Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows will only start in safe mode.


  • Please log in to reply

#1
globaljoe

globaljoe

    Member

  • Member
  • PipPipPip
  • 117 posts

Hello, As my topic title suggests I can only start my Vista laptop using safe mode or safe mode with networking, if I try to start it normally with my administrator account I get the welcome screen, I type in my administrator password, I get the spinning wheel for a couple of minutes and then a blank screen, standard user account has the same results, I just get the message: Windows could not connect to the user profile service.

I then pressed the F8 key on a second try to boot up, I get to "Advanced boot options" and select "repair your computer", I get "windows is loading files" and then the system recovery options box, I enter my password and press OK and get the message "your account had been disabled" see your system administrator.

I restarted the system pressing F8 for advanced boot options and select safe mode with networking where I can log-in without any problem. 

I then ran Microsoft Security essentials (full-scan), scan completed with nothing found.

So the system will only work in safe mode, any help with this problem would be much appreciated!.

Thank you.


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,021 posts
  • MVP
 
Please download Farbar Recovery Scan Tool and save it to your Desktop. 
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 
 
  •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 

    • 0

    #3
    globaljoe

    globaljoe

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 117 posts
    Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
    Ran by geoff (2016-03-07 19:35:50)
    Running from C:\Users\geoff\downloads
    Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2008-07-19 08:46:55)
    Boot Mode: Safe Mode (with Networking)
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-504676162-3151235640-1111575767-500 - Administrator - Disabled)
    geoff (S-1-5-21-504676162-3151235640-1111575767-1000 - Administrator - Enabled) => C:\Users\geoff
    Guest (S-1-5-21-504676162-3151235640-1111575767-501 - Limited - Disabled)
    jake (S-1-5-21-504676162-3151235640-1111575767-1002 - Limited - Enabled) => C:\Users\jake
    Me (S-1-5-21-504676162-3151235640-1111575767-1001 - Limited - Enabled) => C:\Users\Me
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    [email protected] ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.0 - LSoft Technologies)
    ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
    Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
    Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
    Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)
    Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
    AIM 6 (HKLM\...\AIM_6) (Version:  - )
    Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2225 - AVAST Software)
    CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
    CodeBlocks (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)
    Core Temp 1.0 RC2 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
    CPUID CPU-Z 1.60 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
    CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1002 - CyberLink Corp.)
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    Desktop-play 000.015020230 (HKLM\...\dply_en_015020230_is1) (Version:  - DESKTOPPLAY) <==== ATTENTION
    DiskCheckup v3.3 (HKLM\...\DiskCheckup_is1) (Version: 3.3.1000 - PassMark Software)
    Dropbox (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
    DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.0928 - CyberLink Corp.)
    EA Link (HKLM\...\InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}) (Version: 3.1.1.4 - Electronic Arts)
    EA Link (Version: 3.1.1.4 - Electronic Arts) Hidden
    GameMaker-Studio 1.2 (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\GameMaker-Studio12) (Version:  - YoYo Games Ltd.)
    Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
    Google Drive (HKLM\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
    GoToAssist Expert 1.6.0.498 (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\GoToAssist Remote Support Expert) (Version: 1.6.0.498 - Citrix Online)
    Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25149 - Hauppauge Computer Works, Inc.)
    HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
    HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.234 - SurfRight B.V.)
    Hot CPU Tester Pro 4.4.1 (HKLM\...\{5A39D5C2-A28B-421D-925A-0390FD1E5529}_is1) (Version: 4.4 LE - 7Byte Computers)
    HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
    HP Customer Experience Enhancements (HKLM\...\{BD0E2B92-3814-46F0-893B-4612EA010C7E}) (Version: 5.4.0.2430 - Hewlett-Packard)
    HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.02.0001 - Hewlett-Packard)
    HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)
    HP Help and Support (HKLM\...\{31216452-5540-4C96-B754-94890A63D5AB}) (Version: 2.0.10.0 - Hewlett-Packard)
    HP Quick Launch Buttons 6.30 E1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.30 E1 - Hewlett-Packard)
    HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - )
    HP QuickTouch 1.00 C4 (HKLM\...\{7DC4A410-9986-4329-9E5D-687B2C42CA39}) (Version: 1.0.7 - Hewlett-Packard)
    HP Total Care Advisor (HKLM\...\{b02df929-29a7-4fd2-9a70-81a644b635f7}) (Version: 1.4.19.2433 - Hewlett-Packard)
    HP Update (HKLM\...\{612F4E20-3661-4D44-AD79-823F1B613FB3}) (Version: 5.002.008.001 - Hewlett-Packard)
    HP User Guides 0087 (HKLM\...\{4D49757C-367A-4333-BDB3-68966162B14E}) (Version: 1.02.0000 - Hewlett-Packard )
    HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H2 - Hewlett-Packard)
    HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
    HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
    ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
    Instant Housecall Specialist Sign-in (HKLM\...\{7C9045F9-039D-4B64-93F5-53D8F9F7816F}) (Version: 6.0.0.0 - Instant Housecall)
    Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
    Java 7 Update 10 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217010F0}) (Version: 7.0.100 - Oracle)
    Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
    Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    KeyNote 1.6.5 (HKLM\...\KeyNote_is1) (Version:  - )
    KompoZer 0.8b3 (HKLM\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version:  - KompoZer)
    LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2128 - CyberLink Corp.)
    Lexmark 2300 Series (HKLM\...\Lexmark 2300 Series) (Version:  - Lexmark International, Inc.)
    Lexmark Fax Solutions (HKLM\...\Lexmark Fax Solutions) (Version:  - Lexmark International, Inc.)
    LightScribe System Software  1.10.13.1 (Version: 1.10.13.1 - hxxp://www.lightscribe.com) Hidden
    LinuxLive USB Creator (HKLM\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Press Training Kit Exam Prep Suite A+ 220-801, 220-802 (HKLM\...\{7AA4AE9D-8720-4050-8E9A-DABDB197855B}) (Version: 1.0.0 - MeasureUp)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
    Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)
    Mozilla Firefox 40.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
    MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    muvee autoProducer 6.1 (HKLM\...\{250E9609-E830-43EB-B379-DAB7546A2422}) (Version: 6.10.050 - muvee Technologies)
    My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1902 - WildTangent)
    Nokia Connectivity Cable Driver (HKLM\...\{4F1DCA42-2030-437C-A94E-736692A499C1}) (Version: 6.86.11.0 - Nokia)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
    OpenOffice 4.1.2 (HKLM\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
    Opera Stable 19.0.1326.59 (HKLM\...\Opera 19.0.1326.59) (Version: 19.0.1326.59 - Opera Software ASA)
    Opera Stable 33.0.1990.115 (HKLM\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software)
    Opera Stable 34.0.2036.36 (HKLM\...\Opera 34.0.2036.36) (Version: 34.0.2036.36 - Opera Software)
    Opera Update Checker (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Opera Update Checker) (Version:  - Opera widgets)
    PDF Creator (HKLM\...\PDF Creator) (Version:  - )
    PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
    PyScripter 2.5.3 (HKLM\...\PyScripter_is1) (Version: 2.5.3 - PyScripter)
    Python 3.3.0 (HKLM\...\{526b1417-92c1-3737-8247-4abc49ccc8e4}) (Version: 3.3.150 - Python Software Foundation)
    QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
    RAR Reader (HKLM\...\{9CDE6ACC-B81A-482E-A55C-FBB0CA021FEC}_is1) (Version:  - rarreader.com)
    Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5869 - Realtek Semiconductor Corp.)
    Renee Undeleter 2014.2.26.00 (HKLM\...\{EE1F41BE-6DBD-44AE-9F97-4D7F9227329D}_is1) (Version: 2014.2.26.00 - Rene.E Laboratory)
    Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
    Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    Search module (HKLM\...\Search module) (Version:  - Goobzo) <==== ATTENTION
    SearchModule (HKLM\...\{D2E9FE6A-7003-42A0-96F6-5569DFC2A3A8}_is1) (Version: 2.8.9.113 - Goobzo LTD) <==== ATTENTION
    SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version:  - Seagate Technology)
    Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
    SIW version 2010.07.14 (HKLM\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.07.14 - Topala Software Solutions)
    Skill Builder DX (HKLM\...\{40C2D00A-9235-4EA2-8AB9-2CAB7A842B49}) (Version:  - )
    Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
    Skype™ 7.11 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.11.102 - Skype Technologies S.A.)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.1.1002 - SUPERAntiSpyware.com)
    swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
    TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.0.8703  - TeamViewer GmbH)
    The OFFICIAL DSA THEORY TEST for Car Drivers (HKLM\...\{50684081-B0AE-4B26-9E06-645BE7E357C8}) (Version: 2.00.0001 - TSO)
    The Sims™ Life Stories (HKLM\...\{2284D904-C138-4B58-93EC-5C362AB5130A}) (Version: 1.00.0000 - Electronic Arts)
    Undeleter (HKLM\...\{6A1110AB-79A2-4316-A0F3-D95525931FDC}_is1) (Version:  - Blitware Technology Inc.)
    Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Repair Kit v3.0 (HKLM\...\Windows Repair Kit v3.0) (Version:  - )
    WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
    WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0}\InprocServer32 -> C:\Users\geoff\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\TIExpertIE8.ocx (Techinline Ltd.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F5CC79AD-5695-4db5-9669-4231686B4B84}\InprocServer32 -> C:\Program Files\Instant Housecall\Specialist\MenuExtension32.dll (Instant Housecall)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1225487D-BDF9-4FBE-9EAA-26ED945115C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {14544222-AE0F-4CEB-B2BB-99DFB502A867} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {15EF1CCC-3432-4402-9256-0A98C74B1652} - System32\Tasks\Opera scheduled Autoupdate 1382886487 => C:\Program Files\Opera\launcher.exe [2015-12-14] (Opera Software)
    Task: {1735D2DB-0770-4363-B235-1A5BBB61CEA3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1AC86800-E407-49EC-9FEB-77FECCF6ED31} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1F2B7AEB-9245-40C2-82C5-A2B588CB764C} - System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => pcalua.exe -a C:\Users\geoff\Downloads\codeblocks-8.02mingw-setup.exe -d C:\Users\geoff\Downloads
    Task: {2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {243AA337-398B-4680-8869-45BFAE49BDB5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {274256E2-939F-481F-8D43-F9E697D1016E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2A8D1224-CA24-4760-B7D8-4321CDDD6083} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2ED0D85B-F710-4CB1-8B4B-6321B212F12F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
    Task: {2F4E6C7C-FDAE-4111-9978-89566B696070} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2FCA15CB-B66C-42CC-9985-62AC4976D9DC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {354B53AA-D547-479D-922C-159C219C1740} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {3677E902-A325-4BF7-A459-71D25A24966B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {384DD8F1-BF04-4837-BDE0-222B0E438A1B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {3B99A0E9-6110-4336-A553-29051BF8EEE1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {43D8F97B-ABB7-43D2-A096-01E275FE195D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
    Task: {44D3AB92-727E-4436-BF6A-6F2881935F2C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {45CC24E9-901D-4773-97BD-F97ACA2A7389} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {4C4EE041-B922-43AA-924F-7837E263CE85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
    Task: {4D5E7218-2F43-4CA3-B682-700799D5CE40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {4F8919F2-04DA-4341-894D-E1B87A328662} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {571CB1A9-B2E1-424A-BD1F-339AE42602A5} - System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => pcalua.exe -a F:\netsetup.exe -d F:\
    Task: {593F3332-FD90-4A28-A913-80F0E6475AFC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6092D2F8-3318-4903-AC4A-9F3505364585} - System32\Tasks\{4B88C94D-0A54-4A3E-A970-4422C4E5D1A1} => pcalua.exe -a C:\ProgramData\Installations\{5AFEABF5-7411-4C29-9FA9-71ABE880662D}\Nokia_PC_Suite_rel_6_86_9_4_EA.exe
    Task: {61C19587-0F15-42A6-BDCC-DE63613C6CF1} - \TweakBit\PCRepairKit\Start PCRepairKit automatic scanning -> No File <==== ATTENTION
    Task: {65734AB0-442E-4C8B-831A-71BBD28F22BE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {65826AA8-B7B9-420C-A349-0EB309679B68} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {665BAE83-6070-424D-8961-0994CAAAA3D1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {66A3F06A-D4FE-4869-8E77-322841C856E3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {698836BD-D478-47DC-84E5-7602AED789B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6A0A78A9-68EE-4976-B8A7-7053F760E88D} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6B44EE9A-9157-413C-AB41-1AB294579379} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6B6FCBAA-1064-4C10-961E-F386DE8284EF} - System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => pcalua.exe -a C:\Users\geoff\Desktop\shman.exe -d C:\Users\geoff\Desktop
    Task: {6E61263B-F516-4092-8734-300AB9F5120E} - \TweakBit\PCRepairKit\Start PCRepairKit оn logon -> No File <==== ATTENTION
    Task: {6F961960-E97B-4F29-BB9B-CDA15D645A01} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {73368EA5-B4C0-43A8-9DE3-A5B2829CC358} - \TweakBit\PCRepairKit\Start PCRepairKit оn logon -> No File <==== ATTENTION
    Task: {752216AA-CE30-405B-9267-118E9D282112} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {758C46B4-EC68-4929-9696-2B67910B9877} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7751432F-31C2-4103-A74E-9174B4C4C054} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {783E6D80-266F-4699-8FE1-4FC5D38EDB56} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {787A8DAB-4F37-4917-AF82-DB776FD28A88} - System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
    Task: {7C3C7D3A-147C-469C-87F6-BDBCC2670A40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7DFE5167-9CB2-4916-9EC2-425C791E7AFD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7EA885AA-495D-4206-A2B4-25C4B8D764DD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7FA27470-2EDB-4FCE-8214-9CA2569A93B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {80D049AE-6B6D-4C2B-9AF2-494D620181C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {839A5338-CE92-4A68-AD90-156344208991} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8433246C-B309-4DED-8952-86CD35F88ECF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
    Task: {8A0681A4-A478-4B7B-A731-6E2827AFB580} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
    Task: {8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8CE00976-D326-4633-B50D-9C35EFFE56D8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} - System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => pcalua.exe -a "C:\Users\geoff\AppData\Roaming\AntiVirus System 2011\securityhelper.exe" -c /UNINSTALL
    Task: {903AA892-BA72-451B-8D43-A18F2284BF3B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {918A2E20-CA51-4284-8C0F-6C4C103E3DE6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} - \TweakBit\PCCleaner\Start PCCleaner оn logon -> No File <==== ATTENTION
    Task: {96116637-6BCB-45F2-A779-AF61A1DFCBE2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9A82E602-1B78-4A51-A57F-22492DF7D748} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9C4056F5-53A0-4CD6-9181-E74108389684} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9EB97B77-CF48-4B66-86AA-22ACB8407BC7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9F1F470A-F055-468F-B6D0-DAD0CEF91634} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9FF24EA7-B4CC-46E5-8283-96A7C87E0269} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A0672630-2F14-4D69-A998-5A434390C838} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A140BE9B-A5E1-48C6-A3CE-43E5744A42C9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
    Task: {A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A8D4B054-B355-4893-A181-BA6A1BB681AB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AAB1E654-AF8B-4950-8295-EC7083687DEF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {ABE5ADC8-A224-4EF0-B4AB-7058AB1FCE74} - System32\Tasks\{874CFE2D-ADB2-4050-94FD-A3E7307E6543} => pcalua.exe -a "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" -c REMOVE=TRUE MODIFY=FALSE
    Task: {AE1D247A-E799-4C06-AB12-ED3DC27B161E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {B31D3014-70AA-4C28-8514-033FD8DD95C4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {BDC087A1-705A-4D7A-B610-ECFFB6CB3872} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {BDE3EC51-E282-421D-BF64-0DE5798D2D50} - \TweakBit\PCCleaner\Start PCCleaner оn logon -> No File <==== ATTENTION
    Task: {C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C12FAFB3-F3F3-415B-AFB1-54427B425D7E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C17C0E68-0511-4B60-A629-BD179BB8C766} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C62716B7-465D-4DB6-AD4A-0F9CED4F9911} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C8740CD5-B817-4037-BADA-13E03F1C5904} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CA818194-6FCE-44D9-961B-29ED7A6F6DBB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CC5AAB18-C5BA-4B1C-83BA-107642FC9280} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CD245391-D8E3-4FB9-A4CA-D61E33985A11} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CF66EAE2-A122-4185-8C55-E25DCAFA20E9} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {D0550D23-65C5-4F3C-8626-1F1975FFA483} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {D4490887-7881-4C5D-BE94-7AE4224A89D0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DEE8B8F5-21DA-4D19-ACE2-C503DC023158} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DF73CDB1-B351-46A1-9666-1D6DAB51BE54} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E2CD2DDD-B548-47A7-A367-B947DC8A966A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E49F8E52-CD62-4E6C-AE28-E03E926913D7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E543470A-A320-4008-9924-594ABE80C4A0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-16] (AVAST Software)
    Task: {E5751FBE-4938-4A29-A870-7F40FFA1FF2E} - System32\Tasks\IBUpd2 => C:\Users\geoff\AppData\Local\BrowserAir\47.0.0.4\updater.exe <==== ATTENTION
    Task: {E99D5913-61ED-4363-A488-891A133AF7D6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {EAE04FA7-7E95-4ED7-9820-00D6B189890E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F321D67B-4140-46C2-9DA5-C1FE5939854C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F35F304E-D980-436F-AA47-1D20676D1F23} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F7C2988E-5E91-4051-9596-96D28D2D7FDA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FB48721E-1E03-44E5-940A-3422F1198D9F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FE3B0FBE-7B53-4551-8052-7F723F29D65F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    ShortcutWithArgument: C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
     
    ==================== Loaded Modules (Whitelisted) ==============
     
    2010-10-23 14:12 - 2010-11-20 18:03 - 00043520 ____N () C:\Windows\system32\CmdLineExt03.dll
    2016-01-08 07:06 - 2015-12-14 09:14 - 61551736 _____ () C:\Program Files\Opera\34.0.2036.36\opera.dll
     
    ==================== Alternate Data Streams (Whitelisted) =========
     
    (If an entry is included in the fixlist, only the ADS will be removed.)
     
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d7-bddd-11e5-ba81-001e68ddbd2a} [20]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d8-bddd-11e5-ba81-001e68ddbd2a} [31]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a} [20]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a} [31]
     
    ==================== Safe Mode (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
     
    ==================== EXE Association (Whitelisted) ===============
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
     
     
    ==================== Internet Explorer trusted/restricted ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry.)
     
    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
     
    There are 7595 more sites.
     
    IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\cleverreach.com -> hxxp://novastor.cleverreach.com
    IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\google-analytics.com -> hxxp://google-analytics.com
    IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\novastor.com -> hxxp://novastor.com
    IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\novastor.com -> hxxps://novastor.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123simsen.com -> www.123simsen.com
     
    There are 7592 more sites.
     
     
    ==================== Hosts content: ===============================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2006-11-02 10:23 - 2013-10-12 23:23 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
     
    127.0.0.1       localhost
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img31.jpg
    DNS Servers: 192.168.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
    Windows Firewall is enabled.
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup
    MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
    MSCONFIG\startupreg: EzPrint => "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
    MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
    MSCONFIG\startupreg: GoToAssist Express Expert => "C:\Users\geoff\AppData\Local\Citrix\GoToAssist Express Expert\403\g2ax_start.exe" "/Trigger RunAtLogon"
    MSCONFIG\startupreg: GoToAssist Remote Support Expert => "C:\Program Files\Citrix\GoToAssist Remote Support Expert\498\g2ax_start.exe" "/Trigger RunAtLogon"
    MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    MSCONFIG\startupreg: IAAnotif => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    MSCONFIG\startupreg: LXCGCATS => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,[email protected]
    MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    MSCONFIG\startupreg: QlbCtrl => %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    MSCONFIG\startupreg: QPService => "C:\Program Files\HP\QuickPlay\QPService.exe"
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    MSCONFIG\startupreg: SMSERIAL => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: WAWifiMessage => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
     
    ==================== FirewallRules (Whitelisted) ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
    FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
    FirewallRules: [{E9345907-DAA6-4702-905A-E483587B5EC0}] => (Allow) C:\Program Files\Instant Housecall\Specialist\Specialist Sign-in.exe
    FirewallRules: [{6C1D56E0-F1A3-41B6-AEC0-53748FBABC42}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
    FirewallRules: [TCP Query User{0A7A6121-2F4D-46D8-8B20-C6C46772D337}C:\python33\python.exe] => (Block) C:\python33\python.exe
    FirewallRules: [UDP Query User{60367E94-85B1-44DD-AB5A-740A0289AAC1}C:\python33\python.exe] => (Block) C:\python33\python.exe
    FirewallRules: [{D6C950AC-BFC4-4908-B769-0350F7FBA1D8}] => (Allow) C:\Program Files\WinZip Driver Updater\winzipdu.exe
    FirewallRules: [{225E263C-FCE5-40A8-BC5E-5F930E5E8519}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{6FAB2B0F-B5C8-468D-90CF-70F6336418D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{01A37E37-F197-4CA5-A6DC-239BC1A5438D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{59AE05E3-7359-42F8-8CBA-53FE3BA4A17B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{4107F44B-B146-4FDC-9704-288E4910137E}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe
    FirewallRules: [{2EF46FA0-2C86-4B6C-9F78-DB5A99E7D0E2}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe
    FirewallRules: [{5FD25458-D997-4C18-82C7-37A38E4D6757}] => (Allow) C:\Program Files\SpringFiles\downloader.exe
    FirewallRules: [{F613C2FA-34EA-41BD-9B55-A2FB8DE47451}] => (Allow) C:\Program Files\SpringFiles\downloader.exe
    FirewallRules: [{0F7A3A86-289B-4B03-AB64-70E0F44FC450}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
     
    ==================== Restore Points =========================
     
    24-02-2016 03:00:11 Windows Update
    24-02-2016 23:49:58 Scheduled Checkpoint
    26-02-2016 07:10:18 Scheduled Checkpoint
    27-02-2016 03:18:12 Windows Update
    29-02-2016 02:23:27 Scheduled Checkpoint
    02-03-2016 03:19:04 Windows Update
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Microsoft ISATAP Adapter #14
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver
     
    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Tun Miniport Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunmp
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
    Name: Ricoh SD/MMC Host Controller
    Description: Ricoh SD/MMC Host Controller
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: Ricoh Company
    Service: rimmptsk
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
    Name: Ricoh Memory Stick Controller
    Description: Ricoh Memory Stick Host Controller
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: Ricoh Company
    Service: rimsptsk
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
    Name: Ricoh xD-Picture Card Controller
    Description: Ricoh xD-Picture Card Controller
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: Ricoh Company
    Service: rismxdp
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (03/07/2016 05:51:17 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/07/2016 04:32:11 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/07/2016 01:38:29 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (03/07/2016 01:24:22 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (03/07/2016 01:23:39 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/07/2016 12:49:53 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/07/2016 12:11:24 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/07/2016 12:06:15 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (03/06/2016 11:31:18 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (03/06/2016 11:17:47 PM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
     
    System errors:
    =============
    Error: (03/07/2016 06:04:42 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
     
    New Signature Version: 
     
    Previous Signature Version: 0.0.0.0
     
    Update Source: %NT AUTHORITY51
     
    Update Stage: 4.9.0218.00
     
    Source Path: 4.9.0218.01
     
    Signature Type: %NT AUTHORITY602
     
    Update Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\NETWORK SERVICE
     
    Current Engine Version: %NT AUTHORITY605
     
    Previous Engine Version: %NT AUTHORITY606
     
    Error code: %NT AUTHORITY607
     
    Error description: %NT AUTHORITY608
     
    Error: (03/07/2016 06:04:34 AM) (Source: Microsoft Antimalware) (EventID: 2003) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update the engine.
     
    New Engine Version: 
     
    Previous Engine Version: 2.1.11804.0
     
    Engine Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\NETWORK SERVICE
     
    Error Code: %NT AUTHORITY601
     
    Error description: %NT AUTHORITY602
     
    Error: (03/07/2016 06:04:34 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
     
    New Signature Version: 
     
    Previous Signature Version: 
     
    Update Source: %NT AUTHORITY15
     
    Update Stage: 4.9.0218.00
     
    Source Path: 4.9.0218.01
     
    Signature Type: %NT AUTHORITY602
     
    Update Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\NETWORK SERVICE
     
    Current Engine Version: %NT AUTHORITY605
     
    Previous Engine Version: %NT AUTHORITY606
     
    Error code: %NT AUTHORITY607
     
    Error description: %NT AUTHORITY608
     
    Error: (03/07/2016 06:01:04 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
     
    New Signature Version: 
     
    Previous Signature Version: 1.215.375.0
     
    Update Source: %NT AUTHORITY59
     
    Update Stage: 4.9.0218.00
     
    Source Path: 4.9.0218.01
     
    Signature Type: %NT AUTHORITY602
     
    Update Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\SYSTEM
     
    Current Engine Version: %NT AUTHORITY605
     
    Previous Engine Version: %NT AUTHORITY606
     
    Error code: %NT AUTHORITY607
     
    Error description: %NT AUTHORITY608
     
    Error: (03/07/2016 06:01:04 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
     
    Error: (03/07/2016 05:51:35 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
     
    Error: (03/07/2016 05:51:33 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
     
    Error: (03/07/2016 05:51:24 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
     
    Error: (03/07/2016 05:51:23 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: aswRvrt
    aswSnx
    aswSP
    aswVmm
    MpFilter
    spldr
    Wanarpv6
     
    Error: (03/07/2016 05:51:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Microsoft Network Inspection SystemMicrosoft Malware Protection Driver%%31
     
     
    CodeIntegrity:
    ===================================
      Date: 2016-03-07 19:35:08.132
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 19:35:07.710
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 19:35:07.274
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 19:35:06.790
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 04:31:43.825
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 04:31:43.389
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 04:31:42.952
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 04:31:42.515
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 04:31:40.440
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 04:31:39.863
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™2 Duo CPU T5750 @ 2.00GHz
    Percentage of memory in use: 36%
    Total physical RAM: 3069.68 MB
    Available physical RAM: 1956.52 MB
    Total Virtual: 6341.6 MB
    Available Virtual: 5514.52 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:221.34 GB) (Free:133.71 GB) NTFS ==>[drive with boot components (obtained from BCD)]
    Drive d: (HP_RECOVERY) (Fixed) (Total:11.54 GB) (Free:2.23 GB) NTFS ==>[system with boot components (obtained from drive)]
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 232.9 GB) (Disk ID: 6709219E)
    Partition 1: (Active) - (Size=221.3 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=11.5 GB) - (Type=07 NTFS)
     
    ==================== End of Addition.txt =============================Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
    Ran by geoff (2016-03-07 19:35:50)
    Running from C:\Users\geoff\downloads
    Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2008-07-19 08:46:55)
    Boot Mode: Safe Mode (with Networking)
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-504676162-3151235640-1111575767-500 - Administrator - Disabled)
    geoff (S-1-5-21-504676162-3151235640-1111575767-1000 - Administrator - Enabled) => C:\Users\geoff
    Guest (S-1-5-21-504676162-3151235640-1111575767-501 - Limited - Disabled)
    jake (S-1-5-21-504676162-3151235640-1111575767-1002 - Limited - Enabled) => C:\Users\jake
    Me (S-1-5-21-504676162-3151235640-1111575767-1001 - Limited - Enabled) => C:\Users\Me
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    [email protected] ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.0 - LSoft Technologies)
    ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
    Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
    Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
    Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)
    Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
    AIM 6 (HKLM\...\AIM_6) (Version:  - )
    Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2225 - AVAST Software)
    CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
    CodeBlocks (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)
    Core Temp 1.0 RC2 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
    CPUID CPU-Z 1.60 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
    CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1002 - CyberLink Corp.)
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    Desktop-play 000.015020230 (HKLM\...\dply_en_015020230_is1) (Version:  - DESKTOPPLAY) <==== ATTENTION
    DiskCheckup v3.3 (HKLM\...\DiskCheckup_is1) (Version: 3.3.1000 - PassMark Software)
    Dropbox (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
    DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.0928 - CyberLink Corp.)
    EA Link (HKLM\...\InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}) (Version: 3.1.1.4 - Electronic Arts)
    EA Link (Version: 3.1.1.4 - Electronic Arts) Hidden
    GameMaker-Studio 1.2 (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\GameMaker-Studio12) (Version:  - YoYo Games Ltd.)
    Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
    Google Drive (HKLM\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
    GoToAssist Expert 1.6.0.498 (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\GoToAssist Remote Support Expert) (Version: 1.6.0.498 - Citrix Online)
    Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25149 - Hauppauge Computer Works, Inc.)
    HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
    HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.234 - SurfRight B.V.)
    Hot CPU Tester Pro 4.4.1 (HKLM\...\{5A39D5C2-A28B-421D-925A-0390FD1E5529}_is1) (Version: 4.4 LE - 7Byte Computers)
    HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
    HP Customer Experience Enhancements (HKLM\...\{BD0E2B92-3814-46F0-893B-4612EA010C7E}) (Version: 5.4.0.2430 - Hewlett-Packard)
    HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.02.0001 - Hewlett-Packard)
    HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)
    HP Help and Support (HKLM\...\{31216452-5540-4C96-B754-94890A63D5AB}) (Version: 2.0.10.0 - Hewlett-Packard)
    HP Quick Launch Buttons 6.30 E1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.30 E1 - Hewlett-Packard)
    HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - )
    HP QuickTouch 1.00 C4 (HKLM\...\{7DC4A410-9986-4329-9E5D-687B2C42CA39}) (Version: 1.0.7 - Hewlett-Packard)
    HP Total Care Advisor (HKLM\...\{b02df929-29a7-4fd2-9a70-81a644b635f7}) (Version: 1.4.19.2433 - Hewlett-Packard)
    HP Update (HKLM\...\{612F4E20-3661-4D44-AD79-823F1B613FB3}) (Version: 5.002.008.001 - Hewlett-Packard)
    HP User Guides 0087 (HKLM\...\{4D49757C-367A-4333-BDB3-68966162B14E}) (Version: 1.02.0000 - Hewlett-Packard )
    HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H2 - Hewlett-Packard)
    HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
    HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
    ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
    Instant Housecall Specialist Sign-in (HKLM\...\{7C9045F9-039D-4B64-93F5-53D8F9F7816F}) (Version: 6.0.0.0 - Instant Housecall)
    Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
    Java 7 Update 10 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217010F0}) (Version: 7.0.100 - Oracle)
    Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
    Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    KeyNote 1.6.5 (HKLM\...\KeyNote_is1) (Version:  - )
    KompoZer 0.8b3 (HKLM\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version:  - KompoZer)
    LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2128 - CyberLink Corp.)
    Lexmark 2300 Series (HKLM\...\Lexmark 2300 Series) (Version:  - Lexmark International, Inc.)
    Lexmark Fax Solutions (HKLM\...\Lexmark Fax Solutions) (Version:  - Lexmark International, Inc.)
    LightScribe System Software  1.10.13.1 (Version: 1.10.13.1 - hxxp://www.lightscribe.com) Hidden
    LinuxLive USB Creator (HKLM\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Press Training Kit Exam Prep Suite A+ 220-801, 220-802 (HKLM\...\{7AA4AE9D-8720-4050-8E9A-DABDB197855B}) (Version: 1.0.0 - MeasureUp)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
    Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)
    Mozilla Firefox 40.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
    MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    muvee autoProducer 6.1 (HKLM\...\{250E9609-E830-43EB-B379-DAB7546A2422}) (Version: 6.10.050 - muvee Technologies)
    My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1902 - WildTangent)
    Nokia Connectivity Cable Driver (HKLM\...\{4F1DCA42-2030-437C-A94E-736692A499C1}) (Version: 6.86.11.0 - Nokia)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
    OpenOffice 4.1.2 (HKLM\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
    Opera Stable 19.0.1326.59 (HKLM\...\Opera 19.0.1326.59) (Version: 19.0.1326.59 - Opera Software ASA)
    Opera Stable 33.0.1990.115 (HKLM\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software)
    Opera Stable 34.0.2036.36 (HKLM\...\Opera 34.0.2036.36) (Version: 34.0.2036.36 - Opera Software)
    Opera Update Checker (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Opera Update Checker) (Version:  - Opera widgets)
    PDF Creator (HKLM\...\PDF Creator) (Version:  - )
    PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
    PyScripter 2.5.3 (HKLM\...\PyScripter_is1) (Version: 2.5.3 - PyScripter)
    Python 3.3.0 (HKLM\...\{526b1417-92c1-3737-8247-4abc49ccc8e4}) (Version: 3.3.150 - Python Software Foundation)
    QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
    RAR Reader (HKLM\...\{9CDE6ACC-B81A-482E-A55C-FBB0CA021FEC}_is1) (Version:  - rarreader.com)
    Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5869 - Realtek Semiconductor Corp.)
    Renee Undeleter 2014.2.26.00 (HKLM\...\{EE1F41BE-6DBD-44AE-9F97-4D7F9227329D}_is1) (Version: 2014.2.26.00 - Rene.E Laboratory)
    Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
    Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    Search module (HKLM\...\Search module) (Version:  - Goobzo) <==== ATTENTION
    SearchModule (HKLM\...\{D2E9FE6A-7003-42A0-96F6-5569DFC2A3A8}_is1) (Version: 2.8.9.113 - Goobzo LTD) <==== ATTENTION
    SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version:  - Seagate Technology)
    Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
    SIW version 2010.07.14 (HKLM\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.07.14 - Topala Software Solutions)
    Skill Builder DX (HKLM\...\{40C2D00A-9235-4EA2-8AB9-2CAB7A842B49}) (Version:  - )
    Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
    Skype™ 7.11 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.11.102 - Skype Technologies S.A.)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.1.1002 - SUPERAntiSpyware.com)
    swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
    TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.0.8703  - TeamViewer GmbH)
    The OFFICIAL DSA THEORY TEST for Car Drivers (HKLM\...\{50684081-B0AE-4B26-9E06-645BE7E357C8}) (Version: 2.00.0001 - TSO)
    The Sims™ Life Stories (HKLM\...\{2284D904-C138-4B58-93EC-5C362AB5130A}) (Version: 1.00.0000 - Electronic Arts)
    Undeleter (HKLM\...\{6A1110AB-79A2-4316-A0F3-D95525931FDC}_is1) (Version:  - Blitware Technology Inc.)
    Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Repair Kit v3.0 (HKLM\...\Windows Repair Kit v3.0) (Version:  - )
    WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
    WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0}\InprocServer32 -> C:\Users\geoff\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\TIExpertIE8.ocx (Techinline Ltd.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F5CC79AD-5695-4db5-9669-4231686B4B84}\InprocServer32 -> C:\Program Files\Instant Housecall\Specialist\MenuExtension32.dll (Instant Housecall)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1225487D-BDF9-4FBE-9EAA-26ED945115C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {14544222-AE0F-4CEB-B2BB-99DFB502A867} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {15EF1CCC-3432-4402-9256-0A98C74B1652} - System32\Tasks\Opera scheduled Autoupdate 1382886487 => C:\Program Files\Opera\launcher.exe [2015-12-14] (Opera Software)
    Task: {1735D2DB-0770-4363-B235-1A5BBB61CEA3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1AC86800-E407-49EC-9FEB-77FECCF6ED31} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1F2B7AEB-9245-40C2-82C5-A2B588CB764C} - System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => pcalua.exe -a C:\Users\geoff\Downloads\codeblocks-8.02mingw-setup.exe -d C:\Users\geoff\Downloads
    Task: {2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {243AA337-398B-4680-8869-45BFAE49BDB5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {274256E2-939F-481F-8D43-F9E697D1016E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2A8D1224-CA24-4760-B7D8-4321CDDD6083} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2ED0D85B-F710-4CB1-8B4B-6321B212F12F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
    Task: {2F4E6C7C-FDAE-4111-9978-89566B696070} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2FCA15CB-B66C-42CC-9985-62AC4976D9DC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {354B53AA-D547-479D-922C-159C219C1740} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {3677E902-A325-4BF7-A459-71D25A24966B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {384DD8F1-BF04-4837-BDE0-222B0E438A1B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {3B99A0E9-6110-4336-A553-29051BF8EEE1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {43D8F97B-ABB7-43D2-A096-01E275FE195D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
    Task: {44D3AB92-727E-4436-BF6A-6F2881935F2C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {45CC24E9-901D-4773-97BD-F97ACA2A7389} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {4C4EE041-B922-43AA-924F-7837E263CE85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
    Task: {4D5E7218-2F43-4CA3-B682-700799D5CE40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {4F8919F2-04DA-4341-894D-E1B87A328662} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {571CB1A9-B2E1-424A-BD1F-339AE42602A5} - System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => pcalua.exe -a F:\netsetup.exe -d F:\
    Task: {593F3332-FD90-4A28-A913-80F0E6475AFC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6092D2F8-3318-4903-AC4A-9F3505364585} - System32\Tasks\{4B88C94D-0A54-4A3E-A970-4422C4E5D1A1} => pcalua.exe -a C:\ProgramData\Installations\{5AFEABF5-7411-4C29-9FA9-71ABE880662D}\Nokia_PC_Suite_rel_6_86_9_4_EA.exe
    Task: {61C19587-0F15-42A6-BDCC-DE63613C6CF1} - \TweakBit\PCRepairKit\Start PCRepairKit automatic scanning -> No File <==== ATTENTION
    Task: {65734AB0-442E-4C8B-831A-71BBD28F22BE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {65826AA8-B7B9-420C-A349-0EB309679B68} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {665BAE83-6070-424D-8961-0994CAAAA3D1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {66A3F06A-D4FE-4869-8E77-322841C856E3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {698836BD-D478-47DC-84E5-7602AED789B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6A0A78A9-68EE-4976-B8A7-7053F760E88D} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6B44EE9A-9157-413C-AB41-1AB294579379} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6B6FCBAA-1064-4C10-961E-F386DE8284EF} - System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => pcalua.exe -a C:\Users\geoff\Desktop\shman.exe -d C:\Users\geoff\Desktop
    Task: {6E61263B-F516-4092-8734-300AB9F5120E} - \TweakBit\PCRepairKit\Start PCRepairKit оn logon -> No File <==== ATTENTION
    Task: {6F961960-E97B-4F29-BB9B-CDA15D645A01} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {73368EA5-B4C0-43A8-9DE3-A5B2829CC358} - \TweakBit\PCRepairKit\Start PCRepairKit оn logon -> No File <==== ATTENTION
    Task: {752216AA-CE30-405B-9267-118E9D282112} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {758C46B4-EC68-4929-9696-2B67910B9877} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7751432F-31C2-4103-A74E-9174B4C4C054} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {783E6D80-266F-4699-8FE1-4FC5D38EDB56} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {787A8DAB-4F37-4917-AF82-DB776FD28A88} - System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
    Task: {7C3C7D3A-147C-469C-87F6-BDBCC2670A40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7DFE5167-9CB2-4916-9EC2-425C791E7AFD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7EA885AA-495D-4206-A2B4-25C4B8D764DD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7FA27470-2EDB-4FCE-8214-9CA2569A93B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {80D049AE-6B6D-4C2B-9AF2-494D620181C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {839A5338-CE92-4A68-AD90-156344208991} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8433246C-B309-4DED-8952-86CD35F88ECF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
    Task: {8A0681A4-A478-4B7B-A731-6E2827AFB580} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
    Task: {8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8CE00976-D326-4633-B50D-9C35EFFE56D8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} - System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => pcalua.exe -a "C:\Users\geoff\AppData\Roaming\AntiVirus System 2011\securityhelper.exe" -c /UNINSTALL
    Task: {903AA892-BA72-451B-8D43-A18F2284BF3B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {918A2E20-CA51-4284-8C0F-6C4C103E3DE6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} - \TweakBit\PCCleaner\Start PCCleaner оn logon -> No File <==== ATTENTION
    Task: {96116637-6BCB-45F2-A779-AF61A1DFCBE2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9A82E602-1B78-4A51-A57F-22492DF7D748} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9C4056F5-53A0-4CD6-9181-E74108389684} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9EB97B77-CF48-4B66-86AA-22ACB8407BC7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9F1F470A-F055-468F-B6D0-DAD0CEF91634} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9FF24EA7-B4CC-46E5-8283-96A7C87E0269} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A0672630-2F14-4D69-A998-5A434390C838} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A140BE9B-A5E1-48C6-A3CE-43E5744A42C9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
    Task: {A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A8D4B054-B355-4893-A181-BA6A1BB681AB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AAB1E654-AF8B-4950-8295-EC7083687DEF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {ABE5ADC8-A224-4EF0-B4AB-7058AB1FCE74} - System32\Tasks\{874CFE2D-ADB2-4050-94FD-A3E7307E6543} => pcalua.exe -a "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" -c REMOVE=TRUE MODIFY=FALSE
    Task: {AE1D247A-E799-4C06-AB12-ED3DC27B161E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {B31D3014-70AA-4C28-8514-033FD8DD95C4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {BDC087A1-705A-4D7A-B610-ECFFB6CB3872} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {BDE3EC51-E282-421D-BF64-0DE5798D2D50} - \TweakBit\PCCleaner\Start PCCleaner оn logon -> No File <==== ATTENTION
    Task: {C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C12FAFB3-F3F3-415B-AFB1-54427B425D7E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C17C0E68-0511-4B60-A629-BD179BB8C766} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C62716B7-465D-4DB6-AD4A-0F9CED4F9911} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C8740CD5-B817-4037-BADA-13E03F1C5904} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CA818194-6FCE-44D9-961B-29ED7A6F6DBB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CC5AAB18-C5BA-4B1C-83BA-107642FC9280} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CD245391-D8E3-4FB9-A4CA-D61E33985A11} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CF66EAE2-A122-4185-8C55-E25DCAFA20E9} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {D0550D23-65C5-4F3C-8626-1F1975FFA483} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {D4490887-7881-4C5D-BE94-7AE4224A89D0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DEE8B8F5-21DA-4D19-ACE2-C503DC023158} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DF73CDB1-B351-46A1-9666-1D6DAB51BE54} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E2CD2DDD-B548-47A7-A367-B947DC8A966A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E49F8E52-CD62-4E6C-AE28-E03E926913D7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E543470A-A320-4008-9924-594ABE80C4A0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-16] (AVAST Software)
    Task: {E5751FBE-4938-4A29-A870-7F40FFA1FF2E} - System32\Tasks\IBUpd2 => C:\Users\geoff\AppData\Local\BrowserAir\47.0.0.4\updater.exe <==== ATTENTION
    Task: {E99D5913-61ED-4363-A488-891A133AF7D6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {EAE04FA7-7E95-4ED7-9820-00D6B189890E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F321D67B-4140-46C2-9DA5-C1FE5939854C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F35F304E-D980-436F-AA47-1D20676D1F23} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F7C2988E-5E91-4051-9596-96D28D2D7FDA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FB48721E-1E03-44E5-940A-3422F1198D9F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FE3B0FBE-7B53-4551-8052-7F723F29D65F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    ShortcutWithArgument: C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
     
    ==================== Loaded Modules (Whitelisted) ==============
     
    2010-10-23 14:12 - 2010-11-20 18:03 - 00043520 ____N () C:\Windows\system32\CmdLineExt03.dll
    2016-01-08 07:06 - 2015-12-14 09:14 - 61551736 _____ () C:\Program Files\Opera\34.0.2036.36\opera.dll
     
    ==================== Alternate Data Streams (Whitelisted) =========
     
    (If an entry is included in the fixlist, only the ADS will be removed.)
     
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d7-bddd-11e5-ba81-001e68ddbd2a} [20]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d8-bddd-11e5-ba81-001e68ddbd2a} [31]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a} [20]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a} [31]
     
    ==================== Safe Mode (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
     
    ==================== EXE Association (Whitelisted) ===============
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
     
     
    ==================== Internet Explorer trusted/restricted ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry.)
     
    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
     
    There are 7595 more sites.
     
    IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\cleverreach.com -> hxxp://novastor.cleverreach.com
    IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\google-analytics.com -> hxxp://google-analytics.com
    IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\novastor.com -> hxxp://novastor.com
    IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\novastor.com -> hxxps://novastor.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123simsen.com -> www.123simsen.com
     
    There are 7592 more sites.
     
     
    ==================== Hosts content: ===============================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2006-11-02 10:23 - 2013-10-12 23:23 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
     
    127.0.0.1       localhost
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img31.jpg
    DNS Servers: 192.168.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
    Windows Firewall is enabled.
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup
    MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
    MSCONFIG\startupreg: EzPrint => "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
    MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
    MSCONFIG\startupreg: GoToAssist Express Expert => "C:\Users\geoff\AppData\Local\Citrix\GoToAssist Express Expert\403\g2ax_start.exe" "/Trigger RunAtLogon"
    MSCONFIG\startupreg: GoToAssist Remote Support Expert => "C:\Program Files\Citrix\GoToAssist Remote Support Expert\498\g2ax_start.exe" "/Trigger RunAtLogon"
    MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    MSCONFIG\startupreg: IAAnotif => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    MSCONFIG\startupreg: LXCGCATS => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,[email protected]
    MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    MSCONFIG\startupreg: QlbCtrl => %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    MSCONFIG\startupreg: QPService => "C:\Program Files\HP\QuickPlay\QPService.exe"
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    MSCONFIG\startupreg: SMSERIAL => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: WAWifiMessage => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
     
    ==================== FirewallRules (Whitelisted) ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
    FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
    FirewallRules: [{E9345907-DAA6-4702-905A-E483587B5EC0}] => (Allow) C:\Program Files\Instant Housecall\Specialist\Specialist Sign-in.exe
    FirewallRules: [{6C1D56E0-F1A3-41B6-AEC0-53748FBABC42}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
    FirewallRules: [TCP Query User{0A7A6121-2F4D-46D8-8B20-C6C46772D337}C:\python33\python.exe] => (Block) C:\python33\python.exe
    FirewallRules: [UDP Query User{60367E94-85B1-44DD-AB5A-740A0289AAC1}C:\python33\python.exe] => (Block) C:\python33\python.exe
    FirewallRules: [{D6C950AC-BFC4-4908-B769-0350F7FBA1D8}] => (Allow) C:\Program Files\WinZip Driver Updater\winzipdu.exe
    FirewallRules: [{225E263C-FCE5-40A8-BC5E-5F930E5E8519}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{6FAB2B0F-B5C8-468D-90CF-70F6336418D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{01A37E37-F197-4CA5-A6DC-239BC1A5438D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{59AE05E3-7359-42F8-8CBA-53FE3BA4A17B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{4107F44B-B146-4FDC-9704-288E4910137E}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe
    FirewallRules: [{2EF46FA0-2C86-4B6C-9F78-DB5A99E7D0E2}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe
    FirewallRules: [{5FD25458-D997-4C18-82C7-37A38E4D6757}] => (Allow) C:\Program Files\SpringFiles\downloader.exe
    FirewallRules: [{F613C2FA-34EA-41BD-9B55-A2FB8DE47451}] => (Allow) C:\Program Files\SpringFiles\downloader.exe
    FirewallRules: [{0F7A3A86-289B-4B03-AB64-70E0F44FC450}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
     
    ==================== Restore Points =========================
     
    24-02-2016 03:00:11 Windows Update
    24-02-2016 23:49:58 Scheduled Checkpoint
    26-02-2016 07:10:18 Scheduled Checkpoint
    27-02-2016 03:18:12 Windows Update
    29-02-2016 02:23:27 Scheduled Checkpoint
    02-03-2016 03:19:04 Windows Update
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Microsoft ISATAP Adapter #14
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver
     
    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Tun Miniport Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunmp
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
    Name: Ricoh SD/MMC Host Controller
    Description: Ricoh SD/MMC Host Controller
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: Ricoh Company
    Service: rimmptsk
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
    Name: Ricoh Memory Stick Controller
    Description: Ricoh Memory Stick Host Controller
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: Ricoh Company
    Service: rimsptsk
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
    Name: Ricoh xD-Picture Card Controller
    Description: Ricoh xD-Picture Card Controller
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: Ricoh Company
    Service: rismxdp
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (03/07/2016 05:51:17 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/07/2016 04:32:11 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/07/2016 01:38:29 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (03/07/2016 01:24:22 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (03/07/2016 01:23:39 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/07/2016 12:49:53 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/07/2016 12:11:24 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/07/2016 12:06:15 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (03/06/2016 11:31:18 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (03/06/2016 11:17:47 PM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
     
    System errors:
    =============
    Error: (03/07/2016 06:04:42 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
     
    New Signature Version: 
     
    Previous Signature Version: 0.0.0.0
     
    Update Source: %NT AUTHORITY51
     
    Update Stage: 4.9.0218.00
     
    Source Path: 4.9.0218.01
     
    Signature Type: %NT AUTHORITY602
     
    Update Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\NETWORK SERVICE
     
    Current Engine Version: %NT AUTHORITY605
     
    Previous Engine Version: %NT AUTHORITY606
     
    Error code: %NT AUTHORITY607
     
    Error description: %NT AUTHORITY608
     
    Error: (03/07/2016 06:04:34 AM) (Source: Microsoft Antimalware) (EventID: 2003) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update the engine.
     
    New Engine Version: 
     
    Previous Engine Version: 2.1.11804.0
     
    Engine Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\NETWORK SERVICE
     
    Error Code: %NT AUTHORITY601
     
    Error description: %NT AUTHORITY602
     
    Error: (03/07/2016 06:04:34 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
     
    New Signature Version: 
     
    Previous Signature Version: 
     
    Update Source: %NT AUTHORITY15
     
    Update Stage: 4.9.0218.00
     
    Source Path: 4.9.0218.01
     
    Signature Type: %NT AUTHORITY602
     
    Update Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\NETWORK SERVICE
     
    Current Engine Version: %NT AUTHORITY605
     
    Previous Engine Version: %NT AUTHORITY606
     
    Error code: %NT AUTHORITY607
     
    Error description: %NT AUTHORITY608
     
    Error: (03/07/2016 06:01:04 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
     
    New Signature Version: 
     
    Previous Signature Version: 1.215.375.0
     
    Update Source: %NT AUTHORITY59
     
    Update Stage: 4.9.0218.00
     
    Source Path: 4.9.0218.01
     
    Signature Type: %NT AUTHORITY602
     
    Update Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\SYSTEM
     
    Current Engine Version: %NT AUTHORITY605
     
    Previous Engine Version: %NT AUTHORITY606
     
    Error code: %NT AUTHORITY607
     
    Error description: %NT AUTHORITY608
     
    Error: (03/07/2016 06:01:04 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
     
    Error: (03/07/2016 05:51:35 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
     
    Error: (03/07/2016 05:51:33 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
     
    Error: (03/07/2016 05:51:24 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
     
    Error: (03/07/2016 05:51:23 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: aswRvrt
    aswSnx
    aswSP
    aswVmm
    MpFilter
    spldr
    Wanarpv6
     
    Error: (03/07/2016 05:51:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: Microsoft Network Inspection SystemMicrosoft Malware Protection Driver%%31
     
     
    CodeIntegrity:
    ===================================
      Date: 2016-03-07 19:35:08.132
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 19:35:07.710
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 19:35:07.274
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 19:35:06.790
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 04:31:43.825
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 04:31:43.389
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 04:31:42.952
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 04:31:42.515
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 04:31:40.440
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-07 04:31:39.863
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™2 Duo CPU T5750 @ 2.00GHz
    Percentage of memory in use: 36%
    Total physical RAM: 3069.68 MB
    Available physical RAM: 1956.52 MB
    Total Virtual: 6341.6 MB
    Available Virtual: 5514.52 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:221.34 GB) (Free:133.71 GB) NTFS ==>[drive with boot components (obtained from BCD)]
    Drive d: (HP_RECOVERY) (Fixed) (Total:11.54 GB) (Free:2.23 GB) NTFS ==>[system with boot components (obtained from drive)]
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 232.9 GB) (Disk ID: 6709219E)
    Partition 1: (Active) - (Size=221.3 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=11.5 GB) - (Type=07 NTFS)
     
    ==================== End of Addition.txt ====================================== End of Addition.txt =========================================== End of Addition.txt ==================================

    • 0

    #4
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,021 posts
    • MVP

    You posted the Addition.txt log twice.  Can you post the FRST log?


    • 0

    #5
    globaljoe

    globaljoe

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 117 posts
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
    Ran by geoff (administrator) on GEOFF-LAPTOP (07-03-2016 19:34:24)
    Running from C:\Users\geoff\downloads
    Loaded Profiles: geoff (Available Profiles: geoff & Me & jake)
    Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
    Internet Explorer Version 9 (Default browser: Opera)
    Boot Mode: Safe Mode (with Networking)
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera_crashreporter.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
     
     
    ==================== Registry (Whitelisted) ===========================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7539232 2009-06-09] (Realtek Semiconductor)
    HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554320 2007-09-04] ( Hewlett-Packard Development Company, L.P.)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software)
    HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
    HKLM\...\Run: [LXCGCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,[email protected]
    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
    Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04] (SUPERAntiSpyware.com)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\system: [LogonHoursAction] 2
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\Explorer: [NoViewContextMenu] 0
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\avastSS.scr [43112 2015-08-16] (AVAST Software)
    ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-16] (AVAST Software)
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
    GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User: Restriction <======= ATTENTION
    GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User: Restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{4606CB98-8F30-40BD-8D2B-A3D2D5337D78}: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{C1122DA3-F798-4DC3-A956-F232C42C5C49}: [DhcpNameServer] 192.168.0.1
     
    Internet Explorer:
    ==================
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www-searching.com/?pid=s&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&vp=ch&prd=set_ie
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.virgin.net
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.virgin.net/ie/search
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.virgin.net/about/welcome/
    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> {86A68F0B-FB97-4F08-9E9A-247FB0BC4165} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-13] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-16] (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-13] (Oracle Corporation)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)
    Toolbar: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: AutorunsDisabled\skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421
    FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
    FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
    FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-13] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-13] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
    FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-09-20] ()
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-09-19] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-09-19] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-09-19] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-09-19] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-09-19] (Apple Inc.)
    FF SearchPlugin: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml [2016-02-06]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-07] [not signed]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10] [not signed]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-10] [not signed]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-18]
     
    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw
    CHR StartupUrls: Default -> "hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw"
    CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> www-searching.com
    CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
    CHR Profile: C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-10]
    CHR Extension: (Google Docs Offline) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-10]
    CHR Extension: (Secure Mail for Gmail (by Streak)) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngdnjdobadbdemillgljnnbpomnfokn [2016-02-10]
    CHR Extension: (Mailvelope) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajibbejlbohfaggdiogboambcijhkke [2016-02-10]
    CHR Extension: (Skype) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-10]
    CHR Extension: (Right Inbox for Gmail) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mflnemhkomgploogccdmcloekbloobgb [2016-02-10]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-10]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-15]
    CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
    CHR HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\geoff\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-05-28]
    CHR HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
     
    ==================== Services (Whitelisted) ========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-11] (SUPERAntiSpyware.com) [File not signed]
    S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-16] (AVAST Software)
    S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-08-16] (Avast Software)
    S4 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.) [File not signed]
    S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
    S4 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]
    S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
    S2 lxcg_device; C:\Windows\system32\lxcgcoms.exe [537520 2007-04-29] ( )
    S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
    S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
    S2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [271760 2007-12-20] ()
    S2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [112016 2007-12-20] ()
    S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
    S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
     
    ===================== Drivers (Whitelisted) ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 alcan5wn; C:\Windows\System32\DRIVERS\alcan5wn.sys [53600 2003-12-08] (THOMSON)
    S3 alcaudsl; C:\Windows\System32\DRIVERS\alcaudsl.sys [70688 2003-12-08] (THOMSON)
    S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-08-16] (AVAST Software)
    S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-08-16] (AVAST Software)
    R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-08-16] (AVAST Software)
    S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-08-16] (AVAST Software)
    S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-15] (AVAST Software)
    S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-12-15] (AVAST Software)
    S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-08-16] (AVAST Software)
    S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-08-16] (AVAST Software)
    S0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-08-16] (AVAST Software)
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2016-01-18] ()
    R3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
    S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-01-02] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
    S3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [6144 2007-01-09] (Chic)
    S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
    R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-08-16] (AVAST Software)
    S4 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S4 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 sdfhgdf; C:\Windows\System32\DRIVERS\sdfhgdf.sys [19624 2016-02-06] (Corporation) [File not signed]
    S4 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2011-09-02] (Duplex Secure Ltd.)
    S4 ST330; C:\Windows\System32\drivers\st330.sys [30464 2009-12-03] (THOMSON Telecom Belgium) [File not signed]
    S4 STBUS; C:\Windows\System32\drivers\stbus.sys [12672 2009-12-03] (THOMSON Telecom Belgium) [File not signed]
    S4 stppp; C:\Windows\System32\DRIVERS\stppp.sys [35328 2009-12-03] (THOMSON Telecom Belgium)
    S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8064 2007-11-29] (Windows ® Codename Longhorn DDK provider)
    S4 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [44544 2012-09-28] (Apple, Inc.) [File not signed]
    S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8064 2007-11-29] (Windows ® Codename Longhorn DDK provider)
    S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-08-16] (Avast Software)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
    U1 eabfiltr; no ImagePath
    S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
    S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
    S4 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
    S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
    S4 SymIM; system32\DRIVERS\SymIM.sys [X]
    S4 SymIMMP; system32\DRIVERS\SymIM.sys [X]
    S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-03-07 19:34 - 2016-03-07 19:35 - 00022603 _____ C:\Users\geoff\Downloads\FRST.txt
    2016-03-07 19:33 - 2016-03-07 19:34 - 00000000 ____D C:\FRST
    2016-03-07 19:30 - 2016-03-07 19:30 - 01725440 _____ (Farbar) C:\Users\geoff\Downloads\FRST.exe
    2016-03-07 19:30 - 2016-03-07 19:30 - 00000817 _____ C:\Users\geoff\Desktop\FRST - Shortcut.lnk
    2016-03-06 23:18 - 2016-03-06 23:18 - 00000000 ____D C:\Program Files\HitmanPro
    2016-03-03 22:53 - 2016-03-03 22:53 - 00001607 _____ C:\AdwCleaner[R5].txt
    2016-02-15 16:10 - 2016-02-15 16:11 - 06828320 _____ (Piriform Ltd) C:\Users\geoff\Downloads\ccsetup514.exe
    2016-02-13 13:01 - 2016-02-13 13:01 - 00000000 ____D C:\Program Files\Common Files\Java
    2016-02-13 12:17 - 2016-03-07 05:51 - 00100590 _____ C:\Windows\ntbtlog.txt
    2016-02-13 12:09 - 2016-03-07 00:11 - 00000000 ____D C:\NPE
    2016-02-13 12:01 - 2016-03-07 00:53 - 00000000 ____D C:\Users\geoff\AppData\Local\NPE
    2016-02-13 12:01 - 2016-02-13 12:01 - 00000000 ____D C:\ProgramData\Norton
    2016-02-13 12:00 - 2016-02-13 12:00 - 03088296 _____ (Symantec Corporation) C:\Users\geoff\Downloads\NPE.exe
    2016-02-11 03:00 - 2016-02-11 03:00 - 00000000 ____D C:\Windows\CheckSur
    2016-02-10 18:17 - 2016-02-10 18:17 - 00987728 _____ (Google Inc.) C:\Users\geoff\Downloads\ChromeSetup (1).exe
    2016-02-10 17:54 - 2016-02-18 21:41 - 00001943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-02-10 17:54 - 2016-02-18 21:41 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2016-02-10 17:52 - 2016-02-10 17:52 - 00987728 _____ (Google Inc.) C:\Users\geoff\Downloads\ChromeSetup.exe
    2016-02-10 16:43 - 2016-01-25 04:59 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-02-10 16:43 - 2016-01-25 04:57 - 12391424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-02-10 16:43 - 2016-01-25 04:55 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-02-10 16:43 - 2016-01-25 04:54 - 09753600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-02-10 16:43 - 2016-01-25 04:54 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-02-10 16:43 - 2016-01-25 04:53 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-02-10 16:43 - 2016-01-25 04:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2016-02-10 16:43 - 2016-01-25 04:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-02-10 16:43 - 2016-01-25 04:51 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2016-02-10 16:43 - 2016-01-25 04:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2016-02-10 15:49 - 2016-01-30 03:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
    2016-02-10 15:49 - 2016-01-30 03:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
    2016-02-10 15:49 - 2016-01-30 03:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
    2016-02-10 15:49 - 2016-01-30 03:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
    2016-02-10 15:49 - 2016-01-30 03:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
    2016-02-10 15:49 - 2016-01-30 03:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
    2016-02-10 15:49 - 2016-01-30 03:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
    2016-02-10 15:49 - 2016-01-30 03:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
    2016-02-10 15:49 - 2016-01-30 03:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
    2016-02-10 15:49 - 2016-01-30 01:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
    2016-02-10 15:45 - 2016-02-01 17:21 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-02-10 15:45 - 2016-01-30 03:15 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2016-02-10 15:45 - 2016-01-30 03:15 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-02-10 15:45 - 2016-01-30 03:09 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2016-02-10 15:45 - 2016-01-30 03:09 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-02-10 15:45 - 2016-01-30 03:08 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2016-02-10 15:45 - 2016-01-30 03:07 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-02-10 15:45 - 2016-01-30 03:07 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-02-10 15:45 - 2016-01-30 01:24 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2016-02-10 15:37 - 2016-01-07 15:21 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-02-10 15:33 - 2016-01-07 15:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2016-02-10 15:26 - 2016-01-09 17:06 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-02-10 06:48 - 2016-02-10 06:50 - 89438323 _____ C:\Users\geoff\Downloads\ou_futurelearn_cyber_security_vid_1020.mp4
    2016-02-07 20:46 - 2016-02-07 20:46 - 00021180 _____ C:\Users\geoff\Documents\Viruses.odt
    2016-02-06 22:42 - 2016-02-06 22:42 - 00000909 _____ C:\Users\geoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2016-02-06 22:40 - 2016-02-06 22:40 - 00000904 _____ C:\Users\geoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2016-02-06 21:56 - 2016-02-09 16:21 - 00000000 ____D C:\Users\geoff\AppData\Local\SearchModule
    2016-02-06 21:56 - 2016-02-07 00:58 - 00000000 ____D C:\Users\geoff\AppData\Local\BrowserAir
    2016-02-06 21:56 - 2016-02-06 22:44 - 00019624 _____ (Corporation) C:\Windows\system32\Drivers\sdfhgdf.sys
    2016-02-06 21:55 - 2016-03-07 05:24 - 00000000 ____D C:\Program Files\dply_en_015020230
    2016-02-06 21:55 - 2016-02-13 12:46 - 00000000 ____D C:\Program Files\Common Files\Goobzo
    2016-02-06 21:55 - 2016-02-09 16:22 - 00000000 ____D C:\Users\geoff\AppData\Local\dply_en_015020230
    2016-02-06 21:55 - 2016-02-06 21:55 - 00001680 _____ C:\Users\Public\Desktop\SpringFiles.lnk
    2016-02-06 21:55 - 2016-02-06 21:55 - 00000000 ____D C:\ProgramData\SearchModule
    2016-02-06 21:55 - 2016-02-06 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\SpringFiles
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-03-07 06:00 - 2009-10-10 01:51 - 00008484 _____ C:\Users\geoff\AppData\Local\d3d9caps.dat
    2016-03-07 05:50 - 2009-09-20 13:27 - 00065536 _____ C:\Windows\system32\Ikeext.etl
    2016-03-07 05:25 - 2010-12-09 15:49 - 00000000 ____D C:\Users\jake
    2016-03-07 05:25 - 2010-06-07 16:46 - 00000000 ____D C:\Users\Me
    2016-03-07 05:25 - 2006-11-02 10:22 - 58458112 _____ C:\Windows\system32\config\software_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 52428800 _____ C:\Windows\system32\config\components_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 41680896 _____ C:\Windows\system32\config\system_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 04861952 _____ C:\Windows\system32\config\default_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 00131072 _____ C:\Windows\system32\config\sam_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 00028672 _____ C:\Windows\system32\config\security_previous
    2016-03-07 05:24 - 2015-11-04 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-03-07 05:24 - 2015-11-04 14:40 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
    2016-03-07 05:24 - 2011-02-16 13:05 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2016-03-07 05:24 - 2010-10-12 20:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2016-03-07 05:24 - 2008-10-14 17:37 - 00000000 ____D C:\Users\geoff
    2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\system32\spool
    2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\registration
    2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\inf
    2016-03-07 01:47 - 2008-11-19 21:36 - 00000000 ____D C:\Windows\Minidump
    2016-03-05 23:49 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\tracing
    2016-03-02 02:47 - 2006-11-02 12:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2016-03-02 02:47 - 2006-11-02 12:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2016-02-27 03:01 - 2012-04-03 10:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2016-02-27 02:36 - 2010-03-09 19:09 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2016-02-26 12:36 - 2010-03-09 19:09 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2016-02-24 03:03 - 2012-05-31 17:55 - 00001786 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2016-02-24 03:03 - 2011-02-16 13:05 - 00001945 _____ C:\Windows\epplauncher.mif
    2016-02-15 13:31 - 2010-03-12 19:22 - 00000000 ____D C:\Program Files\Lx_cats
    2016-02-13 13:01 - 2013-12-01 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-02-13 13:01 - 2008-03-07 16:17 - 00000000 ____D C:\Program Files\Java
    2016-02-13 13:00 - 2015-09-10 19:13 - 00000000 ____D C:\Users\geoff\.oracle_jre_usage
    2016-02-13 12:59 - 2015-01-26 21:26 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
    2016-02-13 12:47 - 2006-11-02 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-02-13 12:44 - 2006-11-02 13:01 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2016-02-12 03:39 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\rescache
    2016-02-11 03:34 - 2013-08-19 18:30 - 00000000 ____D C:\Windows\system32\MRT
    2016-02-11 03:34 - 2006-11-02 10:24 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
    2016-02-10 18:40 - 2009-01-05 23:18 - 00000000 ____D C:\Users\geoff\AppData\Local\Google
    2016-02-10 17:54 - 2009-01-05 23:03 - 00000000 ____D C:\Program Files\Google
    2016-02-10 16:24 - 2006-11-02 10:33 - 00006568 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-02-10 16:14 - 2006-11-02 12:47 - 00367368 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-02-10 16:10 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Journal
    2016-02-10 16:10 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Collaboration
    2016-02-10 15:00 - 2006-11-02 11:18 - 00000000 __RSD C:\Windows\Media
    2016-02-10 15:00 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\PolicyDefinitions
    2016-02-09 21:01 - 2012-04-03 10:09 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2016-02-09 21:01 - 2011-05-19 11:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2016-02-09 19:18 - 2016-01-21 11:16 - 00009445 _____ C:\Users\geoff\Documents\Installing and using a password manager..odt
    2016-02-09 19:17 - 2016-01-19 20:26 - 00030553 _____ C:\Users\geoff\Documents\How to create a good password..odt
    2016-02-09 19:15 - 2016-01-14 22:49 - 00000000 ____D C:\Users\geoff\Desktop\Introduction to Cyber Security, Futurelearn
    2016-02-06 22:15 - 2008-10-14 18:08 - 00000915 _____ C:\Users\geoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
    2016-02-06 21:56 - 2013-03-20 17:11 - 00000990 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2016-02-06 21:56 - 2012-03-22 18:13 - 00001002 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
     
    ==================== Files in the root of some directories =======
     
    2010-04-14 21:01 - 2010-04-14 21:01 - 0812344 ____N (Trend Micro Inc.) C:\Program Files\HijackThisInstaller.exe
    2010-04-26 18:10 - 2010-04-26 18:15 - 0001492 ____N () C:\Program Files\Spybot - Search & Destroy.lnk
    2008-10-14 21:10 - 2010-05-19 13:54 - 0027839 _____ () C:\Users\geoff\AppData\Roaming\nvModes.001
    2008-10-14 21:06 - 2010-03-17 13:56 - 0027839 _____ () C:\Users\geoff\AppData\Roaming\nvModes.dat
    2011-12-16 22:18 - 2016-01-16 13:33 - 0001155 _____ () C:\Users\geoff\AppData\Roaming\Rim.Desktop.Exception.log
    2011-12-16 22:16 - 2012-06-21 16:15 - 0002245 _____ () C:\Users\geoff\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
    2011-12-16 22:18 - 2016-01-16 13:33 - 0001155 _____ () C:\Users\geoff\AppData\Roaming\Rim.DesktopHelper.Exception.log
    2012-09-22 23:13 - 2016-01-16 13:33 - 0000616 _____ () C:\Users\geoff\AppData\Roaming\Rim.Transcoder.Exception.log
    2008-11-09 16:24 - 2008-11-09 16:24 - 0026340 _____ () C:\Users\geoff\AppData\Roaming\UserTile.png
    2014-02-05 22:52 - 2014-03-05 00:52 - 0000093 _____ () C:\Users\geoff\AppData\Roaming\WB.CFG
    2008-10-14 22:02 - 2014-10-15 09:21 - 0000672 _____ () C:\Users\geoff\AppData\Roaming\wklnhst.dat
    2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\AtStart.txt
    2009-10-10 01:51 - 2016-03-07 06:00 - 0008484 _____ () C:\Users\geoff\AppData\Local\d3d9caps.dat
    2008-10-30 19:59 - 2015-08-03 19:06 - 0011776 _____ () C:\Users\geoff\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\DSwitch.txt
    2013-04-24 10:56 - 2015-03-25 18:07 - 0000000 _____ () C:\Users\geoff\AppData\Local\FnF4.txt
    2012-12-30 20:25 - 2012-12-30 21:43 - 0000600 _____ () C:\Users\geoff\AppData\Local\PUTTY.RND
    2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\QSwitch.txt
    2011-02-05 16:50 - 2011-02-05 18:58 - 0000097 __RSH () C:\ProgramData\1.12.0.lic
    2012-04-05 12:59 - 2012-04-05 12:59 - 0000053 __RSH () C:\ProgramData\1.12.5.lic
    2010-05-19 14:09 - 2016-01-18 11:43 - 0297184 _____ () C:\ProgramData\nvModes.001
    2010-05-19 14:09 - 2016-01-18 11:43 - 0297184 _____ () C:\ProgramData\nvModes.dat
     
    Files to move or delete:
    ====================
    C:\Users\geoff\IsoBurner-Setup.exe
    C:\Users\geoff\regbackup.reg
    C:\Users\geoff\SUPERAntiSpyware.exe
     
     
    Some files in TEMP:
    ====================
    C:\Users\geoff\AppData\Local\Temp\jre-8u71-windows-au.exe
    C:\Users\geoff\AppData\Local\Temp\jre-8u73-windows-au.exe
     
     
    ==================== Bamital & volsnap =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2016-03-07 18:06
     
    ==================== End of FRST.txt ============================

    • 0

    #6
    globaljoe

    globaljoe

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 117 posts

    OK?.


    • 0

    #7
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,021 posts
    • MVP
     
    Download the attached fixlist.txt to the same location as FRST
     
    [attachment=80545:fixlist.txt]
     
    Run FRST and press Fix
    A fix log will be generated please post that 
     
    Run FRST again and check the addition.txt box then Scan.  Post both logs.
     
     

    • 0

    #8
    globaljoe

    globaljoe

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 117 posts

    Is this what you require, I'm becoming totally lost with this!

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
    Ran by geoff (administrator) on GEOFF-LAPTOP (08-03-2016 00:33:01)
    Running from C:\Users\geoff\downloads
    Loaded Profiles: geoff (Available Profiles: geoff & Me & jake)
    Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
    Internet Explorer Version 9 (Default browser: Opera)
    Boot Mode: Safe Mode (with Networking)
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera_crashreporter.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
     
     
    ==================== Registry (Whitelisted) ===========================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7539232 2009-06-09] (Realtek Semiconductor)
    HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554320 2007-09-04] ( Hewlett-Packard Development Company, L.P.)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software)
    HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
    HKLM\...\Run: [LXCGCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,[email protected]
    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
    Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04] (SUPERAntiSpyware.com)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\system: [LogonHoursAction] 2
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\Explorer: [NoViewContextMenu] 0
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\avastSS.scr [43112 2015-08-16] (AVAST Software)
    ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-16] (AVAST Software)
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
    GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User: Restriction <======= ATTENTION
    GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User: Restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{4606CB98-8F30-40BD-8D2B-A3D2D5337D78}: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{C1122DA3-F798-4DC3-A956-F232C42C5C49}: [DhcpNameServer] 192.168.0.1
     
    Internet Explorer:
    ==================
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www-searching.com/?pid=s&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&vp=ch&prd=set_ie
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.virgin.net
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.virgin.net/ie/search
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.virgin.net/about/welcome/
    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> {86A68F0B-FB97-4F08-9E9A-247FB0BC4165} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-13] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-16] (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-13] (Oracle Corporation)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)
    Toolbar: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: AutorunsDisabled\skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421
    FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
    FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
    FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-13] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-13] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
    FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-09-20] ()
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-09-19] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-09-19] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-09-19] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-09-19] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-09-19] (Apple Inc.)
    FF SearchPlugin: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml [2016-02-06]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-07] [not signed]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10] [not signed]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-10] [not signed]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-18]
     
    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw
    CHR StartupUrls: Default -> "hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw"
    CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> www-searching.com
    CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
    CHR Profile: C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-10]
    CHR Extension: (Google Docs Offline) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-10]
    CHR Extension: (Secure Mail for Gmail (by Streak)) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngdnjdobadbdemillgljnnbpomnfokn [2016-02-10]
    CHR Extension: (Mailvelope) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajibbejlbohfaggdiogboambcijhkke [2016-02-10]
    CHR Extension: (Skype) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-10]
    CHR Extension: (Right Inbox for Gmail) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mflnemhkomgploogccdmcloekbloobgb [2016-02-10]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-10]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-15]
    CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
    CHR HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\geoff\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-05-28]
    CHR HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
     
    ==================== Services (Whitelisted) ========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-11] (SUPERAntiSpyware.com) [File not signed]
    S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-16] (AVAST Software)
    S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-08-16] (Avast Software)
    S4 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.) [File not signed]
    S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
    S4 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]
    S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
    S2 lxcg_device; C:\Windows\system32\lxcgcoms.exe [537520 2007-04-29] ( )
    S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
    S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
    S2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [271760 2007-12-20] ()
    S2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [112016 2007-12-20] ()
    S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
    S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
     
    ===================== Drivers (Whitelisted) ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 alcan5wn; C:\Windows\System32\DRIVERS\alcan5wn.sys [53600 2003-12-08] (THOMSON)
    S3 alcaudsl; C:\Windows\System32\DRIVERS\alcaudsl.sys [70688 2003-12-08] (THOMSON)
    S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-08-16] (AVAST Software)
    S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-08-16] (AVAST Software)
    R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-08-16] (AVAST Software)
    S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-08-16] (AVAST Software)
    S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-15] (AVAST Software)
    S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-12-15] (AVAST Software)
    S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-08-16] (AVAST Software)
    S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-08-16] (AVAST Software)
    S0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-08-16] (AVAST Software)
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2016-01-18] ()
    R3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
    S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-01-02] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
    S3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [6144 2007-01-09] (Chic)
    S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
    R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-08-16] (AVAST Software)
    S4 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S4 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 sdfhgdf; C:\Windows\System32\DRIVERS\sdfhgdf.sys [19624 2016-02-06] (Corporation) [File not signed]
    S4 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2011-09-02] (Duplex Secure Ltd.)
    S4 ST330; C:\Windows\System32\drivers\st330.sys [30464 2009-12-03] (THOMSON Telecom Belgium) [File not signed]
    S4 STBUS; C:\Windows\System32\drivers\stbus.sys [12672 2009-12-03] (THOMSON Telecom Belgium) [File not signed]
    S4 stppp; C:\Windows\System32\DRIVERS\stppp.sys [35328 2009-12-03] (THOMSON Telecom Belgium)
    S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8064 2007-11-29] (Windows ® Codename Longhorn DDK provider)
    S4 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [44544 2012-09-28] (Apple, Inc.) [File not signed]
    S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8064 2007-11-29] (Windows ® Codename Longhorn DDK provider)
    S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-08-16] (Avast Software)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
    U1 eabfiltr; no ImagePath
    S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
    S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
    S4 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
    S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
    S4 SymIM; system32\DRIVERS\SymIM.sys [X]
    S4 SymIMMP; system32\DRIVERS\SymIM.sys [X]
    S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-03-07 19:35 - 2016-03-07 19:37 - 00067337 _____ C:\Users\geoff\Downloads\Addition.txt
    2016-03-07 19:34 - 2016-03-08 00:33 - 00022603 _____ C:\Users\geoff\Downloads\FRST.txt
    2016-03-07 19:33 - 2016-03-08 00:33 - 00000000 ____D C:\FRST
    2016-03-07 19:30 - 2016-03-07 19:30 - 01725440 _____ (Farbar) C:\Users\geoff\Downloads\FRST.exe
    2016-03-07 19:30 - 2016-03-07 19:30 - 00000817 _____ C:\Users\geoff\Desktop\FRST - Shortcut.lnk
    2016-03-06 23:18 - 2016-03-06 23:18 - 00000000 ____D C:\Program Files\HitmanPro
    2016-03-03 22:53 - 2016-03-03 22:53 - 00001607 _____ C:\AdwCleaner[R5].txt
    2016-02-15 16:10 - 2016-02-15 16:11 - 06828320 _____ (Piriform Ltd) C:\Users\geoff\Downloads\ccsetup514.exe
    2016-02-13 13:01 - 2016-02-13 13:01 - 00000000 ____D C:\Program Files\Common Files\Java
    2016-02-13 12:17 - 2016-03-07 05:51 - 00100590 _____ C:\Windows\ntbtlog.txt
    2016-02-13 12:09 - 2016-03-07 00:11 - 00000000 ____D C:\NPE
    2016-02-13 12:01 - 2016-03-07 00:53 - 00000000 ____D C:\Users\geoff\AppData\Local\NPE
    2016-02-13 12:01 - 2016-02-13 12:01 - 00000000 ____D C:\ProgramData\Norton
    2016-02-13 12:00 - 2016-02-13 12:00 - 03088296 _____ (Symantec Corporation) C:\Users\geoff\Downloads\NPE.exe
    2016-02-11 03:00 - 2016-02-11 03:00 - 00000000 ____D C:\Windows\CheckSur
    2016-02-10 18:17 - 2016-02-10 18:17 - 00987728 _____ (Google Inc.) C:\Users\geoff\Downloads\ChromeSetup (1).exe
    2016-02-10 17:54 - 2016-02-18 21:41 - 00001943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-02-10 17:54 - 2016-02-18 21:41 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2016-02-10 17:52 - 2016-02-10 17:52 - 00987728 _____ (Google Inc.) C:\Users\geoff\Downloads\ChromeSetup.exe
    2016-02-10 16:43 - 2016-01-25 04:59 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-02-10 16:43 - 2016-01-25 04:57 - 12391424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-02-10 16:43 - 2016-01-25 04:55 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-02-10 16:43 - 2016-01-25 04:54 - 09753600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-02-10 16:43 - 2016-01-25 04:54 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-02-10 16:43 - 2016-01-25 04:53 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-02-10 16:43 - 2016-01-25 04:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2016-02-10 16:43 - 2016-01-25 04:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-02-10 16:43 - 2016-01-25 04:51 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2016-02-10 16:43 - 2016-01-25 04:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2016-02-10 15:49 - 2016-01-30 03:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
    2016-02-10 15:49 - 2016-01-30 03:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
    2016-02-10 15:49 - 2016-01-30 03:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
    2016-02-10 15:49 - 2016-01-30 03:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
    2016-02-10 15:49 - 2016-01-30 03:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
    2016-02-10 15:49 - 2016-01-30 03:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
    2016-02-10 15:49 - 2016-01-30 03:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
    2016-02-10 15:49 - 2016-01-30 03:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
    2016-02-10 15:49 - 2016-01-30 03:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
    2016-02-10 15:49 - 2016-01-30 01:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
    2016-02-10 15:45 - 2016-02-01 17:21 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-02-10 15:45 - 2016-01-30 03:15 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2016-02-10 15:45 - 2016-01-30 03:15 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-02-10 15:45 - 2016-01-30 03:09 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2016-02-10 15:45 - 2016-01-30 03:09 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-02-10 15:45 - 2016-01-30 03:08 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2016-02-10 15:45 - 2016-01-30 03:07 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-02-10 15:45 - 2016-01-30 03:07 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-02-10 15:45 - 2016-01-30 01:24 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2016-02-10 15:37 - 2016-01-07 15:21 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-02-10 15:33 - 2016-01-07 15:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2016-02-10 15:26 - 2016-01-09 17:06 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-02-10 06:48 - 2016-02-10 06:50 - 89438323 _____ C:\Users\geoff\Downloads\ou_futurelearn_cyber_security_vid_1020.mp4
    2016-02-07 20:46 - 2016-02-07 20:46 - 00021180 _____ C:\Users\geoff\Documents\Viruses.odt
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-03-07 06:00 - 2009-10-10 01:51 - 00008484 _____ C:\Users\geoff\AppData\Local\d3d9caps.dat
    2016-03-07 05:50 - 2009-09-20 13:27 - 00065536 _____ C:\Windows\system32\Ikeext.etl
    2016-03-07 05:25 - 2010-12-09 15:49 - 00000000 ____D C:\Users\jake
    2016-03-07 05:25 - 2010-06-07 16:46 - 00000000 ____D C:\Users\Me
    2016-03-07 05:25 - 2006-11-02 10:22 - 58458112 _____ C:\Windows\system32\config\software_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 52428800 _____ C:\Windows\system32\config\components_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 41680896 _____ C:\Windows\system32\config\system_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 04861952 _____ C:\Windows\system32\config\default_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 00131072 _____ C:\Windows\system32\config\sam_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 00028672 _____ C:\Windows\system32\config\security_previous
    2016-03-07 05:24 - 2016-02-06 21:55 - 00000000 ____D C:\Program Files\dply_en_015020230
    2016-03-07 05:24 - 2015-11-04 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-03-07 05:24 - 2015-11-04 14:40 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
    2016-03-07 05:24 - 2011-02-16 13:05 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2016-03-07 05:24 - 2010-10-12 20:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2016-03-07 05:24 - 2008-10-14 17:37 - 00000000 ____D C:\Users\geoff
    2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\system32\spool
    2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\registration
    2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\inf
    2016-03-07 01:47 - 2008-11-19 21:36 - 00000000 ____D C:\Windows\Minidump
    2016-03-05 23:49 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\tracing
    2016-03-02 02:47 - 2006-11-02 12:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2016-03-02 02:47 - 2006-11-02 12:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2016-02-27 03:01 - 2012-04-03 10:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2016-02-27 02:36 - 2010-03-09 19:09 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2016-02-26 12:36 - 2010-03-09 19:09 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2016-02-24 03:03 - 2012-05-31 17:55 - 00001786 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2016-02-24 03:03 - 2011-02-16 13:05 - 00001945 _____ C:\Windows\epplauncher.mif
    2016-02-15 13:31 - 2010-03-12 19:22 - 00000000 ____D C:\Program Files\Lx_cats
    2016-02-13 13:01 - 2013-12-01 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-02-13 13:01 - 2008-03-07 16:17 - 00000000 ____D C:\Program Files\Java
    2016-02-13 13:00 - 2015-09-10 19:13 - 00000000 ____D C:\Users\geoff\.oracle_jre_usage
    2016-02-13 12:59 - 2015-01-26 21:26 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
    2016-02-13 12:47 - 2006-11-02 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-02-13 12:46 - 2016-02-06 21:55 - 00000000 ____D C:\Program Files\Common Files\Goobzo
    2016-02-13 12:44 - 2006-11-02 13:01 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2016-02-12 03:39 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\rescache
    2016-02-11 03:34 - 2013-08-19 18:30 - 00000000 ____D C:\Windows\system32\MRT
    2016-02-11 03:34 - 2006-11-02 10:24 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
    2016-02-10 18:40 - 2009-01-05 23:18 - 00000000 ____D C:\Users\geoff\AppData\Local\Google
    2016-02-10 17:54 - 2009-01-05 23:03 - 00000000 ____D C:\Program Files\Google
    2016-02-10 16:24 - 2006-11-02 10:33 - 00006568 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-02-10 16:14 - 2006-11-02 12:47 - 00367368 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-02-10 16:10 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Journal
    2016-02-10 16:10 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Collaboration
    2016-02-10 15:00 - 2006-11-02 11:18 - 00000000 __RSD C:\Windows\Media
    2016-02-10 15:00 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\PolicyDefinitions
    2016-02-09 21:01 - 2012-04-03 10:09 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2016-02-09 21:01 - 2011-05-19 11:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2016-02-09 19:18 - 2016-01-21 11:16 - 00009445 _____ C:\Users\geoff\Documents\Installing and using a password manager..odt
    2016-02-09 19:17 - 2016-01-19 20:26 - 00030553 _____ C:\Users\geoff\Documents\How to create a good password..odt
    2016-02-09 19:15 - 2016-01-14 22:49 - 00000000 ____D C:\Users\geoff\Desktop\Introduction to Cyber Security, Futurelearn
    2016-02-09 16:22 - 2016-02-06 21:55 - 00000000 ____D C:\Users\geoff\AppData\Local\dply_en_015020230
    2016-02-09 16:21 - 2016-02-06 21:56 - 00000000 ____D C:\Users\geoff\AppData\Local\SearchModule
    2016-02-07 00:58 - 2016-02-06 21:56 - 00000000 ____D C:\Users\geoff\AppData\Local\BrowserAir
     
    ==================== Files in the root of some directories =======
     
    2010-04-14 21:01 - 2010-04-14 21:01 - 0812344 ____N (Trend Micro Inc.) C:\Program Files\HijackThisInstaller.exe
    2010-04-26 18:10 - 2010-04-26 18:15 - 0001492 ____N () C:\Program Files\Spybot - Search & Destroy.lnk
    2008-10-14 21:10 - 2010-05-19 13:54 - 0027839 _____ () C:\Users\geoff\AppData\Roaming\nvModes.001
    2008-10-14 21:06 - 2010-03-17 13:56 - 0027839 _____ () C:\Users\geoff\AppData\Roaming\nvModes.dat
    2011-12-16 22:18 - 2016-01-16 13:33 - 0001155 _____ () C:\Users\geoff\AppData\Roaming\Rim.Desktop.Exception.log
    2011-12-16 22:16 - 2012-06-21 16:15 - 0002245 _____ () C:\Users\geoff\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
    2011-12-16 22:18 - 2016-01-16 13:33 - 0001155 _____ () C:\Users\geoff\AppData\Roaming\Rim.DesktopHelper.Exception.log
    2012-09-22 23:13 - 2016-01-16 13:33 - 0000616 _____ () C:\Users\geoff\AppData\Roaming\Rim.Transcoder.Exception.log
    2008-11-09 16:24 - 2008-11-09 16:24 - 0026340 _____ () C:\Users\geoff\AppData\Roaming\UserTile.png
    2014-02-05 22:52 - 2014-03-05 00:52 - 0000093 _____ () C:\Users\geoff\AppData\Roaming\WB.CFG
    2008-10-14 22:02 - 2014-10-15 09:21 - 0000672 _____ () C:\Users\geoff\AppData\Roaming\wklnhst.dat
    2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\AtStart.txt
    2009-10-10 01:51 - 2016-03-07 06:00 - 0008484 _____ () C:\Users\geoff\AppData\Local\d3d9caps.dat
    2008-10-30 19:59 - 2015-08-03 19:06 - 0011776 _____ () C:\Users\geoff\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\DSwitch.txt
    2013-04-24 10:56 - 2015-03-25 18:07 - 0000000 _____ () C:\Users\geoff\AppData\Local\FnF4.txt
    2012-12-30 20:25 - 2012-12-30 21:43 - 0000600 _____ () C:\Users\geoff\AppData\Local\PUTTY.RND
    2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\QSwitch.txt
    2011-02-05 16:50 - 2011-02-05 18:58 - 0000097 __RSH () C:\ProgramData\1.12.0.lic
    2012-04-05 12:59 - 2012-04-05 12:59 - 0000053 __RSH () C:\ProgramData\1.12.5.lic
    2010-05-19 14:09 - 2016-01-18 11:43 - 0297184 _____ () C:\ProgramData\nvModes.001
    2010-05-19 14:09 - 2016-01-18 11:43 - 0297184 _____ () C:\ProgramData\nvModes.dat
     
    Files to move or delete:
    ====================
    C:\Users\geoff\IsoBurner-Setup.exe
    C:\Users\geoff\regbackup.reg
    C:\Users\geoff\SUPERAntiSpyware.exe
     
     
    Some files in TEMP:
    ====================
    C:\Users\geoff\AppData\Local\Temp\jre-8u71-windows-au.exe
    C:\Users\geoff\AppData\Local\Temp\jre-8u73-windows-au.exe
     
     
    ==================== Bamital & volsnap =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2016-03-07 18:06
     
    ==================== End of FRST.txt ============================HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
    GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User: Restriction <======= ATTENTION
    GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User: Restriction <======= ATTENTION
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www-searching.com/?pid=s&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&vp=ch&prd=set_ie
    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> {86A68F0B-FB97-4F08-9E9A-247FB0BC4165} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
    FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    FF SearchPlugin: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml [2016-02-06]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-07] [not signed]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10] [not signed]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]
    CHR HomePage: Default -> hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw
    CHR StartupUrls: Default -> "hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw"
    CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> www-searching.com
    CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
    S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    U1 eabfiltr; no ImagePath
    S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
    S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
    S4 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
    S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
    S4 SymIM; system32\DRIVERS\SymIM.sys [X]
    S4 SymIMMP; system32\DRIVERS\SymIM.sys [X]
    S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
    S3 sdfhgdf; C:\Windows\System32\DRIVERS\sdfhgdf.sys [19624 2016-02-06] (Corporation) [File not signed]
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0}\InprocServer32 -> C:\Users\geoff\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\TIExpertIE8.ocx (Techinline Ltd.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath
    Task: {06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1225487D-BDF9-4FBE-9EAA-26ED945115C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {14544222-AE0F-4CEB-B2BB-99DFB502A867} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1735D2DB-0770-4363-B235-1A5BBB61CEA3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1AC86800-E407-49EC-9FEB-77FECCF6ED31} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1F2B7AEB-9245-40C2-82C5-A2B588CB764C} - System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => pcalua.exe -a C:\Users\geoff\Downloads\codeblocks-8.02mingw-setup.exe -d C:\Users\geoff\Downloads
    Task: {2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {243AA337-398B-4680-8869-45BFAE49BDB5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {274256E2-939F-481F-8D43-F9E697D1016E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2A8D1224-CA24-4760-B7D8-4321CDDD6083} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2F4E6C7C-FDAE-4111-9978-89566B696070} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2FCA15CB-B66C-42CC-9985-62AC4976D9DC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {354B53AA-D547-479D-922C-159C219C1740} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {3677E902-A325-4BF7-A459-71D25A24966B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {384DD8F1-BF04-4837-BDE0-222B0E438A1B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {3B99A0E9-6110-4336-A553-29051BF8EEE1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {44D3AB92-727E-4436-BF6A-6F2881935F2C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {45CC24E9-901D-4773-97BD-F97ACA2A7389} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {4D5E7218-2F43-4CA3-B682-700799D5CE40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {4F8919F2-04DA-4341-894D-E1B87A328662} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {571CB1A9-B2E1-424A-BD1F-339AE42602A5} - System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => pcalua.exe -a F:\netsetup.exe -d F:\
    Task: {593F3332-FD90-4A28-A913-80F0E6475AFC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {61C19587-0F15-42A6-BDCC-DE63613C6CF1} - \TweakBit\PCRepairKit\Start PCRepairKit automatic scanning -> No File <==== ATTENTION
    Task: {65734AB0-442E-4C8B-831A-71BBD28F22BE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {65826AA8-B7B9-420C-A349-0EB309679B68} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {665BAE83-6070-424D-8961-0994CAAAA3D1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {66A3F06A-D4FE-4869-8E77-322841C856E3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {698836BD-D478-47DC-84E5-7602AED789B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6A0A78A9-68EE-4976-B8A7-7053F760E88D} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6B44EE9A-9157-413C-AB41-1AB294579379} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6B6FCBAA-1064-4C10-961E-F386DE8284EF} - System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => pcalua.exe -a C:\Users\geoff\Desktop\shman.exe -d C:\Users\geoff\Desktop
    Task: {6E61263B-F516-4092-8734-300AB9F5120E} - \TweakBit\PCRepairKit\Start PCRepairKit ?n logon -> No File <==== ATTENTION
    Task: {6F961960-E97B-4F29-BB9B-CDA15D645A01} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {73368EA5-B4C0-43A8-9DE3-A5B2829CC358} - \TweakBit\PCRepairKit\Start PCRepairKit ?n logon -> No File <==== ATTENTION
    Task: {752216AA-CE30-405B-9267-118E9D282112} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {758C46B4-EC68-4929-9696-2B67910B9877} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7751432F-31C2-4103-A74E-9174B4C4C054} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {783E6D80-266F-4699-8FE1-4FC5D38EDB56} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {787A8DAB-4F37-4917-AF82-DB776FD28A88} - System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
    Task: {7C3C7D3A-147C-469C-87F6-BDBCC2670A40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7DFE5167-9CB2-4916-9EC2-425C791E7AFD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7EA885AA-495D-4206-A2B4-25C4B8D764DD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7FA27470-2EDB-4FCE-8214-9CA2569A93B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {80D049AE-6B6D-4C2B-9AF2-494D620181C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {839A5338-CE92-4A68-AD90-156344208991} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8CE00976-D326-4633-B50D-9C35EFFE56D8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} - System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => pcalua.exe -a "C:\Users\geoff\AppData\Roaming\AntiVirus System 2011\securityhelper.exe" -c /UNINSTALL
    Task: {903AA892-BA72-451B-8D43-A18F2284BF3B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {918A2E20-CA51-4284-8C0F-6C4C103E3DE6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} - \TweakBit\PCCleaner\Start PCCleaner ?n logon -> No File <==== ATTENTION
    Task: {96116637-6BCB-45F2-A779-AF61A1DFCBE2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9A82E602-1B78-4A51-A57F-22492DF7D748} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9C4056F5-53A0-4CD6-9181-E74108389684} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9EB97B77-CF48-4B66-86AA-22ACB8407BC7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9F1F470A-F055-468F-B6D0-DAD0CEF91634} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9FF24EA7-B4CC-46E5-8283-96A7C87E0269} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A0672630-2F14-4D69-A998-5A434390C838} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A8D4B054-B355-4893-A181-BA6A1BB681AB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AAB1E654-AF8B-4950-8295-EC7083687DEF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AE1D247A-E799-4C06-AB12-ED3DC27B161E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {B31D3014-70AA-4C28-8514-033FD8DD95C4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {BDC087A1-705A-4D7A-B610-ECFFB6CB3872} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {BDE3EC51-E282-421D-BF64-0DE5798D2D50} - \TweakBit\PCCleaner\Start PCCleaner ?n logon -> No File <==== ATTENTION
    Task: {C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C12FAFB3-F3F3-415B-AFB1-54427B425D7E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C17C0E68-0511-4B60-A629-BD179BB8C766} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C62716B7-465D-4DB6-AD4A-0F9CED4F9911} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C8740CD5-B817-4037-BADA-13E03F1C5904} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CA818194-6FCE-44D9-961B-29ED7A6F6DBB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CC5AAB18-C5BA-4B1C-83BA-107642FC9280} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CF66EAE2-A122-4185-8C55-E25DCAFA20E9} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {D0550D23-65C5-4F3C-8626-1F1975FFA483} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {D4490887-7881-4C5D-BE94-7AE4224A89D0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DEE8B8F5-21DA-4D19-ACE2-C503DC023158} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DF73CDB1-B351-46A1-9666-1D6DAB51BE54} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E2CD2DDD-B548-47A7-A367-B947DC8A966A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E49F8E52-CD62-4E6C-AE28-E03E926913D7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E5751FBE-4938-4A29-A870-7F40FFA1FF2E} - System32\Tasks\IBUpd2 => C:\Users\geoff\AppData\Local\BrowserAir\47.0.0.4\updater.exe <==== ATTENTION
    Task: {E99D5913-61ED-4363-A488-891A133AF7D6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {EAE04FA7-7E95-4ED7-9820-00D6B189890E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F321D67B-4140-46C2-9DA5-C1FE5939854C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F35F304E-D980-436F-AA47-1D20676D1F23} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F7C2988E-5E91-4051-9596-96D28D2D7FDA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FB48721E-1E03-44E5-940A-3422F1198D9F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FE3B0FBE-7B53-4551-8052-7F723F29D65F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    ShortcutWithArgument: C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d7-bddd-11e5-ba81-001e68ddbd2a} [20]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d8-bddd-11e5-ba81-001e68ddbd2a} [31]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a} [20]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a} [31]
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
    Hosts:

    • 0

    #9
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,021 posts
    • MVP

    Run FRST but do not hit SCAN.  Instead hit Fix.


    • 0

    #10
    globaljoe

    globaljoe

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 117 posts
    Fix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
    Ran by geoff (2016-03-10 09:10:57) Run:2
    Running from C:\Users\geoff\downloads
    Loaded Profiles: geoff (Available Profiles: geoff & Me & jake)
    Boot Mode: Safe Mode (with Networking)
     
    ==============================================
     
    fixlist content:
    *****************
    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
    GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User: Restriction <======= ATTENTION
    GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User: Restriction <======= ATTENTION
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www-searching.com/?pid=s&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&vp=ch&prd=set_ie
    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> {86A68F0B-FB97-4F08-9E9A-247FB0BC4165} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
    FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    FF SearchPlugin: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml [2016-02-06]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-07] [not signed]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10] [not signed]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]
    CHR HomePage: Default -> hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw
    CHR StartupUrls: Default -> "hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw"
    CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> www-searching.com
    CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
    S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    U1 eabfiltr; no ImagePath
    S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
    S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
    S4 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
    S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
    S4 SymIM; system32\DRIVERS\SymIM.sys [X]
    S4 SymIMMP; system32\DRIVERS\SymIM.sys [X]
    S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
    S3 sdfhgdf; C:\Windows\System32\DRIVERS\sdfhgdf.sys [19624 2016-02-06] (Corporation) [File not signed]
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0}\InprocServer32 -> C:\Users\geoff\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\TIExpertIE8.ocx (Techinline Ltd.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath
    Task: {06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1225487D-BDF9-4FBE-9EAA-26ED945115C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {14544222-AE0F-4CEB-B2BB-99DFB502A867} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1735D2DB-0770-4363-B235-1A5BBB61CEA3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1AC86800-E407-49EC-9FEB-77FECCF6ED31} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1F2B7AEB-9245-40C2-82C5-A2B588CB764C} - System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => pcalua.exe -a C:\Users\geoff\Downloads\codeblocks-8.02mingw-setup.exe -d C:\Users\geoff\Downloads
    Task: {2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {243AA337-398B-4680-8869-45BFAE49BDB5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {274256E2-939F-481F-8D43-F9E697D1016E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2A8D1224-CA24-4760-B7D8-4321CDDD6083} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2F4E6C7C-FDAE-4111-9978-89566B696070} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2FCA15CB-B66C-42CC-9985-62AC4976D9DC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {354B53AA-D547-479D-922C-159C219C1740} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {3677E902-A325-4BF7-A459-71D25A24966B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {384DD8F1-BF04-4837-BDE0-222B0E438A1B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {3B99A0E9-6110-4336-A553-29051BF8EEE1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {44D3AB92-727E-4436-BF6A-6F2881935F2C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {45CC24E9-901D-4773-97BD-F97ACA2A7389} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {4D5E7218-2F43-4CA3-B682-700799D5CE40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {4F8919F2-04DA-4341-894D-E1B87A328662} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {571CB1A9-B2E1-424A-BD1F-339AE42602A5} - System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => pcalua.exe -a F:\netsetup.exe -d F:\
    Task: {593F3332-FD90-4A28-A913-80F0E6475AFC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {61C19587-0F15-42A6-BDCC-DE63613C6CF1} - \TweakBit\PCRepairKit\Start PCRepairKit automatic scanning -> No File <==== ATTENTION
    Task: {65734AB0-442E-4C8B-831A-71BBD28F22BE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {65826AA8-B7B9-420C-A349-0EB309679B68} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {665BAE83-6070-424D-8961-0994CAAAA3D1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {66A3F06A-D4FE-4869-8E77-322841C856E3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {698836BD-D478-47DC-84E5-7602AED789B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6A0A78A9-68EE-4976-B8A7-7053F760E88D} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6B44EE9A-9157-413C-AB41-1AB294579379} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6B6FCBAA-1064-4C10-961E-F386DE8284EF} - System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => pcalua.exe -a C:\Users\geoff\Desktop\shman.exe -d C:\Users\geoff\Desktop
    Task: {6E61263B-F516-4092-8734-300AB9F5120E} - \TweakBit\PCRepairKit\Start PCRepairKit ?n logon -> No File <==== ATTENTION
    Task: {6F961960-E97B-4F29-BB9B-CDA15D645A01} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {73368EA5-B4C0-43A8-9DE3-A5B2829CC358} - \TweakBit\PCRepairKit\Start PCRepairKit ?n logon -> No File <==== ATTENTION
    Task: {752216AA-CE30-405B-9267-118E9D282112} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {758C46B4-EC68-4929-9696-2B67910B9877} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7751432F-31C2-4103-A74E-9174B4C4C054} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {783E6D80-266F-4699-8FE1-4FC5D38EDB56} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {787A8DAB-4F37-4917-AF82-DB776FD28A88} - System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
    Task: {7C3C7D3A-147C-469C-87F6-BDBCC2670A40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7DFE5167-9CB2-4916-9EC2-425C791E7AFD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7EA885AA-495D-4206-A2B4-25C4B8D764DD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7FA27470-2EDB-4FCE-8214-9CA2569A93B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {80D049AE-6B6D-4C2B-9AF2-494D620181C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {839A5338-CE92-4A68-AD90-156344208991} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8CE00976-D326-4633-B50D-9C35EFFE56D8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} - System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => pcalua.exe -a "C:\Users\geoff\AppData\Roaming\AntiVirus System 2011\securityhelper.exe" -c /UNINSTALL
    Task: {903AA892-BA72-451B-8D43-A18F2284BF3B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {918A2E20-CA51-4284-8C0F-6C4C103E3DE6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} - \TweakBit\PCCleaner\Start PCCleaner ?n logon -> No File <==== ATTENTION
    Task: {96116637-6BCB-45F2-A779-AF61A1DFCBE2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9A82E602-1B78-4A51-A57F-22492DF7D748} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9C4056F5-53A0-4CD6-9181-E74108389684} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9EB97B77-CF48-4B66-86AA-22ACB8407BC7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9F1F470A-F055-468F-B6D0-DAD0CEF91634} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9FF24EA7-B4CC-46E5-8283-96A7C87E0269} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A0672630-2F14-4D69-A998-5A434390C838} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A8D4B054-B355-4893-A181-BA6A1BB681AB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AAB1E654-AF8B-4950-8295-EC7083687DEF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AE1D247A-E799-4C06-AB12-ED3DC27B161E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {B31D3014-70AA-4C28-8514-033FD8DD95C4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {BDC087A1-705A-4D7A-B610-ECFFB6CB3872} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {BDE3EC51-E282-421D-BF64-0DE5798D2D50} - \TweakBit\PCCleaner\Start PCCleaner ?n logon -> No File <==== ATTENTION
    Task: {C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C12FAFB3-F3F3-415B-AFB1-54427B425D7E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C17C0E68-0511-4B60-A629-BD179BB8C766} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C62716B7-465D-4DB6-AD4A-0F9CED4F9911} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C8740CD5-B817-4037-BADA-13E03F1C5904} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CA818194-6FCE-44D9-961B-29ED7A6F6DBB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CC5AAB18-C5BA-4B1C-83BA-107642FC9280} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CF66EAE2-A122-4185-8C55-E25DCAFA20E9} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {D0550D23-65C5-4F3C-8626-1F1975FFA483} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {D4490887-7881-4C5D-BE94-7AE4224A89D0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DEE8B8F5-21DA-4D19-ACE2-C503DC023158} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DF73CDB1-B351-46A1-9666-1D6DAB51BE54} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E2CD2DDD-B548-47A7-A367-B947DC8A966A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E49F8E52-CD62-4E6C-AE28-E03E926913D7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E5751FBE-4938-4A29-A870-7F40FFA1FF2E} - System32\Tasks\IBUpd2 => C:\Users\geoff\AppData\Local\BrowserAir\47.0.0.4\updater.exe <==== ATTENTION
    Task: {E99D5913-61ED-4363-A488-891A133AF7D6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {EAE04FA7-7E95-4ED7-9820-00D6B189890E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F321D67B-4140-46C2-9DA5-C1FE5939854C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F35F304E-D980-436F-AA47-1D20676D1F23} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F7C2988E-5E91-4051-9596-96D28D2D7FDA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FB48721E-1E03-44E5-940A-3422F1198D9F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FE3B0FBE-7B53-4551-8052-7F723F29D65F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    ShortcutWithArgument: C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d7-bddd-11e5-ba81-001e68ddbd2a} [20]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d8-bddd-11e5-ba81-001e68ddbd2a} [31]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a} [20]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a} [31]
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
    Hosts:
    *****************
     
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MSC => value not found.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => key not found. 
    HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found. 
    "C:\Windows\system32\GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User" => not found.
    "C:\Windows\system32\GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User" => not found.
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{86A68F0B-FB97-4F08-9E9A-247FB0BC4165} => key not found. 
    HKCR\CLSID\{86A68F0B-FB97-4F08-9E9A-247FB0BC4165} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => key not found. 
    HKCR\CLSID\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => key not found. 
    FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4, => not found
    FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4, => not found
    "C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml" => not found.
    C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => not found.
    C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} => not found.
    C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} => not found.
    C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => not found.
    Chrome HomePage => not found.
    Chrome StartupUrls => not found.
    Chrome DefaultSearchURL => not found.
    Chrome DefaultSearchKeyword => not found.
    Chrome DefaultSuggestURL => not found.
    SBSDWSCService => service not found.
    eabfiltr => service not found.
    hwdatacard => service not found.
    hwusbdev => service not found.
    hwusbfake => service not found.
    NwlnkFlt => service not found.
    NwlnkFwd => service not found.
    SymIM => service not found.
    SymIMMP => service not found.
    VBoxNetFlt => service not found.
    sdfhgdf => service not found.
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1225487D-BDF9-4FBE-9EAA-26ED945115C1} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14544222-AE0F-4CEB-B2BB-99DFB502A867} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1735D2DB-0770-4363-B235-1A5BBB61CEA3} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AC86800-E407-49EC-9FEB-77FECCF6ED31} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F2B7AEB-9245-40C2-82C5-A2B588CB764C} => key not found. 
    C:\Windows\System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C4C98983-6F23-4830-9A6A-46DE8565B542} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{243AA337-398B-4680-8869-45BFAE49BDB5} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{274256E2-939F-481F-8D43-F9E697D1016E} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A8D1224-CA24-4760-B7D8-4321CDDD6083} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F4E6C7C-FDAE-4111-9978-89566B696070} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FCA15CB-B66C-42CC-9985-62AC4976D9DC} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{354B53AA-D547-479D-922C-159C219C1740} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3677E902-A325-4BF7-A459-71D25A24966B} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384DD8F1-BF04-4837-BDE0-222B0E438A1B} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B99A0E9-6110-4336-A553-29051BF8EEE1} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44D3AB92-727E-4436-BF6A-6F2881935F2C} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45CC24E9-901D-4773-97BD-F97ACA2A7389} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D5E7218-2F43-4CA3-B682-700799D5CE40} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F8919F2-04DA-4341-894D-E1B87A328662} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{571CB1A9-B2E1-424A-BD1F-339AE42602A5} => key not found. 
    C:\Windows\System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{593F3332-FD90-4A28-A913-80F0E6475AFC} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61C19587-0F15-42A6-BDCC-DE63613C6CF1} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit automatic scanning => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65734AB0-442E-4C8B-831A-71BBD28F22BE} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65826AA8-B7B9-420C-A349-0EB309679B68} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{665BAE83-6070-424D-8961-0994CAAAA3D1} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66A3F06A-D4FE-4869-8E77-322841C856E3} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{698836BD-D478-47DC-84E5-7602AED789B2} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A0A78A9-68EE-4976-B8A7-7053F760E88D} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B44EE9A-9157-413C-AB41-1AB294579379} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B6FCBAA-1064-4C10-961E-F386DE8284EF} => key not found. 
    C:\Windows\System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E61263B-F516-4092-8734-300AB9F5120E} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit ?n logon => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F961960-E97B-4F29-BB9B-CDA15D645A01} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73368EA5-B4C0-43A8-9DE3-A5B2829CC358} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit ?n logon => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{752216AA-CE30-405B-9267-118E9D282112} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{758C46B4-EC68-4929-9696-2B67910B9877} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7751432F-31C2-4103-A74E-9174B4C4C054} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{783E6D80-266F-4699-8FE1-4FC5D38EDB56} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{787A8DAB-4F37-4917-AF82-DB776FD28A88} => key not found. 
    C:\Windows\System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C3C7D3A-147C-469C-87F6-BDBCC2670A40} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DFE5167-9CB2-4916-9EC2-425C791E7AFD} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EA885AA-495D-4206-A2B4-25C4B8D764DD} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FA27470-2EDB-4FCE-8214-9CA2569A93B2} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80D049AE-6B6D-4C2B-9AF2-494D620181C0} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{839A5338-CE92-4A68-AD90-156344208991} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CE00976-D326-4633-B50D-9C35EFFE56D8} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} => key not found. 
    C:\Windows\System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{903AA892-BA72-451B-8D43-A18F2284BF3B} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{918A2E20-CA51-4284-8C0F-6C4C103E3DE6} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCCleaner\Start PCCleaner ?n logon => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96116637-6BCB-45F2-A779-AF61A1DFCBE2} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A82E602-1B78-4A51-A57F-22492DF7D748} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C4056F5-53A0-4CD6-9181-E74108389684} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EB97B77-CF48-4B66-86AA-22ACB8407BC7} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F1F470A-F055-468F-B6D0-DAD0CEF91634} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FF24EA7-B4CC-46E5-8283-96A7C87E0269} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0672630-2F14-4D69-A998-5A434390C838} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8D4B054-B355-4893-A181-BA6A1BB681AB} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAB1E654-AF8B-4950-8295-EC7083687DEF} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE1D247A-E799-4C06-AB12-ED3DC27B161E} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B31D3014-70AA-4C28-8514-033FD8DD95C4} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDC087A1-705A-4D7A-B610-ECFFB6CB3872} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDE3EC51-E282-421D-BF64-0DE5798D2D50} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCCleaner\Start PCCleaner ?n logon => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C12FAFB3-F3F3-415B-AFB1-54427B425D7E} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C17C0E68-0511-4B60-A629-BD179BB8C766} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C62716B7-465D-4DB6-AD4A-0F9CED4F9911} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8740CD5-B817-4037-BADA-13E03F1C5904} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA818194-6FCE-44D9-961B-29ED7A6F6DBB} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC5AAB18-C5BA-4B1C-83BA-107642FC9280} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF66EAE2-A122-4185-8C55-E25DCAFA20E9} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0550D23-65C5-4F3C-8626-1F1975FFA483} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4490887-7881-4C5D-BE94-7AE4224A89D0} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEE8B8F5-21DA-4D19-ACE2-C503DC023158} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF73CDB1-B351-46A1-9666-1D6DAB51BE54} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2CD2DDD-B548-47A7-A367-B947DC8A966A} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E49F8E52-CD62-4E6C-AE28-E03E926913D7} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5751FBE-4938-4A29-A870-7F40FFA1FF2E} => key not found. 
    C:\Windows\System32\Tasks\IBUpd2 => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IBUpd2 => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E99D5913-61ED-4363-A488-891A133AF7D6} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAE04FA7-7E95-4ED7-9820-00D6B189890E} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F321D67B-4140-46C2-9DA5-C1FE5939854C} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F35F304E-D980-436F-AA47-1D20676D1F23} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7C2988E-5E91-4051-9596-96D28D2D7FDA} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB48721E-1E03-44E5-940A-3422F1198D9F} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE3B0FBE-7B53-4551-8052-7F723F29D65F} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => Shortcut argument removed successfully..
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Shortcut argument removed successfully..
    C:\Users\Public\Desktop\Mozilla Firefox.lnk => Shortcut argument removed successfully..
    "C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{05e784d7-bddd-11e5-ba81-001e68ddbd2a}" ADS not found.
    "C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{05e784d8-bddd-11e5-ba81-001e68ddbd2a}" ADS not found.
    "C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a}" ADS not found.
    "C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a}" ADS not found.
    HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => key not found. 
    HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => key not found. 
    HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => key not found. 
    HKLM\System\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => key not found. 
    HKLM\System\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => key not found. 
    HKLM\System\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => key not found. 
    C:\Windows\System32\Drivers\etc\hosts => moved successfully
    Hosts restored successfully.
     
    ==== End of Fixlog 09:12:59 ====

    • 0

    Advertisements


    #11
    globaljoe

    globaljoe

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 117 posts
    Fix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
    Ran by geoff (2016-03-10 09:43:44) Run:3
    Running from C:\Users\geoff\downloads
    Loaded Profiles: geoff (Available Profiles: geoff & Me & jake)
    Boot Mode: Safe Mode (with Networking)
     
    ==============================================
     
    fixlist content:
    *****************
    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
    GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User: Restriction <======= ATTENTION
    GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User: Restriction <======= ATTENTION
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www-searching.com/?pid=s&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&vp=ch&prd=set_ie
    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> {86A68F0B-FB97-4F08-9E9A-247FB0BC4165} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
    FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    FF SearchPlugin: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml [2016-02-06]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-07] [not signed]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10] [not signed]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]
    CHR HomePage: Default -> hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw
    CHR StartupUrls: Default -> "hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw"
    CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> www-searching.com
    CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
    S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    U1 eabfiltr; no ImagePath
    S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
    S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
    S4 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
    S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
    S4 SymIM; system32\DRIVERS\SymIM.sys [X]
    S4 SymIMMP; system32\DRIVERS\SymIM.sys [X]
    S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
    S3 sdfhgdf; C:\Windows\System32\DRIVERS\sdfhgdf.sys [19624 2016-02-06] (Corporation) [File not signed]
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0}\InprocServer32 -> C:\Users\geoff\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\TIExpertIE8.ocx (Techinline Ltd.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> no filepath
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath
    Task: {06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1225487D-BDF9-4FBE-9EAA-26ED945115C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {14544222-AE0F-4CEB-B2BB-99DFB502A867} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1735D2DB-0770-4363-B235-1A5BBB61CEA3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1AC86800-E407-49EC-9FEB-77FECCF6ED31} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {1F2B7AEB-9245-40C2-82C5-A2B588CB764C} - System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => pcalua.exe -a C:\Users\geoff\Downloads\codeblocks-8.02mingw-setup.exe -d C:\Users\geoff\Downloads
    Task: {2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {243AA337-398B-4680-8869-45BFAE49BDB5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {274256E2-939F-481F-8D43-F9E697D1016E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2A8D1224-CA24-4760-B7D8-4321CDDD6083} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2F4E6C7C-FDAE-4111-9978-89566B696070} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {2FCA15CB-B66C-42CC-9985-62AC4976D9DC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {354B53AA-D547-479D-922C-159C219C1740} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {3677E902-A325-4BF7-A459-71D25A24966B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {384DD8F1-BF04-4837-BDE0-222B0E438A1B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {3B99A0E9-6110-4336-A553-29051BF8EEE1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {44D3AB92-727E-4436-BF6A-6F2881935F2C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {45CC24E9-901D-4773-97BD-F97ACA2A7389} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {4D5E7218-2F43-4CA3-B682-700799D5CE40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {4F8919F2-04DA-4341-894D-E1B87A328662} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {571CB1A9-B2E1-424A-BD1F-339AE42602A5} - System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => pcalua.exe -a F:\netsetup.exe -d F:\
    Task: {593F3332-FD90-4A28-A913-80F0E6475AFC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {61C19587-0F15-42A6-BDCC-DE63613C6CF1} - \TweakBit\PCRepairKit\Start PCRepairKit automatic scanning -> No File <==== ATTENTION
    Task: {65734AB0-442E-4C8B-831A-71BBD28F22BE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {65826AA8-B7B9-420C-A349-0EB309679B68} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {665BAE83-6070-424D-8961-0994CAAAA3D1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {66A3F06A-D4FE-4869-8E77-322841C856E3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {698836BD-D478-47DC-84E5-7602AED789B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6A0A78A9-68EE-4976-B8A7-7053F760E88D} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6B44EE9A-9157-413C-AB41-1AB294579379} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {6B6FCBAA-1064-4C10-961E-F386DE8284EF} - System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => pcalua.exe -a C:\Users\geoff\Desktop\shman.exe -d C:\Users\geoff\Desktop
    Task: {6E61263B-F516-4092-8734-300AB9F5120E} - \TweakBit\PCRepairKit\Start PCRepairKit ?n logon -> No File <==== ATTENTION
    Task: {6F961960-E97B-4F29-BB9B-CDA15D645A01} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {73368EA5-B4C0-43A8-9DE3-A5B2829CC358} - \TweakBit\PCRepairKit\Start PCRepairKit ?n logon -> No File <==== ATTENTION
    Task: {752216AA-CE30-405B-9267-118E9D282112} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {758C46B4-EC68-4929-9696-2B67910B9877} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7751432F-31C2-4103-A74E-9174B4C4C054} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {783E6D80-266F-4699-8FE1-4FC5D38EDB56} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {787A8DAB-4F37-4917-AF82-DB776FD28A88} - System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
    Task: {7C3C7D3A-147C-469C-87F6-BDBCC2670A40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7DFE5167-9CB2-4916-9EC2-425C791E7AFD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7EA885AA-495D-4206-A2B4-25C4B8D764DD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {7FA27470-2EDB-4FCE-8214-9CA2569A93B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {80D049AE-6B6D-4C2B-9AF2-494D620181C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {839A5338-CE92-4A68-AD90-156344208991} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8CE00976-D326-4633-B50D-9C35EFFE56D8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} - System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => pcalua.exe -a "C:\Users\geoff\AppData\Roaming\AntiVirus System 2011\securityhelper.exe" -c /UNINSTALL
    Task: {903AA892-BA72-451B-8D43-A18F2284BF3B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {918A2E20-CA51-4284-8C0F-6C4C103E3DE6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} - \TweakBit\PCCleaner\Start PCCleaner ?n logon -> No File <==== ATTENTION
    Task: {96116637-6BCB-45F2-A779-AF61A1DFCBE2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9A82E602-1B78-4A51-A57F-22492DF7D748} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9C4056F5-53A0-4CD6-9181-E74108389684} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9EB97B77-CF48-4B66-86AA-22ACB8407BC7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9F1F470A-F055-468F-B6D0-DAD0CEF91634} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {9FF24EA7-B4CC-46E5-8283-96A7C87E0269} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A0672630-2F14-4D69-A998-5A434390C838} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {A8D4B054-B355-4893-A181-BA6A1BB681AB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AAB1E654-AF8B-4950-8295-EC7083687DEF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AE1D247A-E799-4C06-AB12-ED3DC27B161E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {B31D3014-70AA-4C28-8514-033FD8DD95C4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {BDC087A1-705A-4D7A-B610-ECFFB6CB3872} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {BDE3EC51-E282-421D-BF64-0DE5798D2D50} - \TweakBit\PCCleaner\Start PCCleaner ?n logon -> No File <==== ATTENTION
    Task: {C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C12FAFB3-F3F3-415B-AFB1-54427B425D7E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C17C0E68-0511-4B60-A629-BD179BB8C766} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C62716B7-465D-4DB6-AD4A-0F9CED4F9911} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {C8740CD5-B817-4037-BADA-13E03F1C5904} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CA818194-6FCE-44D9-961B-29ED7A6F6DBB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CC5AAB18-C5BA-4B1C-83BA-107642FC9280} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CF66EAE2-A122-4185-8C55-E25DCAFA20E9} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {D0550D23-65C5-4F3C-8626-1F1975FFA483} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {D4490887-7881-4C5D-BE94-7AE4224A89D0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DEE8B8F5-21DA-4D19-ACE2-C503DC023158} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {DF73CDB1-B351-46A1-9666-1D6DAB51BE54} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E2CD2DDD-B548-47A7-A367-B947DC8A966A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E49F8E52-CD62-4E6C-AE28-E03E926913D7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {E5751FBE-4938-4A29-A870-7F40FFA1FF2E} - System32\Tasks\IBUpd2 => C:\Users\geoff\AppData\Local\BrowserAir\47.0.0.4\updater.exe <==== ATTENTION
    Task: {E99D5913-61ED-4363-A488-891A133AF7D6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {EAE04FA7-7E95-4ED7-9820-00D6B189890E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F321D67B-4140-46C2-9DA5-C1FE5939854C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F35F304E-D980-436F-AA47-1D20676D1F23} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {F7C2988E-5E91-4051-9596-96D28D2D7FDA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FB48721E-1E03-44E5-940A-3422F1198D9F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    Task: {FE3B0FBE-7B53-4551-8052-7F723F29D65F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
    ShortcutWithArgument: C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d7-bddd-11e5-ba81-001e68ddbd2a} [20]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d8-bddd-11e5-ba81-001e68ddbd2a} [31]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a} [20]
    AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a} [31]
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
    Hosts:
    *****************
     
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MSC => value not found.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => key not found. 
    HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found. 
    "C:\Windows\system32\GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User" => not found.
    "C:\Windows\system32\GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User" => not found.
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{86A68F0B-FB97-4F08-9E9A-247FB0BC4165} => key not found. 
    HKCR\CLSID\{86A68F0B-FB97-4F08-9E9A-247FB0BC4165} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => key not found. 
    HKCR\CLSID\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => key not found. 
    FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4, => not found
    FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4, => not found
    "C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml" => not found.
    C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => not found.
    C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} => not found.
    C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} => not found.
    C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => not found.
    Chrome HomePage => not found.
    Chrome StartupUrls => not found.
    Chrome DefaultSearchURL => not found.
    Chrome DefaultSearchKeyword => not found.
    Chrome DefaultSuggestURL => not found.
    SBSDWSCService => service not found.
    eabfiltr => service not found.
    hwdatacard => service not found.
    hwusbdev => service not found.
    hwusbfake => service not found.
    NwlnkFlt => service not found.
    NwlnkFwd => service not found.
    SymIM => service not found.
    SymIMMP => service not found.
    VBoxNetFlt => service not found.
    sdfhgdf => service not found.
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837} => key not found. 
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1225487D-BDF9-4FBE-9EAA-26ED945115C1} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14544222-AE0F-4CEB-B2BB-99DFB502A867} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1735D2DB-0770-4363-B235-1A5BBB61CEA3} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AC86800-E407-49EC-9FEB-77FECCF6ED31} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F2B7AEB-9245-40C2-82C5-A2B588CB764C} => key not found. 
    C:\Windows\System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C4C98983-6F23-4830-9A6A-46DE8565B542} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{243AA337-398B-4680-8869-45BFAE49BDB5} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{274256E2-939F-481F-8D43-F9E697D1016E} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A8D1224-CA24-4760-B7D8-4321CDDD6083} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F4E6C7C-FDAE-4111-9978-89566B696070} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FCA15CB-B66C-42CC-9985-62AC4976D9DC} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{354B53AA-D547-479D-922C-159C219C1740} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3677E902-A325-4BF7-A459-71D25A24966B} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384DD8F1-BF04-4837-BDE0-222B0E438A1B} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B99A0E9-6110-4336-A553-29051BF8EEE1} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44D3AB92-727E-4436-BF6A-6F2881935F2C} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45CC24E9-901D-4773-97BD-F97ACA2A7389} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D5E7218-2F43-4CA3-B682-700799D5CE40} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F8919F2-04DA-4341-894D-E1B87A328662} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{571CB1A9-B2E1-424A-BD1F-339AE42602A5} => key not found. 
    C:\Windows\System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{593F3332-FD90-4A28-A913-80F0E6475AFC} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61C19587-0F15-42A6-BDCC-DE63613C6CF1} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit automatic scanning => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65734AB0-442E-4C8B-831A-71BBD28F22BE} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65826AA8-B7B9-420C-A349-0EB309679B68} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{665BAE83-6070-424D-8961-0994CAAAA3D1} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66A3F06A-D4FE-4869-8E77-322841C856E3} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{698836BD-D478-47DC-84E5-7602AED789B2} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A0A78A9-68EE-4976-B8A7-7053F760E88D} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B44EE9A-9157-413C-AB41-1AB294579379} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B6FCBAA-1064-4C10-961E-F386DE8284EF} => key not found. 
    C:\Windows\System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E61263B-F516-4092-8734-300AB9F5120E} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit ?n logon => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F961960-E97B-4F29-BB9B-CDA15D645A01} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73368EA5-B4C0-43A8-9DE3-A5B2829CC358} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit ?n logon => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{752216AA-CE30-405B-9267-118E9D282112} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{758C46B4-EC68-4929-9696-2B67910B9877} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7751432F-31C2-4103-A74E-9174B4C4C054} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{783E6D80-266F-4699-8FE1-4FC5D38EDB56} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{787A8DAB-4F37-4917-AF82-DB776FD28A88} => key not found. 
    C:\Windows\System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C3C7D3A-147C-469C-87F6-BDBCC2670A40} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DFE5167-9CB2-4916-9EC2-425C791E7AFD} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EA885AA-495D-4206-A2B4-25C4B8D764DD} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FA27470-2EDB-4FCE-8214-9CA2569A93B2} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80D049AE-6B6D-4C2B-9AF2-494D620181C0} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{839A5338-CE92-4A68-AD90-156344208991} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CE00976-D326-4633-B50D-9C35EFFE56D8} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} => key not found. 
    C:\Windows\System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{903AA892-BA72-451B-8D43-A18F2284BF3B} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{918A2E20-CA51-4284-8C0F-6C4C103E3DE6} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCCleaner\Start PCCleaner ?n logon => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96116637-6BCB-45F2-A779-AF61A1DFCBE2} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A82E602-1B78-4A51-A57F-22492DF7D748} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C4056F5-53A0-4CD6-9181-E74108389684} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EB97B77-CF48-4B66-86AA-22ACB8407BC7} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F1F470A-F055-468F-B6D0-DAD0CEF91634} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FF24EA7-B4CC-46E5-8283-96A7C87E0269} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0672630-2F14-4D69-A998-5A434390C838} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8D4B054-B355-4893-A181-BA6A1BB681AB} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAB1E654-AF8B-4950-8295-EC7083687DEF} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE1D247A-E799-4C06-AB12-ED3DC27B161E} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B31D3014-70AA-4C28-8514-033FD8DD95C4} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDC087A1-705A-4D7A-B610-ECFFB6CB3872} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDE3EC51-E282-421D-BF64-0DE5798D2D50} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCCleaner\Start PCCleaner ?n logon => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C12FAFB3-F3F3-415B-AFB1-54427B425D7E} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C17C0E68-0511-4B60-A629-BD179BB8C766} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C62716B7-465D-4DB6-AD4A-0F9CED4F9911} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8740CD5-B817-4037-BADA-13E03F1C5904} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA818194-6FCE-44D9-961B-29ED7A6F6DBB} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC5AAB18-C5BA-4B1C-83BA-107642FC9280} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF66EAE2-A122-4185-8C55-E25DCAFA20E9} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0550D23-65C5-4F3C-8626-1F1975FFA483} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4490887-7881-4C5D-BE94-7AE4224A89D0} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEE8B8F5-21DA-4D19-ACE2-C503DC023158} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF73CDB1-B351-46A1-9666-1D6DAB51BE54} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2CD2DDD-B548-47A7-A367-B947DC8A966A} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E49F8E52-CD62-4E6C-AE28-E03E926913D7} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5751FBE-4938-4A29-A870-7F40FFA1FF2E} => key not found. 
    C:\Windows\System32\Tasks\IBUpd2 => not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IBUpd2 => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E99D5913-61ED-4363-A488-891A133AF7D6} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAE04FA7-7E95-4ED7-9820-00D6B189890E} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F321D67B-4140-46C2-9DA5-C1FE5939854C} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F35F304E-D980-436F-AA47-1D20676D1F23} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7C2988E-5E91-4051-9596-96D28D2D7FDA} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB48721E-1E03-44E5-940A-3422F1198D9F} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE3B0FBE-7B53-4551-8052-7F723F29D65F} => key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 
    C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => Shortcut argument removed successfully..
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Shortcut argument removed successfully..
    C:\Users\Public\Desktop\Mozilla Firefox.lnk => Shortcut argument removed successfully..
    "C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{05e784d7-bddd-11e5-ba81-001e68ddbd2a}" ADS not found.
    "C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{05e784d8-bddd-11e5-ba81-001e68ddbd2a}" ADS not found.
    "C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a}" ADS not found.
    "C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a}" ADS not found.
    HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => key not found. 
    HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => key not found. 
    HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => key not found. 
    HKLM\System\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => key not found. 
    HKLM\System\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => key not found. 
    HKLM\System\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => key not found. 
    C:\Windows\System32\Drivers\etc\hosts => moved successfully
    Hosts restored successfully.
     
    ==== End of Fixlog 09:45:44 ====

    • 0

    #12
    globaljoe

    globaljoe

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 117 posts

    Hi, Am I doing this right?, all these huge files are getting me totally lost off.


    • 0

    #13
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,021 posts
    • MVP

    Looks like the Fixlist worked.  You posted it twice tho.  Niow I need a new FRST scan:

     

    Run FRST again and check the addition.txt box then Scan.  Post both logs.


    • 0

    #14
    globaljoe

    globaljoe

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 117 posts
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
    Ran by geoff (administrator) on GEOFF-LAPTOP (11-03-2016 08:36:26)
    Running from C:\Users\geoff\downloads
    Loaded Profiles: geoff (Available Profiles: geoff & Me & jake)
    Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
    Internet Explorer Version 9 (Default browser: Opera)
    Boot Mode: Safe Mode (with Networking)
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera_crashreporter.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
    (Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe
     
     
    ==================== Registry (Whitelisted) ===========================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7539232 2009-06-09] (Realtek Semiconductor)
    HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554320 2007-09-04] ( Hewlett-Packard Development Company, L.P.)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software)
    HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
    HKLM\...\Run: [LXCGCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,[email protected]
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
    Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04] (SUPERAntiSpyware.com)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\system: [LogonHoursAction] 2
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\Explorer: [NoViewContextMenu] 0
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\avastSS.scr [43112 2015-08-16] (AVAST Software)
    ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-16] (AVAST Software)
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{4606CB98-8F30-40BD-8D2B-A3D2D5337D78}: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{C1122DA3-F798-4DC3-A956-F232C42C5C49}: [DhcpNameServer] 192.168.0.1
     
    Internet Explorer:
    ==================
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.virgin.net
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.virgin.net/ie/search
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.virgin.net/about/welcome/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-13] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-16] (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-13] (Oracle Corporation)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)
    Toolbar: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: AutorunsDisabled\skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
    FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
    FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-13] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-13] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
    FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-09-20] ()
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-09-19] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-09-19] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-09-19] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-09-19] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-09-19] (Apple Inc.)
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-10] [not signed]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-18]
     
    Chrome: 
    =======
    CHR Profile: C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-10]
    CHR Extension: (Google Docs Offline) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-10]
    CHR Extension: (Secure Mail for Gmail (by Streak)) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngdnjdobadbdemillgljnnbpomnfokn [2016-02-10]
    CHR Extension: (Mailvelope) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajibbejlbohfaggdiogboambcijhkke [2016-02-10]
    CHR Extension: (Skype) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-10]
    CHR Extension: (Right Inbox for Gmail) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mflnemhkomgploogccdmcloekbloobgb [2016-02-10]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-10]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-15]
    CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
    CHR HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\geoff\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-05-28]
    CHR HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
     
    ==================== Services (Whitelisted) ========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-11] (SUPERAntiSpyware.com) [File not signed]
    S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-16] (AVAST Software)
    S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-08-16] (Avast Software)
    S4 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.) [File not signed]
    S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
    S4 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]
    S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
    S2 lxcg_device; C:\Windows\system32\lxcgcoms.exe [537520 2007-04-29] ( )
    S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)
    S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)
    S2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [271760 2007-12-20] ()
    S2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [112016 2007-12-20] ()
    S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
    S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
     
    ===================== Drivers (Whitelisted) ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 alcan5wn; C:\Windows\System32\DRIVERS\alcan5wn.sys [53600 2003-12-08] (THOMSON)
    S3 alcaudsl; C:\Windows\System32\DRIVERS\alcaudsl.sys [70688 2003-12-08] (THOMSON)
    S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-08-16] (AVAST Software)
    S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-08-16] (AVAST Software)
    R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-08-16] (AVAST Software)
    S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-08-16] (AVAST Software)
    S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-15] (AVAST Software)
    S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-12-15] (AVAST Software)
    S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-08-16] (AVAST Software)
    S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-08-16] (AVAST Software)
    S0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-08-16] (AVAST Software)
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2016-01-18] ()
    R3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
    S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-01-02] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
    S3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [6144 2007-01-09] (Chic)
    S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)
    R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-08-16] (AVAST Software)
    S4 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S4 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S4 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2011-09-02] (Duplex Secure Ltd.)
    S4 ST330; C:\Windows\System32\drivers\st330.sys [30464 2009-12-03] (THOMSON Telecom Belgium) [File not signed]
    S4 STBUS; C:\Windows\System32\drivers\stbus.sys [12672 2009-12-03] (THOMSON Telecom Belgium) [File not signed]
    S4 stppp; C:\Windows\System32\DRIVERS\stppp.sys [35328 2009-12-03] (THOMSON Telecom Belgium)
    S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8064 2007-11-29] (Windows ® Codename Longhorn DDK provider)
    S4 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [44544 2012-09-28] (Apple, Inc.) [File not signed]
    S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8064 2007-11-29] (Windows ® Codename Longhorn DDK provider)
    S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-08-16] (Avast Software)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-03-10 09:43 - 2016-03-10 09:43 - 00028310 _____ C:\Users\geoff\Downloads\fixlist (3).txt
    2016-03-09 08:07 - 2016-03-10 09:45 - 00070533 _____ C:\Users\geoff\Downloads\Fixlog.txt
    2016-03-09 07:51 - 2016-03-09 07:51 - 00000591 _____ C:\Users\geoff\Desktop\FRST - Shortcut (2).lnk
    2016-03-09 01:25 - 2016-03-09 01:25 - 00028310 _____ C:\Users\geoff\Downloads\fixlist (2).txt
    2016-03-09 00:47 - 2016-03-09 00:47 - 00000000 ____D C:\Users\geoff\Documents\Frst and Fixlist
    2016-03-09 00:30 - 2016-03-09 00:39 - 00000000 ____D C:\Users\geoff\Desktop\Frst and Fixlist
    2016-03-08 23:35 - 2016-03-08 23:35 - 00028310 _____ C:\Users\geoff\Downloads\fixlist (1).txt
    2016-03-07 19:35 - 2016-03-08 00:34 - 00067316 _____ C:\Users\geoff\Downloads\Addition.txt
    2016-03-07 19:34 - 2016-03-11 08:36 - 00000000 _____ C:\Users\geoff\Downloads\FRST.txt
    2016-03-07 19:33 - 2016-03-11 08:36 - 00000000 ____D C:\FRST
    2016-03-07 19:30 - 2016-03-07 19:30 - 01725440 _____ (Farbar) C:\Users\geoff\Downloads\FRST.exe
    2016-03-07 19:30 - 2016-03-07 19:30 - 00000817 _____ C:\Users\geoff\Desktop\FRST - Shortcut.lnk
    2016-03-06 23:18 - 2016-03-06 23:18 - 00000000 ____D C:\Program Files\HitmanPro
    2016-03-03 22:53 - 2016-03-03 22:53 - 00001607 _____ C:\AdwCleaner[R5].txt
    2016-02-15 16:10 - 2016-02-15 16:11 - 06828320 _____ (Piriform Ltd) C:\Users\geoff\Downloads\ccsetup514.exe
    2016-02-13 13:01 - 2016-02-13 13:01 - 00000000 ____D C:\Program Files\Common Files\Java
    2016-02-13 12:17 - 2016-03-10 09:27 - 00189552 _____ C:\Windows\ntbtlog.txt
    2016-02-13 12:09 - 2016-03-07 00:11 - 00000000 ____D C:\NPE
    2016-02-13 12:01 - 2016-03-07 00:53 - 00000000 ____D C:\Users\geoff\AppData\Local\NPE
    2016-02-13 12:01 - 2016-02-13 12:01 - 00000000 ____D C:\ProgramData\Norton
    2016-02-13 12:00 - 2016-02-13 12:00 - 03088296 _____ (Symantec Corporation) C:\Users\geoff\Downloads\NPE.exe
    2016-02-11 03:00 - 2016-02-11 03:00 - 00000000 ____D C:\Windows\CheckSur
    2016-02-10 18:17 - 2016-02-10 18:17 - 00987728 _____ (Google Inc.) C:\Users\geoff\Downloads\ChromeSetup (1).exe
    2016-02-10 17:54 - 2016-02-18 21:41 - 00001943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-02-10 17:54 - 2016-02-18 21:41 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2016-02-10 17:52 - 2016-02-10 17:52 - 00987728 _____ (Google Inc.) C:\Users\geoff\Downloads\ChromeSetup.exe
    2016-02-10 16:43 - 2016-01-25 04:59 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-02-10 16:43 - 2016-01-25 04:57 - 12391424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-02-10 16:43 - 2016-01-25 04:55 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-02-10 16:43 - 2016-01-25 04:54 - 09753600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-02-10 16:43 - 2016-01-25 04:54 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-02-10 16:43 - 2016-01-25 04:53 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-02-10 16:43 - 2016-01-25 04:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2016-02-10 16:43 - 2016-01-25 04:52 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2016-02-10 16:43 - 2016-01-25 04:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-02-10 16:43 - 2016-01-25 04:51 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2016-02-10 16:43 - 2016-01-25 04:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2016-02-10 16:43 - 2016-01-25 04:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2016-02-10 15:49 - 2016-01-30 03:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
    2016-02-10 15:49 - 2016-01-30 03:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
    2016-02-10 15:49 - 2016-01-30 03:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
    2016-02-10 15:49 - 2016-01-30 03:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
    2016-02-10 15:49 - 2016-01-30 03:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
    2016-02-10 15:49 - 2016-01-30 03:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
    2016-02-10 15:49 - 2016-01-30 03:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
    2016-02-10 15:49 - 2016-01-30 03:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
    2016-02-10 15:49 - 2016-01-30 03:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
    2016-02-10 15:49 - 2016-01-30 03:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
    2016-02-10 15:49 - 2016-01-30 01:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
    2016-02-10 15:45 - 2016-02-01 17:21 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-02-10 15:45 - 2016-01-30 03:15 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2016-02-10 15:45 - 2016-01-30 03:15 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-02-10 15:45 - 2016-01-30 03:09 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2016-02-10 15:45 - 2016-01-30 03:09 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-02-10 15:45 - 2016-01-30 03:08 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2016-02-10 15:45 - 2016-01-30 03:07 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-02-10 15:45 - 2016-01-30 03:07 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-02-10 15:45 - 2016-01-30 01:24 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2016-02-10 15:37 - 2016-01-07 15:21 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-02-10 15:33 - 2016-01-07 15:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2016-02-10 15:26 - 2016-01-09 17:06 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-02-10 06:48 - 2016-02-10 06:50 - 89438323 _____ C:\Users\geoff\Downloads\ou_futurelearn_cyber_security_vid_1020.mp4
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-03-10 09:45 - 2013-03-20 17:11 - 00000806 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2016-03-10 09:45 - 2012-03-22 18:13 - 00000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2016-03-10 09:28 - 2006-11-02 10:33 - 00006568 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-03-09 08:20 - 2009-10-10 01:51 - 00008484 _____ C:\Users\geoff\AppData\Local\d3d9caps.dat
    2016-03-09 08:13 - 2009-09-20 13:27 - 00000000 _____ C:\Windows\system32\Ikeext.etl
    2016-03-09 08:07 - 2006-11-02 11:18 - 00000000 ___HD C:\Windows\system32\GroupPolicy
    2016-03-07 05:25 - 2010-12-09 15:49 - 00000000 ____D C:\Users\jake
    2016-03-07 05:25 - 2010-06-07 16:46 - 00000000 ____D C:\Users\Me
    2016-03-07 05:25 - 2006-11-02 10:22 - 58458112 _____ C:\Windows\system32\config\software_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 52428800 _____ C:\Windows\system32\config\components_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 41680896 _____ C:\Windows\system32\config\system_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 04861952 _____ C:\Windows\system32\config\default_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 00131072 _____ C:\Windows\system32\config\sam_previous
    2016-03-07 05:25 - 2006-11-02 10:22 - 00028672 _____ C:\Windows\system32\config\security_previous
    2016-03-07 05:24 - 2016-02-06 21:55 - 00000000 ____D C:\Program Files\dply_en_015020230
    2016-03-07 05:24 - 2015-11-04 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-03-07 05:24 - 2015-11-04 14:40 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
    2016-03-07 05:24 - 2011-02-16 13:05 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2016-03-07 05:24 - 2010-10-12 20:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2016-03-07 05:24 - 2008-10-14 17:37 - 00000000 ____D C:\Users\geoff
    2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\system32\spool
    2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\registration
    2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\inf
    2016-03-07 01:47 - 2008-11-19 21:36 - 00000000 ____D C:\Windows\Minidump
    2016-03-05 23:49 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\tracing
    2016-03-02 02:47 - 2006-11-02 12:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2016-03-02 02:47 - 2006-11-02 12:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2016-02-27 03:01 - 2012-04-03 10:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2016-02-27 02:36 - 2010-03-09 19:09 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2016-02-26 12:36 - 2010-03-09 19:09 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2016-02-24 03:03 - 2012-05-31 17:55 - 00001786 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2016-02-24 03:03 - 2011-02-16 13:05 - 00001945 _____ C:\Windows\epplauncher.mif
    2016-02-15 13:31 - 2010-03-12 19:22 - 00000000 ____D C:\Program Files\Lx_cats
    2016-02-13 13:01 - 2013-12-01 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-02-13 13:01 - 2008-03-07 16:17 - 00000000 ____D C:\Program Files\Java
    2016-02-13 13:00 - 2015-09-10 19:13 - 00000000 ____D C:\Users\geoff\.oracle_jre_usage
    2016-02-13 12:59 - 2015-01-26 21:26 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
    2016-02-13 12:47 - 2006-11-02 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-02-13 12:46 - 2016-02-06 21:55 - 00000000 ____D C:\Program Files\Common Files\Goobzo
    2016-02-13 12:44 - 2006-11-02 13:01 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2016-02-12 03:39 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\rescache
    2016-02-11 03:34 - 2013-08-19 18:30 - 00000000 ____D C:\Windows\system32\MRT
    2016-02-11 03:34 - 2006-11-02 10:24 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
    2016-02-10 18:40 - 2009-01-05 23:18 - 00000000 ____D C:\Users\geoff\AppData\Local\Google
    2016-02-10 17:54 - 2009-01-05 23:03 - 00000000 ____D C:\Program Files\Google
    2016-02-10 16:14 - 2006-11-02 12:47 - 00367368 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-02-10 16:10 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Journal
    2016-02-10 16:10 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Collaboration
    2016-02-10 15:00 - 2006-11-02 11:18 - 00000000 __RSD C:\Windows\Media
    2016-02-10 15:00 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\PolicyDefinitions
     
    ==================== Files in the root of some directories =======
     
    2010-04-14 21:01 - 2010-04-14 21:01 - 0812344 ____N (Trend Micro Inc.) C:\Program Files\HijackThisInstaller.exe
    2010-04-26 18:10 - 2010-04-26 18:15 - 0001492 ____N () C:\Program Files\Spybot - Search & Destroy.lnk
    2008-10-14 21:10 - 2010-05-19 13:54 - 0027839 _____ () C:\Users\geoff\AppData\Roaming\nvModes.001
    2008-10-14 21:06 - 2010-03-17 13:56 - 0027839 _____ () C:\Users\geoff\AppData\Roaming\nvModes.dat
    2011-12-16 22:18 - 2016-01-16 13:33 - 0001155 _____ () C:\Users\geoff\AppData\Roaming\Rim.Desktop.Exception.log
    2011-12-16 22:16 - 2012-06-21 16:15 - 0002245 _____ () C:\Users\geoff\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
    2011-12-16 22:18 - 2016-01-16 13:33 - 0001155 _____ () C:\Users\geoff\AppData\Roaming\Rim.DesktopHelper.Exception.log
    2012-09-22 23:13 - 2016-01-16 13:33 - 0000616 _____ () C:\Users\geoff\AppData\Roaming\Rim.Transcoder.Exception.log
    2008-11-09 16:24 - 2008-11-09 16:24 - 0026340 _____ () C:\Users\geoff\AppData\Roaming\UserTile.png
    2014-02-05 22:52 - 2014-03-05 00:52 - 0000093 _____ () C:\Users\geoff\AppData\Roaming\WB.CFG
    2008-10-14 22:02 - 2014-10-15 09:21 - 0000672 _____ () C:\Users\geoff\AppData\Roaming\wklnhst.dat
    2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\AtStart.txt
    2009-10-10 01:51 - 2016-03-09 08:20 - 0008484 _____ () C:\Users\geoff\AppData\Local\d3d9caps.dat
    2008-10-30 19:59 - 2015-08-03 19:06 - 0011776 _____ () C:\Users\geoff\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\DSwitch.txt
    2013-04-24 10:56 - 2015-03-25 18:07 - 0000000 _____ () C:\Users\geoff\AppData\Local\FnF4.txt
    2012-12-30 20:25 - 2012-12-30 21:43 - 0000600 _____ () C:\Users\geoff\AppData\Local\PUTTY.RND
    2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\QSwitch.txt
    2011-02-05 16:50 - 2011-02-05 18:58 - 0000097 __RSH () C:\ProgramData\1.12.0.lic
    2012-04-05 12:59 - 2012-04-05 12:59 - 0000053 __RSH () C:\ProgramData\1.12.5.lic
    2010-05-19 14:09 - 2016-01-18 11:43 - 0297184 _____ () C:\ProgramData\nvModes.001
    2010-05-19 14:09 - 2016-01-18 11:43 - 0297184 _____ () C:\ProgramData\nvModes.dat
     
    Files to move or delete:
    ====================
    C:\Users\geoff\IsoBurner-Setup.exe
    C:\Users\geoff\regbackup.reg
    C:\Users\geoff\SUPERAntiSpyware.exe
     
     
    Some files in TEMP:
    ====================
    C:\Users\geoff\AppData\Local\Temp\jre-8u71-windows-au.exe
    C:\Users\geoff\AppData\Local\Temp\jre-8u73-windows-au.exe
     
     
    ==================== Bamital & volsnap =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2016-03-10 20:36
     
    ==================== End of FRST.txt ============================

    • 0

    #15
    globaljoe

    globaljoe

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 117 posts
    Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
    Ran by geoff (2016-03-11 08:42:29)
    Running from C:\Users\geoff\downloads
    Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2008-07-19 08:46:55)
    Boot Mode: Safe Mode (with Networking)
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-504676162-3151235640-1111575767-500 - Administrator - Disabled)
    geoff (S-1-5-21-504676162-3151235640-1111575767-1000 - Administrator - Enabled) => C:\Users\geoff
    Guest (S-1-5-21-504676162-3151235640-1111575767-501 - Limited - Disabled)
    jake (S-1-5-21-504676162-3151235640-1111575767-1002 - Limited - Enabled) => C:\Users\jake
    Me (S-1-5-21-504676162-3151235640-1111575767-1001 - Limited - Enabled) => C:\Users\Me
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    [email protected] ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.0 - LSoft Technologies)
    ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
    Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
    Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
    Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)
    Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
    AIM 6 (HKLM\...\AIM_6) (Version:  - )
    Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2225 - AVAST Software)
    CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
    CodeBlocks (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)
    Core Temp 1.0 RC2 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
    CPUID CPU-Z 1.60 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
    CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1002 - CyberLink Corp.)
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    Desktop-play 000.015020230 (HKLM\...\dply_en_015020230_is1) (Version:  - DESKTOPPLAY) <==== ATTENTION
    DiskCheckup v3.3 (HKLM\...\DiskCheckup_is1) (Version: 3.3.1000 - PassMark Software)
    Dropbox (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
    DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.0928 - CyberLink Corp.)
    EA Link (HKLM\...\InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}) (Version: 3.1.1.4 - Electronic Arts)
    EA Link (Version: 3.1.1.4 - Electronic Arts) Hidden
    GameMaker-Studio 1.2 (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\GameMaker-Studio12) (Version:  - YoYo Games Ltd.)
    Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
    Google Drive (HKLM\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
    GoToAssist Expert 1.6.0.498 (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\GoToAssist Remote Support Expert) (Version: 1.6.0.498 - Citrix Online)
    Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25149 - Hauppauge Computer Works, Inc.)
    HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
    HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.234 - SurfRight B.V.)
    Hot CPU Tester Pro 4.4.1 (HKLM\...\{5A39D5C2-A28B-421D-925A-0390FD1E5529}_is1) (Version: 4.4 LE - 7Byte Computers)
    HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
    HP Customer Experience Enhancements (HKLM\...\{BD0E2B92-3814-46F0-893B-4612EA010C7E}) (Version: 5.4.0.2430 - Hewlett-Packard)
    HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.02.0001 - Hewlett-Packard)
    HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)
    HP Help and Support (HKLM\...\{31216452-5540-4C96-B754-94890A63D5AB}) (Version: 2.0.10.0 - Hewlett-Packard)
    HP Quick Launch Buttons 6.30 E1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.30 E1 - Hewlett-Packard)
    HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - )
    HP QuickTouch 1.00 C4 (HKLM\...\{7DC4A410-9986-4329-9E5D-687B2C42CA39}) (Version: 1.0.7 - Hewlett-Packard)
    HP Total Care Advisor (HKLM\...\{b02df929-29a7-4fd2-9a70-81a644b635f7}) (Version: 1.4.19.2433 - Hewlett-Packard)
    HP Update (HKLM\...\{612F4E20-3661-4D44-AD79-823F1B613FB3}) (Version: 5.002.008.001 - Hewlett-Packard)
    HP User Guides 0087 (HKLM\...\{4D49757C-367A-4333-BDB3-68966162B14E}) (Version: 1.02.0000 - Hewlett-Packard )
    HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H2 - Hewlett-Packard)
    HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
    HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
    ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
    Instant Housecall Specialist Sign-in (HKLM\...\{7C9045F9-039D-4B64-93F5-53D8F9F7816F}) (Version: 6.0.0.0 - Instant Housecall)
    Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
    Java 7 Update 10 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217010F0}) (Version: 7.0.100 - Oracle)
    Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
    Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    KeyNote 1.6.5 (HKLM\...\KeyNote_is1) (Version:  - )
    KompoZer 0.8b3 (HKLM\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version:  - KompoZer)
    LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2128 - CyberLink Corp.)
    Lexmark 2300 Series (HKLM\...\Lexmark 2300 Series) (Version:  - Lexmark International, Inc.)
    Lexmark Fax Solutions (HKLM\...\Lexmark Fax Solutions) (Version:  - Lexmark International, Inc.)
    LightScribe System Software  1.10.13.1 (Version: 1.10.13.1 - hxxp://www.lightscribe.com) Hidden
    LinuxLive USB Creator (HKLM\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Press Training Kit Exam Prep Suite A+ 220-801, 220-802 (HKLM\...\{7AA4AE9D-8720-4050-8E9A-DABDB197855B}) (Version: 1.0.0 - MeasureUp)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
    Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)
    Mozilla Firefox 40.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
    MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    muvee autoProducer 6.1 (HKLM\...\{250E9609-E830-43EB-B379-DAB7546A2422}) (Version: 6.10.050 - muvee Technologies)
    My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1902 - WildTangent)
    Nokia Connectivity Cable Driver (HKLM\...\{4F1DCA42-2030-437C-A94E-736692A499C1}) (Version: 6.86.11.0 - Nokia)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
    OpenOffice 4.1.2 (HKLM\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
    Opera Stable 19.0.1326.59 (HKLM\...\Opera 19.0.1326.59) (Version: 19.0.1326.59 - Opera Software ASA)
    Opera Stable 33.0.1990.115 (HKLM\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software)
    Opera Stable 34.0.2036.36 (HKLM\...\Opera 34.0.2036.36) (Version: 34.0.2036.36 - Opera Software)
    Opera Update Checker (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Opera Update Checker) (Version:  - Opera widgets)
    PDF Creator (HKLM\...\PDF Creator) (Version:  - )
    PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
    PyScripter 2.5.3 (HKLM\...\PyScripter_is1) (Version: 2.5.3 - PyScripter)
    Python 3.3.0 (HKLM\...\{526b1417-92c1-3737-8247-4abc49ccc8e4}) (Version: 3.3.150 - Python Software Foundation)
    QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
    RAR Reader (HKLM\...\{9CDE6ACC-B81A-482E-A55C-FBB0CA021FEC}_is1) (Version:  - rarreader.com)
    Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5869 - Realtek Semiconductor Corp.)
    Renee Undeleter 2014.2.26.00 (HKLM\...\{EE1F41BE-6DBD-44AE-9F97-4D7F9227329D}_is1) (Version: 2014.2.26.00 - Rene.E Laboratory)
    Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
    Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    Search module (HKLM\...\Search module) (Version:  - Goobzo) <==== ATTENTION
    SearchModule (HKLM\...\{D2E9FE6A-7003-42A0-96F6-5569DFC2A3A8}_is1) (Version: 2.8.9.113 - Goobzo LTD) <==== ATTENTION
    SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version:  - Seagate Technology)
    Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
    SIW version 2010.07.14 (HKLM\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.07.14 - Topala Software Solutions)
    Skill Builder DX (HKLM\...\{40C2D00A-9235-4EA2-8AB9-2CAB7A842B49}) (Version:  - )
    Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
    Skype™ 7.11 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.11.102 - Skype Technologies S.A.)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.1.1002 - SUPERAntiSpyware.com)
    swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
    TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.0.8703  - TeamViewer GmbH)
    The OFFICIAL DSA THEORY TEST for Car Drivers (HKLM\...\{50684081-B0AE-4B26-9E06-645BE7E357C8}) (Version: 2.00.0001 - TSO)
    The Sims™ Life Stories (HKLM\...\{2284D904-C138-4B58-93EC-5C362AB5130A}) (Version: 1.00.0000 - Electronic Arts)
    Undeleter (HKLM\...\{6A1110AB-79A2-4316-A0F3-D95525931FDC}_is1) (Version:  - Blitware Technology Inc.)
    Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Repair Kit v3.0 (HKLM\...\Windows Repair Kit v3.0) (Version:  - )
    WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
    WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F5CC79AD-5695-4db5-9669-4231686B4B84}\InprocServer32 -> C:\Program Files\Instant Housecall\Specialist\MenuExtension32.dll (Instant Housecall)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {15EF1CCC-3432-4402-9256-0A98C74B1652} - System32\Tasks\Opera scheduled Autoupdate 1382886487 => C:\Program Files\Opera\launcher.exe [2015-12-14] (Opera Software)
    Task: {2ED0D85B-F710-4CB1-8B4B-6321B212F12F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
    Task: {43D8F97B-ABB7-43D2-A096-01E275FE195D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
    Task: {4C4EE041-B922-43AA-924F-7837E263CE85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
    Task: {6092D2F8-3318-4903-AC4A-9F3505364585} - System32\Tasks\{4B88C94D-0A54-4A3E-A970-4422C4E5D1A1} => pcalua.exe -a C:\ProgramData\Installations\{5AFEABF5-7411-4C29-9FA9-71ABE880662D}\Nokia_PC_Suite_rel_6_86_9_4_EA.exe
    Task: {8433246C-B309-4DED-8952-86CD35F88ECF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
    Task: {8A0681A4-A478-4B7B-A731-6E2827AFB580} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
    Task: {A140BE9B-A5E1-48C6-A3CE-43E5744A42C9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
    Task: {ABE5ADC8-A224-4EF0-B4AB-7058AB1FCE74} - System32\Tasks\{874CFE2D-ADB2-4050-94FD-A3E7307E6543} => pcalua.exe -a "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" -c REMOVE=TRUE MODIFY=FALSE
    Task: {CD245391-D8E3-4FB9-A4CA-D61E33985A11} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {E543470A-A320-4008-9924-594ABE80C4A0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-16] (AVAST Software)
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    ==================== Loaded Modules (Whitelisted) ==============
     
    2016-01-08 07:06 - 2015-12-14 09:14 - 61551736 _____ () C:\Program Files\Opera\34.0.2036.36\opera.dll
     
    ==================== Alternate Data Streams (Whitelisted) =========
     
    (If an entry is included in the fixlist, only the ADS will be removed.)
     
     
    ==================== Safe Mode (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
     
    ==================== EXE Association (Whitelisted) ===============
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
     
     
    ==================== Internet Explorer trusted/restricted ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry.)
     
    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
     
    There are 7595 more sites.
     
    IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\cleverreach.com -> hxxp://novastor.cleverreach.com
    IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\google-analytics.com -> hxxp://google-analytics.com
    IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\novastor.com -> hxxp://novastor.com
    IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\novastor.com -> hxxps://novastor.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123simsen.com -> www.123simsen.com
     
    There are 7592 more sites.
     
     
    ==================== Hosts content: ===============================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2006-11-02 10:23 - 2016-03-10 09:45 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
     
    127.0.0.1       localhost
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img31.jpg
    DNS Servers: 192.168.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
    Windows Firewall is enabled.
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup
    MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
    MSCONFIG\startupreg: EzPrint => "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
    MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
    MSCONFIG\startupreg: GoToAssist Express Expert => "C:\Users\geoff\AppData\Local\Citrix\GoToAssist Express Expert\403\g2ax_start.exe" "/Trigger RunAtLogon"
    MSCONFIG\startupreg: GoToAssist Remote Support Expert => "C:\Program Files\Citrix\GoToAssist Remote Support Expert\498\g2ax_start.exe" "/Trigger RunAtLogon"
    MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    MSCONFIG\startupreg: IAAnotif => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    MSCONFIG\startupreg: LXCGCATS => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,[email protected]
    MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    MSCONFIG\startupreg: QlbCtrl => %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    MSCONFIG\startupreg: QPService => "C:\Program Files\HP\QuickPlay\QPService.exe"
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    MSCONFIG\startupreg: SMSERIAL => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: WAWifiMessage => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
     
    ==================== FirewallRules (Whitelisted) ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
    FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
    FirewallRules: [{E9345907-DAA6-4702-905A-E483587B5EC0}] => (Allow) C:\Program Files\Instant Housecall\Specialist\Specialist Sign-in.exe
    FirewallRules: [{6C1D56E0-F1A3-41B6-AEC0-53748FBABC42}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
    FirewallRules: [TCP Query User{0A7A6121-2F4D-46D8-8B20-C6C46772D337}C:\python33\python.exe] => (Block) C:\python33\python.exe
    FirewallRules: [UDP Query User{60367E94-85B1-44DD-AB5A-740A0289AAC1}C:\python33\python.exe] => (Block) C:\python33\python.exe
    FirewallRules: [{D6C950AC-BFC4-4908-B769-0350F7FBA1D8}] => (Allow) C:\Program Files\WinZip Driver Updater\winzipdu.exe
    FirewallRules: [{225E263C-FCE5-40A8-BC5E-5F930E5E8519}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{6FAB2B0F-B5C8-468D-90CF-70F6336418D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{01A37E37-F197-4CA5-A6DC-239BC1A5438D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{59AE05E3-7359-42F8-8CBA-53FE3BA4A17B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{4107F44B-B146-4FDC-9704-288E4910137E}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe
    FirewallRules: [{2EF46FA0-2C86-4B6C-9F78-DB5A99E7D0E2}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe
    FirewallRules: [{5FD25458-D997-4C18-82C7-37A38E4D6757}] => (Allow) C:\Program Files\SpringFiles\downloader.exe
    FirewallRules: [{F613C2FA-34EA-41BD-9B55-A2FB8DE47451}] => (Allow) C:\Program Files\SpringFiles\downloader.exe
    FirewallRules: [{0F7A3A86-289B-4B03-AB64-70E0F44FC450}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
     
    ==================== Restore Points =========================
     
    24-02-2016 03:00:11 Windows Update
    24-02-2016 23:49:58 Scheduled Checkpoint
    26-02-2016 07:10:18 Scheduled Checkpoint
    27-02-2016 03:18:12 Windows Update
    29-02-2016 02:23:27 Scheduled Checkpoint
    02-03-2016 03:19:04 Windows Update
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Microsoft ISATAP Adapter #14
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver
     
    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Tun Miniport Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunmp
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
    Name: Ricoh SD/MMC Host Controller
    Description: Ricoh SD/MMC Host Controller
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: Ricoh Company
    Service: rimmptsk
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
    Name: Ricoh Memory Stick Controller
    Description: Ricoh Memory Stick Host Controller
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: Ricoh Company
    Service: rimsptsk
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
    Name: Ricoh xD-Picture Card Controller
    Description: Ricoh xD-Picture Card Controller
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: Ricoh Company
    Service: rismxdp
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (03/10/2016 09:28:05 AM) (Source: LoadPerf) (EventID: 3011) (User: )
    Description: WmiApRplWmiApRpl8
     
    Error: (03/10/2016 09:28:05 AM) (Source: LoadPerf) (EventID: 3012) (User: )
    Description: Performance16
     
    Error: (03/09/2016 08:14:51 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/08/2016 12:58:19 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (03/07/2016 05:51:17 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/07/2016 04:32:11 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/07/2016 01:38:29 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (03/07/2016 01:24:22 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.
     
    Error: (03/07/2016 01:23:39 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
    Error: (03/07/2016 12:49:53 AM) (Source: EventSystem) (EventID: 4609) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
     
     
    System errors:
    =============
    Error: (03/11/2016 08:24:44 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
     
    New Signature Version: 
     
    Previous Signature Version: 0.0.0.0
     
    Update Source: %NT AUTHORITY51
     
    Update Stage: 4.9.0218.00
     
    Source Path: 4.9.0218.01
     
    Signature Type: %NT AUTHORITY602
     
    Update Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\NETWORK SERVICE
     
    Current Engine Version: %NT AUTHORITY605
     
    Previous Engine Version: %NT AUTHORITY606
     
    Error code: %NT AUTHORITY607
     
    Error description: %NT AUTHORITY608
     
    Error: (03/11/2016 08:24:38 AM) (Source: Microsoft Antimalware) (EventID: 2003) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update the engine.
     
    New Engine Version: 
     
    Previous Engine Version: 2.1.11804.0
     
    Engine Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\NETWORK SERVICE
     
    Error Code: %NT AUTHORITY601
     
    Error description: %NT AUTHORITY602
     
    Error: (03/11/2016 08:24:38 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
     
    New Signature Version: 
     
    Previous Signature Version: 
     
    Update Source: %NT AUTHORITY15
     
    Update Stage: 4.9.0218.00
     
    Source Path: 4.9.0218.01
     
    Signature Type: %NT AUTHORITY602
     
    Update Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\NETWORK SERVICE
     
    Current Engine Version: %NT AUTHORITY605
     
    Previous Engine Version: %NT AUTHORITY606
     
    Error code: %NT AUTHORITY607
     
    Error description: %NT AUTHORITY608
     
    Error: (03/11/2016 08:23:48 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
     
    New Signature Version: 
     
    Previous Signature Version: 1.215.1002.0
     
    Update Source: %NT AUTHORITY59
     
    Update Stage: 4.9.0218.00
     
    Source Path: 4.9.0218.01
     
    Signature Type: %NT AUTHORITY602
     
    Update Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\SYSTEM
     
    Current Engine Version: %NT AUTHORITY605
     
    Previous Engine Version: %NT AUTHORITY606
     
    Error code: %NT AUTHORITY607
     
    Error description: %NT AUTHORITY608
     
    Error: (03/11/2016 08:15:14 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}
     
    Error: (03/10/2016 09:38:55 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
     
    Error: (03/10/2016 08:24:50 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
     
    New Signature Version: 
     
    Previous Signature Version: 0.0.0.0
     
    Update Source: %NT AUTHORITY51
     
    Update Stage: 4.9.0218.00
     
    Source Path: 4.9.0218.01
     
    Signature Type: %NT AUTHORITY602
     
    Update Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\NETWORK SERVICE
     
    Current Engine Version: %NT AUTHORITY605
     
    Previous Engine Version: %NT AUTHORITY606
     
    Error code: %NT AUTHORITY607
     
    Error description: %NT AUTHORITY608
     
    Error: (03/10/2016 08:24:43 AM) (Source: Microsoft Antimalware) (EventID: 2003) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update the engine.
     
    New Engine Version: 
     
    Previous Engine Version: 2.1.11804.0
     
    Engine Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\NETWORK SERVICE
     
    Error Code: %NT AUTHORITY601
     
    Error description: %NT AUTHORITY602
     
    Error: (03/10/2016 08:24:43 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
     
    New Signature Version: 
     
    Previous Signature Version: 
     
    Update Source: %NT AUTHORITY15
     
    Update Stage: 4.9.0218.00
     
    Source Path: 4.9.0218.01
     
    Signature Type: %NT AUTHORITY602
     
    Update Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\NETWORK SERVICE
     
    Current Engine Version: %NT AUTHORITY605
     
    Previous Engine Version: %NT AUTHORITY606
     
    Error code: %NT AUTHORITY607
     
    Error description: %NT AUTHORITY608
     
    Error: (03/10/2016 08:23:48 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
     
    New Signature Version: 
     
    Previous Signature Version: 1.215.846.0
     
    Update Source: %NT AUTHORITY59
     
    Update Stage: 4.9.0218.00
     
    Source Path: 4.9.0218.01
     
    Signature Type: %NT AUTHORITY602
     
    Update Type: %NT AUTHORITY604
     
    User: NT AUTHORITY\SYSTEM
     
    Current Engine Version: %NT AUTHORITY605
     
    Previous Engine Version: %NT AUTHORITY606
     
    Error code: %NT AUTHORITY607
     
    Error description: %NT AUTHORITY608
     
     
    CodeIntegrity:
    ===================================
      Date: 2016-03-11 08:42:01.192
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-11 08:42:00.677
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-11 08:42:00.155
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-11 08:41:59.625
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-11 08:37:10.591
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-11 08:37:10.155
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-11 08:37:09.687
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-11 08:37:09.180
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-08 00:33:05.793
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-03-08 00:33:05.361
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™2 Duo CPU T5750 @ 2.00GHz
    Percentage of memory in use: 41%
    Total physical RAM: 3069.68 MB
    Available physical RAM: 1799.61 MB
    Total Virtual: 6341.6 MB
    Available Virtual: 5317.46 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:221.34 GB) (Free:133.86 GB) NTFS ==>[drive with boot components (obtained from BCD)]
    Drive d: (HP_RECOVERY) (Fixed) (Total:11.54 GB) (Free:2.23 GB) NTFS ==>[system with boot components (obtained from drive)]
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 232.9 GB) (Disk ID: 6709219E)
    Partition 1: (Active) - (Size=221.3 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=11.5 GB) - (Type=07 NTFS)
     
    ==================== End of Addition.txt ============================

    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP