[globaljoe]

Hello, As my topic title suggests I can only start my Vista laptop using safe mode or safe mode with networking, if I try to start it normally with my administrator account I get the welcome screen, I type in my administrator password, I get the spinning wheel for a couple of minutes and then a blank screen, standard user account has the same results, I just get the message: Windows could not connect to the user profile service.

I then pressed the F8 key on a second try to boot up, I get to "Advanced boot options" and select "repair your computer", I get "windows is loading files" and then the system recovery options box, I enter my password and press OK and get the message "your account had been disabled" see your system administrator.

I restarted the system pressing F8 for advanced boot options and select safe mode with networking where I can log-in without any problem. 

I then ran Microsoft Security essentials (full-scan), scan completed with nothing found.

So the system will only work in safe mode, any help with this problem would be much appreciated!.

Thank you.

[Advertisements]

 

Please download Farbar Recovery Scan Tool and save it to your Desktop. 

 

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 

 

•  

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 

Press Scan button. 

It will produce a log called FRST.txt in the same directory the tool is run from.  

Please copy and paste log back here. 

The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 

[RKinner]

 

Please download Farbar Recovery Scan Tool and save it to your Desktop. 

 

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 

 

•  

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 

Press Scan button. 

It will produce a log called FRST.txt in the same directory the tool is run from.  

Please copy and paste log back here. 

The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 

[globaljoe]

Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01

Ran by geoff (2016-03-07 19:35:50)

Running from C:\Users\geoff\downloads

Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2008-07-19 08:46:55)

Boot Mode: Safe Mode (with Networking)

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-504676162-3151235640-1111575767-500 - Administrator - Disabled)

geoff (S-1-5-21-504676162-3151235640-1111575767-1000 - Administrator - Enabled) => C:\Users\geoff

Guest (S-1-5-21-504676162-3151235640-1111575767-501 - Limited - Disabled)

jake (S-1-5-21-504676162-3151235640-1111575767-1002 - Limited - Enabled) => C:\Users\jake

Me (S-1-5-21-504676162-3151235640-1111575767-1001 - Limited - Enabled) => C:\Users\Me

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Active@ ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.0 - LSoft Technologies)

ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden

Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)

Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)

Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)

Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)

Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)

Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)

Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)

AIM 6 (HKLM\...\AIM_6) (Version:  - )

Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2225 - AVAST Software)

CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)

CodeBlocks (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)

Core Temp 1.0 RC2 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)

CPUID CPU-Z 1.60 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )

CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1002 - CyberLink Corp.)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Desktop-play 000.015020230 (HKLM\...\dply_en_015020230_is1) (Version:  - DESKTOPPLAY) <==== ATTENTION

DiskCheckup v3.3 (HKLM\...\DiskCheckup_is1) (Version: 3.3.1000 - PassMark Software)

Dropbox (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)

DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.0928 - CyberLink Corp.)

EA Link (HKLM\...\InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}) (Version: 3.1.1.4 - Electronic Arts)

EA Link (Version: 3.1.1.4 - Electronic Arts) Hidden

GameMaker-Studio 1.2 (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\GameMaker-Studio12) (Version:  - YoYo Games Ltd.)

Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)

Google Drive (HKLM\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden

GoToAssist Expert 1.6.0.498 (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\GoToAssist Remote Support Expert) (Version: 1.6.0.498 - Citrix Online)

Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25149 - Hauppauge Computer Works, Inc.)

HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)

HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.234 - SurfRight B.V.)

Hot CPU Tester Pro 4.4.1 (HKLM\...\{5A39D5C2-A28B-421D-925A-0390FD1E5529}_is1) (Version: 4.4 LE - 7Byte Computers)

HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)

HP Customer Experience Enhancements (HKLM\...\{BD0E2B92-3814-46F0-893B-4612EA010C7E}) (Version: 5.4.0.2430 - Hewlett-Packard)

HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.02.0001 - Hewlett-Packard)

HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)

HP Help and Support (HKLM\...\{31216452-5540-4C96-B754-94890A63D5AB}) (Version: 2.0.10.0 - Hewlett-Packard)

HP Quick Launch Buttons 6.30 E1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.30 E1 - Hewlett-Packard)

HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - )

HP QuickTouch 1.00 C4 (HKLM\...\{7DC4A410-9986-4329-9E5D-687B2C42CA39}) (Version: 1.0.7 - Hewlett-Packard)

HP Total Care Advisor (HKLM\...\{b02df929-29a7-4fd2-9a70-81a644b635f7}) (Version: 1.4.19.2433 - Hewlett-Packard)

HP Update (HKLM\...\{612F4E20-3661-4D44-AD79-823F1B613FB3}) (Version: 5.002.008.001 - Hewlett-Packard)

HP User Guides 0087 (HKLM\...\{4D49757C-367A-4333-BDB3-68966162B14E}) (Version: 1.02.0000 - Hewlett-Packard )

HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H2 - Hewlett-Packard)

HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden

HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden

ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)

Instant Housecall Specialist Sign-in (HKLM\...\{7C9045F9-039D-4B64-93F5-53D8F9F7816F}) (Version: 6.0.0.0 - Instant Housecall)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)

Java 7 Update 10 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217010F0}) (Version: 7.0.100 - Oracle)

Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)

Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

KeyNote 1.6.5 (HKLM\...\KeyNote_is1) (Version:  - )

KompoZer 0.8b3 (HKLM\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version:  - KompoZer)

LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2128 - CyberLink Corp.)

Lexmark 2300 Series (HKLM\...\Lexmark 2300 Series) (Version:  - Lexmark International, Inc.)

Lexmark Fax Solutions (HKLM\...\Lexmark Fax Solutions) (Version:  - Lexmark International, Inc.)

LightScribe System Software  1.10.13.1 (Version: 1.10.13.1 - hxxp://www.lightscribe.com) Hidden

LinuxLive USB Creator (HKLM\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)

Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)

Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Press Training Kit Exam Prep Suite A+ 220-801, 220-802 (HKLM\...\{7AA4AE9D-8720-4050-8E9A-DABDB197855B}) (Version: 1.0.0 - MeasureUp)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)

Mozilla Firefox 40.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)

MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

muvee autoProducer 6.1 (HKLM\...\{250E9609-E830-43EB-B379-DAB7546A2422}) (Version: 6.10.050 - muvee Technologies)

My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1902 - WildTangent)

Nokia Connectivity Cable Driver (HKLM\...\{4F1DCA42-2030-437C-A94E-736692A499C1}) (Version: 6.86.11.0 - Nokia)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)

OpenOffice 4.1.2 (HKLM\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)

Opera Stable 19.0.1326.59 (HKLM\...\Opera 19.0.1326.59) (Version: 19.0.1326.59 - Opera Software ASA)

Opera Stable 33.0.1990.115 (HKLM\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software)

Opera Stable 34.0.2036.36 (HKLM\...\Opera 34.0.2036.36) (Version: 34.0.2036.36 - Opera Software)

Opera Update Checker (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Opera Update Checker) (Version:  - Opera widgets)

PDF Creator (HKLM\...\PDF Creator) (Version:  - )

PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden

PyScripter 2.5.3 (HKLM\...\PyScripter_is1) (Version: 2.5.3 - PyScripter)

Python 3.3.0 (HKLM\...\{526b1417-92c1-3737-8247-4abc49ccc8e4}) (Version: 3.3.150 - Python Software Foundation)

QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)

RAR Reader (HKLM\...\{9CDE6ACC-B81A-482E-A55C-FBB0CA021FEC}_is1) (Version:  - rarreader.com)

Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5869 - Realtek Semiconductor Corp.)

Renee Undeleter 2014.2.26.00 (HKLM\...\{EE1F41BE-6DBD-44AE-9F97-4D7F9227329D}_is1) (Version: 2014.2.26.00 - Rene.E Laboratory)

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )

Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)

Search module (HKLM\...\Search module) (Version:  - Goobzo) <==== ATTENTION

SearchModule (HKLM\...\{D2E9FE6A-7003-42A0-96F6-5569DFC2A3A8}_is1) (Version: 2.8.9.113 - Goobzo LTD) <==== ATTENTION

SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version:  - Seagate Technology)

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

SIW version 2010.07.14 (HKLM\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.07.14 - Topala Software Solutions)

Skill Builder DX (HKLM\...\{40C2D00A-9235-4EA2-8AB9-2CAB7A842B49}) (Version:  - )

Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)

Skype™ 7.11 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.11.102 - Skype Technologies S.A.)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.1.1002 - SUPERAntiSpyware.com)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)

TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.0.8703  - TeamViewer GmbH)

The OFFICIAL DSA THEORY TEST for Car Drivers (HKLM\...\{50684081-B0AE-4B26-9E06-645BE7E357C8}) (Version: 2.00.0001 - TSO)

The Sims™ Life Stories (HKLM\...\{2284D904-C138-4B58-93EC-5C362AB5130A}) (Version: 1.00.0000 - Electronic Arts)

Undeleter (HKLM\...\{6A1110AB-79A2-4316-A0F3-D95525931FDC}_is1) (Version:  - Blitware Technology Inc.)

Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)

Windows Repair Kit v3.0 (HKLM\...\Windows Repair Kit v3.0) (Version:  - )

WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)

WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0}\InprocServer32 -> C:\Users\geoff\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\TIExpertIE8.ocx (Techinline Ltd.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F5CC79AD-5695-4db5-9669-4231686B4B84}\InprocServer32 -> C:\Program Files\Instant Housecall\Specialist\MenuExtension32.dll (Instant Housecall)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1225487D-BDF9-4FBE-9EAA-26ED945115C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {14544222-AE0F-4CEB-B2BB-99DFB502A867} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {15EF1CCC-3432-4402-9256-0A98C74B1652} - System32\Tasks\Opera scheduled Autoupdate 1382886487 => C:\Program Files\Opera\launcher.exe [2015-12-14] (Opera Software)

Task: {1735D2DB-0770-4363-B235-1A5BBB61CEA3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1AC86800-E407-49EC-9FEB-77FECCF6ED31} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1F2B7AEB-9245-40C2-82C5-A2B588CB764C} - System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => pcalua.exe -a C:\Users\geoff\Downloads\codeblocks-8.02mingw-setup.exe -d C:\Users\geoff\Downloads

Task: {2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {243AA337-398B-4680-8869-45BFAE49BDB5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {274256E2-939F-481F-8D43-F9E697D1016E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2A8D1224-CA24-4760-B7D8-4321CDDD6083} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2ED0D85B-F710-4CB1-8B4B-6321B212F12F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)

Task: {2F4E6C7C-FDAE-4111-9978-89566B696070} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2FCA15CB-B66C-42CC-9985-62AC4976D9DC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {354B53AA-D547-479D-922C-159C219C1740} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {3677E902-A325-4BF7-A459-71D25A24966B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {384DD8F1-BF04-4837-BDE0-222B0E438A1B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {3B99A0E9-6110-4336-A553-29051BF8EEE1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {43D8F97B-ABB7-43D2-A096-01E275FE195D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {44D3AB92-727E-4436-BF6A-6F2881935F2C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {45CC24E9-901D-4773-97BD-F97ACA2A7389} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {4C4EE041-B922-43AA-924F-7837E263CE85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {4D5E7218-2F43-4CA3-B682-700799D5CE40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {4F8919F2-04DA-4341-894D-E1B87A328662} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {571CB1A9-B2E1-424A-BD1F-339AE42602A5} - System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => pcalua.exe -a F:\netsetup.exe -d F:\

Task: {593F3332-FD90-4A28-A913-80F0E6475AFC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6092D2F8-3318-4903-AC4A-9F3505364585} - System32\Tasks\{4B88C94D-0A54-4A3E-A970-4422C4E5D1A1} => pcalua.exe -a C:\ProgramData\Installations\{5AFEABF5-7411-4C29-9FA9-71ABE880662D}\Nokia_PC_Suite_rel_6_86_9_4_EA.exe

Task: {61C19587-0F15-42A6-BDCC-DE63613C6CF1} - \TweakBit\PCRepairKit\Start PCRepairKit automatic scanning -> No File <==== ATTENTION

Task: {65734AB0-442E-4C8B-831A-71BBD28F22BE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {65826AA8-B7B9-420C-A349-0EB309679B68} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {665BAE83-6070-424D-8961-0994CAAAA3D1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {66A3F06A-D4FE-4869-8E77-322841C856E3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {698836BD-D478-47DC-84E5-7602AED789B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6A0A78A9-68EE-4976-B8A7-7053F760E88D} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6B44EE9A-9157-413C-AB41-1AB294579379} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6B6FCBAA-1064-4C10-961E-F386DE8284EF} - System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => pcalua.exe -a C:\Users\geoff\Desktop\shman.exe -d C:\Users\geoff\Desktop

Task: {6E61263B-F516-4092-8734-300AB9F5120E} - \TweakBit\PCRepairKit\Start PCRepairKit оn logon -> No File <==== ATTENTION

Task: {6F961960-E97B-4F29-BB9B-CDA15D645A01} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {73368EA5-B4C0-43A8-9DE3-A5B2829CC358} - \TweakBit\PCRepairKit\Start PCRepairKit оn logon -> No File <==== ATTENTION

Task: {752216AA-CE30-405B-9267-118E9D282112} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {758C46B4-EC68-4929-9696-2B67910B9877} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7751432F-31C2-4103-A74E-9174B4C4C054} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {783E6D80-266F-4699-8FE1-4FC5D38EDB56} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {787A8DAB-4F37-4917-AF82-DB776FD28A88} - System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION

Task: {7C3C7D3A-147C-469C-87F6-BDBCC2670A40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7DFE5167-9CB2-4916-9EC2-425C791E7AFD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7EA885AA-495D-4206-A2B4-25C4B8D764DD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7FA27470-2EDB-4FCE-8214-9CA2569A93B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {80D049AE-6B6D-4C2B-9AF2-494D620181C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {839A5338-CE92-4A68-AD90-156344208991} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8433246C-B309-4DED-8952-86CD35F88ECF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)

Task: {8A0681A4-A478-4B7B-A731-6E2827AFB580} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)

Task: {8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8CE00976-D326-4633-B50D-9C35EFFE56D8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} - System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => pcalua.exe -a "C:\Users\geoff\AppData\Roaming\AntiVirus System 2011\securityhelper.exe" -c /UNINSTALL

Task: {903AA892-BA72-451B-8D43-A18F2284BF3B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {918A2E20-CA51-4284-8C0F-6C4C103E3DE6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} - \TweakBit\PCCleaner\Start PCCleaner оn logon -> No File <==== ATTENTION

Task: {96116637-6BCB-45F2-A779-AF61A1DFCBE2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9A82E602-1B78-4A51-A57F-22492DF7D748} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9C4056F5-53A0-4CD6-9181-E74108389684} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9EB97B77-CF48-4B66-86AA-22ACB8407BC7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9F1F470A-F055-468F-B6D0-DAD0CEF91634} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9FF24EA7-B4CC-46E5-8283-96A7C87E0269} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A0672630-2F14-4D69-A998-5A434390C838} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A140BE9B-A5E1-48C6-A3CE-43E5744A42C9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)

Task: {A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A8D4B054-B355-4893-A181-BA6A1BB681AB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AAB1E654-AF8B-4950-8295-EC7083687DEF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {ABE5ADC8-A224-4EF0-B4AB-7058AB1FCE74} - System32\Tasks\{874CFE2D-ADB2-4050-94FD-A3E7307E6543} => pcalua.exe -a "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" -c REMOVE=TRUE MODIFY=FALSE

Task: {AE1D247A-E799-4C06-AB12-ED3DC27B161E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {B31D3014-70AA-4C28-8514-033FD8DD95C4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {BDC087A1-705A-4D7A-B610-ECFFB6CB3872} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {BDE3EC51-E282-421D-BF64-0DE5798D2D50} - \TweakBit\PCCleaner\Start PCCleaner оn logon -> No File <==== ATTENTION

Task: {C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C12FAFB3-F3F3-415B-AFB1-54427B425D7E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C17C0E68-0511-4B60-A629-BD179BB8C766} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C62716B7-465D-4DB6-AD4A-0F9CED4F9911} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C8740CD5-B817-4037-BADA-13E03F1C5904} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CA818194-6FCE-44D9-961B-29ED7A6F6DBB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CC5AAB18-C5BA-4B1C-83BA-107642FC9280} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CD245391-D8E3-4FB9-A4CA-D61E33985A11} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CF66EAE2-A122-4185-8C55-E25DCAFA20E9} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {D0550D23-65C5-4F3C-8626-1F1975FFA483} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {D4490887-7881-4C5D-BE94-7AE4224A89D0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DEE8B8F5-21DA-4D19-ACE2-C503DC023158} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DF73CDB1-B351-46A1-9666-1D6DAB51BE54} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E2CD2DDD-B548-47A7-A367-B947DC8A966A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E49F8E52-CD62-4E6C-AE28-E03E926913D7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E543470A-A320-4008-9924-594ABE80C4A0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-16] (AVAST Software)

Task: {E5751FBE-4938-4A29-A870-7F40FFA1FF2E} - System32\Tasks\IBUpd2 => C:\Users\geoff\AppData\Local\BrowserAir\47.0.0.4\updater.exe <==== ATTENTION

Task: {E99D5913-61ED-4363-A488-891A133AF7D6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {EAE04FA7-7E95-4ED7-9820-00D6B189890E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F321D67B-4140-46C2-9DA5-C1FE5939854C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F35F304E-D980-436F-AA47-1D20676D1F23} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F7C2988E-5E91-4051-9596-96D28D2D7FDA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FB48721E-1E03-44E5-940A-3422F1198D9F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FE3B0FBE-7B53-4551-8052-7F723F29D65F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

 

==================== Shortcuts =============================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

 

==================== Loaded Modules (Whitelisted) ==============

 

2010-10-23 14:12 - 2010-11-20 18:03 - 00043520 ____N () C:\Windows\system32\CmdLineExt03.dll

2016-01-08 07:06 - 2015-12-14 09:14 - 61551736 _____ () C:\Program Files\Opera\34.0.2036.36\opera.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d7-bddd-11e5-ba81-001e68ddbd2a} [20]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d8-bddd-11e5-ba81-001e68ddbd2a} [31]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a} [20]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a} [31]

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com

IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com

IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com

IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com

IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com

IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com

IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

 

There are 7595 more sites.

 

IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\cleverreach.com -> hxxp://novastor.cleverreach.com

IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\google-analytics.com -> hxxp://google-analytics.com

IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\novastor.com -> hxxp://novastor.com

IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\novastor.com -> hxxps://novastor.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\007guard.com -> install.007guard.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\008k.com -> www.008k.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\00hq.com -> www.00hq.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\010402.com -> 010402.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\0scan.com -> www.0scan.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\10sek.com -> www.10sek.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123simsen.com -> www.123simsen.com

 

There are 7592 more sites.

 

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2006-11-02 10:23 - 2013-10-12 23:23 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts

 

127.0.0.1       localhost

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img31.jpg

DNS Servers: 192.168.0.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

MSCONFIG\startupreg: EzPrint => "C:\Program Files\Lexmark 2300 Series\ezprint.exe"

MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart

MSCONFIG\startupreg: GoToAssist Express Expert => "C:\Users\geoff\AppData\Local\Citrix\GoToAssist Express Expert\403\g2ax_start.exe" "/Trigger RunAtLogon"

MSCONFIG\startupreg: GoToAssist Remote Support Expert => "C:\Program Files\Citrix\GoToAssist Remote Support Expert\498\g2ax_start.exe" "/Trigger RunAtLogon"

MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

MSCONFIG\startupreg: IAAnotif => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

MSCONFIG\startupreg: LXCGCATS => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16

MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

MSCONFIG\startupreg: QlbCtrl => %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

MSCONFIG\startupreg: QPService => "C:\Program Files\HP\QuickPlay\QPService.exe"

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

MSCONFIG\startupreg: SMSERIAL => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: WAWifiMessage => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe

FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe

FirewallRules: [{E9345907-DAA6-4702-905A-E483587B5EC0}] => (Allow) C:\Program Files\Instant Housecall\Specialist\Specialist Sign-in.exe

FirewallRules: [{6C1D56E0-F1A3-41B6-AEC0-53748FBABC42}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe

FirewallRules: [TCP Query User{0A7A6121-2F4D-46D8-8B20-C6C46772D337}C:\python33\python.exe] => (Block) C:\python33\python.exe

FirewallRules: [UDP Query User{60367E94-85B1-44DD-AB5A-740A0289AAC1}C:\python33\python.exe] => (Block) C:\python33\python.exe

FirewallRules: [{D6C950AC-BFC4-4908-B769-0350F7FBA1D8}] => (Allow) C:\Program Files\WinZip Driver Updater\winzipdu.exe

FirewallRules: [{225E263C-FCE5-40A8-BC5E-5F930E5E8519}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{6FAB2B0F-B5C8-468D-90CF-70F6336418D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{01A37E37-F197-4CA5-A6DC-239BC1A5438D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [{59AE05E3-7359-42F8-8CBA-53FE3BA4A17B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [{4107F44B-B146-4FDC-9704-288E4910137E}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe

FirewallRules: [{2EF46FA0-2C86-4B6C-9F78-DB5A99E7D0E2}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe

FirewallRules: [{5FD25458-D997-4C18-82C7-37A38E4D6757}] => (Allow) C:\Program Files\SpringFiles\downloader.exe

FirewallRules: [{F613C2FA-34EA-41BD-9B55-A2FB8DE47451}] => (Allow) C:\Program Files\SpringFiles\downloader.exe

FirewallRules: [{0F7A3A86-289B-4B03-AB64-70E0F44FC450}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

 

==================== Restore Points =========================

 

24-02-2016 03:00:11 Windows Update

24-02-2016 23:49:58 Scheduled Checkpoint

26-02-2016 07:10:18 Scheduled Checkpoint

27-02-2016 03:18:12 Windows Update

29-02-2016 02:23:27 Scheduled Checkpoint

02-03-2016 03:19:04 Windows Update

 

==================== Faulty Device Manager Devices =============

 

Name: Microsoft ISATAP Adapter #14

Description: Microsoft ISATAP Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Tun Miniport Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunmp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Ricoh SD/MMC Host Controller

Description: Ricoh SD/MMC Host Controller

Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}

Manufacturer: Ricoh Company

Service: rimmptsk

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Ricoh Memory Stick Controller

Description: Ricoh Memory Stick Host Controller

Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}

Manufacturer: Ricoh Company

Service: rimsptsk

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Ricoh xD-Picture Card Controller

Description: Ricoh xD-Picture Card Controller

Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}

Manufacturer: Ricoh Company

Service: rismxdp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (03/07/2016 05:51:17 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/07/2016 04:32:11 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/07/2016 01:38:29 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/07/2016 01:24:22 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/07/2016 01:23:39 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/07/2016 12:49:53 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/07/2016 12:11:24 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/07/2016 12:06:15 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/06/2016 11:31:18 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/06/2016 11:17:47 PM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

 

System errors:

=============

Error: (03/07/2016 06:04:42 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 0.0.0.0

 

Update Source: %NT AUTHORITY51

 

Update Stage: 4.9.0218.00

 

Source Path: 4.9.0218.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\NETWORK SERVICE

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (03/07/2016 06:04:34 AM) (Source: Microsoft Antimalware) (EventID: 2003) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update the engine.

 

New Engine Version: 

 

Previous Engine Version: 2.1.11804.0

 

Engine Type: %NT AUTHORITY604

 

User: NT AUTHORITY\NETWORK SERVICE

 

Error Code: %NT AUTHORITY601

 

Error description: %NT AUTHORITY602

 

Error: (03/07/2016 06:04:34 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 

 

Update Source: %NT AUTHORITY15

 

Update Stage: 4.9.0218.00

 

Source Path: 4.9.0218.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\NETWORK SERVICE

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (03/07/2016 06:01:04 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 1.215.375.0

 

Update Source: %NT AUTHORITY59

 

Update Stage: 4.9.0218.00

 

Source Path: 4.9.0218.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\SYSTEM

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (03/07/2016 06:01:04 AM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

 

Error: (03/07/2016 05:51:35 AM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

 

Error: (03/07/2016 05:51:33 AM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

 

Error: (03/07/2016 05:51:24 AM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

 

Error: (03/07/2016 05:51:23 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: aswRvrt

aswSnx

aswSP

aswVmm

MpFilter

spldr

Wanarpv6

 

Error: (03/07/2016 05:51:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Microsoft Network Inspection SystemMicrosoft Malware Protection Driver%%31

 

 

CodeIntegrity:

===================================

  Date: 2016-03-07 19:35:08.132

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 19:35:07.710

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 19:35:07.274

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 19:35:06.790

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 04:31:43.825

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 04:31:43.389

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 04:31:42.952

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 04:31:42.515

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 04:31:40.440

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 04:31:39.863

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core™2 Duo CPU T5750 @ 2.00GHz

Percentage of memory in use: 36%

Total physical RAM: 3069.68 MB

Available physical RAM: 1956.52 MB

Total Virtual: 6341.6 MB

Available Virtual: 5514.52 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:221.34 GB) (Free:133.71 GB) NTFS ==>[drive with boot components (obtained from BCD)]

Drive d: (HP_RECOVERY) (Fixed) (Total:11.54 GB) (Free:2.23 GB) NTFS ==>[system with boot components (obtained from drive)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 232.9 GB) (Disk ID: 6709219E)

Partition 1: (Active) - (Size=221.3 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=11.5 GB) - (Type=07 NTFS)

 

==================== End of Addition.txt =============================Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01

Ran by geoff (2016-03-07 19:35:50)

Running from C:\Users\geoff\downloads

Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2008-07-19 08:46:55)

Boot Mode: Safe Mode (with Networking)

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-504676162-3151235640-1111575767-500 - Administrator - Disabled)

geoff (S-1-5-21-504676162-3151235640-1111575767-1000 - Administrator - Enabled) => C:\Users\geoff

Guest (S-1-5-21-504676162-3151235640-1111575767-501 - Limited - Disabled)

jake (S-1-5-21-504676162-3151235640-1111575767-1002 - Limited - Enabled) => C:\Users\jake

Me (S-1-5-21-504676162-3151235640-1111575767-1001 - Limited - Enabled) => C:\Users\Me

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Active@ ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.0 - LSoft Technologies)

ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden

Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)

Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)

Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)

Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)

Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)

Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)

Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)

AIM 6 (HKLM\...\AIM_6) (Version:  - )

Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2225 - AVAST Software)

CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)

CodeBlocks (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)

Core Temp 1.0 RC2 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)

CPUID CPU-Z 1.60 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )

CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1002 - CyberLink Corp.)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Desktop-play 000.015020230 (HKLM\...\dply_en_015020230_is1) (Version:  - DESKTOPPLAY) <==== ATTENTION

DiskCheckup v3.3 (HKLM\...\DiskCheckup_is1) (Version: 3.3.1000 - PassMark Software)

Dropbox (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)

DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.0928 - CyberLink Corp.)

EA Link (HKLM\...\InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}) (Version: 3.1.1.4 - Electronic Arts)

EA Link (Version: 3.1.1.4 - Electronic Arts) Hidden

GameMaker-Studio 1.2 (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\GameMaker-Studio12) (Version:  - YoYo Games Ltd.)

Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)

Google Drive (HKLM\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden

GoToAssist Expert 1.6.0.498 (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\GoToAssist Remote Support Expert) (Version: 1.6.0.498 - Citrix Online)

Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25149 - Hauppauge Computer Works, Inc.)

HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)

HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.234 - SurfRight B.V.)

Hot CPU Tester Pro 4.4.1 (HKLM\...\{5A39D5C2-A28B-421D-925A-0390FD1E5529}_is1) (Version: 4.4 LE - 7Byte Computers)

HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)

HP Customer Experience Enhancements (HKLM\...\{BD0E2B92-3814-46F0-893B-4612EA010C7E}) (Version: 5.4.0.2430 - Hewlett-Packard)

HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.02.0001 - Hewlett-Packard)

HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)

HP Help and Support (HKLM\...\{31216452-5540-4C96-B754-94890A63D5AB}) (Version: 2.0.10.0 - Hewlett-Packard)

HP Quick Launch Buttons 6.30 E1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.30 E1 - Hewlett-Packard)

HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - )

HP QuickTouch 1.00 C4 (HKLM\...\{7DC4A410-9986-4329-9E5D-687B2C42CA39}) (Version: 1.0.7 - Hewlett-Packard)

HP Total Care Advisor (HKLM\...\{b02df929-29a7-4fd2-9a70-81a644b635f7}) (Version: 1.4.19.2433 - Hewlett-Packard)

HP Update (HKLM\...\{612F4E20-3661-4D44-AD79-823F1B613FB3}) (Version: 5.002.008.001 - Hewlett-Packard)

HP User Guides 0087 (HKLM\...\{4D49757C-367A-4333-BDB3-68966162B14E}) (Version: 1.02.0000 - Hewlett-Packard )

HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H2 - Hewlett-Packard)

HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden

HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden

ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)

Instant Housecall Specialist Sign-in (HKLM\...\{7C9045F9-039D-4B64-93F5-53D8F9F7816F}) (Version: 6.0.0.0 - Instant Housecall)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)

Java 7 Update 10 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217010F0}) (Version: 7.0.100 - Oracle)

Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)

Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

KeyNote 1.6.5 (HKLM\...\KeyNote_is1) (Version:  - )

KompoZer 0.8b3 (HKLM\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version:  - KompoZer)

LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2128 - CyberLink Corp.)

Lexmark 2300 Series (HKLM\...\Lexmark 2300 Series) (Version:  - Lexmark International, Inc.)

Lexmark Fax Solutions (HKLM\...\Lexmark Fax Solutions) (Version:  - Lexmark International, Inc.)

LightScribe System Software  1.10.13.1 (Version: 1.10.13.1 - hxxp://www.lightscribe.com) Hidden

LinuxLive USB Creator (HKLM\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)

Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)

Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Press Training Kit Exam Prep Suite A+ 220-801, 220-802 (HKLM\...\{7AA4AE9D-8720-4050-8E9A-DABDB197855B}) (Version: 1.0.0 - MeasureUp)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)

Mozilla Firefox 40.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)

MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

muvee autoProducer 6.1 (HKLM\...\{250E9609-E830-43EB-B379-DAB7546A2422}) (Version: 6.10.050 - muvee Technologies)

My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1902 - WildTangent)

Nokia Connectivity Cable Driver (HKLM\...\{4F1DCA42-2030-437C-A94E-736692A499C1}) (Version: 6.86.11.0 - Nokia)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)

OpenOffice 4.1.2 (HKLM\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)

Opera Stable 19.0.1326.59 (HKLM\...\Opera 19.0.1326.59) (Version: 19.0.1326.59 - Opera Software ASA)

Opera Stable 33.0.1990.115 (HKLM\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software)

Opera Stable 34.0.2036.36 (HKLM\...\Opera 34.0.2036.36) (Version: 34.0.2036.36 - Opera Software)

Opera Update Checker (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Opera Update Checker) (Version:  - Opera widgets)

PDF Creator (HKLM\...\PDF Creator) (Version:  - )

PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden

PyScripter 2.5.3 (HKLM\...\PyScripter_is1) (Version: 2.5.3 - PyScripter)

Python 3.3.0 (HKLM\...\{526b1417-92c1-3737-8247-4abc49ccc8e4}) (Version: 3.3.150 - Python Software Foundation)

QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)

RAR Reader (HKLM\...\{9CDE6ACC-B81A-482E-A55C-FBB0CA021FEC}_is1) (Version:  - rarreader.com)

Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5869 - Realtek Semiconductor Corp.)

Renee Undeleter 2014.2.26.00 (HKLM\...\{EE1F41BE-6DBD-44AE-9F97-4D7F9227329D}_is1) (Version: 2014.2.26.00 - Rene.E Laboratory)

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )

Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)

Search module (HKLM\...\Search module) (Version:  - Goobzo) <==== ATTENTION

SearchModule (HKLM\...\{D2E9FE6A-7003-42A0-96F6-5569DFC2A3A8}_is1) (Version: 2.8.9.113 - Goobzo LTD) <==== ATTENTION

SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version:  - Seagate Technology)

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

SIW version 2010.07.14 (HKLM\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.07.14 - Topala Software Solutions)

Skill Builder DX (HKLM\...\{40C2D00A-9235-4EA2-8AB9-2CAB7A842B49}) (Version:  - )

Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)

Skype™ 7.11 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.11.102 - Skype Technologies S.A.)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.1.1002 - SUPERAntiSpyware.com)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)

TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.0.8703  - TeamViewer GmbH)

The OFFICIAL DSA THEORY TEST for Car Drivers (HKLM\...\{50684081-B0AE-4B26-9E06-645BE7E357C8}) (Version: 2.00.0001 - TSO)

The Sims™ Life Stories (HKLM\...\{2284D904-C138-4B58-93EC-5C362AB5130A}) (Version: 1.00.0000 - Electronic Arts)

Undeleter (HKLM\...\{6A1110AB-79A2-4316-A0F3-D95525931FDC}_is1) (Version:  - Blitware Technology Inc.)

Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)

Windows Repair Kit v3.0 (HKLM\...\Windows Repair Kit v3.0) (Version:  - )

WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)

WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0}\InprocServer32 -> C:\Users\geoff\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\TIExpertIE8.ocx (Techinline Ltd.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F5CC79AD-5695-4db5-9669-4231686B4B84}\InprocServer32 -> C:\Program Files\Instant Housecall\Specialist\MenuExtension32.dll (Instant Housecall)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1225487D-BDF9-4FBE-9EAA-26ED945115C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {14544222-AE0F-4CEB-B2BB-99DFB502A867} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {15EF1CCC-3432-4402-9256-0A98C74B1652} - System32\Tasks\Opera scheduled Autoupdate 1382886487 => C:\Program Files\Opera\launcher.exe [2015-12-14] (Opera Software)

Task: {1735D2DB-0770-4363-B235-1A5BBB61CEA3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1AC86800-E407-49EC-9FEB-77FECCF6ED31} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1F2B7AEB-9245-40C2-82C5-A2B588CB764C} - System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => pcalua.exe -a C:\Users\geoff\Downloads\codeblocks-8.02mingw-setup.exe -d C:\Users\geoff\Downloads

Task: {2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {243AA337-398B-4680-8869-45BFAE49BDB5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {274256E2-939F-481F-8D43-F9E697D1016E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2A8D1224-CA24-4760-B7D8-4321CDDD6083} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2ED0D85B-F710-4CB1-8B4B-6321B212F12F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)

Task: {2F4E6C7C-FDAE-4111-9978-89566B696070} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2FCA15CB-B66C-42CC-9985-62AC4976D9DC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {354B53AA-D547-479D-922C-159C219C1740} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {3677E902-A325-4BF7-A459-71D25A24966B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {384DD8F1-BF04-4837-BDE0-222B0E438A1B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {3B99A0E9-6110-4336-A553-29051BF8EEE1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {43D8F97B-ABB7-43D2-A096-01E275FE195D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {44D3AB92-727E-4436-BF6A-6F2881935F2C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {45CC24E9-901D-4773-97BD-F97ACA2A7389} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {4C4EE041-B922-43AA-924F-7837E263CE85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {4D5E7218-2F43-4CA3-B682-700799D5CE40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {4F8919F2-04DA-4341-894D-E1B87A328662} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {571CB1A9-B2E1-424A-BD1F-339AE42602A5} - System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => pcalua.exe -a F:\netsetup.exe -d F:\

Task: {593F3332-FD90-4A28-A913-80F0E6475AFC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6092D2F8-3318-4903-AC4A-9F3505364585} - System32\Tasks\{4B88C94D-0A54-4A3E-A970-4422C4E5D1A1} => pcalua.exe -a C:\ProgramData\Installations\{5AFEABF5-7411-4C29-9FA9-71ABE880662D}\Nokia_PC_Suite_rel_6_86_9_4_EA.exe

Task: {61C19587-0F15-42A6-BDCC-DE63613C6CF1} - \TweakBit\PCRepairKit\Start PCRepairKit automatic scanning -> No File <==== ATTENTION

Task: {65734AB0-442E-4C8B-831A-71BBD28F22BE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {65826AA8-B7B9-420C-A349-0EB309679B68} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {665BAE83-6070-424D-8961-0994CAAAA3D1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {66A3F06A-D4FE-4869-8E77-322841C856E3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {698836BD-D478-47DC-84E5-7602AED789B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6A0A78A9-68EE-4976-B8A7-7053F760E88D} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6B44EE9A-9157-413C-AB41-1AB294579379} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6B6FCBAA-1064-4C10-961E-F386DE8284EF} - System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => pcalua.exe -a C:\Users\geoff\Desktop\shman.exe -d C:\Users\geoff\Desktop

Task: {6E61263B-F516-4092-8734-300AB9F5120E} - \TweakBit\PCRepairKit\Start PCRepairKit оn logon -> No File <==== ATTENTION

Task: {6F961960-E97B-4F29-BB9B-CDA15D645A01} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {73368EA5-B4C0-43A8-9DE3-A5B2829CC358} - \TweakBit\PCRepairKit\Start PCRepairKit оn logon -> No File <==== ATTENTION

Task: {752216AA-CE30-405B-9267-118E9D282112} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {758C46B4-EC68-4929-9696-2B67910B9877} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7751432F-31C2-4103-A74E-9174B4C4C054} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {783E6D80-266F-4699-8FE1-4FC5D38EDB56} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {787A8DAB-4F37-4917-AF82-DB776FD28A88} - System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION

Task: {7C3C7D3A-147C-469C-87F6-BDBCC2670A40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7DFE5167-9CB2-4916-9EC2-425C791E7AFD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7EA885AA-495D-4206-A2B4-25C4B8D764DD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7FA27470-2EDB-4FCE-8214-9CA2569A93B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {80D049AE-6B6D-4C2B-9AF2-494D620181C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {839A5338-CE92-4A68-AD90-156344208991} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8433246C-B309-4DED-8952-86CD35F88ECF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)

Task: {8A0681A4-A478-4B7B-A731-6E2827AFB580} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)

Task: {8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8CE00976-D326-4633-B50D-9C35EFFE56D8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} - System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => pcalua.exe -a "C:\Users\geoff\AppData\Roaming\AntiVirus System 2011\securityhelper.exe" -c /UNINSTALL

Task: {903AA892-BA72-451B-8D43-A18F2284BF3B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {918A2E20-CA51-4284-8C0F-6C4C103E3DE6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} - \TweakBit\PCCleaner\Start PCCleaner оn logon -> No File <==== ATTENTION

Task: {96116637-6BCB-45F2-A779-AF61A1DFCBE2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9A82E602-1B78-4A51-A57F-22492DF7D748} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9C4056F5-53A0-4CD6-9181-E74108389684} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9EB97B77-CF48-4B66-86AA-22ACB8407BC7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9F1F470A-F055-468F-B6D0-DAD0CEF91634} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9FF24EA7-B4CC-46E5-8283-96A7C87E0269} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A0672630-2F14-4D69-A998-5A434390C838} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A140BE9B-A5E1-48C6-A3CE-43E5744A42C9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)

Task: {A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A8D4B054-B355-4893-A181-BA6A1BB681AB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AAB1E654-AF8B-4950-8295-EC7083687DEF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {ABE5ADC8-A224-4EF0-B4AB-7058AB1FCE74} - System32\Tasks\{874CFE2D-ADB2-4050-94FD-A3E7307E6543} => pcalua.exe -a "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" -c REMOVE=TRUE MODIFY=FALSE

Task: {AE1D247A-E799-4C06-AB12-ED3DC27B161E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {B31D3014-70AA-4C28-8514-033FD8DD95C4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {BDC087A1-705A-4D7A-B610-ECFFB6CB3872} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {BDE3EC51-E282-421D-BF64-0DE5798D2D50} - \TweakBit\PCCleaner\Start PCCleaner оn logon -> No File <==== ATTENTION

Task: {C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C12FAFB3-F3F3-415B-AFB1-54427B425D7E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C17C0E68-0511-4B60-A629-BD179BB8C766} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C62716B7-465D-4DB6-AD4A-0F9CED4F9911} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C8740CD5-B817-4037-BADA-13E03F1C5904} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CA818194-6FCE-44D9-961B-29ED7A6F6DBB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CC5AAB18-C5BA-4B1C-83BA-107642FC9280} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CD245391-D8E3-4FB9-A4CA-D61E33985A11} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CF66EAE2-A122-4185-8C55-E25DCAFA20E9} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {D0550D23-65C5-4F3C-8626-1F1975FFA483} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {D4490887-7881-4C5D-BE94-7AE4224A89D0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DEE8B8F5-21DA-4D19-ACE2-C503DC023158} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DF73CDB1-B351-46A1-9666-1D6DAB51BE54} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E2CD2DDD-B548-47A7-A367-B947DC8A966A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E49F8E52-CD62-4E6C-AE28-E03E926913D7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E543470A-A320-4008-9924-594ABE80C4A0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-16] (AVAST Software)

Task: {E5751FBE-4938-4A29-A870-7F40FFA1FF2E} - System32\Tasks\IBUpd2 => C:\Users\geoff\AppData\Local\BrowserAir\47.0.0.4\updater.exe <==== ATTENTION

Task: {E99D5913-61ED-4363-A488-891A133AF7D6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {EAE04FA7-7E95-4ED7-9820-00D6B189890E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F321D67B-4140-46C2-9DA5-C1FE5939854C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F35F304E-D980-436F-AA47-1D20676D1F23} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F7C2988E-5E91-4051-9596-96D28D2D7FDA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FB48721E-1E03-44E5-940A-3422F1198D9F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FE3B0FBE-7B53-4551-8052-7F723F29D65F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

 

==================== Shortcuts =============================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

 

==================== Loaded Modules (Whitelisted) ==============

 

2010-10-23 14:12 - 2010-11-20 18:03 - 00043520 ____N () C:\Windows\system32\CmdLineExt03.dll

2016-01-08 07:06 - 2015-12-14 09:14 - 61551736 _____ () C:\Program Files\Opera\34.0.2036.36\opera.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d7-bddd-11e5-ba81-001e68ddbd2a} [20]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d8-bddd-11e5-ba81-001e68ddbd2a} [31]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a} [20]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a} [31]

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com

IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com

IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com

IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com

IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com

IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com

IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

 

There are 7595 more sites.

 

IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\cleverreach.com -> hxxp://novastor.cleverreach.com

IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\google-analytics.com -> hxxp://google-analytics.com

IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\novastor.com -> hxxp://novastor.com

IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\novastor.com -> hxxps://novastor.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\007guard.com -> install.007guard.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\008k.com -> www.008k.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\00hq.com -> www.00hq.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\010402.com -> 010402.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\0scan.com -> www.0scan.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\10sek.com -> www.10sek.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123simsen.com -> www.123simsen.com

 

There are 7592 more sites.

 

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2006-11-02 10:23 - 2013-10-12 23:23 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts

 

127.0.0.1       localhost

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img31.jpg

DNS Servers: 192.168.0.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

MSCONFIG\startupreg: EzPrint => "C:\Program Files\Lexmark 2300 Series\ezprint.exe"

MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart

MSCONFIG\startupreg: GoToAssist Express Expert => "C:\Users\geoff\AppData\Local\Citrix\GoToAssist Express Expert\403\g2ax_start.exe" "/Trigger RunAtLogon"

MSCONFIG\startupreg: GoToAssist Remote Support Expert => "C:\Program Files\Citrix\GoToAssist Remote Support Expert\498\g2ax_start.exe" "/Trigger RunAtLogon"

MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

MSCONFIG\startupreg: IAAnotif => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

MSCONFIG\startupreg: LXCGCATS => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16

MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

MSCONFIG\startupreg: QlbCtrl => %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

MSCONFIG\startupreg: QPService => "C:\Program Files\HP\QuickPlay\QPService.exe"

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

MSCONFIG\startupreg: SMSERIAL => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: WAWifiMessage => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe

FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe

FirewallRules: [{E9345907-DAA6-4702-905A-E483587B5EC0}] => (Allow) C:\Program Files\Instant Housecall\Specialist\Specialist Sign-in.exe

FirewallRules: [{6C1D56E0-F1A3-41B6-AEC0-53748FBABC42}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe

FirewallRules: [TCP Query User{0A7A6121-2F4D-46D8-8B20-C6C46772D337}C:\python33\python.exe] => (Block) C:\python33\python.exe

FirewallRules: [UDP Query User{60367E94-85B1-44DD-AB5A-740A0289AAC1}C:\python33\python.exe] => (Block) C:\python33\python.exe

FirewallRules: [{D6C950AC-BFC4-4908-B769-0350F7FBA1D8}] => (Allow) C:\Program Files\WinZip Driver Updater\winzipdu.exe

FirewallRules: [{225E263C-FCE5-40A8-BC5E-5F930E5E8519}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{6FAB2B0F-B5C8-468D-90CF-70F6336418D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{01A37E37-F197-4CA5-A6DC-239BC1A5438D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [{59AE05E3-7359-42F8-8CBA-53FE3BA4A17B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [{4107F44B-B146-4FDC-9704-288E4910137E}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe

FirewallRules: [{2EF46FA0-2C86-4B6C-9F78-DB5A99E7D0E2}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe

FirewallRules: [{5FD25458-D997-4C18-82C7-37A38E4D6757}] => (Allow) C:\Program Files\SpringFiles\downloader.exe

FirewallRules: [{F613C2FA-34EA-41BD-9B55-A2FB8DE47451}] => (Allow) C:\Program Files\SpringFiles\downloader.exe

FirewallRules: [{0F7A3A86-289B-4B03-AB64-70E0F44FC450}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

 

==================== Restore Points =========================

 

24-02-2016 03:00:11 Windows Update

24-02-2016 23:49:58 Scheduled Checkpoint

26-02-2016 07:10:18 Scheduled Checkpoint

27-02-2016 03:18:12 Windows Update

29-02-2016 02:23:27 Scheduled Checkpoint

02-03-2016 03:19:04 Windows Update

 

==================== Faulty Device Manager Devices =============

 

Name: Microsoft ISATAP Adapter #14

Description: Microsoft ISATAP Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Tun Miniport Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunmp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Ricoh SD/MMC Host Controller

Description: Ricoh SD/MMC Host Controller

Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}

Manufacturer: Ricoh Company

Service: rimmptsk

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Ricoh Memory Stick Controller

Description: Ricoh Memory Stick Host Controller

Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}

Manufacturer: Ricoh Company

Service: rimsptsk

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Ricoh xD-Picture Card Controller

Description: Ricoh xD-Picture Card Controller

Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}

Manufacturer: Ricoh Company

Service: rismxdp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (03/07/2016 05:51:17 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/07/2016 04:32:11 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/07/2016 01:38:29 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/07/2016 01:24:22 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/07/2016 01:23:39 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/07/2016 12:49:53 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/07/2016 12:11:24 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/07/2016 12:06:15 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/06/2016 11:31:18 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/06/2016 11:17:47 PM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

 

System errors:

=============

Error: (03/07/2016 06:04:42 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 0.0.0.0

 

Update Source: %NT AUTHORITY51

 

Update Stage: 4.9.0218.00

 

Source Path: 4.9.0218.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\NETWORK SERVICE

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (03/07/2016 06:04:34 AM) (Source: Microsoft Antimalware) (EventID: 2003) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update the engine.

 

New Engine Version: 

 

Previous Engine Version: 2.1.11804.0

 

Engine Type: %NT AUTHORITY604

 

User: NT AUTHORITY\NETWORK SERVICE

 

Error Code: %NT AUTHORITY601

 

Error description: %NT AUTHORITY602

 

Error: (03/07/2016 06:04:34 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 

 

Update Source: %NT AUTHORITY15

 

Update Stage: 4.9.0218.00

 

Source Path: 4.9.0218.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\NETWORK SERVICE

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (03/07/2016 06:01:04 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 1.215.375.0

 

Update Source: %NT AUTHORITY59

 

Update Stage: 4.9.0218.00

 

Source Path: 4.9.0218.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\SYSTEM

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (03/07/2016 06:01:04 AM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

 

Error: (03/07/2016 05:51:35 AM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

 

Error: (03/07/2016 05:51:33 AM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

 

Error: (03/07/2016 05:51:24 AM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

 

Error: (03/07/2016 05:51:23 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: aswRvrt

aswSnx

aswSP

aswVmm

MpFilter

spldr

Wanarpv6

 

Error: (03/07/2016 05:51:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Microsoft Network Inspection SystemMicrosoft Malware Protection Driver%%31

 

 

CodeIntegrity:

===================================

  Date: 2016-03-07 19:35:08.132

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 19:35:07.710

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 19:35:07.274

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 19:35:06.790

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 04:31:43.825

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 04:31:43.389

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 04:31:42.952

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 04:31:42.515

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 04:31:40.440

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-07 04:31:39.863

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core™2 Duo CPU T5750 @ 2.00GHz

Percentage of memory in use: 36%

Total physical RAM: 3069.68 MB

Available physical RAM: 1956.52 MB

Total Virtual: 6341.6 MB

Available Virtual: 5514.52 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:221.34 GB) (Free:133.71 GB) NTFS ==>[drive with boot components (obtained from BCD)]

Drive d: (HP_RECOVERY) (Fixed) (Total:11.54 GB) (Free:2.23 GB) NTFS ==>[system with boot components (obtained from drive)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 232.9 GB) (Disk ID: 6709219E)

Partition 1: (Active) - (Size=221.3 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=11.5 GB) - (Type=07 NTFS)

 

==================== End of Addition.txt ====================================== End of Addition.txt =========================================== End of Addition.txt ==================================

[RKinner]

You posted the Addition.txt log twice.  Can you post the FRST log?

[globaljoe]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01

Ran by geoff (administrator) on GEOFF-LAPTOP (07-03-2016 19:34:24)

Running from C:\Users\geoff\downloads

Loaded Profiles: geoff (Available Profiles: geoff & Me & jake)

Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)

Internet Explorer Version 9 (Default browser: Opera)

Boot Mode: Safe Mode (with Networking)

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera_crashreporter.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

 

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7539232 2009-06-09] (Realtek Semiconductor)

HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554320 2007-09-04] ( Hewlett-Packard Development Company, L.P.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software)

HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)

HKLM\...\Run: [LXCGCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)

Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04] (SUPERAntiSpyware.com)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\avastSS.scr [43112 2015-08-16] (AVAST Software)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-16] (AVAST Software)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File

GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User: Restriction <======= ATTENTION

GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User: Restriction <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{4606CB98-8F30-40BD-8D2B-A3D2D5337D78}: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{C1122DA3-F798-4DC3-A956-F232C42C5C49}: [DhcpNameServer] 192.168.0.1

 

Internet Explorer:

==================

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www-searching.com/?pid=s&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&vp=ch&prd=set_ie

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.virgin.net

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.virgin.net/ie/search

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.virgin.net/about/welcome/

SearchScopes: HKLM -> DefaultScope value is missing

SearchScopes: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> {86A68F0B-FB97-4F08-9E9A-247FB0BC4165} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-13] (Oracle Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-16] (AVAST Software)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-13] (Oracle Corporation)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)

Toolbar: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)

DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: AutorunsDisabled\skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)

 

FireFox:

========

FF ProfilePath: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421

FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()

FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)

FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-13] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-13] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)

FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-09-20] ()

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-09-19] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-09-19] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-09-19] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-09-19] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-09-19] (Apple Inc.)

FF SearchPlugin: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml [2016-02-06]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-07] [not signed]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10] [not signed]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-10] [not signed]

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-18]

 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw

CHR StartupUrls: Default -> "hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw"

CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw&q={searchTerms}

CHR DefaultSearchKeyword: Default -> www-searching.com

CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}

CHR Profile: C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Drive) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-10]

CHR Extension: (Google Docs Offline) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-10]

CHR Extension: (Secure Mail for Gmail (by Streak)) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngdnjdobadbdemillgljnnbpomnfokn [2016-02-10]

CHR Extension: (Mailvelope) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajibbejlbohfaggdiogboambcijhkke [2016-02-10]

CHR Extension: (Skype) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-10]

CHR Extension: (Right Inbox for Gmail) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mflnemhkomgploogccdmcloekbloobgb [2016-02-10]

CHR Extension: (Chrome Web Store Payments) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-10]

CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-15]

CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

CHR HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\geoff\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-05-28]

CHR HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

 

==================== Services (Whitelisted) ========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-11] (SUPERAntiSpyware.com) [File not signed]

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-16] (AVAST Software)

S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-08-16] (Avast Software)

S4 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.) [File not signed]

S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]

S4 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]

S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]

S2 lxcg_device; C:\Windows\system32\lxcgcoms.exe [537520 2007-04-29] ( )

S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)

S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)

S2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [271760 2007-12-20] ()

S2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [112016 2007-12-20] ()

S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)

S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

 

===================== Drivers (Whitelisted) ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 alcan5wn; C:\Windows\System32\DRIVERS\alcan5wn.sys [53600 2003-12-08] (THOMSON)

S3 alcaudsl; C:\Windows\System32\DRIVERS\alcaudsl.sys [70688 2003-12-08] (THOMSON)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-08-16] (AVAST Software)

S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-08-16] (AVAST Software)

R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-08-16] (AVAST Software)

S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-08-16] (AVAST Software)

S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-15] (AVAST Software)

S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-12-15] (AVAST Software)

S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-08-16] (AVAST Software)

S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-08-16] (AVAST Software)

S0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-08-16] (AVAST Software)

S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2016-01-18] ()

R3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-01-02] (Malwarebytes)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)

S3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [6144 2007-01-09] (Chic)

S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)

R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-08-16] (AVAST Software)

S4 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S4 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 sdfhgdf; C:\Windows\System32\DRIVERS\sdfhgdf.sys [19624 2016-02-06] (Corporation) [File not signed]

S4 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2011-09-02] (Duplex Secure Ltd.)

S4 ST330; C:\Windows\System32\drivers\st330.sys [30464 2009-12-03] (THOMSON Telecom Belgium) [File not signed]

S4 STBUS; C:\Windows\System32\drivers\stbus.sys [12672 2009-12-03] (THOMSON Telecom Belgium) [File not signed]

S4 stppp; C:\Windows\System32\DRIVERS\stppp.sys [35328 2009-12-03] (THOMSON Telecom Belgium)

S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8064 2007-11-29] (Windows ® Codename Longhorn DDK provider)

S4 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [44544 2012-09-28] (Apple, Inc.) [File not signed]

S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8064 2007-11-29] (Windows ® Codename Longhorn DDK provider)

S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-08-16] (Avast Software)

U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)

U1 eabfiltr; no ImagePath

S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

S4 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]

S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S4 SymIM; system32\DRIVERS\SymIM.sys [X]

S4 SymIMMP; system32\DRIVERS\SymIM.sys [X]

S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-03-07 19:34 - 2016-03-07 19:35 - 00022603 _____ C:\Users\geoff\Downloads\FRST.txt

2016-03-07 19:33 - 2016-03-07 19:34 - 00000000 ____D C:\FRST

2016-03-07 19:30 - 2016-03-07 19:30 - 01725440 _____ (Farbar) C:\Users\geoff\Downloads\FRST.exe

2016-03-07 19:30 - 2016-03-07 19:30 - 00000817 _____ C:\Users\geoff\Desktop\FRST - Shortcut.lnk

2016-03-06 23:18 - 2016-03-06 23:18 - 00000000 ____D C:\Program Files\HitmanPro

2016-03-03 22:53 - 2016-03-03 22:53 - 00001607 _____ C:\AdwCleaner[R5].txt

2016-02-15 16:10 - 2016-02-15 16:11 - 06828320 _____ (Piriform Ltd) C:\Users\geoff\Downloads\ccsetup514.exe

2016-02-13 13:01 - 2016-02-13 13:01 - 00000000 ____D C:\Program Files\Common Files\Java

2016-02-13 12:17 - 2016-03-07 05:51 - 00100590 _____ C:\Windows\ntbtlog.txt

2016-02-13 12:09 - 2016-03-07 00:11 - 00000000 ____D C:\NPE

2016-02-13 12:01 - 2016-03-07 00:53 - 00000000 ____D C:\Users\geoff\AppData\Local\NPE

2016-02-13 12:01 - 2016-02-13 12:01 - 00000000 ____D C:\ProgramData\Norton

2016-02-13 12:00 - 2016-02-13 12:00 - 03088296 _____ (Symantec Corporation) C:\Users\geoff\Downloads\NPE.exe

2016-02-11 03:00 - 2016-02-11 03:00 - 00000000 ____D C:\Windows\CheckSur

2016-02-10 18:17 - 2016-02-10 18:17 - 00987728 _____ (Google Inc.) C:\Users\geoff\Downloads\ChromeSetup (1).exe

2016-02-10 17:54 - 2016-02-18 21:41 - 00001943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-02-10 17:54 - 2016-02-18 21:41 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2016-02-10 17:52 - 2016-02-10 17:52 - 00987728 _____ (Google Inc.) C:\Users\geoff\Downloads\ChromeSetup.exe

2016-02-10 16:43 - 2016-01-25 04:59 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2016-02-10 16:43 - 2016-01-25 04:57 - 12391424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2016-02-10 16:43 - 2016-01-25 04:55 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2016-02-10 16:43 - 2016-01-25 04:54 - 09753600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2016-02-10 16:43 - 2016-01-25 04:54 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2016-02-10 16:43 - 2016-01-25 04:53 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2016-02-10 16:43 - 2016-01-25 04:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2016-02-10 16:43 - 2016-01-25 04:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2016-02-10 16:43 - 2016-01-25 04:51 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2016-02-10 16:43 - 2016-01-25 04:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2016-02-10 15:49 - 2016-01-30 03:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll

2016-02-10 15:49 - 2016-01-30 03:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll

2016-02-10 15:49 - 2016-01-30 03:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll

2016-02-10 15:49 - 2016-01-30 03:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll

2016-02-10 15:49 - 2016-01-30 03:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax

2016-02-10 15:49 - 2016-01-30 03:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax

2016-02-10 15:49 - 2016-01-30 03:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax

2016-02-10 15:49 - 2016-01-30 03:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax

2016-02-10 15:49 - 2016-01-30 03:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll

2016-02-10 15:49 - 2016-01-30 01:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe

2016-02-10 15:45 - 2016-02-01 17:21 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2016-02-10 15:45 - 2016-01-30 03:15 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe

2016-02-10 15:45 - 2016-01-30 03:15 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2016-02-10 15:45 - 2016-01-30 03:09 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2016-02-10 15:45 - 2016-01-30 03:09 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2016-02-10 15:45 - 2016-01-30 03:08 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2016-02-10 15:45 - 2016-01-30 03:07 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2016-02-10 15:45 - 2016-01-30 03:07 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2016-02-10 15:45 - 2016-01-30 01:24 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2016-02-10 15:37 - 2016-01-07 15:21 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2016-02-10 15:33 - 2016-01-07 15:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2016-02-10 15:26 - 2016-01-09 17:06 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2016-02-10 06:48 - 2016-02-10 06:50 - 89438323 _____ C:\Users\geoff\Downloads\ou_futurelearn_cyber_security_vid_1020.mp4

2016-02-07 20:46 - 2016-02-07 20:46 - 00021180 _____ C:\Users\geoff\Documents\Viruses.odt

2016-02-06 22:42 - 2016-02-06 22:42 - 00000909 _____ C:\Users\geoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2016-02-06 22:40 - 2016-02-06 22:40 - 00000904 _____ C:\Users\geoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2016-02-06 21:56 - 2016-02-09 16:21 - 00000000 ____D C:\Users\geoff\AppData\Local\SearchModule

2016-02-06 21:56 - 2016-02-07 00:58 - 00000000 ____D C:\Users\geoff\AppData\Local\BrowserAir

2016-02-06 21:56 - 2016-02-06 22:44 - 00019624 _____ (Corporation) C:\Windows\system32\Drivers\sdfhgdf.sys

2016-02-06 21:55 - 2016-03-07 05:24 - 00000000 ____D C:\Program Files\dply_en_015020230

2016-02-06 21:55 - 2016-02-13 12:46 - 00000000 ____D C:\Program Files\Common Files\Goobzo

2016-02-06 21:55 - 2016-02-09 16:22 - 00000000 ____D C:\Users\geoff\AppData\Local\dply_en_015020230

2016-02-06 21:55 - 2016-02-06 21:55 - 00001680 _____ C:\Users\Public\Desktop\SpringFiles.lnk

2016-02-06 21:55 - 2016-02-06 21:55 - 00000000 ____D C:\ProgramData\SearchModule

2016-02-06 21:55 - 2016-02-06 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\SpringFiles

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-03-07 06:00 - 2009-10-10 01:51 - 00008484 _____ C:\Users\geoff\AppData\Local\d3d9caps.dat

2016-03-07 05:50 - 2009-09-20 13:27 - 00065536 _____ C:\Windows\system32\Ikeext.etl

2016-03-07 05:25 - 2010-12-09 15:49 - 00000000 ____D C:\Users\jake

2016-03-07 05:25 - 2010-06-07 16:46 - 00000000 ____D C:\Users\Me

2016-03-07 05:25 - 2006-11-02 10:22 - 58458112 _____ C:\Windows\system32\config\software_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 52428800 _____ C:\Windows\system32\config\components_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 41680896 _____ C:\Windows\system32\config\system_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 04861952 _____ C:\Windows\system32\config\default_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 00131072 _____ C:\Windows\system32\config\sam_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 00028672 _____ C:\Windows\system32\config\security_previous

2016-03-07 05:24 - 2015-11-04 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2016-03-07 05:24 - 2015-11-04 14:40 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware

2016-03-07 05:24 - 2011-02-16 13:05 - 00000000 ____D C:\Program Files\Microsoft Security Client

2016-03-07 05:24 - 2010-10-12 20:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2016-03-07 05:24 - 2008-10-14 17:37 - 00000000 ____D C:\Users\geoff

2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\system32\spool

2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\registration

2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\inf

2016-03-07 01:47 - 2008-11-19 21:36 - 00000000 ____D C:\Windows\Minidump

2016-03-05 23:49 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\tracing

2016-03-02 02:47 - 2006-11-02 12:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2016-03-02 02:47 - 2006-11-02 12:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2016-02-27 03:01 - 2012-04-03 10:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-02-27 02:36 - 2010-03-09 19:09 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2016-02-26 12:36 - 2010-03-09 19:09 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2016-02-24 03:03 - 2012-05-31 17:55 - 00001786 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2016-02-24 03:03 - 2011-02-16 13:05 - 00001945 _____ C:\Windows\epplauncher.mif

2016-02-15 13:31 - 2010-03-12 19:22 - 00000000 ____D C:\Program Files\Lx_cats

2016-02-13 13:01 - 2013-12-01 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2016-02-13 13:01 - 2008-03-07 16:17 - 00000000 ____D C:\Program Files\Java

2016-02-13 13:00 - 2015-09-10 19:13 - 00000000 ____D C:\Users\geoff\.oracle_jre_usage

2016-02-13 12:59 - 2015-01-26 21:26 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2016-02-13 12:47 - 2006-11-02 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-02-13 12:44 - 2006-11-02 13:01 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2016-02-12 03:39 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\rescache

2016-02-11 03:34 - 2013-08-19 18:30 - 00000000 ____D C:\Windows\system32\MRT

2016-02-11 03:34 - 2006-11-02 10:24 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2016-02-10 18:40 - 2009-01-05 23:18 - 00000000 ____D C:\Users\geoff\AppData\Local\Google

2016-02-10 17:54 - 2009-01-05 23:03 - 00000000 ____D C:\Program Files\Google

2016-02-10 16:24 - 2006-11-02 10:33 - 00006568 _____ C:\Windows\system32\PerfStringBackup.INI

2016-02-10 16:14 - 2006-11-02 12:47 - 00367368 _____ C:\Windows\system32\FNTCACHE.DAT

2016-02-10 16:10 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Journal

2016-02-10 16:10 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Collaboration

2016-02-10 15:00 - 2006-11-02 11:18 - 00000000 __RSD C:\Windows\Media

2016-02-10 15:00 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\PolicyDefinitions

2016-02-09 21:01 - 2012-04-03 10:09 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2016-02-09 21:01 - 2011-05-19 11:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2016-02-09 19:18 - 2016-01-21 11:16 - 00009445 _____ C:\Users\geoff\Documents\Installing and using a password manager..odt

2016-02-09 19:17 - 2016-01-19 20:26 - 00030553 _____ C:\Users\geoff\Documents\How to create a good password..odt

2016-02-09 19:15 - 2016-01-14 22:49 - 00000000 ____D C:\Users\geoff\Desktop\Introduction to Cyber Security, Futurelearn

2016-02-06 22:15 - 2008-10-14 18:08 - 00000915 _____ C:\Users\geoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2016-02-06 21:56 - 2013-03-20 17:11 - 00000990 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2016-02-06 21:56 - 2012-03-22 18:13 - 00001002 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

 

==================== Files in the root of some directories =======

 

2010-04-14 21:01 - 2010-04-14 21:01 - 0812344 ____N (Trend Micro Inc.) C:\Program Files\HijackThisInstaller.exe

2010-04-26 18:10 - 2010-04-26 18:15 - 0001492 ____N () C:\Program Files\Spybot - Search & Destroy.lnk

2008-10-14 21:10 - 2010-05-19 13:54 - 0027839 _____ () C:\Users\geoff\AppData\Roaming\nvModes.001

2008-10-14 21:06 - 2010-03-17 13:56 - 0027839 _____ () C:\Users\geoff\AppData\Roaming\nvModes.dat

2011-12-16 22:18 - 2016-01-16 13:33 - 0001155 _____ () C:\Users\geoff\AppData\Roaming\Rim.Desktop.Exception.log

2011-12-16 22:16 - 2012-06-21 16:15 - 0002245 _____ () C:\Users\geoff\AppData\Roaming\Rim.Desktop.HttpServerSetup.log

2011-12-16 22:18 - 2016-01-16 13:33 - 0001155 _____ () C:\Users\geoff\AppData\Roaming\Rim.DesktopHelper.Exception.log

2012-09-22 23:13 - 2016-01-16 13:33 - 0000616 _____ () C:\Users\geoff\AppData\Roaming\Rim.Transcoder.Exception.log

2008-11-09 16:24 - 2008-11-09 16:24 - 0026340 _____ () C:\Users\geoff\AppData\Roaming\UserTile.png

2014-02-05 22:52 - 2014-03-05 00:52 - 0000093 _____ () C:\Users\geoff\AppData\Roaming\WB.CFG

2008-10-14 22:02 - 2014-10-15 09:21 - 0000672 _____ () C:\Users\geoff\AppData\Roaming\wklnhst.dat

2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\AtStart.txt

2009-10-10 01:51 - 2016-03-07 06:00 - 0008484 _____ () C:\Users\geoff\AppData\Local\d3d9caps.dat

2008-10-30 19:59 - 2015-08-03 19:06 - 0011776 _____ () C:\Users\geoff\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\DSwitch.txt

2013-04-24 10:56 - 2015-03-25 18:07 - 0000000 _____ () C:\Users\geoff\AppData\Local\FnF4.txt

2012-12-30 20:25 - 2012-12-30 21:43 - 0000600 _____ () C:\Users\geoff\AppData\Local\PUTTY.RND

2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\QSwitch.txt

2011-02-05 16:50 - 2011-02-05 18:58 - 0000097 __RSH () C:\ProgramData\1.12.0.lic

2012-04-05 12:59 - 2012-04-05 12:59 - 0000053 __RSH () C:\ProgramData\1.12.5.lic

2010-05-19 14:09 - 2016-01-18 11:43 - 0297184 _____ () C:\ProgramData\nvModes.001

2010-05-19 14:09 - 2016-01-18 11:43 - 0297184 _____ () C:\ProgramData\nvModes.dat

 

Files to move or delete:

====================

C:\Users\geoff\IsoBurner-Setup.exe

C:\Users\geoff\regbackup.reg

C:\Users\geoff\SUPERAntiSpyware.exe

 

 

Some files in TEMP:

====================

C:\Users\geoff\AppData\Local\Temp\jre-8u71-windows-au.exe

C:\Users\geoff\AppData\Local\Temp\jre-8u73-windows-au.exe

 

 

==================== Bamital & volsnap =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2016-03-07 18:06

 

==================== End of FRST.txt ============================

[globaljoe]

OK?.

[RKinner]

 

Download the attached fixlist.txt to the same location as FRST

 

[attachment=80545:fixlist.txt]

 

Run FRST and press Fix

A fix log will be generated please post that 

 

Run FRST again and check the addition.txt box then Scan.  Post both logs.

 

 

[globaljoe]

Is this what you require, I'm becoming totally lost with this!

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01

Ran by geoff (administrator) on GEOFF-LAPTOP (08-03-2016 00:33:01)

Running from C:\Users\geoff\downloads

Loaded Profiles: geoff (Available Profiles: geoff & Me & jake)

Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)

Internet Explorer Version 9 (Default browser: Opera)

Boot Mode: Safe Mode (with Networking)

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera_crashreporter.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

 

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7539232 2009-06-09] (Realtek Semiconductor)

HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554320 2007-09-04] ( Hewlett-Packard Development Company, L.P.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software)

HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)

HKLM\...\Run: [LXCGCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)

Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04] (SUPERAntiSpyware.com)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\avastSS.scr [43112 2015-08-16] (AVAST Software)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-16] (AVAST Software)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File

GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User: Restriction <======= ATTENTION

GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User: Restriction <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{4606CB98-8F30-40BD-8D2B-A3D2D5337D78}: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{C1122DA3-F798-4DC3-A956-F232C42C5C49}: [DhcpNameServer] 192.168.0.1

 

Internet Explorer:

==================

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www-searching.com/?pid=s&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&vp=ch&prd=set_ie

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.virgin.net

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.virgin.net/ie/search

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.virgin.net/about/welcome/

SearchScopes: HKLM -> DefaultScope value is missing

SearchScopes: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> {86A68F0B-FB97-4F08-9E9A-247FB0BC4165} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-13] (Oracle Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-16] (AVAST Software)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-13] (Oracle Corporation)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)

Toolbar: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)

DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: AutorunsDisabled\skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)

 

FireFox:

========

FF ProfilePath: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421

FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()

FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)

FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-13] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-13] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)

FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-09-20] ()

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-09-19] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-09-19] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-09-19] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-09-19] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-09-19] (Apple Inc.)

FF SearchPlugin: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml [2016-02-06]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-07] [not signed]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10] [not signed]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-10] [not signed]

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-18]

 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw

CHR StartupUrls: Default -> "hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw"

CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw&q={searchTerms}

CHR DefaultSearchKeyword: Default -> www-searching.com

CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}

CHR Profile: C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Drive) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-10]

CHR Extension: (Google Docs Offline) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-10]

CHR Extension: (Secure Mail for Gmail (by Streak)) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngdnjdobadbdemillgljnnbpomnfokn [2016-02-10]

CHR Extension: (Mailvelope) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajibbejlbohfaggdiogboambcijhkke [2016-02-10]

CHR Extension: (Skype) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-10]

CHR Extension: (Right Inbox for Gmail) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mflnemhkomgploogccdmcloekbloobgb [2016-02-10]

CHR Extension: (Chrome Web Store Payments) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-10]

CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-15]

CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

CHR HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\geoff\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-05-28]

CHR HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

 

==================== Services (Whitelisted) ========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-11] (SUPERAntiSpyware.com) [File not signed]

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-16] (AVAST Software)

S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-08-16] (Avast Software)

S4 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.) [File not signed]

S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]

S4 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]

S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]

S2 lxcg_device; C:\Windows\system32\lxcgcoms.exe [537520 2007-04-29] ( )

S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)

S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)

S2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [271760 2007-12-20] ()

S2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [112016 2007-12-20] ()

S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)

S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

 

===================== Drivers (Whitelisted) ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 alcan5wn; C:\Windows\System32\DRIVERS\alcan5wn.sys [53600 2003-12-08] (THOMSON)

S3 alcaudsl; C:\Windows\System32\DRIVERS\alcaudsl.sys [70688 2003-12-08] (THOMSON)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-08-16] (AVAST Software)

S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-08-16] (AVAST Software)

R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-08-16] (AVAST Software)

S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-08-16] (AVAST Software)

S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-15] (AVAST Software)

S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-12-15] (AVAST Software)

S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-08-16] (AVAST Software)

S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-08-16] (AVAST Software)

S0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-08-16] (AVAST Software)

S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2016-01-18] ()

R3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-01-02] (Malwarebytes)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)

S3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [6144 2007-01-09] (Chic)

S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)

R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-08-16] (AVAST Software)

S4 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S4 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 sdfhgdf; C:\Windows\System32\DRIVERS\sdfhgdf.sys [19624 2016-02-06] (Corporation) [File not signed]

S4 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2011-09-02] (Duplex Secure Ltd.)

S4 ST330; C:\Windows\System32\drivers\st330.sys [30464 2009-12-03] (THOMSON Telecom Belgium) [File not signed]

S4 STBUS; C:\Windows\System32\drivers\stbus.sys [12672 2009-12-03] (THOMSON Telecom Belgium) [File not signed]

S4 stppp; C:\Windows\System32\DRIVERS\stppp.sys [35328 2009-12-03] (THOMSON Telecom Belgium)

S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8064 2007-11-29] (Windows ® Codename Longhorn DDK provider)

S4 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [44544 2012-09-28] (Apple, Inc.) [File not signed]

S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8064 2007-11-29] (Windows ® Codename Longhorn DDK provider)

S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-08-16] (Avast Software)

U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)

U1 eabfiltr; no ImagePath

S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

S4 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]

S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S4 SymIM; system32\DRIVERS\SymIM.sys [X]

S4 SymIMMP; system32\DRIVERS\SymIM.sys [X]

S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-03-07 19:35 - 2016-03-07 19:37 - 00067337 _____ C:\Users\geoff\Downloads\Addition.txt

2016-03-07 19:34 - 2016-03-08 00:33 - 00022603 _____ C:\Users\geoff\Downloads\FRST.txt

2016-03-07 19:33 - 2016-03-08 00:33 - 00000000 ____D C:\FRST

2016-03-07 19:30 - 2016-03-07 19:30 - 01725440 _____ (Farbar) C:\Users\geoff\Downloads\FRST.exe

2016-03-07 19:30 - 2016-03-07 19:30 - 00000817 _____ C:\Users\geoff\Desktop\FRST - Shortcut.lnk

2016-03-06 23:18 - 2016-03-06 23:18 - 00000000 ____D C:\Program Files\HitmanPro

2016-03-03 22:53 - 2016-03-03 22:53 - 00001607 _____ C:\AdwCleaner[R5].txt

2016-02-15 16:10 - 2016-02-15 16:11 - 06828320 _____ (Piriform Ltd) C:\Users\geoff\Downloads\ccsetup514.exe

2016-02-13 13:01 - 2016-02-13 13:01 - 00000000 ____D C:\Program Files\Common Files\Java

2016-02-13 12:17 - 2016-03-07 05:51 - 00100590 _____ C:\Windows\ntbtlog.txt

2016-02-13 12:09 - 2016-03-07 00:11 - 00000000 ____D C:\NPE

2016-02-13 12:01 - 2016-03-07 00:53 - 00000000 ____D C:\Users\geoff\AppData\Local\NPE

2016-02-13 12:01 - 2016-02-13 12:01 - 00000000 ____D C:\ProgramData\Norton

2016-02-13 12:00 - 2016-02-13 12:00 - 03088296 _____ (Symantec Corporation) C:\Users\geoff\Downloads\NPE.exe

2016-02-11 03:00 - 2016-02-11 03:00 - 00000000 ____D C:\Windows\CheckSur

2016-02-10 18:17 - 2016-02-10 18:17 - 00987728 _____ (Google Inc.) C:\Users\geoff\Downloads\ChromeSetup (1).exe

2016-02-10 17:54 - 2016-02-18 21:41 - 00001943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-02-10 17:54 - 2016-02-18 21:41 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2016-02-10 17:52 - 2016-02-10 17:52 - 00987728 _____ (Google Inc.) C:\Users\geoff\Downloads\ChromeSetup.exe

2016-02-10 16:43 - 2016-01-25 04:59 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2016-02-10 16:43 - 2016-01-25 04:57 - 12391424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2016-02-10 16:43 - 2016-01-25 04:55 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2016-02-10 16:43 - 2016-01-25 04:54 - 09753600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2016-02-10 16:43 - 2016-01-25 04:54 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2016-02-10 16:43 - 2016-01-25 04:53 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2016-02-10 16:43 - 2016-01-25 04:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2016-02-10 16:43 - 2016-01-25 04:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2016-02-10 16:43 - 2016-01-25 04:51 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2016-02-10 16:43 - 2016-01-25 04:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2016-02-10 15:49 - 2016-01-30 03:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll

2016-02-10 15:49 - 2016-01-30 03:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll

2016-02-10 15:49 - 2016-01-30 03:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll

2016-02-10 15:49 - 2016-01-30 03:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll

2016-02-10 15:49 - 2016-01-30 03:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax

2016-02-10 15:49 - 2016-01-30 03:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax

2016-02-10 15:49 - 2016-01-30 03:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax

2016-02-10 15:49 - 2016-01-30 03:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax

2016-02-10 15:49 - 2016-01-30 03:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll

2016-02-10 15:49 - 2016-01-30 01:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe

2016-02-10 15:45 - 2016-02-01 17:21 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2016-02-10 15:45 - 2016-01-30 03:15 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe

2016-02-10 15:45 - 2016-01-30 03:15 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2016-02-10 15:45 - 2016-01-30 03:09 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2016-02-10 15:45 - 2016-01-30 03:09 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2016-02-10 15:45 - 2016-01-30 03:08 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2016-02-10 15:45 - 2016-01-30 03:07 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2016-02-10 15:45 - 2016-01-30 03:07 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2016-02-10 15:45 - 2016-01-30 01:24 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2016-02-10 15:37 - 2016-01-07 15:21 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2016-02-10 15:33 - 2016-01-07 15:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2016-02-10 15:26 - 2016-01-09 17:06 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2016-02-10 06:48 - 2016-02-10 06:50 - 89438323 _____ C:\Users\geoff\Downloads\ou_futurelearn_cyber_security_vid_1020.mp4

2016-02-07 20:46 - 2016-02-07 20:46 - 00021180 _____ C:\Users\geoff\Documents\Viruses.odt

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-03-07 06:00 - 2009-10-10 01:51 - 00008484 _____ C:\Users\geoff\AppData\Local\d3d9caps.dat

2016-03-07 05:50 - 2009-09-20 13:27 - 00065536 _____ C:\Windows\system32\Ikeext.etl

2016-03-07 05:25 - 2010-12-09 15:49 - 00000000 ____D C:\Users\jake

2016-03-07 05:25 - 2010-06-07 16:46 - 00000000 ____D C:\Users\Me

2016-03-07 05:25 - 2006-11-02 10:22 - 58458112 _____ C:\Windows\system32\config\software_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 52428800 _____ C:\Windows\system32\config\components_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 41680896 _____ C:\Windows\system32\config\system_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 04861952 _____ C:\Windows\system32\config\default_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 00131072 _____ C:\Windows\system32\config\sam_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 00028672 _____ C:\Windows\system32\config\security_previous

2016-03-07 05:24 - 2016-02-06 21:55 - 00000000 ____D C:\Program Files\dply_en_015020230

2016-03-07 05:24 - 2015-11-04 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2016-03-07 05:24 - 2015-11-04 14:40 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware

2016-03-07 05:24 - 2011-02-16 13:05 - 00000000 ____D C:\Program Files\Microsoft Security Client

2016-03-07 05:24 - 2010-10-12 20:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2016-03-07 05:24 - 2008-10-14 17:37 - 00000000 ____D C:\Users\geoff

2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\system32\spool

2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\registration

2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\inf

2016-03-07 01:47 - 2008-11-19 21:36 - 00000000 ____D C:\Windows\Minidump

2016-03-05 23:49 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\tracing

2016-03-02 02:47 - 2006-11-02 12:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2016-03-02 02:47 - 2006-11-02 12:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2016-02-27 03:01 - 2012-04-03 10:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-02-27 02:36 - 2010-03-09 19:09 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2016-02-26 12:36 - 2010-03-09 19:09 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2016-02-24 03:03 - 2012-05-31 17:55 - 00001786 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2016-02-24 03:03 - 2011-02-16 13:05 - 00001945 _____ C:\Windows\epplauncher.mif

2016-02-15 13:31 - 2010-03-12 19:22 - 00000000 ____D C:\Program Files\Lx_cats

2016-02-13 13:01 - 2013-12-01 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2016-02-13 13:01 - 2008-03-07 16:17 - 00000000 ____D C:\Program Files\Java

2016-02-13 13:00 - 2015-09-10 19:13 - 00000000 ____D C:\Users\geoff\.oracle_jre_usage

2016-02-13 12:59 - 2015-01-26 21:26 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2016-02-13 12:47 - 2006-11-02 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-02-13 12:46 - 2016-02-06 21:55 - 00000000 ____D C:\Program Files\Common Files\Goobzo

2016-02-13 12:44 - 2006-11-02 13:01 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2016-02-12 03:39 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\rescache

2016-02-11 03:34 - 2013-08-19 18:30 - 00000000 ____D C:\Windows\system32\MRT

2016-02-11 03:34 - 2006-11-02 10:24 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2016-02-10 18:40 - 2009-01-05 23:18 - 00000000 ____D C:\Users\geoff\AppData\Local\Google

2016-02-10 17:54 - 2009-01-05 23:03 - 00000000 ____D C:\Program Files\Google

2016-02-10 16:24 - 2006-11-02 10:33 - 00006568 _____ C:\Windows\system32\PerfStringBackup.INI

2016-02-10 16:14 - 2006-11-02 12:47 - 00367368 _____ C:\Windows\system32\FNTCACHE.DAT

2016-02-10 16:10 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Journal

2016-02-10 16:10 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Collaboration

2016-02-10 15:00 - 2006-11-02 11:18 - 00000000 __RSD C:\Windows\Media

2016-02-10 15:00 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\PolicyDefinitions

2016-02-09 21:01 - 2012-04-03 10:09 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2016-02-09 21:01 - 2011-05-19 11:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2016-02-09 19:18 - 2016-01-21 11:16 - 00009445 _____ C:\Users\geoff\Documents\Installing and using a password manager..odt

2016-02-09 19:17 - 2016-01-19 20:26 - 00030553 _____ C:\Users\geoff\Documents\How to create a good password..odt

2016-02-09 19:15 - 2016-01-14 22:49 - 00000000 ____D C:\Users\geoff\Desktop\Introduction to Cyber Security, Futurelearn

2016-02-09 16:22 - 2016-02-06 21:55 - 00000000 ____D C:\Users\geoff\AppData\Local\dply_en_015020230

2016-02-09 16:21 - 2016-02-06 21:56 - 00000000 ____D C:\Users\geoff\AppData\Local\SearchModule

2016-02-07 00:58 - 2016-02-06 21:56 - 00000000 ____D C:\Users\geoff\AppData\Local\BrowserAir

 

==================== Files in the root of some directories =======

 

2010-04-14 21:01 - 2010-04-14 21:01 - 0812344 ____N (Trend Micro Inc.) C:\Program Files\HijackThisInstaller.exe

2010-04-26 18:10 - 2010-04-26 18:15 - 0001492 ____N () C:\Program Files\Spybot - Search & Destroy.lnk

2008-10-14 21:10 - 2010-05-19 13:54 - 0027839 _____ () C:\Users\geoff\AppData\Roaming\nvModes.001

2008-10-14 21:06 - 2010-03-17 13:56 - 0027839 _____ () C:\Users\geoff\AppData\Roaming\nvModes.dat

2011-12-16 22:18 - 2016-01-16 13:33 - 0001155 _____ () C:\Users\geoff\AppData\Roaming\Rim.Desktop.Exception.log

2011-12-16 22:16 - 2012-06-21 16:15 - 0002245 _____ () C:\Users\geoff\AppData\Roaming\Rim.Desktop.HttpServerSetup.log

2011-12-16 22:18 - 2016-01-16 13:33 - 0001155 _____ () C:\Users\geoff\AppData\Roaming\Rim.DesktopHelper.Exception.log

2012-09-22 23:13 - 2016-01-16 13:33 - 0000616 _____ () C:\Users\geoff\AppData\Roaming\Rim.Transcoder.Exception.log

2008-11-09 16:24 - 2008-11-09 16:24 - 0026340 _____ () C:\Users\geoff\AppData\Roaming\UserTile.png

2014-02-05 22:52 - 2014-03-05 00:52 - 0000093 _____ () C:\Users\geoff\AppData\Roaming\WB.CFG

2008-10-14 22:02 - 2014-10-15 09:21 - 0000672 _____ () C:\Users\geoff\AppData\Roaming\wklnhst.dat

2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\AtStart.txt

2009-10-10 01:51 - 2016-03-07 06:00 - 0008484 _____ () C:\Users\geoff\AppData\Local\d3d9caps.dat

2008-10-30 19:59 - 2015-08-03 19:06 - 0011776 _____ () C:\Users\geoff\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\DSwitch.txt

2013-04-24 10:56 - 2015-03-25 18:07 - 0000000 _____ () C:\Users\geoff\AppData\Local\FnF4.txt

2012-12-30 20:25 - 2012-12-30 21:43 - 0000600 _____ () C:\Users\geoff\AppData\Local\PUTTY.RND

2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\QSwitch.txt

2011-02-05 16:50 - 2011-02-05 18:58 - 0000097 __RSH () C:\ProgramData\1.12.0.lic

2012-04-05 12:59 - 2012-04-05 12:59 - 0000053 __RSH () C:\ProgramData\1.12.5.lic

2010-05-19 14:09 - 2016-01-18 11:43 - 0297184 _____ () C:\ProgramData\nvModes.001

2010-05-19 14:09 - 2016-01-18 11:43 - 0297184 _____ () C:\ProgramData\nvModes.dat

 

Files to move or delete:

====================

C:\Users\geoff\IsoBurner-Setup.exe

C:\Users\geoff\regbackup.reg

C:\Users\geoff\SUPERAntiSpyware.exe

 

 

Some files in TEMP:

====================

C:\Users\geoff\AppData\Local\Temp\jre-8u71-windows-au.exe

C:\Users\geoff\AppData\Local\Temp\jre-8u73-windows-au.exe

 

 

==================== Bamital & volsnap =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2016-03-07 18:06

 

==================== End of FRST.txt ============================HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File

GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User: Restriction <======= ATTENTION

GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User: Restriction <======= ATTENTION

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www-searching.com/?pid=s&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&vp=ch&prd=set_ie

SearchScopes: HKLM -> DefaultScope value is missing

SearchScopes: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> {86A68F0B-FB97-4F08-9E9A-247FB0BC4165} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)

FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

FF SearchPlugin: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml [2016-02-06]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-07] [not signed]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10] [not signed]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]

CHR HomePage: Default -> hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw

CHR StartupUrls: Default -> "hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw"

CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw&q={searchTerms}

CHR DefaultSearchKeyword: Default -> www-searching.com

CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}

S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

U1 eabfiltr; no ImagePath

S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

S4 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]

S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S4 SymIM; system32\DRIVERS\SymIM.sys [X]

S4 SymIMMP; system32\DRIVERS\SymIM.sys [X]

S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

S3 sdfhgdf; C:\Windows\System32\DRIVERS\sdfhgdf.sys [19624 2016-02-06] (Corporation) [File not signed]

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0}\InprocServer32 -> C:\Users\geoff\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\TIExpertIE8.ocx (Techinline Ltd.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath

Task: {06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1225487D-BDF9-4FBE-9EAA-26ED945115C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {14544222-AE0F-4CEB-B2BB-99DFB502A867} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1735D2DB-0770-4363-B235-1A5BBB61CEA3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1AC86800-E407-49EC-9FEB-77FECCF6ED31} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1F2B7AEB-9245-40C2-82C5-A2B588CB764C} - System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => pcalua.exe -a C:\Users\geoff\Downloads\codeblocks-8.02mingw-setup.exe -d C:\Users\geoff\Downloads

Task: {2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {243AA337-398B-4680-8869-45BFAE49BDB5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {274256E2-939F-481F-8D43-F9E697D1016E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2A8D1224-CA24-4760-B7D8-4321CDDD6083} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2F4E6C7C-FDAE-4111-9978-89566B696070} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2FCA15CB-B66C-42CC-9985-62AC4976D9DC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {354B53AA-D547-479D-922C-159C219C1740} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {3677E902-A325-4BF7-A459-71D25A24966B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {384DD8F1-BF04-4837-BDE0-222B0E438A1B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {3B99A0E9-6110-4336-A553-29051BF8EEE1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {44D3AB92-727E-4436-BF6A-6F2881935F2C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {45CC24E9-901D-4773-97BD-F97ACA2A7389} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {4D5E7218-2F43-4CA3-B682-700799D5CE40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {4F8919F2-04DA-4341-894D-E1B87A328662} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {571CB1A9-B2E1-424A-BD1F-339AE42602A5} - System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => pcalua.exe -a F:\netsetup.exe -d F:\

Task: {593F3332-FD90-4A28-A913-80F0E6475AFC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {61C19587-0F15-42A6-BDCC-DE63613C6CF1} - \TweakBit\PCRepairKit\Start PCRepairKit automatic scanning -> No File <==== ATTENTION

Task: {65734AB0-442E-4C8B-831A-71BBD28F22BE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {65826AA8-B7B9-420C-A349-0EB309679B68} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {665BAE83-6070-424D-8961-0994CAAAA3D1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {66A3F06A-D4FE-4869-8E77-322841C856E3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {698836BD-D478-47DC-84E5-7602AED789B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6A0A78A9-68EE-4976-B8A7-7053F760E88D} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6B44EE9A-9157-413C-AB41-1AB294579379} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6B6FCBAA-1064-4C10-961E-F386DE8284EF} - System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => pcalua.exe -a C:\Users\geoff\Desktop\shman.exe -d C:\Users\geoff\Desktop

Task: {6E61263B-F516-4092-8734-300AB9F5120E} - \TweakBit\PCRepairKit\Start PCRepairKit ?n logon -> No File <==== ATTENTION

Task: {6F961960-E97B-4F29-BB9B-CDA15D645A01} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {73368EA5-B4C0-43A8-9DE3-A5B2829CC358} - \TweakBit\PCRepairKit\Start PCRepairKit ?n logon -> No File <==== ATTENTION

Task: {752216AA-CE30-405B-9267-118E9D282112} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {758C46B4-EC68-4929-9696-2B67910B9877} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7751432F-31C2-4103-A74E-9174B4C4C054} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {783E6D80-266F-4699-8FE1-4FC5D38EDB56} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {787A8DAB-4F37-4917-AF82-DB776FD28A88} - System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION

Task: {7C3C7D3A-147C-469C-87F6-BDBCC2670A40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7DFE5167-9CB2-4916-9EC2-425C791E7AFD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7EA885AA-495D-4206-A2B4-25C4B8D764DD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7FA27470-2EDB-4FCE-8214-9CA2569A93B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {80D049AE-6B6D-4C2B-9AF2-494D620181C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {839A5338-CE92-4A68-AD90-156344208991} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8CE00976-D326-4633-B50D-9C35EFFE56D8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} - System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => pcalua.exe -a "C:\Users\geoff\AppData\Roaming\AntiVirus System 2011\securityhelper.exe" -c /UNINSTALL

Task: {903AA892-BA72-451B-8D43-A18F2284BF3B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {918A2E20-CA51-4284-8C0F-6C4C103E3DE6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} - \TweakBit\PCCleaner\Start PCCleaner ?n logon -> No File <==== ATTENTION

Task: {96116637-6BCB-45F2-A779-AF61A1DFCBE2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9A82E602-1B78-4A51-A57F-22492DF7D748} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9C4056F5-53A0-4CD6-9181-E74108389684} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9EB97B77-CF48-4B66-86AA-22ACB8407BC7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9F1F470A-F055-468F-B6D0-DAD0CEF91634} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9FF24EA7-B4CC-46E5-8283-96A7C87E0269} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A0672630-2F14-4D69-A998-5A434390C838} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A8D4B054-B355-4893-A181-BA6A1BB681AB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AAB1E654-AF8B-4950-8295-EC7083687DEF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AE1D247A-E799-4C06-AB12-ED3DC27B161E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {B31D3014-70AA-4C28-8514-033FD8DD95C4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {BDC087A1-705A-4D7A-B610-ECFFB6CB3872} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {BDE3EC51-E282-421D-BF64-0DE5798D2D50} - \TweakBit\PCCleaner\Start PCCleaner ?n logon -> No File <==== ATTENTION

Task: {C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C12FAFB3-F3F3-415B-AFB1-54427B425D7E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C17C0E68-0511-4B60-A629-BD179BB8C766} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C62716B7-465D-4DB6-AD4A-0F9CED4F9911} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C8740CD5-B817-4037-BADA-13E03F1C5904} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CA818194-6FCE-44D9-961B-29ED7A6F6DBB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CC5AAB18-C5BA-4B1C-83BA-107642FC9280} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CF66EAE2-A122-4185-8C55-E25DCAFA20E9} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {D0550D23-65C5-4F3C-8626-1F1975FFA483} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {D4490887-7881-4C5D-BE94-7AE4224A89D0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DEE8B8F5-21DA-4D19-ACE2-C503DC023158} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DF73CDB1-B351-46A1-9666-1D6DAB51BE54} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E2CD2DDD-B548-47A7-A367-B947DC8A966A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E49F8E52-CD62-4E6C-AE28-E03E926913D7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E5751FBE-4938-4A29-A870-7F40FFA1FF2E} - System32\Tasks\IBUpd2 => C:\Users\geoff\AppData\Local\BrowserAir\47.0.0.4\updater.exe <==== ATTENTION

Task: {E99D5913-61ED-4363-A488-891A133AF7D6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {EAE04FA7-7E95-4ED7-9820-00D6B189890E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F321D67B-4140-46C2-9DA5-C1FE5939854C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F35F304E-D980-436F-AA47-1D20676D1F23} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F7C2988E-5E91-4051-9596-96D28D2D7FDA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FB48721E-1E03-44E5-940A-3422F1198D9F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FE3B0FBE-7B53-4551-8052-7F723F29D65F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

ShortcutWithArgument: C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d7-bddd-11e5-ba81-001e68ddbd2a} [20]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d8-bddd-11e5-ba81-001e68ddbd2a} [31]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a} [20]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a} [31]

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

Hosts:

[RKinner]

Run FRST but do not hit SCAN.  Instead hit Fix.

[globaljoe]

Fix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01

Ran by geoff (2016-03-10 09:10:57) Run:2

Running from C:\Users\geoff\downloads

Loaded Profiles: geoff (Available Profiles: geoff & Me & jake)

Boot Mode: Safe Mode (with Networking)

 

==============================================

 

fixlist content:

*****************

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File

GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User: Restriction <======= ATTENTION

GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User: Restriction <======= ATTENTION

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www-searching.com/?pid=s&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&vp=ch&prd=set_ie

SearchScopes: HKLM -> DefaultScope value is missing

SearchScopes: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> {86A68F0B-FB97-4F08-9E9A-247FB0BC4165} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)

FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

FF SearchPlugin: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml [2016-02-06]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-07] [not signed]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10] [not signed]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]

CHR HomePage: Default -> hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw

CHR StartupUrls: Default -> "hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw"

CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw&q={searchTerms}

CHR DefaultSearchKeyword: Default -> www-searching.com

CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}

S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

U1 eabfiltr; no ImagePath

S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

S4 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]

S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S4 SymIM; system32\DRIVERS\SymIM.sys [X]

S4 SymIMMP; system32\DRIVERS\SymIM.sys [X]

S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

S3 sdfhgdf; C:\Windows\System32\DRIVERS\sdfhgdf.sys [19624 2016-02-06] (Corporation) [File not signed]

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0}\InprocServer32 -> C:\Users\geoff\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\TIExpertIE8.ocx (Techinline Ltd.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath

Task: {06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1225487D-BDF9-4FBE-9EAA-26ED945115C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {14544222-AE0F-4CEB-B2BB-99DFB502A867} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1735D2DB-0770-4363-B235-1A5BBB61CEA3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1AC86800-E407-49EC-9FEB-77FECCF6ED31} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1F2B7AEB-9245-40C2-82C5-A2B588CB764C} - System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => pcalua.exe -a C:\Users\geoff\Downloads\codeblocks-8.02mingw-setup.exe -d C:\Users\geoff\Downloads

Task: {2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {243AA337-398B-4680-8869-45BFAE49BDB5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {274256E2-939F-481F-8D43-F9E697D1016E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2A8D1224-CA24-4760-B7D8-4321CDDD6083} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2F4E6C7C-FDAE-4111-9978-89566B696070} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2FCA15CB-B66C-42CC-9985-62AC4976D9DC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {354B53AA-D547-479D-922C-159C219C1740} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {3677E902-A325-4BF7-A459-71D25A24966B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {384DD8F1-BF04-4837-BDE0-222B0E438A1B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {3B99A0E9-6110-4336-A553-29051BF8EEE1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {44D3AB92-727E-4436-BF6A-6F2881935F2C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {45CC24E9-901D-4773-97BD-F97ACA2A7389} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {4D5E7218-2F43-4CA3-B682-700799D5CE40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {4F8919F2-04DA-4341-894D-E1B87A328662} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {571CB1A9-B2E1-424A-BD1F-339AE42602A5} - System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => pcalua.exe -a F:\netsetup.exe -d F:\

Task: {593F3332-FD90-4A28-A913-80F0E6475AFC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {61C19587-0F15-42A6-BDCC-DE63613C6CF1} - \TweakBit\PCRepairKit\Start PCRepairKit automatic scanning -> No File <==== ATTENTION

Task: {65734AB0-442E-4C8B-831A-71BBD28F22BE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {65826AA8-B7B9-420C-A349-0EB309679B68} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {665BAE83-6070-424D-8961-0994CAAAA3D1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {66A3F06A-D4FE-4869-8E77-322841C856E3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {698836BD-D478-47DC-84E5-7602AED789B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6A0A78A9-68EE-4976-B8A7-7053F760E88D} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6B44EE9A-9157-413C-AB41-1AB294579379} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6B6FCBAA-1064-4C10-961E-F386DE8284EF} - System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => pcalua.exe -a C:\Users\geoff\Desktop\shman.exe -d C:\Users\geoff\Desktop

Task: {6E61263B-F516-4092-8734-300AB9F5120E} - \TweakBit\PCRepairKit\Start PCRepairKit ?n logon -> No File <==== ATTENTION

Task: {6F961960-E97B-4F29-BB9B-CDA15D645A01} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {73368EA5-B4C0-43A8-9DE3-A5B2829CC358} - \TweakBit\PCRepairKit\Start PCRepairKit ?n logon -> No File <==== ATTENTION

Task: {752216AA-CE30-405B-9267-118E9D282112} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {758C46B4-EC68-4929-9696-2B67910B9877} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7751432F-31C2-4103-A74E-9174B4C4C054} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {783E6D80-266F-4699-8FE1-4FC5D38EDB56} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {787A8DAB-4F37-4917-AF82-DB776FD28A88} - System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION

Task: {7C3C7D3A-147C-469C-87F6-BDBCC2670A40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7DFE5167-9CB2-4916-9EC2-425C791E7AFD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7EA885AA-495D-4206-A2B4-25C4B8D764DD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7FA27470-2EDB-4FCE-8214-9CA2569A93B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {80D049AE-6B6D-4C2B-9AF2-494D620181C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {839A5338-CE92-4A68-AD90-156344208991} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8CE00976-D326-4633-B50D-9C35EFFE56D8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} - System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => pcalua.exe -a "C:\Users\geoff\AppData\Roaming\AntiVirus System 2011\securityhelper.exe" -c /UNINSTALL

Task: {903AA892-BA72-451B-8D43-A18F2284BF3B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {918A2E20-CA51-4284-8C0F-6C4C103E3DE6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} - \TweakBit\PCCleaner\Start PCCleaner ?n logon -> No File <==== ATTENTION

Task: {96116637-6BCB-45F2-A779-AF61A1DFCBE2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9A82E602-1B78-4A51-A57F-22492DF7D748} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9C4056F5-53A0-4CD6-9181-E74108389684} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9EB97B77-CF48-4B66-86AA-22ACB8407BC7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9F1F470A-F055-468F-B6D0-DAD0CEF91634} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9FF24EA7-B4CC-46E5-8283-96A7C87E0269} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A0672630-2F14-4D69-A998-5A434390C838} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A8D4B054-B355-4893-A181-BA6A1BB681AB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AAB1E654-AF8B-4950-8295-EC7083687DEF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AE1D247A-E799-4C06-AB12-ED3DC27B161E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {B31D3014-70AA-4C28-8514-033FD8DD95C4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {BDC087A1-705A-4D7A-B610-ECFFB6CB3872} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {BDE3EC51-E282-421D-BF64-0DE5798D2D50} - \TweakBit\PCCleaner\Start PCCleaner ?n logon -> No File <==== ATTENTION

Task: {C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C12FAFB3-F3F3-415B-AFB1-54427B425D7E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C17C0E68-0511-4B60-A629-BD179BB8C766} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C62716B7-465D-4DB6-AD4A-0F9CED4F9911} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C8740CD5-B817-4037-BADA-13E03F1C5904} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CA818194-6FCE-44D9-961B-29ED7A6F6DBB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CC5AAB18-C5BA-4B1C-83BA-107642FC9280} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CF66EAE2-A122-4185-8C55-E25DCAFA20E9} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {D0550D23-65C5-4F3C-8626-1F1975FFA483} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {D4490887-7881-4C5D-BE94-7AE4224A89D0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DEE8B8F5-21DA-4D19-ACE2-C503DC023158} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DF73CDB1-B351-46A1-9666-1D6DAB51BE54} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E2CD2DDD-B548-47A7-A367-B947DC8A966A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E49F8E52-CD62-4E6C-AE28-E03E926913D7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E5751FBE-4938-4A29-A870-7F40FFA1FF2E} - System32\Tasks\IBUpd2 => C:\Users\geoff\AppData\Local\BrowserAir\47.0.0.4\updater.exe <==== ATTENTION

Task: {E99D5913-61ED-4363-A488-891A133AF7D6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {EAE04FA7-7E95-4ED7-9820-00D6B189890E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F321D67B-4140-46C2-9DA5-C1FE5939854C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F35F304E-D980-436F-AA47-1D20676D1F23} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F7C2988E-5E91-4051-9596-96D28D2D7FDA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FB48721E-1E03-44E5-940A-3422F1198D9F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FE3B0FBE-7B53-4551-8052-7F723F29D65F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

ShortcutWithArgument: C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d7-bddd-11e5-ba81-001e68ddbd2a} [20]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d8-bddd-11e5-ba81-001e68ddbd2a} [31]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a} [20]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a} [31]

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

Hosts:

*****************

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MSC => value not found.

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => key not found. 

HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found. 

"C:\Windows\system32\GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User" => not found.

"C:\Windows\system32\GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User" => not found.

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{86A68F0B-FB97-4F08-9E9A-247FB0BC4165} => key not found. 

HKCR\CLSID\{86A68F0B-FB97-4F08-9E9A-247FB0BC4165} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => key not found. 

HKCR\CLSID\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => key not found. 

FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4, => not found

FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4, => not found

"C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml" => not found.

C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => not found.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} => not found.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} => not found.

C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => not found.

Chrome HomePage => not found.

Chrome StartupUrls => not found.

Chrome DefaultSearchURL => not found.

Chrome DefaultSearchKeyword => not found.

Chrome DefaultSuggestURL => not found.

SBSDWSCService => service not found.

eabfiltr => service not found.

hwdatacard => service not found.

hwusbdev => service not found.

hwusbfake => service not found.

NwlnkFlt => service not found.

NwlnkFwd => service not found.

SymIM => service not found.

SymIMMP => service not found.

VBoxNetFlt => service not found.

sdfhgdf => service not found.

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1225487D-BDF9-4FBE-9EAA-26ED945115C1} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14544222-AE0F-4CEB-B2BB-99DFB502A867} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1735D2DB-0770-4363-B235-1A5BBB61CEA3} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AC86800-E407-49EC-9FEB-77FECCF6ED31} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F2B7AEB-9245-40C2-82C5-A2B588CB764C} => key not found. 

C:\Windows\System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C4C98983-6F23-4830-9A6A-46DE8565B542} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{243AA337-398B-4680-8869-45BFAE49BDB5} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{274256E2-939F-481F-8D43-F9E697D1016E} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A8D1224-CA24-4760-B7D8-4321CDDD6083} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F4E6C7C-FDAE-4111-9978-89566B696070} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FCA15CB-B66C-42CC-9985-62AC4976D9DC} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{354B53AA-D547-479D-922C-159C219C1740} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3677E902-A325-4BF7-A459-71D25A24966B} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384DD8F1-BF04-4837-BDE0-222B0E438A1B} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B99A0E9-6110-4336-A553-29051BF8EEE1} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44D3AB92-727E-4436-BF6A-6F2881935F2C} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45CC24E9-901D-4773-97BD-F97ACA2A7389} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D5E7218-2F43-4CA3-B682-700799D5CE40} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F8919F2-04DA-4341-894D-E1B87A328662} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{571CB1A9-B2E1-424A-BD1F-339AE42602A5} => key not found. 

C:\Windows\System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{593F3332-FD90-4A28-A913-80F0E6475AFC} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61C19587-0F15-42A6-BDCC-DE63613C6CF1} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit automatic scanning => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65734AB0-442E-4C8B-831A-71BBD28F22BE} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65826AA8-B7B9-420C-A349-0EB309679B68} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{665BAE83-6070-424D-8961-0994CAAAA3D1} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66A3F06A-D4FE-4869-8E77-322841C856E3} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{698836BD-D478-47DC-84E5-7602AED789B2} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A0A78A9-68EE-4976-B8A7-7053F760E88D} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B44EE9A-9157-413C-AB41-1AB294579379} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B6FCBAA-1064-4C10-961E-F386DE8284EF} => key not found. 

C:\Windows\System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E61263B-F516-4092-8734-300AB9F5120E} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit ?n logon => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F961960-E97B-4F29-BB9B-CDA15D645A01} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73368EA5-B4C0-43A8-9DE3-A5B2829CC358} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit ?n logon => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{752216AA-CE30-405B-9267-118E9D282112} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{758C46B4-EC68-4929-9696-2B67910B9877} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7751432F-31C2-4103-A74E-9174B4C4C054} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{783E6D80-266F-4699-8FE1-4FC5D38EDB56} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{787A8DAB-4F37-4917-AF82-DB776FD28A88} => key not found. 

C:\Windows\System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C3C7D3A-147C-469C-87F6-BDBCC2670A40} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DFE5167-9CB2-4916-9EC2-425C791E7AFD} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EA885AA-495D-4206-A2B4-25C4B8D764DD} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FA27470-2EDB-4FCE-8214-9CA2569A93B2} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80D049AE-6B6D-4C2B-9AF2-494D620181C0} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{839A5338-CE92-4A68-AD90-156344208991} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CE00976-D326-4633-B50D-9C35EFFE56D8} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} => key not found. 

C:\Windows\System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{903AA892-BA72-451B-8D43-A18F2284BF3B} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{918A2E20-CA51-4284-8C0F-6C4C103E3DE6} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCCleaner\Start PCCleaner ?n logon => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96116637-6BCB-45F2-A779-AF61A1DFCBE2} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A82E602-1B78-4A51-A57F-22492DF7D748} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C4056F5-53A0-4CD6-9181-E74108389684} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EB97B77-CF48-4B66-86AA-22ACB8407BC7} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F1F470A-F055-468F-B6D0-DAD0CEF91634} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FF24EA7-B4CC-46E5-8283-96A7C87E0269} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0672630-2F14-4D69-A998-5A434390C838} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8D4B054-B355-4893-A181-BA6A1BB681AB} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAB1E654-AF8B-4950-8295-EC7083687DEF} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE1D247A-E799-4C06-AB12-ED3DC27B161E} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B31D3014-70AA-4C28-8514-033FD8DD95C4} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDC087A1-705A-4D7A-B610-ECFFB6CB3872} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDE3EC51-E282-421D-BF64-0DE5798D2D50} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCCleaner\Start PCCleaner ?n logon => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C12FAFB3-F3F3-415B-AFB1-54427B425D7E} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C17C0E68-0511-4B60-A629-BD179BB8C766} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C62716B7-465D-4DB6-AD4A-0F9CED4F9911} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8740CD5-B817-4037-BADA-13E03F1C5904} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA818194-6FCE-44D9-961B-29ED7A6F6DBB} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC5AAB18-C5BA-4B1C-83BA-107642FC9280} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF66EAE2-A122-4185-8C55-E25DCAFA20E9} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0550D23-65C5-4F3C-8626-1F1975FFA483} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4490887-7881-4C5D-BE94-7AE4224A89D0} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEE8B8F5-21DA-4D19-ACE2-C503DC023158} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF73CDB1-B351-46A1-9666-1D6DAB51BE54} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2CD2DDD-B548-47A7-A367-B947DC8A966A} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E49F8E52-CD62-4E6C-AE28-E03E926913D7} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5751FBE-4938-4A29-A870-7F40FFA1FF2E} => key not found. 

C:\Windows\System32\Tasks\IBUpd2 => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IBUpd2 => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E99D5913-61ED-4363-A488-891A133AF7D6} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAE04FA7-7E95-4ED7-9820-00D6B189890E} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F321D67B-4140-46C2-9DA5-C1FE5939854C} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F35F304E-D980-436F-AA47-1D20676D1F23} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7C2988E-5E91-4051-9596-96D28D2D7FDA} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB48721E-1E03-44E5-940A-3422F1198D9F} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE3B0FBE-7B53-4551-8052-7F723F29D65F} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => Shortcut argument removed successfully..

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Shortcut argument removed successfully..

C:\Users\Public\Desktop\Mozilla Firefox.lnk => Shortcut argument removed successfully..

"C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{05e784d7-bddd-11e5-ba81-001e68ddbd2a}" ADS not found.

"C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{05e784d8-bddd-11e5-ba81-001e68ddbd2a}" ADS not found.

"C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a}" ADS not found.

"C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a}" ADS not found.

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => key not found. 

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => key not found. 

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => key not found. 

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => key not found. 

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => key not found. 

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => key not found. 

C:\Windows\System32\Drivers\etc\hosts => moved successfully

Hosts restored successfully.

 

==== End of Fixlog 09:12:59 ====

[globaljoe]

Fix result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01

Ran by geoff (2016-03-10 09:43:44) Run:3

Running from C:\Users\geoff\downloads

Loaded Profiles: geoff (Available Profiles: geoff & Me & jake)

Boot Mode: Safe Mode (with Networking)

 

==============================================

 

fixlist content:

*****************

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File

GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User: Restriction <======= ATTENTION

GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User: Restriction <======= ATTENTION

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www-searching.com/?pid=s&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&vp=ch&prd=set_ie

SearchScopes: HKLM -> DefaultScope value is missing

SearchScopes: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> {86A68F0B-FB97-4F08-9E9A-247FB0BC4165} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)

FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

FF SearchPlugin: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml [2016-02-06]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-07] [not signed]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10] [not signed]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-27] [not signed]

CHR HomePage: Default -> hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw

CHR StartupUrls: Default -> "hxxp://www-searching.com/?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw"

CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,&prd=smw&q={searchTerms}

CHR DefaultSearchKeyword: Default -> www-searching.com

CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}

S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

U1 eabfiltr; no ImagePath

S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

S4 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]

S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S4 SymIM; system32\DRIVERS\SymIM.sys [X]

S4 SymIMMP; system32\DRIVERS\SymIM.sys [X]

S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

S3 sdfhgdf; C:\Windows\System32\DRIVERS\sdfhgdf.sys [19624 2016-02-06] (Corporation) [File not signed]

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0}\InprocServer32 -> C:\Users\geoff\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\TIExpertIE8.ocx (Techinline Ltd.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\geoff\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> no filepath

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath

Task: {06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1225487D-BDF9-4FBE-9EAA-26ED945115C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {14544222-AE0F-4CEB-B2BB-99DFB502A867} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1735D2DB-0770-4363-B235-1A5BBB61CEA3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1AC86800-E407-49EC-9FEB-77FECCF6ED31} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {1F2B7AEB-9245-40C2-82C5-A2B588CB764C} - System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => pcalua.exe -a C:\Users\geoff\Downloads\codeblocks-8.02mingw-setup.exe -d C:\Users\geoff\Downloads

Task: {2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {243AA337-398B-4680-8869-45BFAE49BDB5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {274256E2-939F-481F-8D43-F9E697D1016E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2A8D1224-CA24-4760-B7D8-4321CDDD6083} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2F4E6C7C-FDAE-4111-9978-89566B696070} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {2FCA15CB-B66C-42CC-9985-62AC4976D9DC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {354B53AA-D547-479D-922C-159C219C1740} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {3677E902-A325-4BF7-A459-71D25A24966B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {384DD8F1-BF04-4837-BDE0-222B0E438A1B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {3B99A0E9-6110-4336-A553-29051BF8EEE1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {44D3AB92-727E-4436-BF6A-6F2881935F2C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {45CC24E9-901D-4773-97BD-F97ACA2A7389} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {4D5E7218-2F43-4CA3-B682-700799D5CE40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {4F8919F2-04DA-4341-894D-E1B87A328662} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {571CB1A9-B2E1-424A-BD1F-339AE42602A5} - System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => pcalua.exe -a F:\netsetup.exe -d F:\

Task: {593F3332-FD90-4A28-A913-80F0E6475AFC} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {61C19587-0F15-42A6-BDCC-DE63613C6CF1} - \TweakBit\PCRepairKit\Start PCRepairKit automatic scanning -> No File <==== ATTENTION

Task: {65734AB0-442E-4C8B-831A-71BBD28F22BE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {65826AA8-B7B9-420C-A349-0EB309679B68} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {665BAE83-6070-424D-8961-0994CAAAA3D1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {66A3F06A-D4FE-4869-8E77-322841C856E3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {698836BD-D478-47DC-84E5-7602AED789B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6A0A78A9-68EE-4976-B8A7-7053F760E88D} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6B44EE9A-9157-413C-AB41-1AB294579379} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {6B6FCBAA-1064-4C10-961E-F386DE8284EF} - System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => pcalua.exe -a C:\Users\geoff\Desktop\shman.exe -d C:\Users\geoff\Desktop

Task: {6E61263B-F516-4092-8734-300AB9F5120E} - \TweakBit\PCRepairKit\Start PCRepairKit ?n logon -> No File <==== ATTENTION

Task: {6F961960-E97B-4F29-BB9B-CDA15D645A01} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {73368EA5-B4C0-43A8-9DE3-A5B2829CC358} - \TweakBit\PCRepairKit\Start PCRepairKit ?n logon -> No File <==== ATTENTION

Task: {752216AA-CE30-405B-9267-118E9D282112} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {758C46B4-EC68-4929-9696-2B67910B9877} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7751432F-31C2-4103-A74E-9174B4C4C054} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {783E6D80-266F-4699-8FE1-4FC5D38EDB56} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {787A8DAB-4F37-4917-AF82-DB776FD28A88} - System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION

Task: {7C3C7D3A-147C-469C-87F6-BDBCC2670A40} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7DFE5167-9CB2-4916-9EC2-425C791E7AFD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7EA885AA-495D-4206-A2B4-25C4B8D764DD} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {7FA27470-2EDB-4FCE-8214-9CA2569A93B2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {80D049AE-6B6D-4C2B-9AF2-494D620181C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {839A5338-CE92-4A68-AD90-156344208991} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8CE00976-D326-4633-B50D-9C35EFFE56D8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} - System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => pcalua.exe -a "C:\Users\geoff\AppData\Roaming\AntiVirus System 2011\securityhelper.exe" -c /UNINSTALL

Task: {903AA892-BA72-451B-8D43-A18F2284BF3B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {918A2E20-CA51-4284-8C0F-6C4C103E3DE6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} - \TweakBit\PCCleaner\Start PCCleaner ?n logon -> No File <==== ATTENTION

Task: {96116637-6BCB-45F2-A779-AF61A1DFCBE2} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9A82E602-1B78-4A51-A57F-22492DF7D748} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9C4056F5-53A0-4CD6-9181-E74108389684} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9EB97B77-CF48-4B66-86AA-22ACB8407BC7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9F1F470A-F055-468F-B6D0-DAD0CEF91634} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {9FF24EA7-B4CC-46E5-8283-96A7C87E0269} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A0672630-2F14-4D69-A998-5A434390C838} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {A8D4B054-B355-4893-A181-BA6A1BB681AB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AAB1E654-AF8B-4950-8295-EC7083687DEF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AE1D247A-E799-4C06-AB12-ED3DC27B161E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {B31D3014-70AA-4C28-8514-033FD8DD95C4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {BDC087A1-705A-4D7A-B610-ECFFB6CB3872} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {BDE3EC51-E282-421D-BF64-0DE5798D2D50} - \TweakBit\PCCleaner\Start PCCleaner ?n logon -> No File <==== ATTENTION

Task: {C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C12FAFB3-F3F3-415B-AFB1-54427B425D7E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C17C0E68-0511-4B60-A629-BD179BB8C766} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C62716B7-465D-4DB6-AD4A-0F9CED4F9911} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {C8740CD5-B817-4037-BADA-13E03F1C5904} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CA818194-6FCE-44D9-961B-29ED7A6F6DBB} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CC5AAB18-C5BA-4B1C-83BA-107642FC9280} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CF66EAE2-A122-4185-8C55-E25DCAFA20E9} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {D0550D23-65C5-4F3C-8626-1F1975FFA483} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {D4490887-7881-4C5D-BE94-7AE4224A89D0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DEE8B8F5-21DA-4D19-ACE2-C503DC023158} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {DF73CDB1-B351-46A1-9666-1D6DAB51BE54} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E2CD2DDD-B548-47A7-A367-B947DC8A966A} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E49F8E52-CD62-4E6C-AE28-E03E926913D7} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {E5751FBE-4938-4A29-A870-7F40FFA1FF2E} - System32\Tasks\IBUpd2 => C:\Users\geoff\AppData\Local\BrowserAir\47.0.0.4\updater.exe <==== ATTENTION

Task: {E99D5913-61ED-4363-A488-891A133AF7D6} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {EAE04FA7-7E95-4ED7-9820-00D6B189890E} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F321D67B-4140-46C2-9DA5-C1FE5939854C} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F35F304E-D980-436F-AA47-1D20676D1F23} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {F7C2988E-5E91-4051-9596-96D28D2D7FDA} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FB48721E-1E03-44E5-940A-3422F1198D9F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

Task: {FE3B0FBE-7B53-4551-8052-7F723F29D65F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION

ShortcutWithArgument: C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epc&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4,

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d7-bddd-11e5-ba81-001e68ddbd2a} [20]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{05e784d8-bddd-11e5-ba81-001e68ddbd2a} [31]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a} [20]

AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a} [31]

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

Hosts:

*****************

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MSC => value not found.

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => key not found. 

HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found. 

"C:\Windows\system32\GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1002\User" => not found.

"C:\Windows\system32\GroupPolicyUsers\S-1-5-21-504676162-3151235640-1111575767-1001\User" => not found.

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{86A68F0B-FB97-4F08-9E9A-247FB0BC4165} => key not found. 

HKCR\CLSID\{86A68F0B-FB97-4F08-9E9A-247FB0BC4165} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => key not found. 

HKCR\CLSID\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => key not found. 

FF Homepage: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4, => not found

FF NewTab: hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G26zliubl0fg1,1b0ba494-b7cb-486f-b24c-3e7b503d66a4, => not found

"C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421\searchplugins\smod.xml" => not found.

C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => not found.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} => not found.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} => not found.

C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => not found.

Chrome HomePage => not found.

Chrome StartupUrls => not found.

Chrome DefaultSearchURL => not found.

Chrome DefaultSearchKeyword => not found.

Chrome DefaultSuggestURL => not found.

SBSDWSCService => service not found.

eabfiltr => service not found.

hwdatacard => service not found.

hwusbdev => service not found.

hwusbfake => service not found.

NwlnkFlt => service not found.

NwlnkFwd => service not found.

SymIM => service not found.

SymIMMP => service not found.

VBoxNetFlt => service not found.

sdfhgdf => service not found.

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{0E6918EA-9586-4fbd-88C7-8A3E4EB728D0} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{5D02926A-212E-11D0-9DF9-00A0C922E6EC} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A38B883C-1682-497E-97B0-0A3A9E801682} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837} => key not found. 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06E8D53A-3E97-438E-81C2-7AA2FBF74DBF} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1225487D-BDF9-4FBE-9EAA-26ED945115C1} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14544222-AE0F-4CEB-B2BB-99DFB502A867} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1735D2DB-0770-4363-B235-1A5BBB61CEA3} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AC86800-E407-49EC-9FEB-77FECCF6ED31} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BEA7FB3-EE9E-4F01-B173-CEEFFC0A9E49} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F2B7AEB-9245-40C2-82C5-A2B588CB764C} => key not found. 

C:\Windows\System32\Tasks\{C4C98983-6F23-4830-9A6A-46DE8565B542} => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C4C98983-6F23-4830-9A6A-46DE8565B542} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2352F9AA-13B4-47BA-82D6-19E3F29AA8F5} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{243AA337-398B-4680-8869-45BFAE49BDB5} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{274256E2-939F-481F-8D43-F9E697D1016E} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A8D1224-CA24-4760-B7D8-4321CDDD6083} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BF174D1-FF2E-44E7-9178-3C8DF5323FC4} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F4E6C7C-FDAE-4111-9978-89566B696070} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FCA15CB-B66C-42CC-9985-62AC4976D9DC} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352A0D6D-5E7D-41C2-82A6-49E2E6AEFB81} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{354B53AA-D547-479D-922C-159C219C1740} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3677E902-A325-4BF7-A459-71D25A24966B} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384DD8F1-BF04-4837-BDE0-222B0E438A1B} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{387AEBCF-52C6-466B-B23E-D4D5E6BBCC04} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B99A0E9-6110-4336-A553-29051BF8EEE1} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44D3AB92-727E-4436-BF6A-6F2881935F2C} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45CC24E9-901D-4773-97BD-F97ACA2A7389} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D5E7218-2F43-4CA3-B682-700799D5CE40} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F8919F2-04DA-4341-894D-E1B87A328662} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{571CB1A9-B2E1-424A-BD1F-339AE42602A5} => key not found. 

C:\Windows\System32\Tasks\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{78B91CB3-B920-4BB8-9911-DCF0B140444F} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{593F3332-FD90-4A28-A913-80F0E6475AFC} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61C19587-0F15-42A6-BDCC-DE63613C6CF1} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit automatic scanning => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65734AB0-442E-4C8B-831A-71BBD28F22BE} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65826AA8-B7B9-420C-A349-0EB309679B68} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{665BAE83-6070-424D-8961-0994CAAAA3D1} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66A3F06A-D4FE-4869-8E77-322841C856E3} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{698836BD-D478-47DC-84E5-7602AED789B2} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A0A78A9-68EE-4976-B8A7-7053F760E88D} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A71534F-99E5-4EBC-A8D5-8CAE6E4060E2} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B44EE9A-9157-413C-AB41-1AB294579379} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B6FCBAA-1064-4C10-961E-F386DE8284EF} => key not found. 

C:\Windows\System32\Tasks\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{33209D0B-0719-4A63-BA3F-F38CEB73A4A6} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E61263B-F516-4092-8734-300AB9F5120E} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit ?n logon => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F961960-E97B-4F29-BB9B-CDA15D645A01} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73368EA5-B4C0-43A8-9DE3-A5B2829CC358} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit ?n logon => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{752216AA-CE30-405B-9267-118E9D282112} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{758C46B4-EC68-4929-9696-2B67910B9877} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7751432F-31C2-4103-A74E-9174B4C4C054} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{783E6D80-266F-4699-8FE1-4FC5D38EDB56} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{787A8DAB-4F37-4917-AF82-DB776FD28A88} => key not found. 

C:\Windows\System32\Tasks\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_UpdateTask_Time_333630323931353338302d3437415a556c2a3223346c41 => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C3C7D3A-147C-469C-87F6-BDBCC2670A40} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DFE5167-9CB2-4916-9EC2-425C791E7AFD} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EA885AA-495D-4206-A2B4-25C4B8D764DD} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FA27470-2EDB-4FCE-8214-9CA2569A93B2} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80D049AE-6B6D-4C2B-9AF2-494D620181C0} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{839A5338-CE92-4A68-AD90-156344208991} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A60CC6E-F790-4C64-BA6F-45669B8AF4E2} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CE00976-D326-4633-B50D-9C35EFFE56D8} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EEE2D69-F7AB-44ED-9B6D-39A90DA4B598} => key not found. 

C:\Windows\System32\Tasks\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BE789DBE-5318-4AFF-BB9F-05F8D7C0DE39} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{903AA892-BA72-451B-8D43-A18F2284BF3B} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{918A2E20-CA51-4284-8C0F-6C4C103E3DE6} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92AFD4AF-4E25-4863-80BF-5EB8677E4FE8} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94776D62-30BF-4F82-8EAA-F9FA4EB7ACBE} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCCleaner\Start PCCleaner ?n logon => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96116637-6BCB-45F2-A779-AF61A1DFCBE2} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A82E602-1B78-4A51-A57F-22492DF7D748} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C4056F5-53A0-4CD6-9181-E74108389684} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EB97B77-CF48-4B66-86AA-22ACB8407BC7} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F1F470A-F055-468F-B6D0-DAD0CEF91634} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FF24EA7-B4CC-46E5-8283-96A7C87E0269} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0672630-2F14-4D69-A998-5A434390C838} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5B9A6B3-3689-4B2B-AED1-89FDB4EB0B5F} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A85E01CF-ACF0-4FB7-BC42-64A99040D6C1} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8D4B054-B355-4893-A181-BA6A1BB681AB} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA1F46E1-D6CE-4F4F-AC1A-F304161104C3} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAB1E654-AF8B-4950-8295-EC7083687DEF} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE1D247A-E799-4C06-AB12-ED3DC27B161E} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFAC704F-71CE-4165-97FB-FB1FC3A0E3A6} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B31D3014-70AA-4C28-8514-033FD8DD95C4} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDC087A1-705A-4D7A-B610-ECFFB6CB3872} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDE3EC51-E282-421D-BF64-0DE5798D2D50} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCCleaner\Start PCCleaner ?n logon => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C10FBEEA-5A30-4E1C-A03A-6DFCEFE678EE} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C12FAFB3-F3F3-415B-AFB1-54427B425D7E} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C17C0E68-0511-4B60-A629-BD179BB8C766} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2F6CCB3-A054-4C32-8811-B4D75EB54D5B} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C62716B7-465D-4DB6-AD4A-0F9CED4F9911} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8740CD5-B817-4037-BADA-13E03F1C5904} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA818194-6FCE-44D9-961B-29ED7A6F6DBB} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC5AAB18-C5BA-4B1C-83BA-107642FC9280} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF0FAAF5-E6A8-4D37-92E8-BD8FC058CED5} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF66EAE2-A122-4185-8C55-E25DCAFA20E9} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFC7C7F4-D11C-4A13-BACD-ABF238BE7F1A} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0550D23-65C5-4F3C-8626-1F1975FFA483} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4490887-7881-4C5D-BE94-7AE4224A89D0} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC4DFAC0-BE50-4A37-A9E6-0425A475CFE8} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDDDBDB2-D4CC-4FBC-9FAD-3EB585FCCBA5} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEE8B8F5-21DA-4D19-ACE2-C503DC023158} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF73CDB1-B351-46A1-9666-1D6DAB51BE54} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2CD2DDD-B548-47A7-A367-B947DC8A966A} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E379F1C0-3BEA-4FEE-A9CD-615960CDC8C0} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4035E5E-11B6-4C0A-B442-2DB5EABF7F6C} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E43BDE77-E320-4D65-9DBA-7DEF9AC35A18} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E49F8E52-CD62-4E6C-AE28-E03E926913D7} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E52F2896-D0A0-4CDB-9FA8-3A029ADC6377} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5751FBE-4938-4A29-A870-7F40FFA1FF2E} => key not found. 

C:\Windows\System32\Tasks\IBUpd2 => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IBUpd2 => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E99D5913-61ED-4363-A488-891A133AF7D6} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAE04FA7-7E95-4ED7-9820-00D6B189890E} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F321D67B-4140-46C2-9DA5-C1FE5939854C} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F35F304E-D980-436F-AA47-1D20676D1F23} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7C2988E-5E91-4051-9596-96D28D2D7FDA} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB48721E-1E03-44E5-940A-3422F1198D9F} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE2A7928-DD3F-49DB-8B0F-3241CDA88EB4} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE3B0FBE-7B53-4551-8052-7F723F29D65F} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => key not found. 

C:\Users\geoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => Shortcut argument removed successfully..

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Shortcut argument removed successfully..

C:\Users\Public\Desktop\Mozilla Firefox.lnk => Shortcut argument removed successfully..

"C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{05e784d7-bddd-11e5-ba81-001e68ddbd2a}" ADS not found.

"C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{05e784d8-bddd-11e5-ba81-001e68ddbd2a}" ADS not found.

"C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{cb9fb4e5-cd21-11e5-910d-001e68ddbd2a}" ADS not found.

"C:\Windows\system32\Drivers\sdfhgdf.sys" => ":{cb9fb4e9-cd21-11e5-910d-001e68ddbd2a}" ADS not found.

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\35865604.sys => key not found. 

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\50179483.sys => key not found. 

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\76698455.sys => key not found. 

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\35865604.sys => key not found. 

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\50179483.sys => key not found. 

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\76698455.sys => key not found. 

C:\Windows\System32\Drivers\etc\hosts => moved successfully

Hosts restored successfully.

 

==== End of Fixlog 09:45:44 ====

[globaljoe]

Hi, Am I doing this right?, all these huge files are getting me totally lost off.

[RKinner]

Looks like the Fixlist worked.  You posted it twice tho.  Niow I need a new FRST scan:

 

Run FRST again and check the addition.txt box then Scan.  Post both logs.

[globaljoe]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01

Ran by geoff (administrator) on GEOFF-LAPTOP (11-03-2016 08:36:26)

Running from C:\Users\geoff\downloads

Loaded Profiles: geoff (Available Profiles: geoff & Me & jake)

Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)

Internet Explorer Version 9 (Default browser: Opera)

Boot Mode: Safe Mode (with Networking)

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera_crashreporter.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

(Opera Software) C:\Program Files\Opera\34.0.2036.36\opera.exe

 

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7539232 2009-06-09] (Realtek Semiconductor)

HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554320 2007-09-04] ( Hewlett-Packard Development Company, L.P.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software)

HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)

HKLM\...\Run: [LXCGCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)

Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04] (SUPERAntiSpyware.com)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\avastSS.scr [43112 2015-08-16] (AVAST Software)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-01-15] (Google)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-16] (AVAST Software)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{4606CB98-8F30-40BD-8D2B-A3D2D5337D78}: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{C1122DA3-F798-4DC3-A956-F232C42C5C49}: [DhcpNameServer] 192.168.0.1

 

Internet Explorer:

==================

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.virgin.net

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.virgin.net/ie/search

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.virgin.net/about/welcome/

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-13] (Oracle Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-16] (AVAST Software)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-13] (Oracle Corporation)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)

Toolbar: HKU\S-1-5-21-504676162-3151235640-1111575767-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)

DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: AutorunsDisabled\skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)

 

FireFox:

========

FF ProfilePath: C:\Users\geoff\AppData\Roaming\Mozilla\Firefox\Profiles\ote3ej4r.default-1441905951421

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()

FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)

FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-13] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-13] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)

FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-09-20] ()

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-09-19] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-09-19] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-09-19] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-09-19] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-09-19] (Apple Inc.)

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-10] [not signed]

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-18]

 

Chrome: 

=======

CHR Profile: C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Drive) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-10]

CHR Extension: (Google Docs Offline) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-10]

CHR Extension: (Secure Mail for Gmail (by Streak)) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngdnjdobadbdemillgljnnbpomnfokn [2016-02-10]

CHR Extension: (Mailvelope) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajibbejlbohfaggdiogboambcijhkke [2016-02-10]

CHR Extension: (Skype) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-10]

CHR Extension: (Right Inbox for Gmail) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mflnemhkomgploogccdmcloekbloobgb [2016-02-10]

CHR Extension: (Chrome Web Store Payments) - C:\Users\geoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-10]

CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-15]

CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

CHR HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\geoff\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-05-28]

CHR HKU\S-1-5-21-504676162-3151235640-1111575767-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

 

==================== Services (Whitelisted) ========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-11] (SUPERAntiSpyware.com) [File not signed]

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-16] (AVAST Software)

S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-08-16] (Avast Software)

S4 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.) [File not signed]

S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]

S4 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]

S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]

S2 lxcg_device; C:\Windows\system32\lxcgcoms.exe [537520 2007-04-29] ( )

S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation)

S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation)

S2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [271760 2007-12-20] ()

S2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [112016 2007-12-20] ()

S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)

S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

 

===================== Drivers (Whitelisted) ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 alcan5wn; C:\Windows\System32\DRIVERS\alcan5wn.sys [53600 2003-12-08] (THOMSON)

S3 alcaudsl; C:\Windows\System32\DRIVERS\alcaudsl.sys [70688 2003-12-08] (THOMSON)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-08-16] (AVAST Software)

S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-08-16] (AVAST Software)

R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-08-16] (AVAST Software)

S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-08-16] (AVAST Software)

S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-15] (AVAST Software)

S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-12-15] (AVAST Software)

S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-08-16] (AVAST Software)

S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-08-16] (AVAST Software)

S0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-08-16] (AVAST Software)

S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2016-01-18] ()

R3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-01-02] (Malwarebytes)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)

S3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [6144 2007-01-09] (Chic)

S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation)

R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-08-16] (AVAST Software)

S4 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S4 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S4 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2011-09-02] (Duplex Secure Ltd.)

S4 ST330; C:\Windows\System32\drivers\st330.sys [30464 2009-12-03] (THOMSON Telecom Belgium) [File not signed]

S4 STBUS; C:\Windows\System32\drivers\stbus.sys [12672 2009-12-03] (THOMSON Telecom Belgium) [File not signed]

S4 stppp; C:\Windows\System32\DRIVERS\stppp.sys [35328 2009-12-03] (THOMSON Telecom Belgium)

S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8064 2007-11-29] (Windows ® Codename Longhorn DDK provider)

S4 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [44544 2012-09-28] (Apple, Inc.) [File not signed]

S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8064 2007-11-29] (Windows ® Codename Longhorn DDK provider)

S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-08-16] (Avast Software)

U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-03-10 09:43 - 2016-03-10 09:43 - 00028310 _____ C:\Users\geoff\Downloads\fixlist (3).txt

2016-03-09 08:07 - 2016-03-10 09:45 - 00070533 _____ C:\Users\geoff\Downloads\Fixlog.txt

2016-03-09 07:51 - 2016-03-09 07:51 - 00000591 _____ C:\Users\geoff\Desktop\FRST - Shortcut (2).lnk

2016-03-09 01:25 - 2016-03-09 01:25 - 00028310 _____ C:\Users\geoff\Downloads\fixlist (2).txt

2016-03-09 00:47 - 2016-03-09 00:47 - 00000000 ____D C:\Users\geoff\Documents\Frst and Fixlist

2016-03-09 00:30 - 2016-03-09 00:39 - 00000000 ____D C:\Users\geoff\Desktop\Frst and Fixlist

2016-03-08 23:35 - 2016-03-08 23:35 - 00028310 _____ C:\Users\geoff\Downloads\fixlist (1).txt

2016-03-07 19:35 - 2016-03-08 00:34 - 00067316 _____ C:\Users\geoff\Downloads\Addition.txt

2016-03-07 19:34 - 2016-03-11 08:36 - 00000000 _____ C:\Users\geoff\Downloads\FRST.txt

2016-03-07 19:33 - 2016-03-11 08:36 - 00000000 ____D C:\FRST

2016-03-07 19:30 - 2016-03-07 19:30 - 01725440 _____ (Farbar) C:\Users\geoff\Downloads\FRST.exe

2016-03-07 19:30 - 2016-03-07 19:30 - 00000817 _____ C:\Users\geoff\Desktop\FRST - Shortcut.lnk

2016-03-06 23:18 - 2016-03-06 23:18 - 00000000 ____D C:\Program Files\HitmanPro

2016-03-03 22:53 - 2016-03-03 22:53 - 00001607 _____ C:\AdwCleaner[R5].txt

2016-02-15 16:10 - 2016-02-15 16:11 - 06828320 _____ (Piriform Ltd) C:\Users\geoff\Downloads\ccsetup514.exe

2016-02-13 13:01 - 2016-02-13 13:01 - 00000000 ____D C:\Program Files\Common Files\Java

2016-02-13 12:17 - 2016-03-10 09:27 - 00189552 _____ C:\Windows\ntbtlog.txt

2016-02-13 12:09 - 2016-03-07 00:11 - 00000000 ____D C:\NPE

2016-02-13 12:01 - 2016-03-07 00:53 - 00000000 ____D C:\Users\geoff\AppData\Local\NPE

2016-02-13 12:01 - 2016-02-13 12:01 - 00000000 ____D C:\ProgramData\Norton

2016-02-13 12:00 - 2016-02-13 12:00 - 03088296 _____ (Symantec Corporation) C:\Users\geoff\Downloads\NPE.exe

2016-02-11 03:00 - 2016-02-11 03:00 - 00000000 ____D C:\Windows\CheckSur

2016-02-10 18:17 - 2016-02-10 18:17 - 00987728 _____ (Google Inc.) C:\Users\geoff\Downloads\ChromeSetup (1).exe

2016-02-10 17:54 - 2016-02-18 21:41 - 00001943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-02-10 17:54 - 2016-02-18 21:41 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2016-02-10 17:52 - 2016-02-10 17:52 - 00987728 _____ (Google Inc.) C:\Users\geoff\Downloads\ChromeSetup.exe

2016-02-10 16:43 - 2016-01-25 04:59 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2016-02-10 16:43 - 2016-01-25 04:57 - 12391424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2016-02-10 16:43 - 2016-01-25 04:55 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2016-02-10 16:43 - 2016-01-25 04:54 - 09753600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2016-02-10 16:43 - 2016-01-25 04:54 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2016-02-10 16:43 - 2016-01-25 04:53 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2016-02-10 16:43 - 2016-01-25 04:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2016-02-10 16:43 - 2016-01-25 04:52 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2016-02-10 16:43 - 2016-01-25 04:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2016-02-10 16:43 - 2016-01-25 04:51 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2016-02-10 16:43 - 2016-01-25 04:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2016-02-10 16:43 - 2016-01-25 04:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2016-02-10 15:49 - 2016-01-30 03:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll

2016-02-10 15:49 - 2016-01-30 03:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll

2016-02-10 15:49 - 2016-01-30 03:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll

2016-02-10 15:49 - 2016-01-30 03:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll

2016-02-10 15:49 - 2016-01-30 03:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax

2016-02-10 15:49 - 2016-01-30 03:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax

2016-02-10 15:49 - 2016-01-30 03:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax

2016-02-10 15:49 - 2016-01-30 03:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax

2016-02-10 15:49 - 2016-01-30 03:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll

2016-02-10 15:49 - 2016-01-30 03:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll

2016-02-10 15:49 - 2016-01-30 01:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe

2016-02-10 15:45 - 2016-02-01 17:21 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2016-02-10 15:45 - 2016-01-30 03:15 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe

2016-02-10 15:45 - 2016-01-30 03:15 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2016-02-10 15:45 - 2016-01-30 03:09 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2016-02-10 15:45 - 2016-01-30 03:09 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2016-02-10 15:45 - 2016-01-30 03:08 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2016-02-10 15:45 - 2016-01-30 03:07 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2016-02-10 15:45 - 2016-01-30 03:07 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2016-02-10 15:45 - 2016-01-30 01:24 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2016-02-10 15:37 - 2016-01-07 15:21 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2016-02-10 15:33 - 2016-01-07 15:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2016-02-10 15:26 - 2016-01-09 17:06 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2016-02-10 06:48 - 2016-02-10 06:50 - 89438323 _____ C:\Users\geoff\Downloads\ou_futurelearn_cyber_security_vid_1020.mp4

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-03-10 09:45 - 2013-03-20 17:11 - 00000806 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2016-03-10 09:45 - 2012-03-22 18:13 - 00000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2016-03-10 09:28 - 2006-11-02 10:33 - 00006568 _____ C:\Windows\system32\PerfStringBackup.INI

2016-03-09 08:20 - 2009-10-10 01:51 - 00008484 _____ C:\Users\geoff\AppData\Local\d3d9caps.dat

2016-03-09 08:13 - 2009-09-20 13:27 - 00000000 _____ C:\Windows\system32\Ikeext.etl

2016-03-09 08:07 - 2006-11-02 11:18 - 00000000 ___HD C:\Windows\system32\GroupPolicy

2016-03-07 05:25 - 2010-12-09 15:49 - 00000000 ____D C:\Users\jake

2016-03-07 05:25 - 2010-06-07 16:46 - 00000000 ____D C:\Users\Me

2016-03-07 05:25 - 2006-11-02 10:22 - 58458112 _____ C:\Windows\system32\config\software_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 52428800 _____ C:\Windows\system32\config\components_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 41680896 _____ C:\Windows\system32\config\system_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 04861952 _____ C:\Windows\system32\config\default_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 00131072 _____ C:\Windows\system32\config\sam_previous

2016-03-07 05:25 - 2006-11-02 10:22 - 00028672 _____ C:\Windows\system32\config\security_previous

2016-03-07 05:24 - 2016-02-06 21:55 - 00000000 ____D C:\Program Files\dply_en_015020230

2016-03-07 05:24 - 2015-11-04 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2016-03-07 05:24 - 2015-11-04 14:40 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware

2016-03-07 05:24 - 2011-02-16 13:05 - 00000000 ____D C:\Program Files\Microsoft Security Client

2016-03-07 05:24 - 2010-10-12 20:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2016-03-07 05:24 - 2008-10-14 17:37 - 00000000 ____D C:\Users\geoff

2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\system32\spool

2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\registration

2016-03-07 05:24 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\inf

2016-03-07 01:47 - 2008-11-19 21:36 - 00000000 ____D C:\Windows\Minidump

2016-03-05 23:49 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\tracing

2016-03-02 02:47 - 2006-11-02 12:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2016-03-02 02:47 - 2006-11-02 12:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2016-02-27 03:01 - 2012-04-03 10:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-02-27 02:36 - 2010-03-09 19:09 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2016-02-26 12:36 - 2010-03-09 19:09 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2016-02-24 03:03 - 2012-05-31 17:55 - 00001786 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2016-02-24 03:03 - 2011-02-16 13:05 - 00001945 _____ C:\Windows\epplauncher.mif

2016-02-15 13:31 - 2010-03-12 19:22 - 00000000 ____D C:\Program Files\Lx_cats

2016-02-13 13:01 - 2013-12-01 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2016-02-13 13:01 - 2008-03-07 16:17 - 00000000 ____D C:\Program Files\Java

2016-02-13 13:00 - 2015-09-10 19:13 - 00000000 ____D C:\Users\geoff\.oracle_jre_usage

2016-02-13 12:59 - 2015-01-26 21:26 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2016-02-13 12:47 - 2006-11-02 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-02-13 12:46 - 2016-02-06 21:55 - 00000000 ____D C:\Program Files\Common Files\Goobzo

2016-02-13 12:44 - 2006-11-02 13:01 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2016-02-12 03:39 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\rescache

2016-02-11 03:34 - 2013-08-19 18:30 - 00000000 ____D C:\Windows\system32\MRT

2016-02-11 03:34 - 2006-11-02 10:24 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2016-02-10 18:40 - 2009-01-05 23:18 - 00000000 ____D C:\Users\geoff\AppData\Local\Google

2016-02-10 17:54 - 2009-01-05 23:03 - 00000000 ____D C:\Program Files\Google

2016-02-10 16:14 - 2006-11-02 12:47 - 00367368 _____ C:\Windows\system32\FNTCACHE.DAT

2016-02-10 16:10 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Journal

2016-02-10 16:10 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Collaboration

2016-02-10 15:00 - 2006-11-02 11:18 - 00000000 __RSD C:\Windows\Media

2016-02-10 15:00 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\PolicyDefinitions

 

==================== Files in the root of some directories =======

 

2010-04-14 21:01 - 2010-04-14 21:01 - 0812344 ____N (Trend Micro Inc.) C:\Program Files\HijackThisInstaller.exe

2010-04-26 18:10 - 2010-04-26 18:15 - 0001492 ____N () C:\Program Files\Spybot - Search & Destroy.lnk

2008-10-14 21:10 - 2010-05-19 13:54 - 0027839 _____ () C:\Users\geoff\AppData\Roaming\nvModes.001

2008-10-14 21:06 - 2010-03-17 13:56 - 0027839 _____ () C:\Users\geoff\AppData\Roaming\nvModes.dat

2011-12-16 22:18 - 2016-01-16 13:33 - 0001155 _____ () C:\Users\geoff\AppData\Roaming\Rim.Desktop.Exception.log

2011-12-16 22:16 - 2012-06-21 16:15 - 0002245 _____ () C:\Users\geoff\AppData\Roaming\Rim.Desktop.HttpServerSetup.log

2011-12-16 22:18 - 2016-01-16 13:33 - 0001155 _____ () C:\Users\geoff\AppData\Roaming\Rim.DesktopHelper.Exception.log

2012-09-22 23:13 - 2016-01-16 13:33 - 0000616 _____ () C:\Users\geoff\AppData\Roaming\Rim.Transcoder.Exception.log

2008-11-09 16:24 - 2008-11-09 16:24 - 0026340 _____ () C:\Users\geoff\AppData\Roaming\UserTile.png

2014-02-05 22:52 - 2014-03-05 00:52 - 0000093 _____ () C:\Users\geoff\AppData\Roaming\WB.CFG

2008-10-14 22:02 - 2014-10-15 09:21 - 0000672 _____ () C:\Users\geoff\AppData\Roaming\wklnhst.dat

2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\AtStart.txt

2009-10-10 01:51 - 2016-03-09 08:20 - 0008484 _____ () C:\Users\geoff\AppData\Local\d3d9caps.dat

2008-10-30 19:59 - 2015-08-03 19:06 - 0011776 _____ () C:\Users\geoff\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\DSwitch.txt

2013-04-24 10:56 - 2015-03-25 18:07 - 0000000 _____ () C:\Users\geoff\AppData\Local\FnF4.txt

2012-12-30 20:25 - 2012-12-30 21:43 - 0000600 _____ () C:\Users\geoff\AppData\Local\PUTTY.RND

2008-10-14 18:08 - 2008-10-14 18:08 - 0000000 _____ () C:\Users\geoff\AppData\Local\QSwitch.txt

2011-02-05 16:50 - 2011-02-05 18:58 - 0000097 __RSH () C:\ProgramData\1.12.0.lic

2012-04-05 12:59 - 2012-04-05 12:59 - 0000053 __RSH () C:\ProgramData\1.12.5.lic

2010-05-19 14:09 - 2016-01-18 11:43 - 0297184 _____ () C:\ProgramData\nvModes.001

2010-05-19 14:09 - 2016-01-18 11:43 - 0297184 _____ () C:\ProgramData\nvModes.dat

 

Files to move or delete:

====================

C:\Users\geoff\IsoBurner-Setup.exe

C:\Users\geoff\regbackup.reg

C:\Users\geoff\SUPERAntiSpyware.exe

 

 

Some files in TEMP:

====================

C:\Users\geoff\AppData\Local\Temp\jre-8u71-windows-au.exe

C:\Users\geoff\AppData\Local\Temp\jre-8u73-windows-au.exe

 

 

==================== Bamital & volsnap =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2016-03-10 20:36

 

==================== End of FRST.txt ============================

[globaljoe]

Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01

Ran by geoff (2016-03-11 08:42:29)

Running from C:\Users\geoff\downloads

Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2008-07-19 08:46:55)

Boot Mode: Safe Mode (with Networking)

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-504676162-3151235640-1111575767-500 - Administrator - Disabled)

geoff (S-1-5-21-504676162-3151235640-1111575767-1000 - Administrator - Enabled) => C:\Users\geoff

Guest (S-1-5-21-504676162-3151235640-1111575767-501 - Limited - Disabled)

jake (S-1-5-21-504676162-3151235640-1111575767-1002 - Limited - Enabled) => C:\Users\jake

Me (S-1-5-21-504676162-3151235640-1111575767-1001 - Limited - Enabled) => C:\Users\Me

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Active@ ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.0 - LSoft Technologies)

ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden

Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)

Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)

Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)

Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)

Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)

Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)

Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)

AIM 6 (HKLM\...\AIM_6) (Version:  - )

Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2225 - AVAST Software)

CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)

CodeBlocks (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)

Core Temp 1.0 RC2 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)

CPUID CPU-Z 1.60 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )

CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1002 - CyberLink Corp.)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Desktop-play 000.015020230 (HKLM\...\dply_en_015020230_is1) (Version:  - DESKTOPPLAY) <==== ATTENTION

DiskCheckup v3.3 (HKLM\...\DiskCheckup_is1) (Version: 3.3.1000 - PassMark Software)

Dropbox (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)

DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.0928 - CyberLink Corp.)

EA Link (HKLM\...\InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}) (Version: 3.1.1.4 - Electronic Arts)

EA Link (Version: 3.1.1.4 - Electronic Arts) Hidden

GameMaker-Studio 1.2 (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\GameMaker-Studio12) (Version:  - YoYo Games Ltd.)

Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)

Google Drive (HKLM\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden

GoToAssist Expert 1.6.0.498 (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\GoToAssist Remote Support Expert) (Version: 1.6.0.498 - Citrix Online)

Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25149 - Hauppauge Computer Works, Inc.)

HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)

HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.234 - SurfRight B.V.)

Hot CPU Tester Pro 4.4.1 (HKLM\...\{5A39D5C2-A28B-421D-925A-0390FD1E5529}_is1) (Version: 4.4 LE - 7Byte Computers)

HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)

HP Customer Experience Enhancements (HKLM\...\{BD0E2B92-3814-46F0-893B-4612EA010C7E}) (Version: 5.4.0.2430 - Hewlett-Packard)

HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.02.0001 - Hewlett-Packard)

HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)

HP Help and Support (HKLM\...\{31216452-5540-4C96-B754-94890A63D5AB}) (Version: 2.0.10.0 - Hewlett-Packard)

HP Quick Launch Buttons 6.30 E1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.30 E1 - Hewlett-Packard)

HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - )

HP QuickTouch 1.00 C4 (HKLM\...\{7DC4A410-9986-4329-9E5D-687B2C42CA39}) (Version: 1.0.7 - Hewlett-Packard)

HP Total Care Advisor (HKLM\...\{b02df929-29a7-4fd2-9a70-81a644b635f7}) (Version: 1.4.19.2433 - Hewlett-Packard)

HP Update (HKLM\...\{612F4E20-3661-4D44-AD79-823F1B613FB3}) (Version: 5.002.008.001 - Hewlett-Packard)

HP User Guides 0087 (HKLM\...\{4D49757C-367A-4333-BDB3-68966162B14E}) (Version: 1.02.0000 - Hewlett-Packard )

HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H2 - Hewlett-Packard)

HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden

HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden

ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)

Instant Housecall Specialist Sign-in (HKLM\...\{7C9045F9-039D-4B64-93F5-53D8F9F7816F}) (Version: 6.0.0.0 - Instant Housecall)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)

Java 7 Update 10 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217010F0}) (Version: 7.0.100 - Oracle)

Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)

Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

KeyNote 1.6.5 (HKLM\...\KeyNote_is1) (Version:  - )

KompoZer 0.8b3 (HKLM\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version:  - KompoZer)

LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2128 - CyberLink Corp.)

Lexmark 2300 Series (HKLM\...\Lexmark 2300 Series) (Version:  - Lexmark International, Inc.)

Lexmark Fax Solutions (HKLM\...\Lexmark Fax Solutions) (Version:  - Lexmark International, Inc.)

LightScribe System Software  1.10.13.1 (Version: 1.10.13.1 - hxxp://www.lightscribe.com) Hidden

LinuxLive USB Creator (HKLM\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)

Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)

Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Press Training Kit Exam Prep Suite A+ 220-801, 220-802 (HKLM\...\{7AA4AE9D-8720-4050-8E9A-DABDB197855B}) (Version: 1.0.0 - MeasureUp)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)

Mozilla Firefox 40.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)

MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

muvee autoProducer 6.1 (HKLM\...\{250E9609-E830-43EB-B379-DAB7546A2422}) (Version: 6.10.050 - muvee Technologies)

My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1902 - WildTangent)

Nokia Connectivity Cable Driver (HKLM\...\{4F1DCA42-2030-437C-A94E-736692A499C1}) (Version: 6.86.11.0 - Nokia)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)

OpenOffice 4.1.2 (HKLM\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)

Opera Stable 19.0.1326.59 (HKLM\...\Opera 19.0.1326.59) (Version: 19.0.1326.59 - Opera Software ASA)

Opera Stable 33.0.1990.115 (HKLM\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software)

Opera Stable 34.0.2036.36 (HKLM\...\Opera 34.0.2036.36) (Version: 34.0.2036.36 - Opera Software)

Opera Update Checker (HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\Opera Update Checker) (Version:  - Opera widgets)

PDF Creator (HKLM\...\PDF Creator) (Version:  - )

PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden

PyScripter 2.5.3 (HKLM\...\PyScripter_is1) (Version: 2.5.3 - PyScripter)

Python 3.3.0 (HKLM\...\{526b1417-92c1-3737-8247-4abc49ccc8e4}) (Version: 3.3.150 - Python Software Foundation)

QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)

RAR Reader (HKLM\...\{9CDE6ACC-B81A-482E-A55C-FBB0CA021FEC}_is1) (Version:  - rarreader.com)

Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5869 - Realtek Semiconductor Corp.)

Renee Undeleter 2014.2.26.00 (HKLM\...\{EE1F41BE-6DBD-44AE-9F97-4D7F9227329D}_is1) (Version: 2014.2.26.00 - Rene.E Laboratory)

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )

Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)

Search module (HKLM\...\Search module) (Version:  - Goobzo) <==== ATTENTION

SearchModule (HKLM\...\{D2E9FE6A-7003-42A0-96F6-5569DFC2A3A8}_is1) (Version: 2.8.9.113 - Goobzo LTD) <==== ATTENTION

SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version:  - Seagate Technology)

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

SIW version 2010.07.14 (HKLM\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.07.14 - Topala Software Solutions)

Skill Builder DX (HKLM\...\{40C2D00A-9235-4EA2-8AB9-2CAB7A842B49}) (Version:  - )

Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)

Skype™ 7.11 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.11.102 - Skype Technologies S.A.)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.1.1002 - SUPERAntiSpyware.com)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)

TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.0.8703  - TeamViewer GmbH)

The OFFICIAL DSA THEORY TEST for Car Drivers (HKLM\...\{50684081-B0AE-4B26-9E06-645BE7E357C8}) (Version: 2.00.0001 - TSO)

The Sims™ Life Stories (HKLM\...\{2284D904-C138-4B58-93EC-5C362AB5130A}) (Version: 1.00.0000 - Electronic Arts)

Undeleter (HKLM\...\{6A1110AB-79A2-4316-A0F3-D95525931FDC}_is1) (Version:  - Blitware Technology Inc.)

Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)

Windows Repair Kit v3.0 (HKLM\...\Windows Repair Kit v3.0) (Version:  - )

WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)

WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{F5CC79AD-5695-4db5-9669-4231686B4B84}\InprocServer32 -> C:\Program Files\Instant Housecall\Specialist\MenuExtension32.dll (Instant Housecall)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geoff\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-504676162-3151235640-1111575767-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {15EF1CCC-3432-4402-9256-0A98C74B1652} - System32\Tasks\Opera scheduled Autoupdate 1382886487 => C:\Program Files\Opera\launcher.exe [2015-12-14] (Opera Software)

Task: {2ED0D85B-F710-4CB1-8B4B-6321B212F12F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)

Task: {43D8F97B-ABB7-43D2-A096-01E275FE195D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {4C4EE041-B922-43AA-924F-7837E263CE85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {6092D2F8-3318-4903-AC4A-9F3505364585} - System32\Tasks\{4B88C94D-0A54-4A3E-A970-4422C4E5D1A1} => pcalua.exe -a C:\ProgramData\Installations\{5AFEABF5-7411-4C29-9FA9-71ABE880662D}\Nokia_PC_Suite_rel_6_86_9_4_EA.exe

Task: {8433246C-B309-4DED-8952-86CD35F88ECF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)

Task: {8A0681A4-A478-4B7B-A731-6E2827AFB580} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)

Task: {A140BE9B-A5E1-48C6-A3CE-43E5744A42C9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)

Task: {ABE5ADC8-A224-4EF0-B4AB-7058AB1FCE74} - System32\Tasks\{874CFE2D-ADB2-4050-94FD-A3E7307E6543} => pcalua.exe -a "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" -c REMOVE=TRUE MODIFY=FALSE

Task: {CD245391-D8E3-4FB9-A4CA-D61E33985A11} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {E543470A-A320-4008-9924-594ABE80C4A0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-16] (AVAST Software)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

 

==================== Shortcuts =============================

 

(The entries could be listed to be restored or removed.)

 

==================== Loaded Modules (Whitelisted) ==============

 

2016-01-08 07:06 - 2015-12-14 09:14 - 61551736 _____ () C:\Program Files\Opera\34.0.2036.36\opera.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com

IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com

IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com

IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com

IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com

IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com

IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

 

There are 7595 more sites.

 

IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\cleverreach.com -> hxxp://novastor.cleverreach.com

IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\google-analytics.com -> hxxp://google-analytics.com

IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\novastor.com -> hxxp://novastor.com

IE trusted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\novastor.com -> hxxps://novastor.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\007guard.com -> install.007guard.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\008k.com -> www.008k.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\00hq.com -> www.00hq.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\010402.com -> 010402.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\0scan.com -> www.0scan.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\10sek.com -> www.10sek.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\S-1-5-21-504676162-3151235640-1111575767-1000\...\123simsen.com -> www.123simsen.com

 

There are 7592 more sites.

 

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2006-11-02 10:23 - 2016-03-10 09:45 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

 

127.0.0.1       localhost

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-504676162-3151235640-1111575767-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img31.jpg

DNS Servers: 192.168.0.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

MSCONFIG\startupreg: EzPrint => "C:\Program Files\Lexmark 2300 Series\ezprint.exe"

MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart

MSCONFIG\startupreg: GoToAssist Express Expert => "C:\Users\geoff\AppData\Local\Citrix\GoToAssist Express Expert\403\g2ax_start.exe" "/Trigger RunAtLogon"

MSCONFIG\startupreg: GoToAssist Remote Support Expert => "C:\Program Files\Citrix\GoToAssist Remote Support Expert\498\g2ax_start.exe" "/Trigger RunAtLogon"

MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

MSCONFIG\startupreg: IAAnotif => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

MSCONFIG\startupreg: LXCGCATS => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16

MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

MSCONFIG\startupreg: QlbCtrl => %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

MSCONFIG\startupreg: QPService => "C:\Program Files\HP\QuickPlay\QPService.exe"

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

MSCONFIG\startupreg: SMSERIAL => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: WAWifiMessage => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe

FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe

FirewallRules: [{E9345907-DAA6-4702-905A-E483587B5EC0}] => (Allow) C:\Program Files\Instant Housecall\Specialist\Specialist Sign-in.exe

FirewallRules: [{6C1D56E0-F1A3-41B6-AEC0-53748FBABC42}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe

FirewallRules: [TCP Query User{0A7A6121-2F4D-46D8-8B20-C6C46772D337}C:\python33\python.exe] => (Block) C:\python33\python.exe

FirewallRules: [UDP Query User{60367E94-85B1-44DD-AB5A-740A0289AAC1}C:\python33\python.exe] => (Block) C:\python33\python.exe

FirewallRules: [{D6C950AC-BFC4-4908-B769-0350F7FBA1D8}] => (Allow) C:\Program Files\WinZip Driver Updater\winzipdu.exe

FirewallRules: [{225E263C-FCE5-40A8-BC5E-5F930E5E8519}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{6FAB2B0F-B5C8-468D-90CF-70F6336418D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{01A37E37-F197-4CA5-A6DC-239BC1A5438D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [{59AE05E3-7359-42F8-8CBA-53FE3BA4A17B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [{4107F44B-B146-4FDC-9704-288E4910137E}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe

FirewallRules: [{2EF46FA0-2C86-4B6C-9F78-DB5A99E7D0E2}] => (Allow) C:\Program Files\SpringFiles\SpringFiles.exe

FirewallRules: [{5FD25458-D997-4C18-82C7-37A38E4D6757}] => (Allow) C:\Program Files\SpringFiles\downloader.exe

FirewallRules: [{F613C2FA-34EA-41BD-9B55-A2FB8DE47451}] => (Allow) C:\Program Files\SpringFiles\downloader.exe

FirewallRules: [{0F7A3A86-289B-4B03-AB64-70E0F44FC450}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

 

==================== Restore Points =========================

 

24-02-2016 03:00:11 Windows Update

24-02-2016 23:49:58 Scheduled Checkpoint

26-02-2016 07:10:18 Scheduled Checkpoint

27-02-2016 03:18:12 Windows Update

29-02-2016 02:23:27 Scheduled Checkpoint

02-03-2016 03:19:04 Windows Update

 

==================== Faulty Device Manager Devices =============

 

Name: Microsoft ISATAP Adapter #14

Description: Microsoft ISATAP Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Tun Miniport Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunmp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Ricoh SD/MMC Host Controller

Description: Ricoh SD/MMC Host Controller

Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}

Manufacturer: Ricoh Company

Service: rimmptsk

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Ricoh Memory Stick Controller

Description: Ricoh Memory Stick Host Controller

Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}

Manufacturer: Ricoh Company

Service: rimsptsk

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Ricoh xD-Picture Card Controller

Description: Ricoh xD-Picture Card Controller

Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}

Manufacturer: Ricoh Company

Service: rismxdp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (03/10/2016 09:28:05 AM) (Source: LoadPerf) (EventID: 3011) (User: )

Description: WmiApRplWmiApRpl8

 

Error: (03/10/2016 09:28:05 AM) (Source: LoadPerf) (EventID: 3012) (User: )

Description: Performance16

 

Error: (03/09/2016 08:14:51 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/08/2016 12:58:19 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/07/2016 05:51:17 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/07/2016 04:32:11 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/07/2016 01:38:29 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/07/2016 01:24:22 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/07/2016 01:23:39 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

Error: (03/07/2016 12:49:53 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

 

 

System errors:

=============

Error: (03/11/2016 08:24:44 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 0.0.0.0

 

Update Source: %NT AUTHORITY51

 

Update Stage: 4.9.0218.00

 

Source Path: 4.9.0218.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\NETWORK SERVICE

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (03/11/2016 08:24:38 AM) (Source: Microsoft Antimalware) (EventID: 2003) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update the engine.

 

New Engine Version: 

 

Previous Engine Version: 2.1.11804.0

 

Engine Type: %NT AUTHORITY604

 

User: NT AUTHORITY\NETWORK SERVICE

 

Error Code: %NT AUTHORITY601

 

Error description: %NT AUTHORITY602

 

Error: (03/11/2016 08:24:38 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 

 

Update Source: %NT AUTHORITY15

 

Update Stage: 4.9.0218.00

 

Source Path: 4.9.0218.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\NETWORK SERVICE

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (03/11/2016 08:23:48 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 1.215.1002.0

 

Update Source: %NT AUTHORITY59

 

Update Stage: 4.9.0218.00

 

Source Path: 4.9.0218.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\SYSTEM

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (03/11/2016 08:15:14 AM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (03/10/2016 09:38:55 AM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

 

Error: (03/10/2016 08:24:50 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 0.0.0.0

 

Update Source: %NT AUTHORITY51

 

Update Stage: 4.9.0218.00

 

Source Path: 4.9.0218.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\NETWORK SERVICE

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (03/10/2016 08:24:43 AM) (Source: Microsoft Antimalware) (EventID: 2003) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update the engine.

 

New Engine Version: 

 

Previous Engine Version: 2.1.11804.0

 

Engine Type: %NT AUTHORITY604

 

User: NT AUTHORITY\NETWORK SERVICE

 

Error Code: %NT AUTHORITY601

 

Error description: %NT AUTHORITY602

 

Error: (03/10/2016 08:24:43 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 

 

Update Source: %NT AUTHORITY15

 

Update Stage: 4.9.0218.00

 

Source Path: 4.9.0218.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\NETWORK SERVICE

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

Error: (03/10/2016 08:23:48 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )

Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 

New Signature Version: 

 

Previous Signature Version: 1.215.846.0

 

Update Source: %NT AUTHORITY59

 

Update Stage: 4.9.0218.00

 

Source Path: 4.9.0218.01

 

Signature Type: %NT AUTHORITY602

 

Update Type: %NT AUTHORITY604

 

User: NT AUTHORITY\SYSTEM

 

Current Engine Version: %NT AUTHORITY605

 

Previous Engine Version: %NT AUTHORITY606

 

Error code: %NT AUTHORITY607

 

Error description: %NT AUTHORITY608

 

 

CodeIntegrity:

===================================

  Date: 2016-03-11 08:42:01.192

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-11 08:42:00.677

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-11 08:42:00.155

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-11 08:41:59.625

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-11 08:37:10.591

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-11 08:37:10.155

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-11 08:37:09.687

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-11 08:37:09.180

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-08 00:33:05.793

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2016-03-08 00:33:05.361

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core™2 Duo CPU T5750 @ 2.00GHz

Percentage of memory in use: 41%

Total physical RAM: 3069.68 MB

Available physical RAM: 1799.61 MB

Total Virtual: 6341.6 MB

Available Virtual: 5317.46 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:221.34 GB) (Free:133.86 GB) NTFS ==>[drive with boot components (obtained from BCD)]

Drive d: (HP_RECOVERY) (Fixed) (Total:11.54 GB) (Free:2.23 GB) NTFS ==>[system with boot components (obtained from drive)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 232.9 GB) (Disk ID: 6709219E)

Partition 1: (Active) - (Size=221.3 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=11.5 GB) - (Type=07 NTFS)

 

==================== End of Addition.txt ============================