Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need help to remove of pro pc cleaner


  • This topic is locked This topic is locked

#1
connerYule

connerYule

    Member

  • Member
  • PipPip
  • 31 posts
Hi I need help to remove pro pc cleaner. I have no idea of code work so please take it step by step with me if you can.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by Conner (administrator) on CONNER (06-11-2015 19:47:10)
Running from C:\Users\MIKE\Desktop
Loaded Profiles: Conner (Available Profiles: Conner & Guest)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIICE.EXE
(© 2015 Microsoft Corporation) C:\Users\MIKE\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\MIKE\AppData\Local\wincheck\wincheck.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)
HKLM-x32\...\Run: [PCFixSpeed] => "C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe" /startup
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [WinCheck] => C:\Users\MIKE\AppData\Local\wincheck\wincheck.exe [529408 2014-12-26] ()
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIICE.EXE [283232 2014-12-11] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\...\Run: [BingSvc] => C:\Users\MIKE\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-05] (Valve Corporation)
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48138880 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\...\Run: [GoogleChromeAutoLaunch_7D248BA95DA1082B294F0DB4B3AC73E4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\...\MountPoints2: {fc2c6d37-b6e9-11e3-be86-a0d3c1962d1e} - "F:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIICE.EXE [283232 2014-12-11] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\MIKE\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\MIKE\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\MIKE\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\MIKE\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\MIKE\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\MIKE\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-03] (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5006a001-61e7-4aab-b4ee-dfd662dfd610}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d3544bda-b7fe-4621-af66-33e7fb244b51}: [DhcpNameServer] 10.0.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2L&ocid=SK2LDHP&osmkt=en-us
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=BDT3&ocid=BDT3DHP
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/SK2M_FRPage
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://search.conduit.com/?gd=&ctid=CT3319613&octid=EB_ORIGINAL_CTID&ISID=M7AF3CB0D-C160-4F3E-949B-0BC650B2FB20&SearchSource=55&CUI=&UM=5&UP=SPDA6AA57B-2BE6-4BA2-96E1-8DF2CB1F072C&SSPV=
SearchScopes: HKLM -> {642C7DEF-F70A-4866-8943-657403176A37} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {642C7DEF-F70A-4866-8943-657403176A37} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-2606864514-3428416984-990069431-1001 -> {0F9D0265-3BCD-4481-A866-843D0E73C062} URL = hxxp://www.search.ask.com/web?tpid=ORJ-V7-SAT&o=APN11460&pf=V7&p2=%5EBE6%5EOSJ000%5EYY%5EUS&gct=&itbv=12.10.6.53&apn_uid=085BDFC2-1643-488A-A8BA-FECBCD3BF215&apn_ptnrs=BE6&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=ie_11.0.9600.16518&doi=2014-04-16&trgb=IE&q={searchTerms}&psv=
SearchScopes: HKU\S-1-5-21-2606864514-3428416984-990069431-1001 -> {642C7DEF-F70A-4866-8943-657403176A37} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2606864514-3428416984-990069431-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: No Name -> {4F524A2D-5637-2D53-4154-7A786E7484D7} -> No File
BHO: No Name -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-2606864514-3428416984-990069431-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-25] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-02] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-01-14] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-01-14] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-06-25] ()
FF Plugin HKU\S-1-5-21-2606864514-3428416984-990069431-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MIKE\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-10] (Unity Technologies ApS)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?tpid=ORJ-V7C&o=APN11405&pf=V7&trgb=IE&p2=%5EBBD%5EOSJ000%5EYY%5EUS&gct=hp&apn_ptnrs=BBD&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=ie_10.0.9200.16482&apn_uid=EDD1CCF6-404F-47E2-A7E8-F637EEDF0BE0&itbv=12.7.0.15&doi=2013-12-26&psv=&pt=tb"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06]
CHR Extension: (Google Docs) - C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Google Drive) - C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-24]
CHR Extension: (Google Search) - C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Sheets) - C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06]
CHR Extension: (Google Docs Offline) - C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (Skype Click to Call) - C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (Gmail) - C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2606864514-3428416984-990069431-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-06-25] (WildTangent)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-11-05] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2014-01-14] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-06-24] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-09-06] (Qualcomm Atheros Communications, Inc.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-01-14] (Intel Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-05-07] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
R1 {14d0f170-74e0-4cbf-843b-3db832216c50}Gw64; C:\Windows\System32\drivers\{14d0f170-74e0-4cbf-843b-3db832216c50}Gw64.sys [48784 2014-12-29] (StdLib)
R1 {72046701-0cbb-49f5-bb97-c718dc285f35}Gw64; C:\Windows\System32\drivers\{72046701-0cbb-49f5-bb97-c718dc285f35}Gw64.sys [48784 2015-01-08] (StdLib)
R1 {7b7db604-54eb-492b-a629-19e0f0c6ac57}Gw64; C:\Windows\System32\drivers\{7b7db604-54eb-492b-a629-19e0f0c6ac57}Gw64.sys [48784 2015-01-01] (StdLib)
R1 {eacdcf9d-1414-4d83-9a1b-eda2e6df739c}Gw64; C:\Windows\System32\drivers\{eacdcf9d-1414-4d83-9a1b-eda2e6df739c}Gw64.sys [48784 2014-12-26] (StdLib)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-06 19:47 - 2015-11-06 19:48 - 00026016 _____ C:\Users\MIKE\Desktop\FRST.txt
2015-11-06 19:47 - 2015-11-06 19:47 - 00000000 ____D C:\FRST
2015-11-06 19:45 - 2015-11-06 19:46 - 02198528 _____ (Farbar) C:\Users\MIKE\Desktop\FRST64.exe
2015-11-06 19:33 - 2015-11-06 19:33 - 00016148 _____ C:\WINDOWS\system32\CONNER_Conner_HistoryPrediction.bin
2015-11-05 22:32 - 2015-11-05 22:34 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-11-05 22:31 - 2015-11-05 22:31 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-11-05 22:31 - 2015-11-05 22:31 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-11-05 22:31 - 2015-11-05 22:31 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-11-05 22:31 - 2015-11-05 22:31 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-11-05 22:31 - 2015-11-05 22:31 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-11-05 22:31 - 2015-11-05 22:31 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00181524 _____ C:\WINDOWS\system32\resELL.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00163044 _____ C:\WINDOWS\system32\resARA.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00155988 _____ C:\WINDOWS\system32\resITA.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00155828 _____ C:\WINDOWS\system32\resROM.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00155716 _____ C:\WINDOWS\system32\resESN.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00149812 _____ C:\WINDOWS\system32\resENU.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui
2015-11-05 22:31 - 2015-11-05 22:31 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-11-05 22:31 - 2015-11-05 22:31 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-11-05 22:30 - 2015-11-05 22:31 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-11-05 22:30 - 2015-11-05 22:30 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-11-05 22:30 - 2015-11-05 22:30 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-11-05 22:30 - 2015-11-05 22:30 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-11-05 22:30 - 2015-11-05 22:30 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-11-05 22:30 - 2015-11-05 22:30 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-11-05 22:30 - 2015-11-05 22:30 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-11-05 22:30 - 2015-11-05 22:30 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-11-05 22:30 - 2015-11-05 22:30 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-11-05 22:30 - 2015-11-05 22:30 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-11-05 22:30 - 2015-11-05 22:30 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-11-05 22:30 - 2015-11-05 22:30 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-11-05 22:30 - 2015-11-05 22:30 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-11-05 22:30 - 2015-11-05 22:30 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll
2015-11-05 22:30 - 2015-11-05 22:30 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-11-05 22:30 - 2015-11-05 22:30 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll
2015-11-05 22:30 - 2015-11-05 22:30 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-11-05 22:30 - 2015-11-05 22:30 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-11-05 22:30 - 2015-11-05 22:30 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-11-04 16:43 - 2015-11-06 13:26 - 00000351 _____ C:\WINDOWS\setupact.log
2015-10-31 18:49 - 2015-10-31 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-10-31 18:43 - 2015-10-31 18:43 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-31 18:43 - 2015-10-31 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-31 18:43 - 2015-10-31 18:43 - 00000000 ____D C:\Program Files\iTunes
2015-10-31 18:43 - 2015-10-31 18:43 - 00000000 ____D C:\Program Files\iPod
2015-10-31 18:43 - 2015-10-31 18:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-10-29 18:22 - 2015-10-27 18:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-29 18:22 - 2015-10-27 18:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-29 18:22 - 2015-10-21 07:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-29 18:22 - 2015-10-21 07:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-29 18:22 - 2015-10-21 06:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-29 18:22 - 2015-10-21 06:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-29 18:22 - 2015-10-21 00:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-29 18:22 - 2015-10-21 00:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-29 18:21 - 2015-10-21 07:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-29 18:21 - 2015-10-21 07:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-29 18:21 - 2015-10-21 07:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-29 18:21 - 2015-10-21 07:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-29 18:21 - 2015-10-21 06:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-29 18:21 - 2015-10-21 06:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-29 18:21 - 2015-10-21 06:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-29 18:21 - 2015-10-21 06:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-29 18:21 - 2015-10-21 06:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-29 18:21 - 2015-10-21 06:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-29 18:21 - 2015-10-21 06:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-29 18:21 - 2015-10-21 06:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-29 18:21 - 2015-10-21 06:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-29 18:21 - 2015-10-21 06:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-29 18:21 - 2015-10-21 06:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-29 18:21 - 2015-10-21 06:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-29 18:21 - 2015-10-21 06:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-29 18:21 - 2015-10-21 00:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-29 18:21 - 2015-10-21 00:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-29 18:21 - 2015-10-21 00:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-29 18:21 - 2015-10-21 00:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-29 18:21 - 2015-10-21 00:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-29 18:21 - 2015-10-21 00:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-29 18:21 - 2015-10-20 23:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-29 18:21 - 2015-10-20 23:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-29 18:21 - 2015-10-20 23:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-26 16:06 - 2015-10-26 16:07 - 03337761 _____ C:\Users\MIKE\Downloads\forge-1.7.10-10.13.4.1517-1.7.10-installer-win (1).exe
2015-10-23 18:41 - 2015-10-23 18:41 - 00000000 ____D C:\Users\MIKE\Documents\Wizards of the Coast
2015-10-23 18:38 - 2008-10-15 05:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-10-23 18:38 - 2008-10-15 05:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2015-10-23 18:38 - 2008-10-15 05:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-10-23 18:38 - 2008-10-15 05:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-10-23 18:38 - 2008-10-15 05:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-10-23 18:38 - 2008-10-15 05:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-10-23 18:35 - 2015-10-23 18:35 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-22 14:17 - 2015-10-22 14:17 - 00000330 _____ C:\WINDOWS\srtpoq.xml
2015-10-18 20:26 - 2015-10-18 20:26 - 00000000 ____D C:\Users\MIKE\AppData\Local\Microsoft_Corporation
2015-10-18 18:47 - 2015-10-18 18:47 - 00184951 _____ C:\Users\MIKE\Desktop\Guide-API-1.7.10-1.0.1-20.jar
2015-10-13 19:09 - 2015-10-05 22:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-13 19:09 - 2015-09-24 22:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-13 19:09 - 2015-09-24 22:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-13 19:09 - 2015-09-24 22:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-13 19:09 - 2015-09-24 21:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-13 19:08 - 2015-10-10 02:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-13 19:08 - 2015-10-05 21:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-13 19:08 - 2015-09-30 23:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-13 19:08 - 2015-09-30 23:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-13 19:08 - 2015-09-30 23:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-13 19:08 - 2015-09-30 23:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-13 19:08 - 2015-09-30 23:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-13 19:08 - 2015-09-30 22:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-13 19:08 - 2015-09-24 23:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-13 19:08 - 2015-09-24 23:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-13 19:08 - 2015-09-24 22:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-13 19:08 - 2015-09-24 22:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-13 19:08 - 2015-09-24 22:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-13 19:08 - 2015-09-24 22:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-13 19:08 - 2015-09-24 22:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-13 19:08 - 2015-09-24 22:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-13 19:08 - 2015-09-24 22:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-13 19:08 - 2015-09-24 22:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-13 19:08 - 2015-09-24 22:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-13 19:08 - 2015-09-24 22:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-13 19:08 - 2015-09-24 22:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-13 19:08 - 2015-09-24 22:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:08 - 2015-09-24 22:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-13 19:08 - 2015-09-24 22:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-13 19:08 - 2015-09-24 22:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-13 19:08 - 2015-09-24 22:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-13 19:08 - 2015-09-24 22:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-13 19:08 - 2015-09-24 22:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-13 19:08 - 2015-09-24 21:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-13 19:08 - 2015-09-24 21:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-13 19:08 - 2015-09-24 21:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-13 19:08 - 2015-09-24 21:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-13 19:08 - 2015-09-24 21:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-13 19:08 - 2015-09-24 21:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-13 19:08 - 2015-09-24 21:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-13 19:08 - 2015-09-24 21:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-13 19:08 - 2015-09-24 21:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-13 19:08 - 2015-09-24 21:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-13 19:08 - 2015-09-24 21:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-13 19:08 - 2015-09-24 21:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-13 19:08 - 2015-09-24 21:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-13 19:08 - 2015-09-24 21:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-13 19:08 - 2015-09-24 21:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-13 19:08 - 2015-09-24 21:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:08 - 2015-09-24 21:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-13 19:08 - 2015-09-24 21:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-13 19:08 - 2015-09-24 21:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-13 19:08 - 2015-09-24 21:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-13 19:08 - 2015-09-24 21:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-13 19:08 - 2015-09-24 21:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-13 19:08 - 2015-09-24 21:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-13 19:08 - 2015-09-24 21:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-13 19:08 - 2015-09-24 21:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-08 18:42 - 2015-10-26 16:07 - 00003836 _____ C:\Users\MIKE\Downloads\forge-1.7.10-10.13.4.1517-1.7.10-installer-win.exe.log
2015-10-08 18:41 - 2015-10-08 18:42 - 03337761 _____ C:\Users\MIKE\Downloads\forge-1.7.10-10.13.4.1517-1.7.10-installer-win.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-06 19:41 - 2014-12-26 13:57 - 00000000 ____D C:\Users\MIKE\Documents\ProPCCleaner
2015-11-06 19:41 - 2013-12-25 17:37 - 00000000 ____D C:\Users\MIKE\Documents\Youcam
2015-11-06 19:40 - 2015-07-29 17:49 - 00969890 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-06 19:40 - 2015-04-04 15:49 - 00003530 _____ C:\WINDOWS\System32\Tasks\ProPCCleaner_Popup
2015-11-06 19:38 - 2015-07-17 13:10 - 00000000 ____D C:\Users\MIKE\AppData\Roaming\Skype
2015-11-06 19:37 - 2015-07-17 13:09 - 00000000 ____D C:\ProgramData\Skype
2015-11-06 19:37 - 2014-03-28 21:48 - 00000000 __RDO C:\Users\MIKE\SkyDrive
2015-11-06 19:36 - 2015-08-16 18:31 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-06 19:34 - 2015-07-29 19:56 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-11-06 19:33 - 2015-07-10 07:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-06 19:33 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-06 19:33 - 2015-01-24 23:13 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-06 19:32 - 2015-07-29 17:42 - 00014842 _____ C:\WINDOWS\PFRO.log
2015-11-06 19:23 - 2013-12-25 11:24 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{232427B2-D520-4389-91AB-2B5689B5AB9E}
2015-11-06 19:22 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-06 15:44 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-06 13:39 - 2013-12-25 19:12 - 00000000 ____D C:\Users\MIKE\AppData\Roaming\.minecraft
2015-11-06 11:03 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-11-05 22:31 - 2015-07-29 17:45 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-11-05 22:31 - 2015-07-29 17:45 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-11-05 22:31 - 2015-07-10 23:51 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-11-05 22:31 - 2015-07-10 23:51 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-11-05 22:31 - 2015-07-10 23:51 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-11-05 22:31 - 2015-07-10 23:51 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-11-05 22:31 - 2015-07-10 23:50 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-11-05 22:31 - 2015-07-10 23:49 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-11-05 22:31 - 2015-07-10 23:49 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-11-05 22:31 - 2015-07-10 23:49 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-11-05 22:31 - 2015-07-10 23:46 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-11-05 22:31 - 2015-07-10 23:46 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-11-05 22:31 - 2015-07-10 23:46 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-11-05 22:31 - 2015-07-10 23:46 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-11-05 22:30 - 2015-07-10 23:49 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-11-05 22:30 - 2015-07-10 23:49 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-11-05 15:41 - 2013-12-26 16:57 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-11-03 06:56 - 2015-07-29 20:13 - 00002375 _____ C:\Users\MIKE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-02 18:05 - 2015-09-15 21:08 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-01 19:53 - 2015-07-29 17:50 - 00000000 ____D C:\Users\MIKE
2015-11-01 19:52 - 2015-07-10 04:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-11-01 19:50 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-01 09:27 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-31 18:49 - 2014-03-31 18:11 - 00000000 ____D C:\Users\MIKE\AppData\Roaming\Apple Computer
2015-10-31 18:49 - 2014-03-31 18:11 - 00000000 ____D C:\Users\MIKE\AppData\Local\Apple Computer
2015-10-31 18:43 - 2014-03-31 18:07 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-27 15:55 - 2015-08-17 15:57 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-23 18:37 - 2013-06-01 13:31 - 00027470 _____ C:\WINDOWS\DirectX.log
2015-10-23 16:40 - 2015-09-28 17:04 - 00000000 ____D C:\Users\MIKE\Desktop\steam
2015-10-23 16:35 - 2015-08-16 18:43 - 00000000 ____D C:\Users\MIKE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-22 14:15 - 2015-05-19 16:21 - 00003520 _____ C:\WINDOWS\System32\Tasks\Maunofhuwon
2015-10-19 16:56 - 2015-07-11 20:58 - 00000000 ____D C:\Users\MIKE\AppData\Roaming\Ikara Software Limited
2015-10-18 08:37 - 2013-12-26 20:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-18 08:31 - 2013-12-26 20:49 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-17 15:31 - 2014-05-01 17:05 - 00000000 ____D C:\Users\MIKE\AppData\Local\Websteroids
2015-10-16 03:09 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-16 02:31 - 2015-07-10 06:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-16 02:31 - 2015-07-10 06:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-16 02:31 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-16 02:31 - 2015-07-10 06:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-16 02:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-16 02:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-16 02:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-16 02:31 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-15 22:10 - 2015-07-10 06:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-15 22:10 - 2015-07-10 06:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 18:21 - 2015-07-17 13:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-08 18:38 - 2014-12-16 19:38 - 00000000 ____D C:\Users\MIKE\Desktop\modpack
2015-10-08 14:19 - 2015-08-16 18:34 - 00000000 ____D C:\Users\MIKE\AppData\Local\Steam
 
==================== Files in the root of some directories =======
 
2014-12-26 13:59 - 2014-12-26 13:59 - 0000064 _____ () C:\Users\MIKE\AppData\Local\f9cd7331789a8d691e6e440ec7a2e92e
2014-04-15 20:12 - 2015-08-24 07:45 - 0007598 _____ () C:\Users\MIKE\AppData\Local\resmon.resmoncfg
2015-04-04 09:06 - 2015-04-04 09:06 - 0000000 _____ () C:\Users\MIKE\AppData\Local\{061502B1-3F95-454C-B7C1-CCFB7EE35865}
 
Some files in TEMP:
====================
C:\Users\MIKE\AppData\Local\Temp\Extract.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-31 20:44
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-11-2015
Ran by Conner (2015-11-06 19:49:34)
Running from C:\Users\MIKE\Desktop
Windows 10 Home (X64) (2015-07-30 00:56:18)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2606864514-3428416984-990069431-500 - Administrator - Disabled)
Conner (S-1-5-21-2606864514-3428416984-990069431-1001 - Administrator - Enabled) => C:\Users\MIKE
DefaultAccount (S-1-5-21-2606864514-3428416984-990069431-503 - Limited - Disabled)
Guest (S-1-5-21-2606864514-3428416984-990069431-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-2606864514-3428416984-990069431-1006 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.6.7225 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.4928 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.9.5009 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
EPSON XP-300 Series Printer Uninstall (HKLM\...\EPSON XP-300 Series) (Version:  - SEIKO EPSON Corporation)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
HP Documentation (HKLM-x32\...\{8C1ADF61-4F87-44BC-804C-C20FC70D98BB}) (Version: 1.4.0.0 - Hewlett-Packard)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.)
InstallConverter (x32 Version: 1.0 - InstallConverter) Hidden
InstallConverter bundle uninstaller (HKLM-x32\...\InstallConverter bundle uninstaller) (Version: 2.0.0.5 - InstallConverter)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Java SE Development Kit 7 Update 71 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Duels (HKLM-x32\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
PC Fix Speed 1.2.0.42 (x32 Version: 1.2.0.42 - Crawler, LLC) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pixelmon Launcher (HKLM-x32\...\Pixelmon Launcher 1.1.31) (Version: 1.1.31 - Ikara Software Limited)
Pixelmon Launcher (x32 Version: 1.1.31 - Ikara Software Limited) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pro PC Cleaner (HKLM-x32\...\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}) (Version: 2.5.5 - Pro PC Cleaner) <==== ATTENTION
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.29053 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TheSkyX First Light Edition version 10.2.0 Build 6408 (HKLM-x32\...\TheSkyX First Light for Windows_is1) (Version: 10.2.0 Build 6408 - )
Unity Web Player (HKU\S-1-5-21-2606864514-3428416984-990069431-1001\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
WinCheck (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - WinCheck) <==== ATTENTION
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2606864514-3428416984-990069431-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\MIKE\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2606864514-3428416984-990069431-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points =========================
 
22-10-2015 14:16:34 Chrome Cleanup Tool
23-10-2015 18:34:36 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
23-10-2015 18:35:38 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
23-10-2015 18:36:07 Installed DirectX
01-11-2015 09:20:07 Windows Update
05-11-2015 22:29:39 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {075751CE-4599-48CE-BDB6-DCC14A9AB791} - System32\Tasks\Maunofhuwon => C:\ProgramData\Maunofhuwon\1.0.1.0\iihubuag.exe <==== ATTENTION
Task: {1195E1DE-4072-45DB-8618-2118867CE877} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {187555F7-C281-43CE-BF7C-A8E47D637012} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1A80DF73-1B6A-42AA-822D-C4711AADFEB6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-10-20] (Hewlett-Packard)
Task: {2FBFAE73-9D10-4583-851C-7FEBC272C59B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {35221F14-8E1F-4A96-AD33-626D4F51848D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {4D81BFDF-8EE8-4E11-B547-9256BCD29840} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4E65B987-A7FC-4190-9399-92BD448AE8D1} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {568A26D8-7DA9-4466-B995-B5284BEDAB06} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5A99A500-2979-4210-8E2A-FC129FD6B492} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-10-20] (Hewlett-Packard)
Task: {61EB0E8E-5D76-4F10-B1EC-FB9678EE34A8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {64B44DEB-95E6-48D0-90E7-59EBAAAB83AB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-27] (Microsoft Corporation)
Task: {673AA5F1-D65F-48F2-803F-7E6FE72E96C6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-18] (Microsoft Corporation)
Task: {6E031EC9-E59B-43EC-9C4D-00092582C99F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {6E52BA74-BFEC-4A20-821B-4BF5BB7B82ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {90AA2CE8-471B-4410-8B94-7B5C3FBE916D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {923CAF56-264E-4D3A-AC45-DEC7EF7B0214} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9C865CD9-A612-4086-B8C8-20EE6A0B7747} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A0BA3A7F-9256-404F-9283-641FB29983E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A34C6C58-E88A-49DE-BFA0-04A56CDE4819} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B4950733-324E-406F-AE61-AFB041398CBF} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-17] (Synaptics Incorporated)
Task: {CAA1059E-117C-4632-BA58-FC16248E7DE2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D50430EB-3FC7-45AF-AD4F-93BA71F820B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {DAD5ECFB-C66C-4E97-9450-E8C78E1511BD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {DC79D746-374C-4AD2-B461-BC0C67DBB1B3} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe [2014-08-21] (Pro PC Cleaner) <==== ATTENTION
Task: {EF505096-1A37-4F82-881E-377BC119452A} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2015-02-11] (CyberLink Corp.)
Task: {F0C7122F-C688-459B-84E1-2AAA7D000505} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-06-24] (Realtek Semiconductor)
Task: {F663D52E-35F6-472C-803A-17D1D7B6E651} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {F72E820F-F3A5-443A-807B-7669FFA6C6FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {FA1468C7-2D9C-4D21-A529-18AB2A05FF43} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe [2014-08-21] () <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForConner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-07-10 06:00 - 2015-07-10 06:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-07-29 21:34 - 2015-07-29 21:34 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-19 13:43 - 2015-08-11 04:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-25 07:37 - 2015-10-07 18:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-09-30 20:16 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-12-26 13:47 - 2014-12-26 13:47 - 00529408 _____ () C:\Users\MIKE\AppData\Local\wincheck\wincheck.exe
2015-09-30 20:16 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-27 15:54 - 2015-09-01 11:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-09-30 20:15 - 2015-09-17 00:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 05:59 - 2015-07-10 05:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-09-30 20:16 - 2015-09-17 00:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-09-30 20:14 - 2015-09-17 00:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-30 20:14 - 2015-09-17 00:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 20:16 - 2015-09-17 00:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 06:00 - 2015-07-10 08:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-19 13:43 - 2015-08-11 04:57 - 02641760 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-10-13 04:46 - 2015-10-13 04:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-23 13:46 - 2015-10-20 09:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-23 13:46 - 2015-10-20 09:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
2015-08-25 07:42 - 2015-08-25 07:42 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-01-14 02:10 - 2014-01-14 02:10 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-08-25 07:37 - 2015-08-25 07:37 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\0f937d3fe5f84657893737f51af0c1e9:Win32App
AlternateDataStreams: C:\5387046297f1cf8b4c4eaea8:Win32App
AlternateDataStreams: C:\58ec50f2259d21d24d:Win32App
AlternateDataStreams: C:\5aca73d3da7d335f4573b8:Win32App
AlternateDataStreams: C:\66d39c2e044a8b29a4e18f44c12298:Win32App
AlternateDataStreams: C:\705f7252cd437fccf0:Win32App
AlternateDataStreams: C:\970f2d4fd258fdfb925aefb8b348849a:Win32App
AlternateDataStreams: C:\ebfbfe91264ddf6fbd592819:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Office 15:Win32App
AlternateDataStreams: C:\Program Files (x86)\Hewlett-Packard:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App
AlternateDataStreams: C:\Program Files (x86)\PCFixSpeed:Win32App
AlternateDataStreams: C:\Program Files (x86)\Pixelmon Launcher:Win32App
AlternateDataStreams: C:\Program Files (x86)\Pro PC Cleaner:Win32App
AlternateDataStreams: C:\Program Files (x86)\Qualcomm Atheros:Win32App
AlternateDataStreams: C:\Program Files (x86)\QuickTime:Win32App
AlternateDataStreams: C:\Program Files (x86)\WildGames:Win32App
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App
AlternateDataStreams: C:\WINDOWS\My Product Name:Win32App
AlternateDataStreams: C:\WINDOWS\SysWOW64\Adobe:Win32App
AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App
AlternateDataStreams: C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}:Win32App
AlternateDataStreams: C:\Users\MIKE\AppData\Local\Temp:Win32App
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MIKE\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "PCFixSpeed"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{00CB9691-BC52-4FB4-90EB-2C2F7994F7BD}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{651C0E9B-BDBA-4CC7-8066-6DE330207A60}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{63051CA4-7495-4582-8E24-028C9B537BBA}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{A322AFBD-7DB6-47AA-AF03-1EBB2BB502D2}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{88C94094-02D4-425F-8C46-78A71294C878}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{B091C1E9-4D4B-4D0E-A24A-D8DFE43F9EE4}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{0547FF5A-F401-4096-A84A-DEA54104BE65}] => (Allow) C:\Program Files (x86)\Cyti Web\bin\CytiWeb.BRT.Helper.exe
FirewallRules: [{D52E7DFA-2526-47B6-B15B-119FB646ED2A}] => (Allow) C:\Program Files (x86)\Cyti Web\bin\CytiWeb.BRT.Helper.exe
FirewallRules: [{94C7AE91-21B9-45DA-A604-907B052E6C69}] => (Allow) C:\Program Files (x86)\Cyti Web\bin\CytiWeb.BRT.Helper.exe
FirewallRules: [{782B8A08-6170-491A-900E-66F2BF09477D}] => (Allow) C:\Program Files (x86)\Cyti Web\bin\CytiWeb.BRT.Helper.exe
FirewallRules: [{F4A047ED-D0A1-4237-B919-799CD219EEDD}] => (Allow) C:\ProgramData\zoomify_29\1.1.0.29\cozaghost.exe
FirewallRules: [{1F2DBFA1-7B20-4A4C-A04C-6F250C3D746F}] => (Allow) C:\ProgramData\zoomify_29\1.1.0.29\cozaghost.exe
FirewallRules: [{95B0F7CA-D030-4AEB-A9A3-A2C9DE8887F3}] => (Allow) C:\ProgramData\zoomify_29\1.1.0.29\cozaghost.exe
FirewallRules: [{7F0D2E9D-B1D3-4957-BFBC-60EEF5A1B694}] => (Allow) C:\ProgramData\zoomify_29\1.1.0.29\cozaghost.exe
FirewallRules: [{3A283DC3-B184-44F0-B130-8290D89FAE41}] => (Allow) C:\ProgramData\zoomify_29\1.1.0.29\cozaghost.exe
FirewallRules: [UDP Query User{2B65BE89-A04E-4820-BE72-BBE552C40A2E}C:\program files\java\jdk1.7.0_71\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.7.0_71\bin\jmc.exe
FirewallRules: [TCP Query User{2C37C849-6EEE-4425-B705-B4D155D4A59D}C:\program files\java\jdk1.7.0_71\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.7.0_71\bin\jmc.exe
FirewallRules: [UDP Query User{3E44F4C0-8E00-45BE-9A60-B769076BDA78}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{0696ABB3-94BF-41C9-A4C8-A74497EE9059}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{22A78255-8E78-4360-AB54-E96E527D09D0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{5E4FC588-0EDD-447A-8BD7-40FA346A89F2}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F3799C4B-DAF6-4DD2-967B-70667A3C6ABC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{65E73C5D-6ACF-4FDA-A371-2DB4E9E75BBB}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{E68015CF-5829-4700-80AF-BA4DDD77B6FA}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{5389A86D-2D46-4BA1-B575-CB4C06CDB816}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{B0189463-6E48-4928-B050-E01DD9280AA3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{310B24E6-CFD5-4539-B841-CF9D099E8698}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{0491CE60-41EE-437A-839F-32953383DCD2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{629EF6D3-C3C9-4F66-B702-A2ADDCE2ED1B}] => (Allow) LPort=2869
FirewallRules: [{A5FC0A6B-8903-4014-878E-404FABD8F97B}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{B25B3EBD-DDDF-45FB-A135-A9FB934CAE87}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D9878B79-1FF8-479F-A443-95247C76E2D9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F211FB15-8500-4E59-89A4-DFF74B9D4B2F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4F0C5BFB-F86F-432F-ABA9-F728EE8DA2D9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DDC3A1B-0EF9-4832-9355-6EB39E0E1637}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E653AB73-A1A6-4FEF-83D3-8D3A8A2E09C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8CD9E9A8-C849-4FBA-871A-2857A65AB2AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{000BDEF1-9CD9-48EF-AE55-56AC9AF77E04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{ABDE2FA9-FDE1-44D9-BE6C-758606A8C7A8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{2DAE679E-AD8D-4CAC-B22C-D4AD40B87E77}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{E71311D1-BB93-4117-8306-330121DB1C53}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{E5FADFAD-36F9-40B1-9E07-86099BFADE3D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AC228AD3-192B-4D59-8EE5-7214403CCA37}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{22489D6F-AD93-4966-AAB5-4CE70081F055}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F8F52BD3-CCD2-4BE3-A37A-1A9B54C338C1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7AE9DA0E-E783-4CAD-BC8A-C93F010722CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{18042848-E152-487C-AD16-091B6941696A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{2AB7BC32-0729-4CB5-B820-07E607F82B2D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A871EA6A-5645-4D1D-B402-633D880E48B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{78432386-F368-4476-8655-8E6AB4C2F1E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{B2021688-CCDB-4503-B7C3-31284FECFF29}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F94F4FC2-377E-464E-999D-519D18438E4A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/06/2015 07:39:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CONNER)
Description: Activation of app Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/06/2015 07:30:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CONNER)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/06/2015 07:30:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CONNER)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/06/2015 07:30:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CONNER)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/06/2015 04:36:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CONNER)
Description: Activation of app Microsoft.WindowsFeedback_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/06/2015 04:26:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 109063
 
Error: (11/06/2015 04:26:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 109063
 
Error: (11/06/2015 04:26:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/06/2015 04:26:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 107360
 
Error: (11/06/2015 04:26:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 107360
 
 
System errors:
=============
Error: (11/06/2015 07:37:54 PM) (Source: DCOM) (EventID: 10010) (User: CONNER)
Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}
 
Error: (11/06/2015 07:37:18 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
 
Error: (11/06/2015 07:35:57 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
 
Error: (11/06/2015 07:35:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 07:35:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 07:35:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 07:35:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 07:35:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 07:35:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (11/06/2015 07:35:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
 
CodeIntegrity:
===================================
  Date: 2015-11-06 19:48:25.428
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-06 19:48:25.282
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-02 04:06:09.460
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-02 04:06:09.266
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-02 04:06:05.018
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-02 04:06:04.477
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-02 04:03:57.409
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-02 04:03:57.218
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-02 04:03:53.728
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-02 04:03:50.173
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 55%
Total physical RAM: 3985.27 MB
Available physical RAM: 1792.69 MB
Total Virtual: 5841.27 MB
Available Virtual: 3449.25 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:441.77 GB) (Free:331.36 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:22.03 GB) (Free:2.19 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1E1F4777)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

I'm currently reviewing your logs.

Joe
  • 0

#3
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hello,

First
Please remove these 2 programs from your programs an features list, Start > Control panel > Programs an features. In the list find the program listed below and uninstall them.
  • Wincheck
  • Pro PC Cleaner
    If a program will not remove skip it and keep following instructions please.

    Next
    Download the enclosed Attached File  fixlist.txt   4.82KB   146 downloads Save it in the location FRST64 is (Your Desktop.) Run FRST64 and click on the Fix button. Wait until finished.
    The tool will make a log in the location FRST64 is, (Fixlog.txt). Please post it to your reply.

    Thanks
    Joe

  • 0

#4
connerYule

connerYule

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Sorry but just put the the fixline on my desktop?


  • 0

#5
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
OK,

Fixlist on desktop is good,

Now open FRST
frst.JPG
and click on fix.

Then post Fixlog.txt
  • 0

#6
connerYule

connerYule

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Fix result of Farbar Recovery Scan Tool (x64) Version:05-11-2015
Ran by Conner (2015-11-07 23:23:04) Run:1
Running from C:\Users\MIKE\Desktop
Loaded Profiles: Conner (Available Profiles: Conner & Guest)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [PCFixSpeed] => "C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe" /startup
HKLM-x32\...\Run: [WinCheck] => C:\Users\MIKE\AppData\Local\wincheck\wincheck.exe [529408 2014-12-26] ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=BDT3&ocid=BDT3DHP
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/SK2M_FRPage
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://search.conduit.com/?gd=&ctid=CT3319613&octid=EB_ORIGINAL_CTID&ISID=M7AF3CB0D-C160-4F3E-949B-0BC650B2FB20&SearchSource=55&CUI=&UM=5&UP=SPDA6AA57B-2BE6-4BA2-96E1-8DF2CB1F072C&SSPV=
SearchScopes: HKLM -> {642C7DEF-F70A-4866-8943-657403176A37} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {642C7DEF-F70A-4866-8943-657403176A37} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-2606864514-3428416984-990069431-1001 -> {0F9D0265-3BCD-4481-A866-843D0E73C062} URL = hxxp://www.search.ask.com/web?tpid=ORJ-V7-SAT&o=APN11460&pf=V7&p2=%5EBE6%5EOSJ000%5EYY%5EUS&gct=&itbv=12.10.6.53&apn_uid=085BDFC2-1643-488A-A8BA-FECBCD3BF215&apn_ptnrs=BE6&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=ie_11.0.9600.16518&doi=2014-04-16&trgb=IE&q={searchTerms}&psv=
SearchScopes: HKU\S-1-5-21-2606864514-3428416984-990069431-1001 -> {642C7DEF-F70A-4866-8943-657403176A37} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} 
SearchScopes: HKU\S-1-5-21-2606864514-3428416984-990069431-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: No Name -> {4F524A2D-5637-2D53-4154-7A786E7484D7} -> No File
BHO: No Name -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> No File
Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-2606864514-3428416984-990069431-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
2015-11-06 19:41 - 2014-12-26 13:57 - 00000000 ____D C:\Users\MIKE\Documents\ProPCCleaner
Task: {FA1468C7-2D9C-4D21-A529-18AB2A05FF43} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe [2014-08-21] () <==== ATTENTION
C:\Program Files (x86)\Pro PC Cleaner
AlternateDataStreams: C:\0f937d3fe5f84657893737f51af0c1e9:Win32App
AlternateDataStreams: C:\5387046297f1cf8b4c4eaea8:Win32App
AlternateDataStreams: C:\58ec50f2259d21d24d:Win32App
AlternateDataStreams: C:\5aca73d3da7d335f4573b8:Win32App
AlternateDataStreams: C:\66d39c2e044a8b29a4e18f44c12298:Win32App
AlternateDataStreams: C:\705f7252cd437fccf0:Win32App
AlternateDataStreams: C:\970f2d4fd258fdfb925aefb8b348849a:Win32App
AlternateDataStreams: C:\ebfbfe91264ddf6fbd592819:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Office 15:Win32App
AlternateDataStreams: C:\Program Files (x86)\Hewlett-Packard:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App
AlternateDataStreams: C:\Program Files (x86)\PCFixSpeed:Win32App
AlternateDataStreams: C:\Program Files (x86)\Pixelmon Launcher:Win32App
AlternateDataStreams: C:\Program Files (x86)\Pro PC Cleaner:Win32App
AlternateDataStreams: C:\Program Files (x86)\Qualcomm Atheros:Win32App
AlternateDataStreams: C:\Program Files (x86)\QuickTime:Win32App
AlternateDataStreams: C:\Program Files (x86)\WildGames:Win32App
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App
AlternateDataStreams: C:\WINDOWS\My Product Name:Win32App
AlternateDataStreams: C:\WINDOWS\SysWOW64\Adobe:Win32App
AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App
AlternateDataStreams: C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}:Win32App
AlternateDataStreams: C:\Users\MIKE\AppData\Local\Temp:Win32App
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
hosts:
Emptytemp:
 
*****************
 
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PCFixSpeed => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinCheck => value not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value removed successfully
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Microsoft\Internet Explorer\Main\\First Home Page => value removed successfully
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{642C7DEF-F70A-4866-8943-657403176A37}" => key removed successfully
HKCR\CLSID\{642C7DEF-F70A-4866-8943-657403176A37} => key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => key removed successfully
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{642C7DEF-F70A-4866-8943-657403176A37}" => key removed successfully
HKCR\Wow6432Node\CLSID\{642C7DEF-F70A-4866-8943-657403176A37} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => key removed successfully
HKCR\Wow6432Node\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => key not found. 
"HKU\S-1-5-21-2606864514-3428416984-990069431-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0F9D0265-3BCD-4481-A866-843D0E73C062}" => key removed successfully
HKCR\CLSID\{0F9D0265-3BCD-4481-A866-843D0E73C062} => key not found. 
"HKU\S-1-5-21-2606864514-3428416984-990069431-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{642C7DEF-F70A-4866-8943-657403176A37}" => key removed successfully
HKCR\CLSID\{642C7DEF-F70A-4866-8943-657403176A37} => key not found. 
"HKU\S-1-5-21-2606864514-3428416984-990069431-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => key removed successfully
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-2D53-4154-7A786E7484D7}" => key removed successfully
HKCR\CLSID\{4F524A2D-5637-2D53-4154-7A786E7484D7} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}" => key removed successfully
HKCR\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\Wow6432Node\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found. 
HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found. 
C:\Users\MIKE\Documents\ProPCCleaner => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA1468C7-2D9C-4D21-A529-18AB2A05FF43}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA1468C7-2D9C-4D21-A529-18AB2A05FF43}" => key removed successfully
C:\WINDOWS\System32\Tasks\ProPCCleaner_Popup => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Popup" => key removed successfully
C:\Program Files (x86)\Pro PC Cleaner => moved successfully
C:\0f937d3fe5f84657893737f51af0c1e9 => ":Win32App" ADS removed successfully.
C:\5387046297f1cf8b4c4eaea8 => ":Win32App" ADS removed successfully.
C:\58ec50f2259d21d24d => ":Win32App" ADS removed successfully.
C:\5aca73d3da7d335f4573b8 => ":Win32App" ADS removed successfully.
C:\66d39c2e044a8b29a4e18f44c12298 => ":Win32App" ADS removed successfully.
C:\705f7252cd437fccf0 => ":Win32App" ADS removed successfully.
C:\970f2d4fd258fdfb925aefb8b348849a => ":Win32App" ADS removed successfully.
C:\ebfbfe91264ddf6fbd592819 => ":Win32App" ADS removed successfully.
C:\Program Files\Microsoft Office 15 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Hewlett-Packard => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Microsoft SQL Server Compact Edition => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\PCFixSpeed => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Pixelmon Launcher => ":Win32App" ADS removed successfully.
"C:\Program Files (x86)\Pro PC Cleaner" => ":Win32App" ADS not found.
C:\Program Files (x86)\Qualcomm Atheros => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\QuickTime => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\WildGames => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Windows Live => ":Win32App" ADS removed successfully.
C:\WINDOWS\My Product Name => ":Win32App" ADS removed successfully.
C:\WINDOWS\SysWOW64\Adobe => ":Win32App" ADS removed successfully.
C:\ProgramData\regid.1991-06.com.microsoft => ":Win32App" ADS removed successfully.
C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} => ":Win32App" ADS removed successfully.
C:\Users\MIKE\AppData\Local\Temp => ":Win32App" ADS removed successfully.
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.8.10240 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 661.9 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 23:24:23 ====

  • 0

#7
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Very good!

Two adware scans we need to run, instructions to follow;

Next

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the logfile button and the log will open in Notepad.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • The report will be saved in the C:\AdwCleaner folder.
    Next

    Please download Junkware Removal Tool to your Desktop.
    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    In your next reply post;
  • The AdwCleaner [SO].txt Log
  • The JRT.txt Log

    Thanks
    Joe :)

  • 0

#8
connerYule

connerYule

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

For the junkware tool which one do I get @bleepingcomputer or @Author's site?


  • 0

#9
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Bleeping computer.
  • 0

#10
connerYule

connerYule

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

It opened a black box that says press any key do I do that.


  • 0

Advertisements


#11
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Yes, follow all that it tells you.
  • 0

#12
connerYule

connerYule

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 10 Home x64
Ran by Conner on Sun 11/08/2015 at  0:02:08.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully deleted: [Service] {14d0f170-74e0-4cbf-843b-3db832216c50}Gw64 [Reboot required]
Successfully deleted: [Service] {72046701-0cbb-49f5-bb97-c718dc285f35}Gw64 [Reboot required]
Successfully deleted: [Service] {7b7db604-54eb-492b-a629-19e0f0c6ac57}Gw64 [Reboot required]
Successfully deleted: [Service] {eacdcf9d-1414-4d83-9a1b-eda2e6df739c}Gw64 [Reboot required]
 
 
 
~~~ Tasks
 
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\ProPCCleaner_Start
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_7D248BA95DA1082B294F0DB4B3AC73E4
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\MIKE\Appdata\Local\f9cd7331789a8d691e6e440ec7a2e92e
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pro pc cleaner
Successfully deleted: [Folder] C:\ProgramData\radio
Successfully deleted: [Folder] C:\Users\MIKE\Appdata\Local\pro_pc_cleaner
Successfully deleted: [Folder] C:\Users\MIKE\AppData\Roaming\pro pc cleaner
 
 
 
~~~ Chrome
 
 
[C:\Users\MIKE\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\MIKE\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\MIKE\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\MIKE\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 11/08/2015 at  0:05:23.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
# AdwCleaner v5.018 - Logfile created 07/11/2015 at 23:41:22
# Updated 05/11/2015 by Xplode
# Database : 2015-11-03.2 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Conner - CONNER
# Running from : C:\Users\MIKE\Desktop\adwcleaner_5.018.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files (x86)\PCFixSpeed
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Browser
[-] Folder Deleted : C:\ProgramData\PCFixSpeed
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix Speed
[-] Folder Deleted : C:\Users\MIKE\AppData\Local\Websteroids
[!] Folder Not Deleted : C:\Users\MIKE\AppData\Local\Websteroids
[-] Folder Deleted : C:\Users\MIKE\AppData\Roaming\PCFixSpeed
[!] Folder Not Deleted : C:\Users\MIKE\AppData\Roaming\PCFixSpeed
[-] Folder Deleted : C:\Users\MIKE\Desktop\ftb
[!] Folder Not Deleted : C:\Users\MIKE\Desktop\ftb
 
***** [ Files ] *****
 
[-] File Deleted : C:\END
[-] File Deleted : C:\WINDOWS\shost.bin
[-] File Deleted : C:\WINDOWS\SysNative\drivers\{14d0f170-74e0-4cbf-843b-3db832216c50}Gw64.sys
[-] File Deleted : C:\WINDOWS\SysNative\drivers\{72046701-0cbb-49f5-bb97-c718dc285f35}Gw64.sys
[-] File Deleted : C:\WINDOWS\SysNative\drivers\{7b7db604-54eb-492b-a629-19e0f0c6ac57}Gw64.sys
[-] File Deleted : C:\WINDOWS\SysNative\drivers\{eacdcf9d-1414-4d83-9a1b-eda2e6df739c}Gw64.sys
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter bundle uninstaller\InstallConverter bundle uninstaller.lnk
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-4300-76A7-7A786E7484D7}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5637-4300-76A7-7A786E7484D7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\PCFixSpeed
[-] Key Deleted : HKCU\Software\Browser
[-] Key Deleted : HKCU\Software\OB
[-] Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
[-] Key Deleted : HKCU\Software\AppDataLow\Software\zoomify
[-] Key Deleted : HKLM\SOFTWARE\SpeedBrowser
[-] Key Deleted : HKLM\SOFTWARE\SPPDCOM
[-] Key Deleted : HKLM\SOFTWARE\PCFixSpeed
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F7B34B38-02A6-44D5-B8CC-06EB3B8ACFC9}_is1
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\PCTechHotline
[-] Key Deleted : HKU\.DEFAULT\Software\Browser
[!] Key Not Deleted : HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\PCFixSpeed
[!] Key Not Deleted : HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\Browser
[!] Key Not Deleted : HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\OB
[!] Key Not Deleted : HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\AppDataLow\Software\DynConIE
[!] Key Not Deleted : HKU\S-1-5-21-2606864514-3428416984-990069431-1001\Software\AppDataLow\Software\zoomify
[!] Key Not Deleted : HKU\S-1-5-18\Software\AskPartnerNetwork
[!] Key Not Deleted : HKU\S-1-5-18\Software\PCTechHotline
[!] Key Not Deleted : HKU\S-1-5-18\Software\Browser
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\4270603C7CA6FEB45B61F4B6D10988D7
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\4270603C7CA6FEB45B61F4B6D10988D7
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4270603C7CA6FEB45B61F4B6D10988D7
 
***** [ Web browsers ] *****
 
[-] [C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.search.ask.com/?tpid=ORJ-V7C&o=APN11405&pf=V7&trgb=IE&p2=%5EBBD%5EOSJ000%5EYY%5EUS&gct=hp&apn_ptnrs=BBD&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=ie_10.0.9200.16482&apn_uid=EDD1CCF6-404F-47E2-A7E8-F637EEDF0BE0&itbv=12.7.0.15&doi=2013-12-26&psv=&pt=tb
[-] [C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : pljcgbedjplidkdjahbaalanadmjfgop
[-] [C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.search.ask.com/?tpid=ORJ-V7C&o=APN11405&pf=V7&trgb=IE&p2=%5EBBD%5EOSJ000%5EYY%5EUS&gct=hp&apn_ptnrs=BBD&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=ie_10.0.9200.16482&apn_uid=EDD1CCF6-404F-47E2-A7E8-F637EEDF0BE0&itbv=12.7.0.15&doi=2013-12-26&psv=&pt=tb
[-] [C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\MIKE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : pljcgbedjplidkdjahbaalanadmjfgop
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6694 bytes] ##########
 

  • 0

#13
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
We should run a Malwarebytes scan now, it will take a while, 20 mins or so....
 
  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that that all Threats are selected, and click Remove Selected.
  • Reboot your computer if prompted.


    Posting the Malwarebytes log.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • post that saved log to your next reply.

  • 0

#14
connerYule

connerYule

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 11/8/2015
Scan Time: 10:31 AM
Logfile: text files.txt
Administrator: Yes
 
Version: 0.0.0.0000
Malware Database: v2015.11.08.04
Rootkit Database: v2015.11.04.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Conner
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 444789
Time Elapsed: 32 min, 41 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#15
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hello,

How is the computer now ?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP