Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Crash


  • This topic is locked This topic is locked
14 replies to this topic

#1 maineearle

maineearle

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:41 AM

Posted 19 March 2015 - 09:15 PM

IE keeps crashing

 

Unable to download FRST-64

 

 

 

 

Attached  a DDS Log

Attached Files

  • Attached File  dds.txt   26.29KB   14 downloads

Thanks everyone

BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:41 AM

Posted 24 March 2015 - 09:20 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/570689 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 maineearle

maineearle
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:41 AM

Posted 25 March 2015 - 08:48 PM

All of my browses keep crashing IE/FF/Chrome/AOL

Have run Norton NPE CCleaner F-Secure scanner JRT Hitman Pro RogueKiller Emsisoft Emergency Kit Tdsskiller Mab Malwarebytes

with limited results


Thanks everyone

#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:41 AM

Posted 26 March 2015 - 08:44 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the file to a CD or Flash drive using a good computer.

Copy the downloaded file to the Desktop of the problem computer and run the application.

Post the logs if you can.

#5 maineearle

maineearle
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:41 AM

Posted 26 March 2015 - 01:03 PM

Thanks again see attached


Thanks everyone

#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:41 AM

Posted 27 March 2015 - 07:55 AM

I do not see any files attached.

You can paste the content of both files if you need to.

#7 maineearle

maineearle
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:41 AM

Posted 27 March 2015 - 04:26 PM

Here you are
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Administrator at 2015-03-26 14:01:05
Running from F:\
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Internet Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{1CAFFEC6-23B4-484B-B17B-3200BE5C5636}) (Version: 99.9 - Eyeo GmbH)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
Brother MFL-Pro Suite MFC-J475DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Glary Utilities 5.21 (HKLM-x32\...\Glary Utilities 5) (Version: 5.21.0.40 - Glarysoft Ltd)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Connection Manager (HKLM-x32\...\{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}) (Version: 4.1.25.1 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6466.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.1 - IObit)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 10.9.1 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.1 - )
Logitech Flow Scroll 4.0 (HKLM\...\Sn1) (Version: 4.00.33 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2746016171-2851884287-947705566-500\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.70 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.89.716.2014 - Realtek)
RogueKiller version 10 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 10 - Adlice Software)
SlimDrivers (HKLM-x32\...\{03E312F7-8697-4BC4-A90F-33D34EECE18C}) (Version: 2.2.44488 - SlimWare Utilities, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.42.2 - Synaptics Incorporated)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.11.2 - Tweaking.com)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0-rc2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2746016171-2851884287-947705566-500_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_2\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2746016171-2851884287-947705566-500_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_2\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2746016171-2851884287-947705566-500_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_2\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2746016171-2851884287-947705566-500_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_2\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2746016171-2851884287-947705566-500_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_2\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
21-03-2015 04:15:47 Removed Microsoft Office Home and Student 2007
21-03-2015 05:00:56 IObit Uninstaller restore point
21-03-2015 05:03:53 IObit Uninstaller restore point
21-03-2015 05:05:08 IObit Uninstaller restore point
21-03-2015 05:07:55 IObit Uninstaller restore point
21-03-2015 05:09:29 IObit Uninstaller restore point
21-03-2015 05:10:56 IObit Uninstaller restore point
21-03-2015 05:11:37 IObit Uninstaller restore point
21-03-2015 05:13:15 IObit Uninstaller restore point
21-03-2015 05:14:12 IObit Uninstaller restore point
21-03-2015 05:14:43 Removed HP Support Assistant.
21-03-2015 05:16:09 IObit Uninstaller restore point
21-03-2015 05:17:24 IObit Uninstaller restore point
21-03-2015 05:18:14 IObit Uninstaller restore point
21-03-2015 05:22:34 IObit Uninstaller restore point
21-03-2015 20:14:05 Checkpoint by HitmanPro
21-03-2015 21:19:46 Revo Uninstaller's restore point - Sound Organizer
21-03-2015 21:20:22 Removed Sound Organizer.
22-03-2015 09:22:07 IObit Uninstaller restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2015-03-02 16:09 - 00000855 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02DFCDAA-5C9A-47FC-8AC6-B811B9D8A0BC} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService No Task File <==== ATTENTION
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - \Microsoft\Windows\Time Synchronization\SynchronizeTime No Task File <==== ATTENTION
Task: {044D7076-3892-46F7-8C72-F86BD558076A} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask No Task File <==== ATTENTION
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 No Task File <==== ATTENTION
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 No Task File <==== ATTENTION
Task: {0B01DDA7-FA41-4C6E-8427-C7C6CD291301} - \SidebarExecute No Task File <==== ATTENTION
Task: {190A4168-8690-4523-921F-0DD4E3BC321D} - \Microsoft_Hardware_Launch_mousekeyboardcenter_exe No Task File <==== ATTENTION
Task: {1C83A81E-25C0-4CD5-8B5A-9CD7EDD2ABCA} - \Microsoft\Windows\Media Center\RegisterSearch No Task File <==== ATTENTION
Task: {1D9857AA-B6D5-4D5D-9E78-6B56512DCAF6} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {1EAB1079-2E3E-4B99-927D-D99860FC1470} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector No Task File <==== ATTENTION
Task: {1F7B7221-AE8F-44F3-BA82-F7D260F51964} - \Microsoft\Windows\Task Manager\Interactive No Task File <==== ATTENTION
Task: {21268A60-F63B-4013-AD00-122BE97576E6} - \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task No Task File <==== ATTENTION
Task: {21EEEE52-A914-4E65-9215-DADA260BC2EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-23] (Adobe Systems Incorporated)
Task: {2470470F-2634-478E-B181-571E98A789BB} - \Microsoft\Windows\Multimedia\SystemSoundsService No Task File <==== ATTENTION
Task: {24A7AA30-1F26-4A1F-B3CF-34FAAC372449} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-12-12] ()
Task: {28011108-68DF-4C73-B91B-57427D501BBA} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) No Task File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification No Task File <==== ATTENTION
Task: {30DD1223-0971-49B1-B01D-0E599FDEA4E1} - System32\Tasks\GlaryInitialize 5 => C:\Users\Administrator\Desktop\Tools\Glary Utilities 5\Initialize.exe [2015-03-16] (Glarysoft Ltd)
Task: {30DFC7A9-EBE0-425D-8E7C-D85A7B57ECF9} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 No Task File <==== ATTENTION
Task: {32521FCB-0475-4560-A6B9-89D38AFA3A4F} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask No Task File <==== ATTENTION
Task: {32979924-A796-4AE2-97D1-C6705C9A95E0} - \Microsoft_MKC_Logon_Task_itype.exe No Task File <==== ATTENTION
Task: {392FAEA2-4A05-4717-A6B2-36BDADC73E0B} - \Norton Family\Norton Error Analyzer No Task File <==== ATTENTION
Task: {42E97A2A-0246-4A50-BC3C-0B4D141894F5} - \{A06A09EB-CC62-433F-AB18-EAFF3CAA272E} No Task File <==== ATTENTION
Task: {47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip No Task File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration No Task File <==== ATTENTION
Task: {489D277B-08CE-429C-8A1D-EA412F86392A} - \{ADE63974-448E-4596-9B80-70B3421F8510} No Task File <==== ATTENTION
Task: {4A3E579D-30EA-4312-BA20-BA1B65818351} - \Microsoft\Windows\Media Center\InstallPlayReady No Task File <==== ATTENTION
Task: {4C8B01A2-11FF-4C41-848F-508EF4F00CF7} - \Microsoft\Windows\TextServicesFramework\MsCtfMonitor No Task File <==== ATTENTION
Task: {4FD6E870-B958-42C3-A416-4530A29B6A8E} - \Microsoft\Windows\SideShow\SessionAgent No Task File <==== ATTENTION
Task: {550EA7B0-C9D3-4E03-8C8A-98D07710C3F2} - \Microsoft\Windows\SideShow\SystemDataProviders No Task File <==== ATTENTION
Task: {5528F22C-2470-4715-ACAE-E274EF6898C7} - \Microsoft\Windows\MobilePC\HotStart No Task File <==== ATTENTION
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - \Microsoft\Windows\UPnP\UPnPHostConfig No Task File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls No Task File <==== ATTENTION
Task: {5D6B8553-2BEF-404E-85ED-7E9CBF0FD38D} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Users\Administrator\Desktop\Tools\JetClean\AutoUpdate.exe [2013-05-14] (BlueSprig)
Task: {5F5A18EB-DC73-4E45-A11C-B59043598412} - \Microsoft\Windows\CertificateServicesClient\SystemTask No Task File <==== ATTENTION
Task: {5F7C1072-6ED0-43A2-B5D4-99E4A3B97476} - \Microsoft\Windows\WindowsBackup\Windows Backup Monitor No Task File <==== ATTENTION
Task: {5F96E706-907B-42A7-B760-36E6746D7B4C} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask No Task File <==== ATTENTION
Task: {613612BA-897D-44CE-8DC1-8FC283F9FD51} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) No Task File <==== ATTENTION
Task: {631E19B0-8FB2-4ED4-9F34-52569DBB50B6} - \Microsoft\Windows\Media Center\UpdateRecordPath No Task File <==== ATTENTION
Task: {64B28C31-7FB6-4DCE-8DDF-88E196EDC434} - \Microsoft\Windows\Media Center\ReindexSearchRoot No Task File <==== ATTENTION
Task: {667CBA6B-7063-42EA-A60C-681540A9D7F2} - \Microsoft_Hardware_Launch_ipoint_exe No Task File <==== ATTENTION
Task: {67195413-3616-4397-AD4A-9058D8249101} - \Microsoft\Windows\Media Center\StartRecording No Task File <==== ATTENTION
Task: {6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF} - \Microsoft\Windows\User Profile Service\HiveUploadTask No Task File <==== ATTENTION
Task: {6F485ED9-DA70-4C50-A110-83DBCF0BD6EB} - \Microsoft\Windows\Media Center\PBDADiscovery No Task File <==== ATTENTION
Task: {71862115-C32B-4E2D-AB1A-A750CC60459D} - System32\Tasks\{5EDBF39F-FD3B-44A8-940E-C4A6D64B4497} => Chrome.exe 
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck No Task File <==== ATTENTION
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary No Task File <==== ATTENTION
Task: {793E7149-32B1-4A5A-BEE0-4141831FEED2} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver No Task File <==== ATTENTION
Task: {7A9AA02C-FA6B-4B2A-A8A9-A32D3CB041ED} - \User_Feed_Synchronization-{512E842E-BF4B-4533-A0C7-1A8DEE66A43B} No Task File <==== ATTENTION
Task: {7AFCC0CA-7121-422A-AB45-B0E8D599FF08} - \Microsoft\Windows\CertificateServicesClient\UserTask No Task File <==== ATTENTION
Task: {7D795B01-B67B-4D46-8819-771B4E10DFEC} - \Microsoft\Windows\Media Center\mcupdate_scheduled No Task File <==== ATTENTION
Task: {7D9C250A-2C48-4635-9D49-4CC6B92BD4D8} - System32\Tasks\{CB711E9B-BC42-4D5F-84CA-B70A373C06C5} => C:\Program Files (x86)\AOL Desktop 9.7c\aol.exe [2014-09-16] (AOL Inc.)
Task: {7E6484D7-17FC-4E9A-8B77-879CB3C64DA3} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - \Microsoft\Windows\NetTrace\GatherNetworkInfo No Task File <==== ATTENTION
Task: {828C8DDE-21D3-4E4C-ABD8-6A9CDCF6C962} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {8649690E-F8D5-4689-A98C-E978B8589AA7} - \Microsoft\Windows\Media Center\PeriodicScanRetry No Task File <==== ATTENTION
Task: {86AC5C6D-090E-4737-B093-3390046D85A2} - \Microsoft\Windows\Media Center\PvrRecoveryTask No Task File <==== ATTENTION
Task: {93BBC50E-7949-4083-A974-0043E859AE9F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {9435F817-FED2-454E-88CD-7F78FDA62C48} - \Microsoft\Windows\WDI\ResolutionHost No Task File <==== ATTENTION
Task: {944F64E7-EC47-4E7C-8FFE-F96BB8995500} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-03-21] (IObit)
Task: {95502320-6A68-4BB1-861B-F1D8FBCD9486} - \Microsoft\Windows\Media Center\PvrScheduleTask No Task File <==== ATTENTION
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - \Microsoft\Windows\SystemRestore\SR No Task File <==== ATTENTION
Task: {9979CB83-103A-4105-9E5D-C74B0AF6D198} - \Microsoft\Windows\CertificateServicesClient\UserTask-Roam No Task File <==== ATTENTION
Task: {9B9D8419-D5AF-4541-A859-3BD2556C7B64} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9C775736-F594-4D8E-AA90-3BE1C7EBC274} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9DA6C1A0-B858-4353-AE16-B25A73852BF3} - \{BE3836B0-17C5-4F21-B115-975C8187D23B} No Task File <==== ATTENTION
Task: {A3494D82-0064-46B3-AD12-811C95C701DB} - \{6F850B84-EF5F-4F2C-8CC3-CC8857F99510} No Task File <==== ATTENTION
Task: {A35BB7A6-5F0C-4C9F-8450-2B3BED532D51} - \Microsoft\Windows\WindowsColorSystem\Calibration Loader No Task File <==== ATTENTION
Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - \Microsoft\Windows\AppID\PolicyConverter No Task File <==== ATTENTION
Task: {A531706A-A2D9-41EE-8A68-04403D5F980B} - \Microsoft\Windows\WindowsBackup\AutomaticBackup No Task File <==== ATTENTION
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - \Microsoft\Windows\Location\Notifications No Task File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent No Task File <==== ATTENTION
Task: {AC668097-4D6B-4093-AC14-014C09DBF820} - \Microsoft\Windows\Ras\MobilityManager No Task File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor No Task File <==== ATTENTION
Task: {B2A5C126-90FC-42C6-A5DB-ECB92EA08097} - \Microsoft_Hardware_Launch_itype_exe No Task File <==== ATTENTION
Task: {B620EF30-F833-4B5D-BC49-291EA02D745B} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 No Task File <==== ATTENTION
Task: {B8438892-07FA-4C5D-9DEC-744A1AAE0E38} - System32\Tasks\SetupManager => C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exe [2011-09-06] (Microsoft)
Task: {B8A91619-22B0-420E-B5D3-B5FA4FA9DF3A} - \Microsoft\Windows\SideShow\GadgetManager No Task File <==== ATTENTION
Task: {BC5EC0D1-7698-47DC-A25F-F691D58E66B9} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {BE669C13-8165-4536-96D0-6D6C39292AAE} - \Microsoft\Windows\Diagnosis\Scheduled No Task File <==== ATTENTION
Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator No Task File <==== ATTENTION
Task: {C20FB6F1-0E77-4ACC-89AD-C70E94D7F49C} - \Norton Family\Norton Error Processor No Task File <==== ATTENTION
Task: {C25D7B1C-D41D-449D-BFBE-B250450315D1} - \{46422E93-D5FC-4C97-8AE8-D4AD2081154B} No Task File <==== ATTENTION
Task: {C9E3CA8F-DFB2-45FD-B10A-1B4D9C9C2C17} - \Microsoft\Windows\Media Center\OCURActivate No Task File <==== ATTENTION
Task: {CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E} - \Microsoft\Windows\Registry\RegIdleBackup No Task File <==== ATTENTION
Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask No Task File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector No Task File <==== ATTENTION
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - \Microsoft\Windows\Windows Error Reporting\QueueReporting No Task File <==== ATTENTION
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - \Microsoft\Windows\Autochk\Proxy No Task File <==== ATTENTION
Task: {D7E71D30-BA9A-43F1-8213-AC79E8EB3FE2} - \{D8497F2A-378D-4D25-8B53-B0DA1824E70E} No Task File <==== ATTENTION
Task: {D8B50800-CB59-45F9-ABEE-08F972EE4645} - System32\Tasks\GU5SkipUAC => C:\Users\Administrator\Desktop\Tools\Glary Utilities 5\Integrator.exe [2015-03-16] (Glarysoft Ltd)
Task: {DA41DE71-8431-42FB-9DB0-EB64A961DEAD} - \Microsoft\Windows\Maintenance\WinSAT No Task File <==== ATTENTION
Task: {DAD0D506-8D44-4C0A-A865-DF31666DED62} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks No Task File <==== ATTENTION
Task: {DBE6DC59-9DBE-4E5F-B118-5319D963CA5F} - System32\Tasks\{14BB099B-9815-4F37-9C69-7165148C144B} => Iexplore.exe http://ui.skype.com/ui/0/6.11.0.102/en/abandoninstall?page=tsMain
Task: {DC345333-58F1-432A-A27C-4C0CDE1DA826} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange No Task File <==== ATTENTION
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - \Microsoft\Windows\Bluetooth\UninstallDeviceTask No Task File <==== ATTENTION
Task: {E4884DF1-0288-4657-B208-CAD8BCB76A39} - \Microsoft\Windows\Media Center\OCURDiscovery No Task File <==== ATTENTION
Task: {EA0D62B9-7E71-4EF0-9A7B-45E5D6CF0DBD} - \Microsoft\Windows\SideShow\AutoWake No Task File <==== ATTENTION
Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask No Task File <==== ATTENTION
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {EB5DC31E-9C18-4935-8B9B-84C8F74069CF} - \Microsoft_MKC_Logon_Task_ipoint.exe No Task File <==== ATTENTION
Task: {ED12606C-9188-49D6-9BAF-74C4A6759773} - System32\Tasks\{83F03596-5508-4EB9-97BB-E30456AF9AF5} => C:\Program Files (x86)\AOL Desktop 9.7c\aol.exe [2014-09-16] (AOL Inc.)
Task: {F0A39BA2-AF9C-46AC-8A6E-DFE129B62782} - \Microsoft\Windows\Media Center\ehDRMInit No Task File <==== ATTENTION
Task: {F4B07E74-7300-4CC0-A541-C4C6553D1142} - \Microsoft\Windows\Media Center\RecordingRestart No Task File <==== ATTENTION
Task: {F799112E-BA1E-4BC2-886D-DDE4409C8931} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-10] (Microsoft Corporation)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector No Task File <==== ATTENTION
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem No Task File <==== ATTENTION
Task: {FD44AF6B-5DA5-44FF-B683-38F726BB0F02} - \Microsoft\Windows\Media Center\ActivateWindowsSearch No Task File <==== ATTENTION
Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask No Task File <==== ATTENTION
Task: {FDD75537-CFB4-4564-A6FF-FF17B9160BFD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {FECE245C-A1C5-4C60-B778-CD094D8395AE} - \Microsoft\Windows\Media Center\mcupdate No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Users\Administrator\Desktop\Tools\Glary Utilities 5\Initialize.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-05 15:53 - 2005-04-22 00:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2015-03-18 19:43 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-11-23 17:37 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-16 14:17 - 2014-09-16 14:17 - 00048640 _____ () C:\Program Files (x86)\AOL Desktop 9.7c\zlib.dll
2014-09-16 14:17 - 2014-09-16 14:17 - 21151232 _____ () C:\Program Files (x86)\AOL Desktop 9.7c\libcef.dll
2014-09-16 14:17 - 2014-09-16 14:17 - 00648704 _____ () C:\Program Files (x86)\AOL Desktop 9.7c\libglesv2.dll
2014-09-16 14:17 - 2014-09-16 14:17 - 00122880 _____ () C:\Program Files (x86)\AOL Desktop 9.7c\libegl.dll
2014-05-28 07:08 - 2014-05-28 07:08 - 00000000 _____ () C:\Windows\system32\jgpl400.dll
2014-05-28 07:08 - 2014-05-28 07:08 - 00000000 _____ () C:\Windows\system32\jgdw400.dll
2014-05-28 07:08 - 2014-05-28 07:08 - 00000000 _____ () C:\Windows\system32\MSVCRT20.dll
2014-09-16 14:17 - 2014-09-16 14:17 - 00094208 _____ () C:\Program Files (x86)\AOL Desktop 9.7c\Components\Tier2Svc.dll
2014-09-16 14:17 - 2014-09-16 14:17 - 00060928 _____ () C:\Program Files (x86)\AOL Desktop 9.7c\Components\DataSvcs.dll
2015-03-18 04:17 - 2015-03-23 05:25 - 16858288 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll
2014-05-28 07:08 - 2014-05-28 07:08 - 00000000 _____ () C:\Windows\system32\igdumd32.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:D3A96964
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\45161395.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\45161395.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR322 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR323 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR400 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR410 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR430 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2746016171-2851884287-947705566-500\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 75.75.75.75 - 75.75.76.76
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: a2AntiMalware => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AOL ACS => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HPClientSvc => 2
MSCONFIG\Services: hpCMSrv => 3
MSCONFIG\Services: HPDrvMntSvc.exe => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: HPWMISVC => 2
MSCONFIG\Services: IAStorDataMgrSvc => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: InnovativeSolutions_monitor => 3
MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel® ME Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NIS => 2
MSCONFIG\Services: PACSPTISVR-Sound_Organizer => 3
MSCONFIG\Services: PDFProFiltSrvPP => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Ron^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AppleIEDAV => "C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Users\Ron\Desktop\Tools\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: GUDelayStartup => "C:\Users\Administrator\Desktop\Tools\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1370783481\ee\AOLSoftware.exe
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: HP Quick Launch => c:\program files (x86)\hewlett-packard\hp quick launch\hpmsgsvc.exe
MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: HPOSD => c:\program files (x86)\hewlett-packard\hp on screen display\hposd.exe
MSCONFIG\startupreg: HPQuickWebProxy => c:\program files (x86)\hewlett-packard\hp quickweb\hpqwutils.exe
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe" 60
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => c:\program files\idt\wdm\sttray64.exe
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2746016171-2851884287-947705566-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-2746016171-2851884287-947705566-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2746016171-2851884287-947705566-1002 - Limited - Enabled)
Ron (S-1-5-21-2746016171-2851884287-947705566-1000 - Administrator - Enabled) => C:\Users\Ron
 
==================== Faulty Device Manager Devices =============
 
Name: NBRT
Description: STORE N GO      
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Verbatim
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/26/2015 06:36:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 36.0.4.5557, time stamp: 0x550d0883
Faulting module name: mozalloc.dll, version: 36.0.4.5557, time stamp: 0x550cfa82
Exception code: 0x80000003
Fault offset: 0x00001e02
Faulting process id: 0x2508
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
 
Error: (03/26/2015 04:45:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 36.0.4.5557, time stamp: 0x550d0883
Faulting module name: mozalloc.dll, version: 36.0.4.5557, time stamp: 0x550cfa82
Exception code: 0x80000003
Fault offset: 0x00001e02
Faulting process id: 0x12c8
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
 
Error: (03/25/2015 01:30:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3604
 
Error: (03/25/2015 01:30:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3604
 
Error: (03/25/2015 01:30:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/25/2015 01:30:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1560
 
Error: (03/25/2015 01:30:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1560
 
Error: (03/25/2015 01:30:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/25/2015 01:13:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1747
 
Error: (03/25/2015 01:13:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1747
 
 
System errors:
=============
Error: (03/25/2015 09:58:19 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 70. The internal error state is 105.
 
Error: (03/25/2015 05:58:08 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (03/24/2015 05:33:21 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (03/23/2015 05:13:36 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 
Error: (03/23/2015 05:00:32 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 
Error: (03/22/2015 09:52:36 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 
Error: (03/22/2015 09:47:01 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 
Error: (03/22/2015 09:46:54 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:42:55 AM on ‎3/‎22/‎2015 was unexpected.
 
Error: (03/22/2015 08:51:53 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (03/22/2015 08:51:52 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
 
Microsoft Office Sessions:
=========================
Error: (03/26/2015 06:36:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e02250801d067a16dd2ad66C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllec7ea6da-d3a3-11e4-938e-00038a000015
 
Error: (03/26/2015 04:45:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e0212c801d0679b9c7efd6eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll80813ff8-d394-11e4-938e-00038a000015
 
Error: (03/25/2015 01:30:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3604
 
Error: (03/25/2015 01:30:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3604
 
Error: (03/25/2015 01:30:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/25/2015 01:30:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1560
 
Error: (03/25/2015 01:30:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1560
 
Error: (03/25/2015 01:30:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/25/2015 01:13:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1747
 
Error: (03/25/2015 01:13:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1747
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 57%
Total physical RAM: 2765.86 MB
Available physical RAM: 1168.87 MB
Total Pagefile: 3276.05 MB
Available Pagefile: 1057.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:441.63 GB) (Free:382.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.97 GB) (Free:2.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:3.96 GB) (Free:3.96 GB) FAT32
Drive f: (FRST64) (Removable) (Total:7.26 GB) (Free:7.26 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E861ED1B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=441.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7.3 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Administrator (administrator) on RON-HP on 26-03-2015 13:59:24
Running from F:\
Loaded Profiles: Administrator (Available profiles: Ron & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser not detected!)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1370783481\ee\aolsoftware.exe
(Microsoft Corporation) C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Malwarebytes Corporation) C:\Users\Ron\Desktop\VIRUS\Malwarebytes Anti-Malware\mbam.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7c\waol.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7c\shellmon.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7c\aolbrowser.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867952 2014-12-04] (Synaptics Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2746016171-2851884287-947705566-500\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7c\AOL.EXE [72296 2014-09-16] (AOL Inc.)
HKU\S-1-5-21-2746016171-2851884287-947705566-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2746016171-2851884287-947705566-500\Control Panel\Desktop\\SCRNSAVE.EXE -> 
BootExecute: autocheck autochk *  
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2746016171-2851884287-947705566-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-21] (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO: Logitech Flow Scroll -> {E11DB59D-5008-42ff-9069-535843BC0BE1} -> C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll [2012-02-08] (Logitech, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Logitech Flow Scroll -> {E11DB59D-5008-42ff-9069-535843BC0BE1} -> C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll [2012-02-08] (Logitech, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {15B782AF-55D8-11D1-B477-006097098764} http://fpdownload.macromedia.com/pub/shockwave/cabs/authorware/awswaxf.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\db217mqj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-23] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.2.0-rc2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-11-22] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.5.0.19\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.5.0.19\coFFPlgn [2015-03-23]
 
Chrome: 
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-18]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-18]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-18]
CHR Extension: (Google Search) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-18]
CHR Extension: (Logitech Flow Scroll) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi [2015-03-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-18]
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-18]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-18]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-22]
CHR HKLM-x32\...\Chrome\Extension: [geooogfhpjdpeiphckpbgkhpbeobcaoi] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2014-12-17]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-22]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4920104 2015-01-01] (Emsisoft GmbH)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R3 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
S4 InnovativeSolutions_monitor; C:\Program Files (x86)\Common Files\Innovative Solutions\Advanced Uninstaller\InnovativeSolutions_monitor_Svr.exe [1064880 2014-05-12] ()
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
S4 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [132896 2014-10-10] (Intel Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S4 MBAMScheduler; C:\Users\Ron\Desktop\VIRUS\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S4 MBAMService; C:\Users\Ron\Desktop\VIRUS\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 1999-12-31] (IDT, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\EEK\bin\a2ddax64.sys [26176 2015-02-06] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.5.0.19\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [1622744 2015-03-09] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-02-06] (Emsisoft GmbH)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2015-03-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2015-03-16] (Symantec Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-10-15] (Glarysoft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-08-01] (AnchorFree Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-09] (REALiX™)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-08] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.5.0.19\Definitions\IPSDefs\20150323.001\IDSvia64.sys [669400 2015-03-16] (Symantec Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-26] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.5.0.19\Definitions\VirusDefs\20150325.017\ENG64.SYS [129752 2015-03-16] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.5.0.19\Definitions\VirusDefs\20150325.017\EX64.SYS [2137304 2015-03-16] (Symantec Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2014-02-26] (Corel Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [788696 1999-12-31] (Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [377560 1999-12-31] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33520 2014-12-04] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-15] (support.com, Inc)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2014-07-23] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-07-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-03-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-07-23] (Symantec Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-03-18] ()
U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [29160 2014-07-26] ()
S3 MFE_RR; \??\C:\Users\ADMINI~1\AppData\Local\Temp\mfe_rr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-25 21:46 - 2015-03-25 21:46 - 00047211 _____ () C:\Users\Administrator\Desktop\Addition.txt
2015-03-25 21:30 - 2015-03-25 21:31 - 00047211 _____ () C:\Users\Administrator\Documents\Addition.txt
2015-03-25 21:28 - 2015-03-25 21:31 - 00056304 _____ () C:\Users\Administrator\Documents\FRST.txt
2015-03-25 21:27 - 2015-03-25 21:27 - 02095616 _____ (Farbar) C:\Users\Administrator\Documents\FRST64.exe
2015-03-23 05:06 - 2015-03-23 05:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2015-03-23 05:06 - 2015-03-23 05:06 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2015-03-22 08:59 - 2015-03-22 08:59 - 00000000 ____D () C:\Program Files\Speccy
2015-03-22 04:52 - 2015-03-26 06:36 - 00000000 ____D () C:\Users\Administrator\AppData\Local\CrashDumps
2015-03-22 04:38 - 2015-03-22 04:38 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Macromedia
2015-03-22 04:36 - 2015-03-22 04:36 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-22 04:36 - 2015-03-22 04:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-22 04:36 - 2015-03-22 04:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-21 22:00 - 2015-03-21 22:00 - 00000020 ___SH () C:\Users\Administrator\AppData\Roaming\System413_DataDB.ind
2015-03-21 22:00 - 2015-03-21 22:00 - 00000020 ___SH () C:\Users\Administrator\AppData\Roaming\Sys11965 DataCollection.dat
2015-03-21 21:32 - 2015-03-22 09:27 - 00002902 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2015-03-21 21:08 - 2015-03-23 05:13 - 00000448 _____ () C:\Windows\setupact.log
2015-03-21 21:08 - 2015-03-22 09:46 - 00003552 _____ () C:\Windows\PFRO.log
2015-03-21 21:08 - 2015-03-21 21:09 - 00398112 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-21 21:08 - 2015-03-21 21:08 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-21 20:47 - 2015-03-21 20:47 - 00108072 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-21 16:18 - 2015-03-21 16:21 - 00000000 ____D () C:\Users\Administrator\Desktop\Horseshoes
2015-03-21 08:10 - 2015-03-26 13:57 - 00504747 _____ () C:\Windows\WindowsUpdate.log
2015-03-21 07:51 - 2015-03-22 09:47 - 00000376 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-03-21 07:51 - 2015-03-22 09:37 - 00003014 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2015-03-21 07:51 - 2015-03-22 09:37 - 00002686 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2015-03-21 07:51 - 2015-03-21 07:51 - 00000928 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-03-21 07:51 - 2015-03-21 07:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-03-21 04:12 - 2015-03-21 04:12 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ProductData
2015-03-21 04:10 - 2015-03-21 04:10 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-03-21 04:09 - 2015-03-21 05:02 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-03-21 04:09 - 2015-03-21 04:09 - 00001212 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-03-21 04:09 - 2015-03-21 04:09 - 00000000 ____D () C:\Users\Administrator\AppData\IObit
2015-03-19 10:09 - 2015-03-19 10:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Apple Computer
2015-03-18 19:21 - 2015-03-21 20:41 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AOL
2015-03-18 05:49 - 2015-03-18 05:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2015-03-18 05:30 - 2015-03-18 05:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2015-03-18 05:30 - 2015-03-18 05:30 - 00000000 ____D () C:\Program Files\RogueKiller
2015-03-17 07:18 - 2015-03-23 05:01 - 00002461 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2015-03-17 07:18 - 2015-03-17 07:18 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-03-17 07:18 - 2015-03-17 07:18 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-03-17 07:17 - 2015-03-23 05:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-03-17 07:17 - 2015-03-17 07:17 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2015-03-17 06:38 - 2015-03-17 06:38 - 00002996 _____ () C:\Windows\System32\Tasks\{5EDBF39F-FD3B-44A8-940E-C4A6D64B4497}
2015-03-12 20:13 - 2015-03-12 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-12 20:12 - 2015-03-12 20:13 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-12 20:12 - 2015-03-12 20:13 - 00000000 ____D () C:\Program Files\iTunes
2015-03-12 20:12 - 2015-03-12 20:12 - 00000000 ____D () C:\Program Files\iPod
2015-03-12 20:12 - 2015-03-12 20:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-03-12 04:08 - 2015-02-20 00:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-12 04:08 - 2015-02-20 00:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-12 04:08 - 2015-02-20 00:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-12 04:08 - 2015-02-20 00:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-12 04:08 - 2015-02-20 00:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-12 04:08 - 2015-02-20 00:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-12 04:08 - 2015-02-20 00:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-12 04:08 - 2015-02-20 00:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-12 04:08 - 2015-02-19 23:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-12 04:08 - 2015-02-19 23:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-12 04:08 - 2015-02-02 23:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-12 04:08 - 2015-02-02 23:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-12 04:08 - 2015-02-02 23:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-12 04:08 - 2015-02-02 23:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-12 04:08 - 2015-02-02 23:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-12 04:08 - 2015-02-02 23:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-12 04:08 - 2015-02-02 23:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-12 04:08 - 2015-02-02 23:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-12 04:08 - 2015-02-02 23:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-12 04:08 - 2015-02-02 23:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-12 04:08 - 2015-02-02 23:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-12 04:08 - 2015-02-02 23:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-12 04:08 - 2015-02-02 23:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-12 04:08 - 2015-02-02 23:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-12 04:08 - 2015-02-02 23:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-12 04:08 - 2015-02-02 23:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-12 04:08 - 2015-02-02 23:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-12 04:08 - 2015-02-02 23:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-12 04:08 - 2015-02-02 23:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-12 04:08 - 2015-02-02 23:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-12 04:08 - 2015-02-02 23:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-12 04:08 - 2015-02-02 23:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-12 04:08 - 2015-02-02 23:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-12 04:08 - 2015-02-02 23:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-12 04:08 - 2015-02-02 23:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-12 04:08 - 2015-02-02 23:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-12 04:08 - 2015-02-02 23:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-12 04:08 - 2015-02-02 23:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-12 04:08 - 2015-02-02 23:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-12 04:08 - 2015-02-02 23:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-12 04:08 - 2015-02-02 23:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-12 04:08 - 2015-02-02 23:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-12 04:08 - 2014-10-31 18:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-12 04:07 - 2015-03-06 01:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-12 04:07 - 2015-03-06 01:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-12 04:07 - 2015-03-06 01:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-12 04:07 - 2015-03-06 01:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-12 04:07 - 2015-03-06 01:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-12 04:07 - 2015-03-06 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-12 04:07 - 2015-03-06 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-12 04:07 - 2015-03-06 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-12 04:07 - 2015-03-06 01:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-12 04:07 - 2015-03-06 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-12 04:07 - 2015-03-06 01:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-12 04:07 - 2015-03-06 01:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-12 04:07 - 2015-03-06 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-12 04:07 - 2015-03-06 01:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-12 04:07 - 2015-03-06 01:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-12 04:07 - 2015-03-06 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-12 04:07 - 2015-03-06 01:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-12 04:07 - 2015-03-06 01:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-12 04:07 - 2015-03-06 01:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-12 04:07 - 2015-03-06 01:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-12 04:07 - 2015-03-06 01:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-12 04:07 - 2015-03-06 01:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-12 04:07 - 2015-03-06 01:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-12 04:07 - 2015-03-06 01:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-12 04:07 - 2015-03-06 01:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-12 04:07 - 2015-03-06 01:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-12 04:07 - 2015-03-06 01:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-12 04:07 - 2015-03-06 01:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-12 04:07 - 2015-03-06 01:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-12 04:07 - 2015-03-06 01:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-12 04:07 - 2015-03-06 01:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-12 04:07 - 2015-02-23 06:50 - 19301888 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-12 04:07 - 2015-02-23 06:50 - 15410688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-12 04:07 - 2015-02-21 01:30 - 14380544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-12 04:07 - 2015-02-13 01:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-12 04:07 - 2015-02-13 01:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-12 04:07 - 2015-02-02 23:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-12 04:07 - 2015-02-02 23:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-12 04:07 - 2015-02-02 23:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-12 04:07 - 2015-02-02 23:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-12 04:07 - 2015-02-02 23:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-12 04:07 - 2015-02-02 23:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-12 04:07 - 2015-02-02 23:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-12 04:07 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-12 04:07 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-12 04:07 - 2015-02-02 23:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-12 04:07 - 2015-02-02 23:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-12 04:07 - 2015-02-02 23:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-12 04:07 - 2015-02-02 23:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-12 04:07 - 2015-02-02 23:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-12 04:07 - 2015-02-02 23:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-12 04:07 - 2015-02-02 23:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-12 04:07 - 2015-02-02 23:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-12 04:07 - 2015-02-02 23:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-12 04:07 - 2015-02-02 23:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-12 04:07 - 2015-02-02 23:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-12 04:07 - 2015-02-02 23:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-12 04:07 - 2015-02-02 23:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-12 04:07 - 2015-02-02 23:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-12 04:07 - 2015-02-02 23:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-12 04:07 - 2015-02-02 23:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-12 04:07 - 2015-02-02 23:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-12 04:07 - 2015-02-02 23:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-12 04:07 - 2015-02-02 23:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-12 04:07 - 2015-02-02 23:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-12 04:07 - 2015-02-02 23:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-12 04:07 - 2015-02-02 23:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-12 04:07 - 2015-02-02 23:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-12 04:07 - 2015-02-02 23:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-12 04:07 - 2015-02-02 23:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-12 04:07 - 2015-02-02 23:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-12 04:07 - 2015-02-02 23:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-12 04:07 - 2015-02-02 23:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-12 04:07 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-12 04:07 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-12 04:07 - 2015-02-02 23:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-12 04:07 - 2015-02-02 23:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-12 04:07 - 2015-02-02 23:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-12 04:07 - 2015-02-02 23:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-12 04:07 - 2015-02-02 23:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-12 04:07 - 2015-02-02 22:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-12 04:07 - 2015-01-30 23:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-12 04:07 - 2015-01-30 23:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-12 04:07 - 2015-01-30 19:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-12 04:07 - 2015-01-30 19:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-12 04:06 - 2015-02-23 06:52 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-12 04:06 - 2015-02-23 06:52 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-12 04:06 - 2015-02-23 06:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-12 04:06 - 2015-02-23 06:51 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-12 04:06 - 2015-02-23 06:51 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-12 04:06 - 2015-02-23 06:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-12 04:06 - 2015-02-23 06:50 - 02656256 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-12 04:06 - 2015-02-23 06:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-12 04:06 - 2015-02-23 06:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-12 04:06 - 2015-02-23 06:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-12 04:06 - 2015-02-23 06:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-12 04:06 - 2015-02-23 06:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-12 04:06 - 2015-02-23 06:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-12 04:06 - 2015-02-23 06:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-03-12 04:06 - 2015-02-23 06:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-12 04:06 - 2015-02-23 06:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-12 04:06 - 2015-02-23 06:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-12 04:06 - 2015-02-23 06:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-12 04:06 - 2015-02-23 06:49 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-12 04:06 - 2015-02-23 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-12 04:06 - 2015-02-23 04:51 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-12 04:06 - 2015-02-23 04:25 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-03-12 04:06 - 2015-02-21 01:31 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-12 04:06 - 2015-02-21 01:31 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-12 04:06 - 2015-02-21 01:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-12 04:06 - 2015-02-21 01:30 - 13768704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-12 04:06 - 2015-02-21 01:30 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-12 04:06 - 2015-02-21 01:30 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-12 04:06 - 2015-02-21 01:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-12 04:06 - 2015-02-21 01:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-12 04:06 - 2015-02-21 01:30 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-12 04:06 - 2015-02-21 01:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-12 04:06 - 2015-02-21 01:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-12 04:06 - 2015-02-21 01:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-03-12 04:06 - 2015-02-21 01:30 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-12 04:06 - 2015-02-21 01:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-12 04:06 - 2015-02-21 01:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-12 04:06 - 2015-02-21 01:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-12 04:06 - 2015-02-21 01:29 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-12 04:06 - 2015-02-21 01:29 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-12 04:06 - 2015-02-21 01:29 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-12 04:06 - 2015-02-21 01:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-12 04:06 - 2015-02-21 00:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-03-12 04:06 - 2015-02-21 00:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-03-12 04:06 - 2015-01-16 22:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-12 04:06 - 2015-01-16 22:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-12 04:05 - 2015-02-25 23:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-12 04:05 - 2015-02-03 23:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-12 04:05 - 2015-02-03 22:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-12 04:05 - 2015-02-02 23:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-12 04:05 - 2015-02-02 23:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-10 09:55 - 2015-03-10 09:55 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-03-10 09:27 - 2015-03-12 18:19 - 00003186 _____ () C:\Windows\System32\Tasks\JetCleanLoginCheckUpdate
2015-03-09 14:30 - 2015-03-21 04:10 - 00000000 ____D () C:\ProgramData\IObit
2015-03-09 14:30 - 2015-03-09 14:30 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-03-09 14:01 - 2015-03-09 14:01 - 00000000 ____D () C:\NBRT
2015-03-05 22:52 - 2015-03-05 22:52 - 00000000 ____D () C:\Users\Administrator\Documents\Symantec
2015-03-04 21:54 - 2015-03-04 21:57 - 04452198 _____ () C:\Users\Administrator\CBS.log
2015-03-02 14:24 - 2015-01-08 19:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-02 14:24 - 2015-01-08 19:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-26 05:06 - 2015-03-08 15:46 - 00045056 ___SH () C:\Users\Administrator\Desktop\Thumbs.db
2015-02-24 17:12 - 2015-02-24 17:12 - 00000000 ____D () C:\Users\Administrator\Documents\photo
2015-02-24 07:19 - 2015-03-26 04:04 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-26 13:59 - 2014-12-13 06:58 - 00000000 ____D () C:\FRST
2015-03-26 13:59 - 2009-07-14 01:13 - 00073602 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-24 12:47 - 2009-07-14 00:45 - 00032064 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-24 12:47 - 2009-07-14 00:45 - 00032064 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-23 05:42 - 2015-01-01 08:28 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-23 05:42 - 2015-01-01 08:28 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-23 05:42 - 2015-01-01 08:28 - 00003770 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-23 05:42 - 2015-01-01 08:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-23 05:13 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-23 05:01 - 2014-08-04 22:18 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-03-23 05:01 - 2014-01-28 21:10 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2015-03-22 09:23 - 2012-08-28 05:16 - 00000000 ____D () C:\Users\Administrator\Desktop\Tools
2015-03-22 08:53 - 2014-05-28 07:51 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NPE
2015-03-22 08:49 - 2014-05-28 13:13 - 00000000 ____D () C:\NPE
2015-03-21 22:08 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2015-03-21 21:23 - 2014-02-26 11:52 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-03-21 19:58 - 2014-02-27 18:50 - 00000000 ____D () C:\Users\Administrator\Desktop\VIRUS
2015-03-21 19:52 - 2014-12-28 11:19 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc
2015-03-21 08:04 - 2011-02-10 15:23 - 00000000 ____D () C:\SWSetup
2015-03-21 07:41 - 2014-06-08 06:16 - 00000000 ____D () C:\Users\Ron\Desktop\Tools
2015-03-21 05:24 - 2015-01-02 20:05 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-21 05:14 - 2014-08-04 11:58 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\hpqLog
2015-03-21 05:11 - 2011-10-29 23:18 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-03-21 05:10 - 2011-10-29 23:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-03-21 05:07 - 2012-09-05 15:49 - 00000000 ____D () C:\ProgramData\ScanSoft
2015-03-21 05:06 - 2015-01-28 06:15 - 00000310 _____ () C:\Windows\SysWOW64\pp.log
2015-03-21 05:04 - 2012-09-05 15:48 - 00000000 ____D () C:\ProgramData\Nuance
2015-03-21 04:22 - 2012-08-28 04:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-21 04:18 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-03-21 04:12 - 2013-11-09 04:39 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-21 04:11 - 2015-02-20 15:01 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2015-03-21 04:11 - 2014-05-13 19:55 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer
2015-03-21 04:10 - 2014-01-09 00:41 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\IObit
2015-03-19 20:39 - 2014-05-24 07:43 - 00000000 ____D () C:\Users\Ron\Desktop\VIRUS
2015-03-18 19:44 - 2014-11-23 17:37 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-18 09:12 - 2014-07-08 14:53 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-18 06:36 - 2015-02-06 07:01 - 00000000 ____D () C:\EEK
2015-03-18 05:38 - 2007-01-01 21:25 - 00000000 ____D () C:\Windows\Panther
2015-03-18 05:19 - 2014-12-14 08:03 - 00000000 ____D () C:\AdwCleaner
2015-03-17 09:42 - 2014-12-28 11:24 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\dvdcss
2015-03-17 09:42 - 2014-12-28 11:18 - 00001042 _____ () C:\Users\Administrator\Desktop\VLC media player.lnk
2015-03-17 09:42 - 2014-12-28 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-17 07:18 - 2011-12-12 04:39 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-03-17 07:17 - 2014-01-09 01:14 - 00000000 ____D () C:\ProgramData\Norton
2015-03-17 06:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-16 11:17 - 2013-05-28 19:02 - 00020946 _____ () C:\Windows\BRRBCOM.INI
2015-03-12 21:08 - 2014-08-04 22:16 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 21:07 - 2014-01-08 13:44 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-12 21:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 21:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-12 20:48 - 2013-08-15 00:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 20:40 - 2012-09-07 16:20 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-12 20:12 - 2012-09-17 10:39 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-03-12 14:38 - 2012-08-28 00:18 - 00000000 ____D () C:\Users\Ron\AppData\Local\VirtualStore
2015-03-10 10:01 - 2011-12-12 04:30 - 00015105 _____ () C:\Windows\system32\RaCoInst.log
2015-03-10 09:52 - 2013-11-14 04:58 - 00000000 ____D () C:\Intel
2015-03-10 09:17 - 2014-09-05 09:00 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\GlarySoft
2015-03-09 16:58 - 2015-02-05 10:59 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-03-09 16:52 - 2014-12-30 17:09 - 00000000 ____D () C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
2015-03-08 17:11 - 2014-12-21 21:53 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.7c
2015-03-08 17:11 - 2014-12-17 14:03 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Logishrd
2015-03-08 17:11 - 2012-08-28 00:18 - 00000000 ____D () C:\Users\Ron
2015-03-08 17:10 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2015-03-08 17:09 - 2012-08-28 04:56 - 00000000 __RHD () C:\MSOCache
2015-03-08 15:28 - 2014-05-15 19:55 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-03-08 14:30 - 2013-05-07 20:20 - 00000000 ____D () C:\Users\Administrator
2015-03-05 08:03 - 2009-07-13 22:36 - 00018604 _____ () C:\Windows\system32\perfc009(15).dat
2015-03-03 14:51 - 2015-01-01 08:25 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-03-03 10:06 - 2009-07-14 01:08 - 00032652 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-02 16:09 - 2009-07-13 22:34 - 00000439 _____ () C:\Windows\win.ini
2015-03-02 16:01 - 2013-04-26 08:48 - 00073602 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-02 14:42 - 2014-06-22 18:07 - 00009729 _____ () C:\Windows\SysWOW64\Gms.log
2015-03-02 08:32 - 2014-09-17 16:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-02 08:32 - 2011-10-29 23:39 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-02 08:26 - 2011-10-29 23:21 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-03-02 08:11 - 2014-12-17 14:05 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-03-02 08:02 - 2015-01-01 08:57 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2015-03-02 08:02 - 2014-08-07 11:49 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-02 08:02 - 2014-01-10 20:45 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-03-02 08:02 - 2013-11-22 10:01 - 00000000 ____D () C:\Windows\ERUNT
2015-03-02 08:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
2015-02-26 05:31 - 2014-05-28 06:59 - 00000010 _____ () C:\Users\Administrator\AppData\Local\sponge.last.runtime.cache
2015-02-24 07:19 - 2015-01-23 13:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-02-24 07:19 - 2014-12-03 09:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Malwarebytes
 
==================== Files in the root of some directories =======
 
2015-03-21 22:00 - 2015-03-21 22:00 - 0000020 ___SH () C:\Users\Administrator\AppData\Roaming\Sys11965 DataCollection.dat
2015-03-21 22:00 - 2015-03-21 22:00 - 0000020 ___SH () C:\Users\Administrator\AppData\Roaming\System413_DataDB.ind
2014-06-06 08:46 - 2014-06-06 08:46 - 0007609 _____ () C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
2014-05-28 06:59 - 2015-02-26 05:31 - 0000010 _____ () C:\Users\Administrator\AppData\Local\sponge.last.runtime.cache
2014-12-27 05:27 - 2015-01-15 16:39 - 0005001 _____ () C:\ProgramData\hpzinstall.log
 
Files to move or delete:
====================
C:\Users\Ron\fixme.reg
 
 
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\msvcp120.dll
C:\Users\Administrator\AppData\Local\Temp\msvcr120.dll
C:\Users\Administrator\AppData\Local\Temp\pc-decrapifier.exe
 
 
Some zero byte size files/folders:
==========================
C:\Windows\System32\igd10umd32.dll
C:\Windows\System32\igdumd32.dll
C:\Windows\System32\jgdw400.dll
C:\Windows\System32\jgpl400.dll
C:\Windows\System32\MSVCRT20.dll
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-28 00:41
 
==================== End Of Log ============================

Thanks everyone

#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:41 AM

Posted 28 March 2015 - 07:48 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
start

CloseProcesses:

(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
HKU\S-1-5-21-2746016171-2851884287-947705566-500\Control Panel\Desktop\\SCRNSAVE.EXE ->
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-21] (IObit)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S3 MFE_RR; \??\C:\Users\ADMINI~1\AppData\Local\Temp\mfe_rr.sys [X]
C:\Program Files (x86)\IObit
C:\Users\Administrator\AppData\Local\Temp\msvcp120.dll
C:\Users\Administrator\AppData\Local\Temp\msvcr120.dll
C:\Users\Administrator\AppData\Local\Temp\pc-decrapifier.exe
C:\Windows\System32\igd10umd32.dll
C:\Windows\System32\igdumd32.dll
C:\Windows\System32\jgdw400.dll
C:\Windows\System32\jgpl400.dll
C:\Windows\System32\MSVCRT20.dll
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:D3A96964
Task: {02DFCDAA-5C9A-47FC-8AC6-B811B9D8A0BC} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService No Task File <==== ATTENTION
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - \Microsoft\Windows\Time Synchronization\SynchronizeTime No Task File <==== ATTENTION
Task: {044D7076-3892-46F7-8C72-F86BD558076A} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask No Task File <==== ATTENTION
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 No Task File <==== ATTENTION
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 No Task File <==== ATTENTION
Task: {0B01DDA7-FA41-4C6E-8427-C7C6CD291301} - \SidebarExecute No Task File <==== ATTENTION
Task: {190A4168-8690-4523-921F-0DD4E3BC321D} - \Microsoft_Hardware_Launch_mousekeyboardcenter_exe No Task File <==== ATTENTION
Task: {1C83A81E-25C0-4CD5-8B5A-9CD7EDD2ABCA} - \Microsoft\Windows\Media Center\RegisterSearch No Task File <==== ATTENTION
Task: {1EAB1079-2E3E-4B99-927D-D99860FC1470} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector No Task File <==== ATTENTION
Task: {1F7B7221-AE8F-44F3-BA82-F7D260F51964} - \Microsoft\Windows\Task Manager\Interactive No Task File <==== ATTENTION
Task: {21268A60-F63B-4013-AD00-122BE97576E6} - \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task No Task File <==== ATTENTION
Task: {2470470F-2634-478E-B181-571E98A789BB} - \Microsoft\Windows\Multimedia\SystemSoundsService No Task File <==== ATTENTION
Task: {28011108-68DF-4C73-B91B-57427D501BBA} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) No Task File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification No Task File <==== ATTENTION
Task: {30DFC7A9-EBE0-425D-8E7C-D85A7B57ECF9} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 No Task File <==== ATTENTION
Task: {32521FCB-0475-4560-A6B9-89D38AFA3A4F} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask No Task File <==== ATTENTION
Task: {32979924-A796-4AE2-97D1-C6705C9A95E0} - \Microsoft_MKC_Logon_Task_itype.exe No Task File <==== ATTENTION
Task: {392FAEA2-4A05-4717-A6B2-36BDADC73E0B} - \Norton Family\Norton Error Analyzer No Task File <==== ATTENTION
Task: {42E97A2A-0246-4A50-BC3C-0B4D141894F5} - \{A06A09EB-CC62-433F-AB18-EAFF3CAA272E} No Task File <==== ATTENTION
Task: {47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip No Task File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration No Task File <==== ATTENTION
Task: {489D277B-08CE-429C-8A1D-EA412F86392A} - \{ADE63974-448E-4596-9B80-70B3421F8510} No Task File <==== ATTENTION
Task: {4A3E579D-30EA-4312-BA20-BA1B65818351} - \Microsoft\Windows\Media Center\InstallPlayReady No Task File <==== ATTENTION
Task: {4C8B01A2-11FF-4C41-848F-508EF4F00CF7} - \Microsoft\Windows\TextServicesFramework\MsCtfMonitor No Task File <==== ATTENTION
Task: {4FD6E870-B958-42C3-A416-4530A29B6A8E} - \Microsoft\Windows\SideShow\SessionAgent No Task File <==== ATTENTION
Task: {550EA7B0-C9D3-4E03-8C8A-98D07710C3F2} - \Microsoft\Windows\SideShow\SystemDataProviders No Task File <==== ATTENTION
Task: {5528F22C-2470-4715-ACAE-E274EF6898C7} - \Microsoft\Windows\MobilePC\HotStart No Task File <==== ATTENTION
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - \Microsoft\Windows\UPnP\UPnPHostConfig No Task File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls No Task File <==== ATTENTION
Task: {5F5A18EB-DC73-4E45-A11C-B59043598412} - \Microsoft\Windows\CertificateServicesClient\SystemTask No Task File <==== ATTENTION
Task: {5F7C1072-6ED0-43A2-B5D4-99E4A3B97476} - \Microsoft\Windows\WindowsBackup\Windows Backup Monitor No Task File <==== ATTENTION
Task: {5F96E706-907B-42A7-B760-36E6746D7B4C} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask No Task File <==== ATTENTION
Task: {613612BA-897D-44CE-8DC1-8FC283F9FD51} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) No Task File <==== ATTENTION
Task: {631E19B0-8FB2-4ED4-9F34-52569DBB50B6} - \Microsoft\Windows\Media Center\UpdateRecordPath No Task File <==== ATTENTION
Task: {64B28C31-7FB6-4DCE-8DDF-88E196EDC434} - \Microsoft\Windows\Media Center\ReindexSearchRoot No Task File <==== ATTENTION
Task: {667CBA6B-7063-42EA-A60C-681540A9D7F2} - \Microsoft_Hardware_Launch_ipoint_exe No Task File <==== ATTENTION
Task: {67195413-3616-4397-AD4A-9058D8249101} - \Microsoft\Windows\Media Center\StartRecording No Task File <==== ATTENTION
Task: {6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF} - \Microsoft\Windows\User Profile Service\HiveUploadTask No Task File <==== ATTENTION
Task: {6F485ED9-DA70-4C50-A110-83DBCF0BD6EB} - \Microsoft\Windows\Media Center\PBDADiscovery No Task File <==== ATTENTION
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck No Task File <==== ATTENTION
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary No Task File <==== ATTENTION
Task: {793E7149-32B1-4A5A-BEE0-4141831FEED2} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver No Task File <==== ATTENTION
Task: {7A9AA02C-FA6B-4B2A-A8A9-A32D3CB041ED} - \User_Feed_Synchronization-{512E842E-BF4B-4533-A0C7-1A8DEE66A43B} No Task File <==== ATTENTION
Task: {7AFCC0CA-7121-422A-AB45-B0E8D599FF08} - \Microsoft\Windows\CertificateServicesClient\UserTask No Task File <==== ATTENTION
Task: {7D795B01-B67B-4D46-8819-771B4E10DFEC} - \Microsoft\Windows\Media Center\mcupdate_scheduled No Task File <==== ATTENTION
Task: {7E6484D7-17FC-4E9A-8B77-879CB3C64DA3} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - \Microsoft\Windows\NetTrace\GatherNetworkInfo No Task File <==== ATTENTION
Task: {8649690E-F8D5-4689-A98C-E978B8589AA7} - \Microsoft\Windows\Media Center\PeriodicScanRetry No Task File <==== ATTENTION
Task: {86AC5C6D-090E-4737-B093-3390046D85A2} - \Microsoft\Windows\Media Center\PvrRecoveryTask No Task File <==== ATTENTION
Task: {9435F817-FED2-454E-88CD-7F78FDA62C48} - \Microsoft\Windows\WDI\ResolutionHost No Task File <==== ATTENTION
Task: {95502320-6A68-4BB1-861B-F1D8FBCD9486} - \Microsoft\Windows\Media Center\PvrScheduleTask No Task File <==== ATTENTION
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - \Microsoft\Windows\SystemRestore\SR No Task File <==== ATTENTION
Task: {9979CB83-103A-4105-9E5D-C74B0AF6D198} - \Microsoft\Windows\CertificateServicesClient\UserTask-Roam No Task File <==== ATTENTION
Task: {9DA6C1A0-B858-4353-AE16-B25A73852BF3} - \{BE3836B0-17C5-4F21-B115-975C8187D23B} No Task File <==== ATTENTION
Task: {A3494D82-0064-46B3-AD12-811C95C701DB} - \{6F850B84-EF5F-4F2C-8CC3-CC8857F99510} No Task File <==== ATTENTION
Task: {A35BB7A6-5F0C-4C9F-8450-2B3BED532D51} - \Microsoft\Windows\WindowsColorSystem\Calibration Loader No Task File <==== ATTENTION
Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - \Microsoft\Windows\AppID\PolicyConverter No Task File <==== ATTENTION
Task: {A531706A-A2D9-41EE-8A68-04403D5F980B} - \Microsoft\Windows\WindowsBackup\AutomaticBackup No Task File <==== ATTENTION
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - \Microsoft\Windows\Location\Notifications No Task File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent No Task File <==== ATTENTION
Task: {AC668097-4D6B-4093-AC14-014C09DBF820} - \Microsoft\Windows\Ras\MobilityManager No Task File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor No Task File <==== ATTENTION
Task: {B2A5C126-90FC-42C6-A5DB-ECB92EA08097} - \Microsoft_Hardware_Launch_itype_exe No Task File <==== ATTENTION
Task: {B620EF30-F833-4B5D-BC49-291EA02D745B} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 No Task File <==== ATTENTION
Task: {B8A91619-22B0-420E-B5D3-B5FA4FA9DF3A} - \Microsoft\Windows\SideShow\GadgetManager No Task File <==== ATTENTION
Task: {BE669C13-8165-4536-96D0-6D6C39292AAE} - \Microsoft\Windows\Diagnosis\Scheduled No Task File <==== ATTENTION
Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator No Task File <==== ATTENTION
Task: {C20FB6F1-0E77-4ACC-89AD-C70E94D7F49C} - \Norton Family\Norton Error Processor No Task File <==== ATTENTION
Task: {C25D7B1C-D41D-449D-BFBE-B250450315D1} - \{46422E93-D5FC-4C97-8AE8-D4AD2081154B} No Task File <==== ATTENTION
Task: {C9E3CA8F-DFB2-45FD-B10A-1B4D9C9C2C17} - \Microsoft\Windows\Media Center\OCURActivate No Task File <==== ATTENTION
Task: {CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E} - \Microsoft\Windows\Registry\RegIdleBackup No Task File <==== ATTENTION
Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask No Task File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector No Task File <==== ATTENTION
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - \Microsoft\Windows\Windows Error Reporting\QueueReporting No Task File <==== ATTENTION
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - \Microsoft\Windows\Autochk\Proxy No Task File <==== ATTENTION
Task: {D7E71D30-BA9A-43F1-8213-AC79E8EB3FE2} - \{D8497F2A-378D-4D25-8B53-B0DA1824E70E} No Task File <==== ATTENTION
Task: {DAD0D506-8D44-4C0A-A865-DF31666DED62} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks No Task File <==== ATTENTION
Task: {DC345333-58F1-432A-A27C-4C0CDE1DA826} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange No Task File <==== ATTENTION
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - \Microsoft\Windows\Bluetooth\UninstallDeviceTask No Task File <==== ATTENTION
Task: {E4884DF1-0288-4657-B208-CAD8BCB76A39} - \Microsoft\Windows\Media Center\OCURDiscovery No Task File <==== ATTENTION
Task: {EA0D62B9-7E71-4EF0-9A7B-45E5D6CF0DBD} - \Microsoft\Windows\SideShow\AutoWake No Task File <==== ATTENTION
Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask No Task File <==== ATTENTION
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {EB5DC31E-9C18-4935-8B9B-84C8F74069CF} - \Microsoft_MKC_Logon_Task_ipoint.exe No Task File <==== ATTENTION
Task: {F0A39BA2-AF9C-46AC-8A6E-DFE129B62782} - \Microsoft\Windows\Media Center\ehDRMInit No Task File <==== ATTENTION
Task: {F4B07E74-7300-4CC0-A541-C4C6553D1142} - \Microsoft\Windows\Media Center\RecordingRestart No Task File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector No Task File <==== ATTENTION
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem No Task File <==== ATTENTION
Task: {FD44AF6B-5DA5-44FF-B683-38F726BB0F02} - \Microsoft\Windows\Media Center\ActivateWindowsSearch No Task File <==== ATTENTION
Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask No Task File <==== ATTENTION
Task: {FECE245C-A1C5-4C60-B778-CD094D8395AE} - \Microsoft\Windows\Media Center\mcupdate No Task File <==== ATTENTION

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log Fixlog.txt please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

How is the computer running now?

#9 maineearle

maineearle
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:41 AM

Posted 28 March 2015 - 07:19 PM

Again thanks

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Administrator at 2015-03-28 17:12:46 Run:1
Running from F:\
Loaded Profiles: Administrator (Available profiles: Ron & Administrator)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
 
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
HKU\S-1-5-21-2746016171-2851884287-947705566-500\Control Panel\Desktop\\SCRNSAVE.EXE ->
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-21] (IObit)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S3 MFE_RR; \??\C:\Users\ADMINI~1\AppData\Local\Temp\mfe_rr.sys [X]
C:\Program Files (x86)\IObit
C:\Users\Administrator\AppData\Local\Temp\msvcp120.dll
C:\Users\Administrator\AppData\Local\Temp\msvcr120.dll
C:\Users\Administrator\AppData\Local\Temp\pc-decrapifier.exe
C:\Windows\System32\igd10umd32.dll
C:\Windows\System32\igdumd32.dll
C:\Windows\System32\jgdw400.dll
C:\Windows\System32\jgpl400.dll
C:\Windows\System32\MSVCRT20.dll
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:D3A96964
Task: {02DFCDAA-5C9A-47FC-8AC6-B811B9D8A0BC} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService No Task File <==== ATTENTION
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - \Microsoft\Windows\Time Synchronization\SynchronizeTime No Task File <==== ATTENTION
Task: {044D7076-3892-46F7-8C72-F86BD558076A} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask No Task File <==== ATTENTION
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 No Task File <==== ATTENTION
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 No Task File <==== ATTENTION
Task: {0B01DDA7-FA41-4C6E-8427-C7C6CD291301} - \SidebarExecute No Task File <==== ATTENTION
Task: {190A4168-8690-4523-921F-0DD4E3BC321D} - \Microsoft_Hardware_Launch_mousekeyboardcenter_exe No Task File <==== ATTENTION
Task: {1C83A81E-25C0-4CD5-8B5A-9CD7EDD2ABCA} - \Microsoft\Windows\Media Center\RegisterSearch No Task File <==== ATTENTION
Task: {1EAB1079-2E3E-4B99-927D-D99860FC1470} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector No Task File <==== ATTENTION
Task: {1F7B7221-AE8F-44F3-BA82-F7D260F51964} - \Microsoft\Windows\Task Manager\Interactive No Task File <==== ATTENTION
Task: {21268A60-F63B-4013-AD00-122BE97576E6} - \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task No Task File <==== ATTENTION
Task: {2470470F-2634-478E-B181-571E98A789BB} - \Microsoft\Windows\Multimedia\SystemSoundsService No Task File <==== ATTENTION
Task: {28011108-68DF-4C73-B91B-57427D501BBA} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) No Task File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification No Task File <==== ATTENTION
Task: {30DFC7A9-EBE0-425D-8E7C-D85A7B57ECF9} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 No Task File <==== ATTENTION
Task: {32521FCB-0475-4560-A6B9-89D38AFA3A4F} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask No Task File <==== ATTENTION
Task: {32979924-A796-4AE2-97D1-C6705C9A95E0} - \Microsoft_MKC_Logon_Task_itype.exe No Task File <==== ATTENTION
Task: {392FAEA2-4A05-4717-A6B2-36BDADC73E0B} - \Norton Family\Norton Error Analyzer No Task File <==== ATTENTION
Task: {42E97A2A-0246-4A50-BC3C-0B4D141894F5} - \{A06A09EB-CC62-433F-AB18-EAFF3CAA272E} No Task File <==== ATTENTION
Task: {47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip No Task File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration No Task File <==== ATTENTION
Task: {489D277B-08CE-429C-8A1D-EA412F86392A} - \{ADE63974-448E-4596-9B80-70B3421F8510} No Task File <==== ATTENTION
Task: {4A3E579D-30EA-4312-BA20-BA1B65818351} - \Microsoft\Windows\Media Center\InstallPlayReady No Task File <==== ATTENTION
Task: {4C8B01A2-11FF-4C41-848F-508EF4F00CF7} - \Microsoft\Windows\TextServicesFramework\MsCtfMonitor No Task File <==== ATTENTION
Task: {4FD6E870-B958-42C3-A416-4530A29B6A8E} - \Microsoft\Windows\SideShow\SessionAgent No Task File <==== ATTENTION
Task: {550EA7B0-C9D3-4E03-8C8A-98D07710C3F2} - \Microsoft\Windows\SideShow\SystemDataProviders No Task File <==== ATTENTION
Task: {5528F22C-2470-4715-ACAE-E274EF6898C7} - \Microsoft\Windows\MobilePC\HotStart No Task File <==== ATTENTION
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - \Microsoft\Windows\UPnP\UPnPHostConfig No Task File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls No Task File <==== ATTENTION
Task: {5F5A18EB-DC73-4E45-A11C-B59043598412} - \Microsoft\Windows\CertificateServicesClient\SystemTask No Task File <==== ATTENTION
Task: {5F7C1072-6ED0-43A2-B5D4-99E4A3B97476} - \Microsoft\Windows\WindowsBackup\Windows Backup Monitor No Task File <==== ATTENTION
Task: {5F96E706-907B-42A7-B760-36E6746D7B4C} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask No Task File <==== ATTENTION
Task: {613612BA-897D-44CE-8DC1-8FC283F9FD51} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) No Task File <==== ATTENTION
Task: {631E19B0-8FB2-4ED4-9F34-52569DBB50B6} - \Microsoft\Windows\Media Center\UpdateRecordPath No Task File <==== ATTENTION
Task: {64B28C31-7FB6-4DCE-8DDF-88E196EDC434} - \Microsoft\Windows\Media Center\ReindexSearchRoot No Task File <==== ATTENTION
Task: {667CBA6B-7063-42EA-A60C-681540A9D7F2} - \Microsoft_Hardware_Launch_ipoint_exe No Task File <==== ATTENTION
Task: {67195413-3616-4397-AD4A-9058D8249101} - \Microsoft\Windows\Media Center\StartRecording No Task File <==== ATTENTION
Task: {6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF} - \Microsoft\Windows\User Profile Service\HiveUploadTask No Task File <==== ATTENTION
Task: {6F485ED9-DA70-4C50-A110-83DBCF0BD6EB} - \Microsoft\Windows\Media Center\PBDADiscovery No Task File <==== ATTENTION
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck No Task File <==== ATTENTION
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary No Task File <==== ATTENTION
Task: {793E7149-32B1-4A5A-BEE0-4141831FEED2} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver No Task File <==== ATTENTION
Task: {7A9AA02C-FA6B-4B2A-A8A9-A32D3CB041ED} - \User_Feed_Synchronization-{512E842E-BF4B-4533-A0C7-1A8DEE66A43B} No Task File <==== ATTENTION
Task: {7AFCC0CA-7121-422A-AB45-B0E8D599FF08} - \Microsoft\Windows\CertificateServicesClient\UserTask No Task File <==== ATTENTION
Task: {7D795B01-B67B-4D46-8819-771B4E10DFEC} - \Microsoft\Windows\Media Center\mcupdate_scheduled No Task File <==== ATTENTION
Task: {7E6484D7-17FC-4E9A-8B77-879CB3C64DA3} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - \Microsoft\Windows\NetTrace\GatherNetworkInfo No Task File <==== ATTENTION
Task: {8649690E-F8D5-4689-A98C-E978B8589AA7} - \Microsoft\Windows\Media Center\PeriodicScanRetry No Task File <==== ATTENTION
Task: {86AC5C6D-090E-4737-B093-3390046D85A2} - \Microsoft\Windows\Media Center\PvrRecoveryTask No Task File <==== ATTENTION
Task: {9435F817-FED2-454E-88CD-7F78FDA62C48} - \Microsoft\Windows\WDI\ResolutionHost No Task File <==== ATTENTION
Task: {95502320-6A68-4BB1-861B-F1D8FBCD9486} - \Microsoft\Windows\Media Center\PvrScheduleTask No Task File <==== ATTENTION
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - \Microsoft\Windows\SystemRestore\SR No Task File <==== ATTENTION
Task: {9979CB83-103A-4105-9E5D-C74B0AF6D198} - \Microsoft\Windows\CertificateServicesClient\UserTask-Roam No Task File <==== ATTENTION
Task: {9DA6C1A0-B858-4353-AE16-B25A73852BF3} - \{BE3836B0-17C5-4F21-B115-975C8187D23B} No Task File <==== ATTENTION
Task: {A3494D82-0064-46B3-AD12-811C95C701DB} - \{6F850B84-EF5F-4F2C-8CC3-CC8857F99510} No Task File <==== ATTENTION
Task: {A35BB7A6-5F0C-4C9F-8450-2B3BED532D51} - \Microsoft\Windows\WindowsColorSystem\Calibration Loader No Task File <==== ATTENTION
Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - \Microsoft\Windows\AppID\PolicyConverter No Task File <==== ATTENTION
Task: {A531706A-A2D9-41EE-8A68-04403D5F980B} - \Microsoft\Windows\WindowsBackup\AutomaticBackup No Task File <==== ATTENTION
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - \Microsoft\Windows\Location\Notifications No Task File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent No Task File <==== ATTENTION
Task: {AC668097-4D6B-4093-AC14-014C09DBF820} - \Microsoft\Windows\Ras\MobilityManager No Task File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor No Task File <==== ATTENTION
Task: {B2A5C126-90FC-42C6-A5DB-ECB92EA08097} - \Microsoft_Hardware_Launch_itype_exe No Task File <==== ATTENTION
Task: {B620EF30-F833-4B5D-BC49-291EA02D745B} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 No Task File <==== ATTENTION
Task: {B8A91619-22B0-420E-B5D3-B5FA4FA9DF3A} - \Microsoft\Windows\SideShow\GadgetManager No Task File <==== ATTENTION
Task: {BE669C13-8165-4536-96D0-6D6C39292AAE} - \Microsoft\Windows\Diagnosis\Scheduled No Task File <==== ATTENTION
Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator No Task File <==== ATTENTION
Task: {C20FB6F1-0E77-4ACC-89AD-C70E94D7F49C} - \Norton Family\Norton Error Processor No Task File <==== ATTENTION
Task: {C25D7B1C-D41D-449D-BFBE-B250450315D1} - \{46422E93-D5FC-4C97-8AE8-D4AD2081154B} No Task File <==== ATTENTION
Task: {C9E3CA8F-DFB2-45FD-B10A-1B4D9C9C2C17} - \Microsoft\Windows\Media Center\OCURActivate No Task File <==== ATTENTION
Task: {CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E} - \Microsoft\Windows\Registry\RegIdleBackup No Task File <==== ATTENTION
Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask No Task File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector No Task File <==== ATTENTION
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - \Microsoft\Windows\Windows Error Reporting\QueueReporting No Task File <==== ATTENTION
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - \Microsoft\Windows\Autochk\Proxy No Task File <==== ATTENTION
Task: {D7E71D30-BA9A-43F1-8213-AC79E8EB3FE2} - \{D8497F2A-378D-4D25-8B53-B0DA1824E70E} No Task File <==== ATTENTION
Task: {DAD0D506-8D44-4C0A-A865-DF31666DED62} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks No Task File <==== ATTENTION
Task: {DC345333-58F1-432A-A27C-4C0CDE1DA826} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange No Task File <==== ATTENTION
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - \Microsoft\Windows\Bluetooth\UninstallDeviceTask No Task File <==== ATTENTION
Task: {E4884DF1-0288-4657-B208-CAD8BCB76A39} - \Microsoft\Windows\Media Center\OCURDiscovery No Task File <==== ATTENTION
Task: {EA0D62B9-7E71-4EF0-9A7B-45E5D6CF0DBD} - \Microsoft\Windows\SideShow\AutoWake No Task File <==== ATTENTION
Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask No Task File <==== ATTENTION
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {EB5DC31E-9C18-4935-8B9B-84C8F74069CF} - \Microsoft_MKC_Logon_Task_ipoint.exe No Task File <==== ATTENTION
Task: {F0A39BA2-AF9C-46AC-8A6E-DFE129B62782} - \Microsoft\Windows\Media Center\ehDRMInit No Task File <==== ATTENTION
Task: {F4B07E74-7300-4CC0-A541-C4C6553D1142} - \Microsoft\Windows\Media Center\RecordingRestart No Task File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector No Task File <==== ATTENTION
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem No Task File <==== ATTENTION
Task: {FD44AF6B-5DA5-44FF-B683-38F726BB0F02} - \Microsoft\Windows\Media Center\ActivateWindowsSearch No Task File <==== ATTENTION
Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask No Task File <==== ATTENTION
Task: {FECE245C-A1C5-4C60-B778-CD094D8395AE} - \Microsoft\Windows\Media Center\mcupdate No Task File <==== ATTENTION
 
*****************
 
Processes closed successfully.
[2328] C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe => Process closed successfully.
HKU\S-1-5-21-2746016171-2851884287-947705566-500\Control Panel\Desktop\\SCRNSAVE.EXE => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
LiveUpdateSvc => Service deleted successfully.
MFE_RR => Service deleted successfully.
C:\Program Files (x86)\IObit => Moved successfully.
C:\Users\Administrator\AppData\Local\Temp\msvcp120.dll => Moved successfully.
C:\Users\Administrator\AppData\Local\Temp\msvcr120.dll => Moved successfully.
C:\Users\Administrator\AppData\Local\Temp\pc-decrapifier.exe => Moved successfully.
C:\Windows\System32\igd10umd32.dll => Moved successfully.
C:\Windows\System32\igdumd32.dll => Moved successfully.
C:\Windows\System32\jgdw400.dll => Moved successfully.
C:\Windows\System32\jgpl400.dll => Moved successfully.
C:\Windows\System32\MSVCRT20.dll => Moved successfully.
C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.
C:\ProgramData\Temp => ":D3A96964" ADS removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02DFCDAA-5C9A-47FC-8AC6-B811B9D8A0BC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02DFCDAA-5C9A-47FC-8AC6-B811B9D8A0BC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044A6734-E90E-4F8F-B357-B2DC8AB3B5EC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Time Synchronization\SynchronizeTime" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{044D7076-3892-46F7-8C72-F86BD558076A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044D7076-3892-46F7-8C72-F86BD558076A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B01DDA7-FA41-4C6E-8427-C7C6CD291301}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B01DDA7-FA41-4C6E-8427-C7C6CD291301}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SidebarExecute" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{190A4168-8690-4523-921F-0DD4E3BC321D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{190A4168-8690-4523-921F-0DD4E3BC321D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_mousekeyboardcenter_exe" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C83A81E-25C0-4CD5-8B5A-9CD7EDD2ABCA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C83A81E-25C0-4CD5-8B5A-9CD7EDD2ABCA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EAB1079-2E3E-4B99-927D-D99860FC1470}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EAB1079-2E3E-4B99-927D-D99860FC1470}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F7B7221-AE8F-44F3-BA82-F7D260F51964}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F7B7221-AE8F-44F3-BA82-F7D260F51964}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Task Manager\Interactive" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{21268A60-F63B-4013-AD00-122BE97576E6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21268A60-F63B-4013-AD00-122BE97576E6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2470470F-2634-478E-B181-571E98A789BB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2470470F-2634-478E-B181-571E98A789BB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SystemSoundsService" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{28011108-68DF-4C73-B91B-57427D501BBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28011108-68DF-4C73-B91B-57427D501BBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30DFC7A9-EBE0-425D-8E7C-D85A7B57ECF9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30DFC7A9-EBE0-425D-8E7C-D85A7B57ECF9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32521FCB-0475-4560-A6B9-89D38AFA3A4F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32521FCB-0475-4560-A6B9-89D38AFA3A4F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{32979924-A796-4AE2-97D1-C6705C9A95E0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32979924-A796-4AE2-97D1-C6705C9A95E0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_MKC_Logon_Task_itype.exe" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{392FAEA2-4A05-4717-A6B2-36BDADC73E0B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{392FAEA2-4A05-4717-A6B2-36BDADC73E0B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Family\Norton Error Analyzer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42E97A2A-0246-4A50-BC3C-0B4D141894F5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42E97A2A-0246-4A50-BC3C-0B4D141894F5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A06A09EB-CC62-433F-AB18-EAFF3CAA272E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControlsMigration" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{489D277B-08CE-429C-8A1D-EA412F86392A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{489D277B-08CE-429C-8A1D-EA412F86392A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ADE63974-448E-4596-9B80-70B3421F8510}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A3E579D-30EA-4312-BA20-BA1B65818351}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A3E579D-30EA-4312-BA20-BA1B65818351}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C8B01A2-11FF-4C41-848F-508EF4F00CF7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TextServicesFramework\MsCtfMonitor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4FD6E870-B958-42C3-A416-4530A29B6A8E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FD6E870-B958-42C3-A416-4530A29B6A8E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SessionAgent" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{550EA7B0-C9D3-4E03-8C8A-98D07710C3F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{550EA7B0-C9D3-4E03-8C8A-98D07710C3F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SystemDataProviders" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5528F22C-2470-4715-ACAE-E274EF6898C7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5528F22C-2470-4715-ACAE-E274EF6898C7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\HotStart" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A40E926-9E86-4B89-9CFD-B12311724371}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A40E926-9E86-4B89-9CFD-B12311724371}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP\UPnPHostConfig" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControls" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5F5A18EB-DC73-4E45-A11C-B59043598412}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5A18EB-DC73-4E45-A11C-B59043598412}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\SystemTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5F7C1072-6ED0-43A2-B5D4-99E4A3B97476}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F7C1072-6ED0-43A2-B5D4-99E4A3B97476}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\Windows Backup Monitor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F96E706-907B-42A7-B760-36E6746D7B4C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F96E706-907B-42A7-B760-36E6746D7B4C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{613612BA-897D-44CE-8DC1-8FC283F9FD51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{613612BA-897D-44CE-8DC1-8FC283F9FD51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{631E19B0-8FB2-4ED4-9F34-52569DBB50B6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{631E19B0-8FB2-4ED4-9F34-52569DBB50B6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64B28C31-7FB6-4DCE-8DDF-88E196EDC434}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64B28C31-7FB6-4DCE-8DDF-88E196EDC434}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{667CBA6B-7063-42EA-A60C-681540A9D7F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{667CBA6B-7063-42EA-A60C-681540A9D7F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_ipoint_exe" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67195413-3616-4397-AD4A-9058D8249101}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67195413-3616-4397-AD4A-9058D8249101}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\StartRecording" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6738BA6E-EA75-4B6B-B8B8-71F0336DD8EF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\User Profile Service\HiveUploadTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F485ED9-DA70-4C50-A110-83DBCF0BD6EB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F485ED9-DA70-4C50-A110-83DBCF0BD6EB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{72DB7465-BC54-491B-A92A-4637A28C9BBF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72DB7465-BC54-491B-A92A-4637A28C9BBF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{753C47AE-EC5E-44B3-95A9-2C8E553F0E39}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{793E7149-32B1-4A5A-BEE0-4141831FEED2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{793E7149-32B1-4A5A-BEE0-4141831FEED2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A9AA02C-FA6B-4B2A-A8A9-A32D3CB041ED}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A9AA02C-FA6B-4B2A-A8A9-A32D3CB041ED}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\User_Feed_Synchronization-{512E842E-BF4B-4533-A0C7-1A8DEE66A43B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AFCC0CA-7121-422A-AB45-B0E8D599FF08}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\UserTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D795B01-B67B-4D46-8819-771B4E10DFEC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D795B01-B67B-4D46-8819-771B4E10DFEC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E6484D7-17FC-4E9A-8B77-879CB3C64DA3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E6484D7-17FC-4E9A-8B77-879CB3C64DA3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetTrace\GatherNetworkInfo" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8649690E-F8D5-4689-A98C-E978B8589AA7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8649690E-F8D5-4689-A98C-E978B8589AA7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86AC5C6D-090E-4737-B093-3390046D85A2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86AC5C6D-090E-4737-B093-3390046D85A2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9435F817-FED2-454E-88CD-7F78FDA62C48}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9435F817-FED2-454E-88CD-7F78FDA62C48}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\ResolutionHost" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95502320-6A68-4BB1-861B-F1D8FBCD9486}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95502320-6A68-4BB1-861B-F1D8FBCD9486}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{994C86AD-A929-4B2C-88A0-4E25A107A029}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86AD-A929-4B2C-88A0-4E25A107A029}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SystemRestore\SR" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9979CB83-103A-4105-9E5D-C74B0AF6D198}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9979CB83-103A-4105-9E5D-C74B0AF6D198}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\UserTask-Roam" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DA6C1A0-B858-4353-AE16-B25A73852BF3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DA6C1A0-B858-4353-AE16-B25A73852BF3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BE3836B0-17C5-4F21-B115-975C8187D23B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3494D82-0064-46B3-AD12-811C95C701DB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3494D82-0064-46B3-AD12-811C95C701DB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6F850B84-EF5F-4F2C-8CC3-CC8857F99510}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsColorSystem\Calibration Loader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A48CABBF-24C8-4B87-B00F-9261807C3B43}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A48CABBF-24C8-4B87-B00F-9261807C3B43}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\PolicyConverter" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A531706A-A2D9-41EE-8A68-04403D5F980B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A531706A-A2D9-41EE-8A68-04403D5F980B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\AutomaticBackup" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC668097-4D6B-4093-AC14-014C09DBF820}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC668097-4D6B-4093-AC14-014C09DBF820}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Ras\MobilityManager" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2A5C126-90FC-42C6-A5DB-ECB92EA08097}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2A5C126-90FC-42C6-A5DB-ECB92EA08097}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_itype_exe" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B620EF30-F833-4B5D-BC49-291EA02D745B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B620EF30-F833-4B5D-BC49-291EA02D745B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B8A91619-22B0-420E-B5D3-B5FA4FA9DF3A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8A91619-22B0-420E-B5D3-B5FA4FA9DF3A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\GadgetManager" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE669C13-8165-4536-96D0-6D6C39292AAE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE669C13-8165-4536-96D0-6D6C39292AAE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Diagnosis\Scheduled" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C016366B-7126-46CA-B36B-592A3D95A60B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C016366B-7126-46CA-B36B-592A3D95A60B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C20FB6F1-0E77-4ACC-89AD-C70E94D7F49C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C20FB6F1-0E77-4ACC-89AD-C70E94D7F49C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Family\Norton Error Processor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C25D7B1C-D41D-449D-BFBE-B250450315D1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C25D7B1C-D41D-449D-BFBE-B250450315D1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{46422E93-D5FC-4C97-8AE8-D4AD2081154B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9E3CA8F-DFB2-45FD-B10A-1B4D9C9C2C17}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9E3CA8F-DFB2-45FD-B10A-1B4D9C9C2C17}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Registry\RegIdleBackup" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0250F3F-6480-484F-B719-42F659AC64D5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F3F-6480-484F-B719-42F659AC64D5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\QueueReporting" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Autochk\Proxy" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7E71D30-BA9A-43F1-8213-AC79E8EB3FE2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7E71D30-BA9A-43F1-8213-AC79E8EB3FE2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D8497F2A-378D-4D25-8B53-B0DA1824E70E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAD0D506-8D44-4C0A-A865-DF31666DED62}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAD0D506-8D44-4C0A-A865-DF31666DED62}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC345333-58F1-432A-A27C-4C0CDE1DA826}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC345333-58F1-432A-A27C-4C0CDE1DA826}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E22A8667-F75B-4BA9-BA46-067ED4429DE8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E22A8667-F75B-4BA9-BA46-067ED4429DE8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3163C33-301D-4730-A266-5518C5ED3967}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3163C33-301D-4730-A266-5518C5ED3967}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Bluetooth\UninstallDeviceTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4884DF1-0288-4657-B208-CAD8BCB76A39}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4884DF1-0288-4657-B208-CAD8BCB76A39}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EA0D62B9-7E71-4EF0-9A7B-45E5D6CF0DBD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA0D62B9-7E71-4EF0-9A7B-45E5D6CF0DBD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\AutoWake" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EACA24FF-236C-401D-A1E7-B3D5267B8A50}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EACA24FF-236C-401D-A1E7-B3D5267B8A50}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RAC\RacTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EB02381F-D652-4B1C-894A-712498C62C51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EB5DC31E-9C18-4935-8B9B-84C8F74069CF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB5DC31E-9C18-4935-8B9B-84C8F74069CF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_MKC_Logon_Task_ipoint.exe" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F0A39BA2-AF9C-46AC-8A6E-DFE129B62782}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0A39BA2-AF9C-46AC-8A6E-DFE129B62782}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F4B07E74-7300-4CC0-A541-C4C6553D1142}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4B07E74-7300-4CC0-A541-C4C6553D1142}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB3C354D-297A-4EB2-9B58-090F6361906B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB3C354D-297A-4EB2-9B58-090F6361906B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD44AF6B-5DA5-44FF-B683-38F726BB0F02}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD44AF6B-5DA5-44FF-B683-38F726BB0F02}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDD56C73-F0D5-41B6-B767-6EFFD7966428}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDD56C73-F0D5-41B6-B767-6EFFD7966428}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FECE245C-A1C5-4C60-B778-CD094D8395AE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FECE245C-A1C5-4C60-B778-CD094D8395AE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => Key deleted successfully.
 
 
The system needed a reboot. 
 
==== End of Fixlog 17:13:01 ====
 
# AdwCleaner v4.113 - Logfile created 28/03/2015 at 20:11:11
# Updated 22/03/2015 by Xplode
# Database : 2015-03-28.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Administrator - RON-HP
# Running from : C:\Users\Administrator\Desktop\adwcleaner_4.113.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Innovative Solutions
Folder Deleted : C:\Program Files (x86)\Common Files\Innovative Solutions
Folder Deleted : C:\Program Files\Instair
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v10.0.9200.17267
 
 
-\\ Mozilla Firefox v36.0.4 (x86 en-US)
 
 
-\\ Google Chrome v
 
[C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
 
*************************
 
AdwCleaner[R61].txt - [1123 bytes] - [28/03/2015 20:05:48]
AdwCleaner[S43].txt - [1058 bytes] - [28/03/2015 20:11:11]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S43].txt - [1118  bytes] ##########
 

 


Thanks everyone

#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:41 AM

Posted 29 March 2015 - 08:12 AM

How is the computer running now?

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#11 maineearle

maineearle
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:41 AM

Posted 01 April 2015 - 07:00 AM

A little better but IE and FF still crash and shut down completly. Also noticed high cpu usage at times


Thanks everyone

#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:41 AM

Posted 01 April 2015 - 07:53 AM

--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F
===

Reset Internet Explorer:
Menu > Tools > Internet Options > Advanced Tab.
Click the Reset button on the bottom of the pane.
Click the Apply button.
Close IE.

===

Keep me posted on the crash issue.
Let me know if you get a Blue Screen Of Death when it does.

#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:41 AM

Posted 06 April 2015 - 07:44 AM

Are you still with me?

#14 maineearle

maineearle
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:41 AM

Posted 06 April 2015 - 08:09 AM

Involved in a family emergency. Please close the thread I will open a new thread open my return if nessary

Thanks for your help


Thanks everyone

#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:41 AM

Posted 06 April 2015 - 12:52 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users