33}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40C1D7B1-AC76-454E-A313-1D6501618E33}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControlsMigration" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TextServicesFramework\MsCtfMonitor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D24A6CC-7299-41C1-99A8-C377C7AB9DF9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D24A6CC-7299-41C1-99A8-C377C7AB9DF9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50FB1B16-F086-4422-BBB1-0EAFFD5968EF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50FB1B16-F086-4422-BBB1-0EAFFD5968EF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58AF8D82-5FD9-4FC3-84FA-FAB9F035AC3D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58AF8D82-5FD9-4FC3-84FA-FAB9F035AC3D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A40E926-9E86-4B89-9CFD-B12311724371}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A40E926-9E86-4B89-9CFD-B12311724371}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP\UPnPHostConfig" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControls" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Defrag\ScheduledDefrag" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5F5A18EB-DC73-4E45-A11C-B59043598412}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5A18EB-DC73-4E45-A11C-B59043598412}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\SystemTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{60A1F313-43D9-46C3-B90B-B1EAC62609CB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60A1F313-43D9-46C3-B90B-B1EAC62609CB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{613612BA-897D-44CE-8DC1-8FC283F9FD51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613612BA-897D-44CE-8DC1-8FC283F9FD51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{61EF6E9C-1AC2-4E7D-9361-9637D91DEB17}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61EF6E9C-1AC2-4E7D-9361-9637D91DEB17}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\User Profile Service\HiveUploadTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6EA5233E-4EB3-41EE-A009-A2DAA6DFA1AD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EA5233E-4EB3-41EE-A009-A2DAA6DFA1AD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\GadgetManager" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{72DB7465-BC54-491B-A92A-4637A28C9BBF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72DB7465-BC54-491B-A92A-4637A28C9BBF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75EF7C10-EF12-44CA-9F46-B0146F1C7D45}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75EF7C10-EF12-44CA-9F46-B0146F1C7D45}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Subscription Maintenance" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\UserTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DD99B2A-EB32-48A5-BFBA-191EDAF64DA0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DD99B2A-EB32-48A5-BFBA-191EDAF64DA0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{813E3867-3D58-4C56-84C6-19519CD7D0E9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{813E3867-3D58-4C56-84C6-19519CD7D0E9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetTrace\GatherNetworkInfo" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{869A29C2-D2D8-4FBF-81A0-01AD06129BEF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{869A29C2-D2D8-4FBF-81A0-01AD06129BEF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{882D18F3-CD54-44A8-9BD7-EFC94EF2FCF9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{882D18F3-CD54-44A8-9BD7-EFC94EF2FCF9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service SimpleFiles" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8C1AD8DB-C7A7-4B8A-9C13-62020E322ADC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C1AD8DB-C7A7-4B8A-9C13-62020E322ADC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GlobalUpdate-n2yzy2vxmws1bwf" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CD6F518-D375-447A-80D7-005E3B378AE7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CD6F518-D375-447A-80D7-005E3B378AE7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8DA1B5D9-FC1E-42F6-846F-4882266B7D0A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DA1B5D9-FC1E-42F6-846F-4882266B7D0A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8DA71B18-E5C4-4765-BF94-D5F7452E9153}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DA71B18-E5C4-4765-BF94-D5F7452E9153}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8DD0F9C0-2CF8-458E-BBD8-314144E917F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DD0F9C0-2CF8-458E-BBD8-314144E917F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9435F817-FED2-454E-88CD-7F78FDA62C48}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9435F817-FED2-454E-88CD-7F78FDA62C48}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\ResolutionHost" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96905179-BA75-429A-A890-2E2BD029DA2B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96905179-BA75-429A-A890-2E2BD029DA2B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96B14261-6037-40DA-8EC4-62D9C8B0E955}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96B14261-6037-40DA-8EC4-62D9C8B0E955}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{994C86AD-A929-4B2C-88A0-4E25A107A029}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86AD-A929-4B2C-88A0-4E25A107A029}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SystemRestore\SR" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9979CB83-103A-4105-9E5D-C74B0AF6D198}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9979CB83-103A-4105-9E5D-C74B0AF6D198}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\UserTask-Roam" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2A8B102-56F4-4BFD-9305-DF0D88388A1A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2A8B102-56F4-4BFD-9305-DF0D88388A1A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsColorSystem\Calibration Loader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A48CABBF-24C8-4B87-B00F-9261807C3B43}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A48CABBF-24C8-4B87-B00F-9261807C3B43}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\PolicyConverter" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6774A65-B4BB-44CB-8721-9550AC089A9F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6774A65-B4BB-44CB-8721-9550AC089A9F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avaavxvyex" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A73082F9-4AA3-44D0-8B41-BA29CDDF2DAF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A73082F9-4AA3-44D0-8B41-BA29CDDF2DAF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SystemDataProviders" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7C73732-9F11-4281-8D19-764D4EC9D94D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7C73732-9F11-4281-8D19-764D4EC9D94D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\ProgramDataUpdater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC668097-4D6B-4093-AC14-014C09DBF820}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC668097-4D6B-4093-AC14-014C09DBF820}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Ras\MobilityManager" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B16384FD-1308-4C66-8DA5-BD6187EF0271}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B16384FD-1308-4C66-8DA5-BD6187EF0271}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA668F0C-A650-4DE2-9F56-D46ECA8BA45C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA668F0C-A650-4DE2-9F56-D46ECA8BA45C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D22F7AE8-8E44-4F62-9F05-00D10E74F762}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE669C13-8165-4536-96D0-6D6C39292AAE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE669C13-8165-4536-96D0-6D6C39292AAE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Diagnosis\Scheduled" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C016366B-7126-46CA-B36B-592A3D95A60B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C016366B-7126-46CA-B36B-592A3D95A60B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4D64082-66DF-4A56-A03F-40A4F87750C9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4D64082-66DF-4A56-A03F-40A4F87750C9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Registry\RegIdleBackup" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0250F3F-6480-484F-B719-42F659AC64D5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F3F-6480-484F-B719-42F659AC64D5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\QueueReporting" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D105A2C4-C9A1-489D-BB6F-8CEF37E12A9C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D105A2C4-C9A1-489D-BB6F-8CEF37E12A9C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office ClickToRun Service Monitor" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D68E79E5-6B24-4CCE-8254-B9CF050D290B} => Key not found. 
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Autochk\Proxy" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA41DE71-8431-42FB-9DB0-EB64A961DEAD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA41DE71-8431-42FB-9DB0-EB64A961DEAD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\WinSAT" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC4ABE86-22DB-4EFB-8129-8B3034A0EF85}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC4ABE86-22DB-4EFB-8129-8B3034A0EF85}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD9F510C-95F4-499A-90C8-BAC5BC372FF4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD9F510C-95F4-499A-90C8-BAC5BC372FF4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E16F68E1-9A59-48C0-8D4A-F44EA8CDDD1F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E16F68E1-9A59-48C0-8D4A-F44EA8CDDD1F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E22A8667-F75B-4BA9-BA46-067ED4429DE8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E22A8667-F75B-4BA9-BA46-067ED4429DE8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3163C33-301D-4730-A266-5518C5ED3967}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3163C33-301D-4730-A266-5518C5ED3967}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Bluetooth\UninstallDeviceTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EACA24FF-236C-401D-A1E7-B3D5267B8A50}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EACA24FF-236C-401D-A1E7-B3D5267B8A50}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RAC\RacTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EB02381F-D652-4B1C-894A-712498C62C51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3B2D9D5-5BCA-4661-916E-358DE741B76A} => Key not found. 
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F9B2B95D-7CF1-4456-A590-2BF0BB1A49F1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9B2B95D-7CF1-4456-A590-2BF0BB1A49F1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\AutoWake" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB3C354D-297A-4EB2-9B58-090F6361906B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB3C354D-297A-4EB2-9B58-090F6361906B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{FC9A629A-1283-473C-9966-A2386332AE26}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC9A629A-1283-473C-9966-A2386332AE26}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDD56C73-F0D5-41B6-B767-6EFFD7966428}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDD56C73-F0D5-41B6-B767-6EFFD7966428}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFB1C848-41F2-4C45-8FF6-291E6B41D6AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFB1C848-41F2-4C45-8FF6-291E6B41D6AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => Key deleted successfully.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 2.1 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 22:43:21 ====

  • 0

#6
zep516
Posted 30 March 2015 - 09:01 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Next

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the logfile button and the log will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner
  • Next

    thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.


    In your next reply post;
    • The AdwCleaner [SO].txt Log
    • The JRT.txt Log
    Thanks
    Joe :)

  • 0

#7
sadpaddy
Posted 31 March 2015 - 06:48 AM

sadpaddy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Hi Joe, the only anti-virus I am currently running is Malwarebytes. Should I delete that program too or is it safe?

Anyway, followed all your instructions. Here are the AdwCleaner[SO].txt and JRT.txt files:

-----------------------

 

# AdwCleaner v4.200 - Logfile created 31/03/2015 at 08:32:27
# Updated 29/03/2015 by Xplode
# Database : 2015-03-29.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : PC - PC-PC
# Running from : C:\Users\PC\Downloads\adwcleaner_4.200.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\Salus
Folder Deleted : C:\Program Files (x86)\Assets Manager
Folder Deleted : C:\Users\PC\Documents\Updater
File Deleted : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\iedll.dll
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [HitsBlender]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\SimpleFiles
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKLM\SOFTWARE\SimpleFiles
Key Deleted : HKLM\SOFTWARE\SPPDCOM
Key Deleted : HKLM\SOFTWARE\IGS
Key Deleted : HKLM\SOFTWARE\HitsBlender
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v8.0.7601.17514
 
 
-\\ Google Chrome v41.0.2272.101
 
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : elggllhppljlljkgfeokjpehmdamkejk
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Default_Search_Provider_Data] : 
 
-\\ Opera v0.0.0.0
 
 
*************************
 
AdwCleaner[R0].txt - [8362 bytes] - [31/03/2015 08:28:51]
AdwCleaner[S0].txt - [2317 bytes] - [31/03/2015 08:32:27]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2376  bytes] ##########
 
---------------------------
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.8 (03.30.2015:1)
OS: Windows 7 Home Premium x64
Ran by PC on 31/03/2015 at  8:40:03.97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31/03/2015 at  8:43:04.23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

  • 0

#8
zep516
Posted 31 March 2015 - 11:50 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts

the only anti-virus I am currently running is Malwarebytes.


Below I see this running, on your computer;
Microsoft Security Client\MsMpEng.exe
That's Microsoft Security Essentials, it's what I use. You should have a little green house (Icon) with a white check mark in it on your task bar down by the clock.

Malwarebytes is an on demand scanner, unless you have the paid version then it runs in real time scanning and that appears to be what you have too. So all that seems to be ok.

Do you see the green house by the clock in the taskbar ?
  • 0

#9
sadpaddy
Posted 31 March 2015 - 11:59 AM

sadpaddy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

No, I think I might have deleted it yesterday or the day before without thinking. Should I download it again?


  • 0

#10
zep516
Posted 31 March 2015 - 12:03 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

Yes. Download & Reinstall it from Here Do a scan with it too, before you head to the pub. :)

Joe
  • 0

Advertisements

#11
sadpaddy
Posted 31 March 2015 - 12:44 PM

sadpaddy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Thanks Joe, that is a long scan ~ Enough time for a pint! It said no threats detected. :)


  • 0

#12
zep516
Posted 31 March 2015 - 12:51 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
OK.

How is the computer now ?

Joe
  • 0

#13
sadpaddy
Posted 31 March 2015 - 01:24 PM

sadpaddy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

HI Joe, it seems to be okay except when I shut down Windows 7 it says that it wants to load 24 updates and when I let it do the updates before it really screwed everything up. I had to use the original Windows 7 disc to boot in safe mode and run Malwarebytes. Anyway I just hold the power button down to shut down or let the computer go into sleep mode instead. While it is actually running, everything seems good so I really owe you a big thanks as I had so much work to get done. I think it is pretty much back to normal now.


  • 0

#14
zep516
Posted 31 March 2015 - 01:49 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
You really should let the up dates install.

Lets remove the tools I had you download by following the exercise below;

Download DelFix by Xplode and save it to your desktop.
  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report.
    Paste it for my review.

  • 0

#15
sadpaddy
Posted 31 March 2015 - 02:00 PM

sadpaddy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Here is the report:

 

# DelFix v10.9 - Logfile created 31/03/2015 at 15:58:48
# Updated 27/02/2015 by Xplode
# Username : PC - PC-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\PC\Desktop\Addition.txt
Deleted : C:\Users\PC\Desktop\Fixlog.txt
Deleted : C:\Users\PC\Desktop\FRST.txt
Deleted : C:\Users\PC\Desktop\FRST64 (1).exe
Deleted : C:\Users\PC\Desktop\JRT.exe
Deleted : C:\Users\PC\Desktop\JRT.txt
Deleted : C:\Users\PC\Downloads\adwcleaner_4.200.exe
Deleted : C:\Users\PC\Downloads\FRST64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
 
~ Cleaning system restore ...
 
Deleted : RP #10 [Installed 5 Clicks | 03/25/2015 18:45:18]
Deleted : RP #11 [Removed Citrix Online Launcher | 03/26/2015 01:30:46]
Deleted : RP #12 [Removed 5 Clicks | 03/29/2015 12:29:48]
Deleted : RP #13 [Windows Update | 03/29/2015 13:25:21]
Deleted : RP #14 [Windows Update | 03/29/2015 13:34:41]
Deleted : RP #15 [Windows Update | 03/29/2015 16:02:15]
Deleted : RP #16 [Windows Update | 03/30/2015 10:45:08]
Deleted : RP #18 [Windows Update | 03/30/2015 22:30:07]
Deleted : RP #20 [Restore Point Created by FRST | 03/31/2015 02:42:21]
Deleted : RP #21 [Removed 5 Clicks | 03/31/2015 12:14:26]
Deleted : RP #22 [Windows Update | 03/31/2015 18:08:36]
Deleted : RP #23 [Windows Update | 03/31/2015 18:11:24]
Deleted : RP #24 [Windows Update | 03/31/2015 18:50:09]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: chrome redirect, chrome

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP