Computer Problem 041018
Win7, 32 Bit
Days ago my computer booted up and my desktop was rearranged. Then I was booted up as Default User. I reboot w/F8 and was back in my Admin Profile. Again today booted into Default Profile. I reboot trying F8 (It will not work as usual) and the system Boots me up as Default User. I then have to Cntl Alt Delete to go into my normal Admin User/Safe Mode. My DeskTop is gone and I’m booted in as a New User(Old Windows Look) with no Restore points. All my files look to bein the system just none of my Admin User Profile info.
I used Minimal Safe Mode in the default Safe Mode option. I ran Malwarebytes, Sophos 2.6.1 , Spybot, Adw Cleaner in Safe mode with nothing found, CC Cleaner Will not run in Safe Mode.
https://helpdeskgeek.com/windows-7/safe-mode-f8-doesnt-work/
I ran Malwarebytes, Sophos 2.6.1 , Adw Cleaner, CC Cleaner in Normal boot with nothing found. Sophos 2.6.1 will not run Error 1606 Could not access network location.
Info below from Event Viewer
- Event Viewer Error 4/11/18 0xc000000d Error- Unable to load registry
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14.03.2018
Ran by Scott (administrator) on SCOTT-PC (11-04-2018 04:43:21)
Running from C:\Windows\System32\config\systemprofile\Desktop
Loaded Profiles: Scott & Administrator (Available Profiles: Scott & Administrator)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seagate Technology LLC) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
(Ellora Assets Corp.) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Seagate LLC) C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\EZ-DUB\EZ-DUB.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Reason Software Company Inc.) C:\Program Files\Unchecky\bin\unchecky_svc.exe
(Reason Software Company Inc.) C:\Program Files\Unchecky\bin\unchecky_bg.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\microsoft office\Office12\WINWORD.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-08-10] (Apple Inc.)
HKLM\...\Run: [MaxMenuMgr] => C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-09-25] (Seagate LLC)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4907008 2008-01-17] (Realtek Semiconductor)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <==== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <==== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binexe <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <==== ATTENTION
HKLM Group Policy restriction on software: ** <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <==== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <==== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <==== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binpif <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binscr <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <==== ATTENTION
Addition
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14.03.2018
Ran by Scott (11-04-2018 04:44:42)
Running from C:\Windows\System32\config\systemprofile\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2014-04-09 18:07:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4044866103-2329573634-2605357377-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-4044866103-2329573634-2605357377-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4044866103-2329573634-2605357377-1002 - Limited - Enabled)
Scott (S-1-5-21-4044866103-2329573634-2605357377-1000 - Administrator - Enabled) => C:\Users\TEMP
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . . (HKLM\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden
. . . (HKLM\...\{679012E8-DFAC-4484-AD14-D08C6FD7FB4B}) (Version: 2.1.28.3 - Intel) Hidden
7-Zip 17.01 beta (HKLM\...\7-Zip) (Version: 17.01 beta - Igor Pavlov)
Adobe Flash Player 29 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Advanced Scan to PDF Free 3.9.2 (HKLM\...\Advanced Scan to PDF Free_is1) (Version: - PDFChief Co., Ltd.)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\{C9811F26-3EF6-449A-9736-BB79A125D894}) (Version: 14.0.4007 - AVG Technologies) Hidden
AVG Zen (HKLM\...\{9716EA2F-5DC5-4ECB-AA7B-909457378877}) (Version: 1.0.306 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
CryptoPrevent (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
e-Sword (HKLM\...\{294B365B-32EF-49EE-99B3-A00558DC76E5}) (Version: 10.02.0001 - Rick Meyers)
e-Sword Module Installer version .4 (HKLM\...\{6E442F8C-3EB1-4911-BB65-F3AD73438F52}_is1) (Version: .4 - BibleSupport.com)
EZ-DUB (HKLM\...\{7E30D45E-EEC5-41A6-A613-F3BFB2694ACB}) (Version: 3.0 - Ulead System)
EZ-DUB Finder (HKLM\...\{F33C4D28-899A-4C3C-868B-9169A121528B}) (Version: 1.00.0722 - LiteON) Hidden
EZ-DUB Finder (HKLM\...\InstallShield_{F33C4D28-899A-4C3C-868B-9169A121528B}) (Version: 1.00.0722 - LiteON)
Flvto YouTube Downloader (HKLM\...\Flvto YouTube Downloader) (Version: 1.0.9 - Hotger)
FMW 1 (HKLM\...\{3E322933-FA94-438E-AA1F-2F066B1CC46C}) (Version: 1.0.222 - AVG Technologies) Hidden
Freemake Video Converter version 4.1.9 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation)
Freemake YouTube To MP3 Boom (HKLM\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.4 - Ellora Assets Corporation)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 21.1 - Intel)
Intel® TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
LiveUpdate (HKLM\...\LiveUpdate) (Version: - )
Malwarebytes version 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU (HKLM\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU (HKLM\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MOBZync (HKLM\...\{417FF61C-66A9-4A76-8AF7-0E3994AC8C31}) (Version: 0.9.2 - MOBZystems)
Movie Maker (HKLM\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 56.0 (x86 en-US) (HKLM\...\Mozilla Firefox 56.0 (x86 en-US)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 en-US) (HKLM\...\Mozilla Thunderbird 45.7.1 (x86 en-US)) (Version: 45.7.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Potplayer (HKLM\...\PotPlayer) (Version: - Daum Communications Corp.)
QuickTime (HKLM\...\{EB900AF8-CC61-4E15-871B-98D1EA3E8025}) (Version: 7.67.75.0 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
Seagate Manager Installer (HKLM\...\{2A30052B-831C-41D3-8044-3C0388066350}) (Version: 2.01.0600 - Seagate) Hidden
Seagate Manager Installer (HKLM\...\InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}) (Version: 2.01.0600 - Seagate)
SeaTools for Windows 1.4.0.4 (HKLM\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SyncToy 2.1 (x86) (HKLM\...\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}) (Version: 2.1.0 - Microsoft)
THE NAG HAMMADI LIBRARY.topx version 0 (HKLM\...\{D7F1A6E9-5A60-4573-AFBD-4A047A57635E}_is1) (Version: 0 - BibleSupport.com)
Unchecky v1.2 (HKLM\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2017 (HKLM\...\{3CC29C1A-B5FE-457B-8F22-32A3667A92C7}}_is1) (Version: - windows-movie-maker.org)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2014-06-24] (Safer-Networking Ltd.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01138799-A432-413E-9233-4142970467DA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4044866103-2329573634-2605357377-1000UA => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-15] (Google Inc.)
Task: {14A54D07-0B8E-4E6C-BEFB-DEB6A8F28FA3} - System32\Tasks\{33AB1714-0F1F-41BE-AE4D-4CE707FC8AB9} => msiexec.exe /package "C:\Users\Scott\Downloads\MicrosoftFixit50123.msi"
Task: {16FEA387-FAD4-443A-B4E6-FF988F0C4AE6} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {1755AAFA-3DA6-4A8A-8AB5-ED14BFBD65AA} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {2793D72D-CFC5-444E-9A9B-8F524FA71D11} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {3527F7EE-4B8E-422D-8FEE-5083930043EB} - System32\Tasks\{29D5E377-CE4A-4947-BFE7-6DDD9A5B4E48} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {35910534-5F45-451B-86CF-536B12FEDDC1} - System32\Tasks\{8ED34269-D355-4824-81B4-8E0CA709686C} => C:\Program Files\iTunes\iTunes.exe [2012-09-09] (Apple Inc.)
Task: {3C66B5AA-E80B-4D41-AE1B-A079372C78A8} - System32\Tasks\{8C2A7429-5BBC-4A32-ADA5-FE99F091FC16} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {4AD47043-4D67-4F39-91A9-D2CC29BC3ABA} - System32\Tasks\{E9D04DF9-CB1A-4CD2-812C-5092FD85C825} => C:\Program Files\GoPro\GoPro VR Player 2.0\GoProVRPlayer_win32.exe
Task: {5656C4ED-3456-4135-BC27-E175548C6CE5} - System32\Tasks\{44D3594B-D2F9-4834-9AC4-F0DB2A6AF30F} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {5E143A35-2398-45E0-AA08-747CFD6B4E72} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {606E7679-296E-47AD-BEDC-561DB8C5C216} - System32\Tasks\{FEB863AF-49C3-4878-8B79-25D08C06B6B4} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {60B245A9-53E6-4893-A5B9-78C94BC324BD} - System32\Tasks\{DCC16085-21A5-4481-BCD9-1750B143EE35} => C:\Program Files\iTunes\iTunes.exe [2012-09-09] (Apple Inc.)
Task: {71C9B795-5C44-45DD-BD07-19F04583060F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-03-06] (Piriform Ltd)
Task: {76892BC5-DD39-4476-A303-245CDC15CFE7} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe
Task: {7768604C-8CBC-4A2B-AED0-A4F2024106D8} - System32\Tasks\{3A1EEAA2-E709-4F63-B471-039AB4F070B6} => C:\Program Files\GoPro\GoPro VR Player 2.0\GoProVRPlayer_win32.exe
Task: {82F944B0-DC1B-4832-8854-D074A94AF0F7} - System32\Tasks\{FF244946-B9B9-40C5-963E-7DDF2E841CBD} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {8C7185EE-DE6D-4769-9993-D38D6083431A} - System32\Tasks\{4F631F87-16B4-4E00-A335-12B11782D7AD} => msiexec.exe /package "C:\Users\Scott\Downloads\MicrosoftFixit50123.msi"
Task: {95C85358-9525-40F4-AA85-56630A07C528} - System32\Tasks\{FFF85220-D9CF-419E-B476-7CD90CAF7426} => msiexec.exe /package "C:\Users\Scott\Downloads\MicrosoftFixit50123.msi"
Task: {9CAD1C03-B916-417B-BE7B-C537DAB00942} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-10] (Adobe Systems Incorporated)
Task: {A1A327C7-552B-4D71-BF2A-39631CCDB3E3} - System32\Tasks\{B9F54951-8F68-4BAD-A9D5-012EB4EAC459} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {B809CE6A-00DF-4AF7-9DC7-606F924952CA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-03-06] (Piriform Ltd)
Task: {B860E51A-F298-48AF-B95B-4DB83A4F070A} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {BB8E71B2-D43C-4F0F-8962-BAB9883D1A29} - System32\Tasks\{746B6DDB-026D-46DC-BE02-6386A60BB78B} => msiexec.exe /package "C:\Users\Scott\Downloads\MicrosoftFixit50123.msi"
Task: {D5341DCE-D5E5-4C44-A1AC-0E0F0EBA53EB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {D8597A4D-A621-4012-B014-264A1A2A9049} - System32\Tasks\{B68C5D2C-97E0-4176-AE26-74584708E6FD} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {D86561A4-68E3-4867-B905-F0487E4BF858} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-10] (Adobe Systems Incorporated)
Task: {DD732DE6-D589-4CD6-86D9-CA5BC8B0ADA6} - System32\Tasks\{C1FEB967-16F4-4ECF-AF9B-26F198453BD9} => C:\Windows\system32\pcalua.exe -a D:\Setup.exe -d D:\
Task: {E397C2F9-8ADD-4316-A8FB-7B68F3812912} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4044866103-2329573634-2605357377-1000Core => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-15] (Google Inc.)
Task: {EB4ED08B-2D3E-4E89-A94A-AC5A1C3C6FAB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {F43C98AE-5690-4997-B5F8-E545FFF6803E} - System32\Tasks\{50D840F2-A880-4AFE-B759-4D2B2B700A7D} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-05-14 08:20 - 2013-10-23 14:23 - 000089136 _____ () C:\Windows\System32\cpwmon2k.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 000087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 001242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-22 04:39 - 2014-05-13 13:04 - 000109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-12-22 04:39 - 2014-05-13 13:04 - 000416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2016-12-22 04:39 - 2014-05-13 13:04 - 000167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-12-22 04:39 - 2012-08-23 11:38 - 000574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2016-12-22 04:39 - 2012-04-03 18:06 - 000565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2005-09-13 19:47 - 2005-09-13 19:47 - 000266240 _____ () C:\Program Files\EZ-DUB\EZ-DUB.exe
2016-06-08 19:04 - 2016-06-08 19:04 - 000117400 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
2018-04-04 08:04 - 2018-03-12 15:09 - 001936672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-04 08:04 - 2018-03-27 13:47 - 001912096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000143296 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 002631616 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000554944 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 000041920 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 000039872 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000086464 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2015-04-13 06:56 - 2015-04-13 06:56 - 000070675 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 002158528 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000114112 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000245184 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000089536 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000055744 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000072128 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000593344 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000771520 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000131520 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000052672 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\librar_plugin.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000023488 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000145856 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 001566656 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000332736 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 001264064 _____ () C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000024512 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000069568 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000048576 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2015-04-13 06:57 - 2015-04-13 06:57 - 000242112 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 012001728 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000046528 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 000261056 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 000027072 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 000304576 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 001291200 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000754624 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 000344512 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 000028608 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000036800 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000052160 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000456128 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 000035776 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 000024512 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000157632 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 001549248 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000356288 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 000028096 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 000028096 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000031680 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000363456 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2015-04-13 07:00 - 2015-04-13 07:00 - 000121792 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000028608 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 013522368 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000772544 _____ () C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000038848 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000022464 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000030144 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000027072 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000702400 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 001504704 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000036800 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000125376 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000064448 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000028608 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000027584 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000024512 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000030656 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000027584 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000029120 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000037312 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2015-04-13 06:58 - 2015-04-13 06:58 - 000024000 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000023488 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2015-04-13 06:59 - 2015-04-13 06:59 - 000022976 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2015-11-11 04:41 - 2015-11-11 04:41 - 000756376 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %*
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:04 - 2018-04-11 03:37 - 000001306 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: AvgUi => "C:\Program Files\AVG\Framework\Common\avguix.exe" /fmw.trayonly
MSCONFIG\startupreg: Google Update => C:\Users\Scott\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{D372D014-1A79-4E01-B779-AC098E91E870}] => (Allow) C:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{2909F608-F53F-4E85-8B60-3CF0C8602B50}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A93F060F-0771-4EB6-86E8-FC7AC755986D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AC30EE5E-E2BD-413C-B10C-DF680BEFE90F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{21777E3F-4B64-4367-B448-FFA8EA997095}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{48BF5A3C-9E61-4AE4-88EE-D78D625675F6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9B1850DF-4730-478D-9D13-8278359CF2C0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{692F9A1F-19C8-4F16-8190-FC7FBE5714FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0ECEB16C-69BA-425A-8C14-7D03024D715F}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{41943A4A-5F4C-40AF-B76F-8D636F80DC7F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8E528E4E-A129-43AF-9A8E-44541BAA0A5A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAD116BE-DCE6-4CE8-AF33-4206523429DC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E154B2C5-F420-4BA0-88B3-37085D5C462C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{A1C9EB16-F72A-4D10-8FC0-ADB0A0D83334}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E814BFAD-499F-4DCF-8264-CFB3E927F226}] => (Allow) LPort=2869
FirewallRules: [{D20238AF-FF53-4DD5-A019-3F56D9D68C0F}] => (Allow) LPort=1900
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
10-04-2018 16:25:11 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/11/2018 04:01:02 AM) (Source: MsiInstaller) (EventID: 11606) (User: Scott-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.
Error: (04/11/2018 04:01:00 AM) (Source: MsiInstaller) (EventID: 11606) (User: Scott-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.
Error: (04/11/2018 03:37:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/11/2018 03:37:11 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1505) (User: Scott-PC)
Description: Windows cannot load the user's profile but has logged you on with the default profile for the system.
DETAIL - Access is denied.
Error: (04/10/2018 07:27:24 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (04/10/2018 07:27:24 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (04/10/2018 07:27:24 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (04/10/2018 07:27:24 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (04/11/2018 03:37:49 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
UimBus
Uim_DEVIM
Error: (04/11/2018 03:37:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/10/2018 07:27:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (04/10/2018 07:27:24 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
Error: (04/10/2018 07:27:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
UimBus
Uim_DEVIM
Error: (04/10/2018 07:26:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/10/2018 07:22:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (04/10/2018 07:22:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU E7400 @ 2.80GHz
Percentage of memory in use: 79%
Total physical RAM: 3061.18 MB
Available physical RAM: 631.84 MB
Total Virtual: 6120.7 MB
Available Virtual: 3506.89 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:175.04 GB) NTFS
Drive j: (Seagate Backup Plus Drive) (Fixed) (Total:1863.01 GB) (Free:166.4 GB) NTFS
Drive k: (Seagate Backup Plus Drive) (Fixed) (Total:1863.01 GB) (Free:1249.64 GB) NTFS
Drive l: (Seagate Backup Plus Drive) (Fixed) (Total:5588.9 GB) (Free:19.5 GB) NTFS
Drive m: () (Removable) (Total:3.77 GB) (Free:2.26 GB) FAT32
\\?\Volume{f29edfd7-c00e-11e3-a285-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 7A055C85)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 5589 GB) (Disk ID: 9A983881)
Partition: GPT.
========================================================
Disk: 6 (Size: 1863 GB) (Disk ID: 8A352DED)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 7.
========================================================
Disk: 8 (MBR Code: Windows XP) (Size: 3.8 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0C)
==================== End of Addition.txt ============================