Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Jabuticaba - how can I get rid of it?


  • This topic is locked This topic is locked
36 replies to this topic

#1 aquaplex

aquaplex

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:11 AM

Posted 30 August 2015 - 03:19 PM

Like others in this forum I have had bloody Jabuticaba ads infect my laptop. I either get random pop up tabs or ads come up for certain words on a webpage.

 

I've seen others post on this forum with the same problem but the solutions seem to be goobledygook! Can someone please help me get rid of it? Thanks!



BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:11 AM

Posted 30 August 2015 - 04:03 PM

Hello and welcome to the Malware Removal Logs area :)

My name is Alexstrasza and I will assist you with your problem. You can call me Alex :)

Before we begin, there are a few things I want to make sure you know:
  • I am currently in training, so my responses might be delayed. I will generally reply within 48 hours - if this is not possible, I will let you know.
  • Please do not run any tools without being instructed to, as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the Follow this topic button, and make sure a tick is in the receive notifications and is set to Instantly. Any replies should be made in this topic by clicking the Reply to this topic button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. Please inform me if you need more time.
Shall we begin then?

===

Please run this tool to get information about your computer.

Farbar Recovery Scan Tool

Please download the correct version of Farbar Recovery Scan Tool and save it to your Desktop.

32-bit version here

64-bit version here

Note 1: Don't know if your Windows is 32-bit or 64-bit? Check it out here. The Automatic detection section should give you information about your OS. If it's not, use the Manual detection section.

Note 2: Temporary disable your antivirus and/or antimalware if they flag FRST as unsafe, as the tool is safe.
  • Right click on FRST/FRST64.exe and choose Run as Administrator.
  • When the tool launches, choose Yes at the disclaimer.
  • Choose Scan.
  • The tool will produces a log named FRST.txt in the same location where the tool is run from.
  • Please copy the log and paste it here.
On its first run FRST will generate an Addition.txt log in the same location as the other log. Please copy and paste that along with the main log in your reply.

Regards,
Alex

#3 aquaplex

aquaplex
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:11 AM

Posted 30 August 2015 - 04:09 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015
Ran by Rob (administrator) on ROBSPC (30-08-2015 22:05:57)
Running from C:\Users\Rob\Downloads
Loaded Profiles: Rob (Available Profiles: Rob & sheff_000)
Platform: Windows 8.1 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(GEAR Software) C:\Windows\SysWOW64\gearsec.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
() C:\Users\Rob\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(MixMeister Technology LLC) C:\Program Files (x86)\MixMeister Pro 6\MMPRO.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-06-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [506680 2014-06-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-06-13] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5235128 2012-06-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [gmsd_gb_005010035] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010036] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010040] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010041] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010043] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010044] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010046] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010054] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-464141180-2275970661-1890588188-1001\...\Run: [Spotify Web Helper] => C:\Users\Rob\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-464141180-2275970661-1890588188-1001\...\Run: [Amazon Music] => C:\Users\Rob\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-08-07] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk [2015-08-08]
ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-08-26]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-05-30]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{BC152EEB-7374-4D8D-93DE-C518E877E3BA}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C3F3DC1F-411D-483F-9413-CBB89ABE6D3E}: [DhcpNameServer] 40.27.1.201
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/2
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=en-GB&Src=WD8&Tid=00033BCD&OHP=http%3A%2F%2Fg.uk.msn.com%2FHPNOT14%2F2&OSP=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/2
SearchScopes: HKLM-x32 -> {9015D16D-118D-4CE8-ABC7-8D2E48BDB845} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-08-08] (McAfee)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-09] (Oracle Corporation)
BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-08-08] (McAfee)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-09] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-08-08] (McAfee)
Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-08-08] (McAfee)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-08-11] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-08-11] (McAfee, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-08-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2013-10-01] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-09] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-08-11] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-464141180-2275970661-1890588188-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Rob\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-30] (Citrix Online)
FF HKLM\...\Firefox\Extensions: [{de953a75-7d9c-4649-84d0-056fbe2dd8e9}] - C:\Program Files\shopperz15072015\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{de953a75-7d9c-4649-84d0-056fbe2dd8e9}] - C:\Program Files\shopperz15072015\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}] - \distribution\bundles\{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-08-08]
 
Chrome: 
=======
CHR Profile: C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (McAfee SafeKey) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbnjankikoaabjkmfbaceggjliabkbn [2015-08-08]
CHR Extension: (Adblock Plus) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-11]
CHR Extension: (McAfee SiteAdvisor Enterprise) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmendinpapjjojakimjlmkkkcmnojefg [2015-08-09]
CHR Extension: (AdBlock) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-13]
CHR Extension: (Adblock Pro) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-08-11]
CHR HKLM-x32\...\Chrome\Extension: [agbnjankikoaabjkmfbaceggjliabkbn] - C:\Program Files (x86)\SafeKey\lpchrome.crx [2015-08-08]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94936 2014-07-04] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
R2 gearsec; C:\Windows\SysWOW64\gearsec.exe [53248 2003-12-02] (GEAR Software) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [475960 2014-06-19] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-05-15] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-11] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-15] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-06-17] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-03] (Microsoft Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1151424 2012-06-14] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-06-13] (Western Digital)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-06-14] (Western Digital )
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S4 fogirogi; C:\Program Files (x86)\34444335-1437344059-3632-3234-3863BBA64EE7\knso41E7.tmp [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 GEARAspiWDM; C:\Windows\SysWOW64\DRIVERS\GEARAspiWDM.sys [13872 2004-06-11] (GEAR Software Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [573144 2014-06-17] (Realtek Semiconductor Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [476888 2014-03-22] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3463896 2014-06-21] (Realtek Semiconductor Corporation                           )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-06-17] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-06-17] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
U3 mfecore; no ImagePath
S4 MFE_RR; \??\C:\Users\Rob\AppData\Local\Temp\mfe_rr.sys [X]
S4 wsfd_vw_1_10_0_20; system32\drivers\wsfd_vw_1_10_0_20.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-30 22:05 - 2015-08-30 22:07 - 00029508 _____ C:\Users\Rob\Downloads\FRST.txt
2015-08-30 21:06 - 2015-08-30 22:06 - 00000000 ____D C:\FRST
2015-08-30 21:03 - 2015-08-30 21:03 - 02188288 _____ (Farbar) C:\Users\Rob\Downloads\FRST64.exe
2015-08-30 14:09 - 2015-08-30 14:09 - 00003080 _____ C:\Windows\System32\Tasks\McAfeeLogon
2015-08-23 22:46 - 2015-08-23 22:46 - 00001129 _____ C:\Users\Rob\Desktop\Amazon Music.lnk
2015-08-23 22:42 - 2015-08-23 22:44 - 41261584 _____ (Amazon) C:\Users\Rob\Downloads\AmazonMusicInstaller.exe
2015-08-19 23:28 - 2015-08-11 02:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 23:28 - 2015-08-11 01:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 00:33 - 2015-07-30 15:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 00:33 - 2015-07-30 14:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 23:03 - 2015-07-19 02:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-11 23:03 - 2015-07-18 19:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-11 23:03 - 2015-07-18 19:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-11 23:03 - 2015-07-18 19:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-11 23:03 - 2015-07-18 19:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-11 23:03 - 2015-07-18 19:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-11 23:03 - 2015-07-18 19:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-11 23:03 - 2015-07-18 19:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-11 23:03 - 2015-07-18 19:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-11 23:03 - 2015-07-18 19:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-11 23:03 - 2015-07-18 19:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-11 23:03 - 2015-07-18 19:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-11 23:03 - 2015-07-16 21:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 23:03 - 2015-07-16 20:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 23:03 - 2015-07-16 20:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-11 23:03 - 2015-06-12 18:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-11 23:03 - 2015-06-12 17:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 23:03 - 2015-06-09 19:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-11 23:02 - 2015-07-16 21:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 23:02 - 2015-07-16 21:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 23:02 - 2015-07-16 21:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 23:02 - 2015-07-16 21:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 23:02 - 2015-07-16 21:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 23:02 - 2015-07-16 20:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-11 23:02 - 2015-07-16 20:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-11 23:02 - 2015-07-16 20:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-11 23:02 - 2015-07-16 20:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-11 23:02 - 2015-07-16 20:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-11 23:02 - 2015-07-16 20:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 23:02 - 2015-07-16 20:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-11 23:02 - 2015-07-16 20:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-11 23:02 - 2015-07-16 20:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 23:02 - 2015-07-16 20:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 23:02 - 2015-07-16 20:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-11 23:02 - 2015-07-16 20:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-11 23:02 - 2015-07-16 20:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-11 23:02 - 2015-07-16 20:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 23:02 - 2015-07-16 20:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-11 23:02 - 2015-07-16 20:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 23:02 - 2015-07-16 19:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-11 23:02 - 2015-07-16 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-11 23:02 - 2015-07-16 19:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-11 23:02 - 2015-07-16 19:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-11 23:02 - 2015-07-16 19:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-11 23:02 - 2015-07-16 01:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 23:02 - 2015-07-16 01:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 23:02 - 2015-07-16 01:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 23:02 - 2015-07-16 01:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-11 23:02 - 2015-07-10 18:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-11 23:02 - 2015-07-07 10:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-11 23:02 - 2015-07-07 10:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-11 23:02 - 2015-07-07 10:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-11 23:01 - 2015-07-29 00:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-11 23:01 - 2015-07-28 15:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-11 23:01 - 2015-07-28 15:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-11 23:01 - 2015-07-28 15:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-11 23:01 - 2015-07-28 15:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-11 23:01 - 2015-07-28 15:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-11 23:01 - 2015-07-28 15:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-11 23:01 - 2015-07-01 23:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-11 23:01 - 2015-07-01 23:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-11 23:01 - 2015-07-01 22:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-11 23:01 - 2015-07-01 22:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-11 22:58 - 2015-07-14 22:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-11 22:58 - 2015-07-14 22:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-11 22:58 - 2015-07-14 22:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-11 22:58 - 2015-07-13 20:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-11 22:58 - 2015-07-13 20:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-11 22:57 - 2015-07-29 15:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-11 22:57 - 2015-07-29 15:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-11 22:57 - 2015-07-29 15:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-11 22:57 - 2015-07-24 19:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 22:57 - 2015-07-24 19:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-11 22:57 - 2015-07-24 19:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-11 22:57 - 2015-07-24 18:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-11 22:57 - 2015-07-24 18:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-11 22:57 - 2015-07-14 04:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 22:57 - 2015-07-14 04:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-11 22:57 - 2015-07-10 19:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-11 22:57 - 2015-07-10 18:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 22:57 - 2015-07-10 18:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-11 22:57 - 2015-07-10 18:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-11 22:57 - 2015-07-10 17:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-11 22:57 - 2015-07-10 17:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-11 22:57 - 2015-07-09 18:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-11 22:57 - 2015-07-09 18:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 22:57 - 2015-07-09 17:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-11 22:57 - 2015-06-11 21:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-11 22:57 - 2015-06-11 21:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-11 22:57 - 2015-05-12 01:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-11 22:46 - 2015-08-16 20:56 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-464141180-2275970661-1890588188-1002
2015-08-11 06:07 - 2015-08-11 06:07 - 00002200 _____ C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee TechMaster (10).lnk
2015-08-11 06:03 - 2015-08-11 06:03 - 01586165 _____ C:\Users\Rob\Downloads\ComIntRepair.exe
2015-08-11 06:03 - 2014-01-11 07:45 - 00000000 ____D C:\Users\Rob\Downloads\ComIntRepair
2015-08-11 05:53 - 2015-08-11 05:53 - 00002200 _____ C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee TechMaster (9).lnk
2015-08-11 05:51 - 2015-08-30 21:22 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-464141180-2275970661-1890588188-1001
2015-08-11 00:33 - 2015-08-11 00:33 - 00002200 _____ C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee TechMaster (8).lnk
2015-08-10 23:02 - 2015-08-10 23:04 - 00000000 ____D C:\Users\Rob\Desktop\regscanner
2015-08-10 21:00 - 2015-08-10 21:00 - 00002200 _____ C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee TechMaster (7).lnk
2015-08-10 20:54 - 2015-08-10 20:54 - 01602880 _____ (LogMeIn, Inc.) C:\Users\Rob\Downloads\Support-LogMeInRescue (1).exe
2015-08-10 20:54 - 2015-08-10 20:54 - 00002226 _____ C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee TechMaster (6).lnk
2015-08-09 20:56 - 2015-08-09 20:56 - 00003137 _____ C:\Users\Rob\Desktop\bookmarks_8_9_15.html
2015-08-09 20:52 - 2015-08-09 20:52 - 00002200 _____ C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee TechMaster (5).lnk
2015-08-09 20:46 - 2015-08-10 20:58 - 00000000 ____D C:\AdwCleaner
2015-08-09 20:10 - 2015-08-09 20:10 - 00002200 _____ C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee TechMaster (4).lnk
2015-08-09 19:28 - 2015-08-09 19:28 - 00000000 ____D C:\Users\Rob\AppData\Roaming\WildTangent
2015-08-09 19:25 - 2015-08-11 22:46 - 00002242 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-09 19:20 - 2015-08-09 19:20 - 00001450 _____ C:\Users\Rob\Desktop\iexplore.exe - Shortcut.lnk
2015-08-09 18:58 - 2015-08-09 18:58 - 00002200 _____ C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee TechMaster (3).lnk
2015-08-09 18:42 - 2015-08-09 18:43 - 00563296 _____ (Oracle Corporation) C:\Users\Rob\Downloads\JavaSetup8u51.exe
2015-08-09 18:27 - 2015-08-09 18:53 - 00000000 ____D C:\Users\Rob\Desktop\Tools
2015-08-09 18:22 - 2015-08-09 18:22 - 01602880 _____ (LogMeIn, Inc.) C:\Users\Rob\Downloads\Support-LogMeInRescue.exe
2015-08-09 18:22 - 2015-08-09 18:22 - 00002226 _____ C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee TechMaster (2).lnk
2015-08-09 10:22 - 2015-08-09 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-09 10:21 - 2015-08-30 21:26 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-09 10:21 - 2015-08-30 21:12 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-09 10:21 - 2015-08-09 10:21 - 00000000 ____D C:\Users\Rob\AppData\Local\Deployment
2015-08-09 10:21 - 2015-08-09 10:21 - 00000000 ____D C:\Users\Rob\AppData\Local\Apps\2.0
2015-08-08 19:54 - 2015-08-08 19:54 - 00001939 _____ C:\Users\Public\Desktop\McAfee LiveSafe - Internet Security.lnk
2015-08-08 19:53 - 2015-05-19 13:59 - 00207208 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-08-08 19:52 - 2015-08-08 19:56 - 00000000 ____D C:\Program Files (x86)\SafeKey
2015-08-08 19:52 - 2015-08-08 19:52 - 00000000 ____D C:\Program Files (x86)\McAfee.com
2015-08-08 19:50 - 2015-08-30 21:12 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-08-08 19:50 - 2015-08-08 19:53 - 00000000 ____D C:\Program Files\McAfee
2015-08-08 19:50 - 2015-08-08 19:50 - 00000000 ____D C:\Program Files\McAfee.com
2015-08-08 19:50 - 2015-08-08 19:50 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-08 00:22 - 2015-08-08 00:22 - 08103312 _____ (McAfee, Inc.) C:\Users\Rob\Downloads\McAfeeSetup-LINK (1).exe
2015-08-07 23:30 - 2015-08-14 23:02 - 00000000 ____D C:\ProgramData\McAfee
2015-08-07 23:30 - 2015-08-08 19:53 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-08-07 23:30 - 2015-06-29 10:03 - 00254792 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2015-08-07 22:21 - 2015-08-07 23:50 - 00001034 _____ C:\Windows\Tasks\lU4srfqOpdO1hP68BQGExBZtdq8.job
2015-08-07 21:55 - 2014-09-29 03:19 - 00000135 ____H C:\Windows\MAD-Clean1.bat
2015-08-07 20:39 - 2015-08-06 16:10 - 00870752 _____ C:\Users\Rob\Desktop\tmdwn.exe
2015-08-07 20:36 - 2015-08-11 22:50 - 00000000 ____D C:\Users\Rob\AppData\Local\LogMeIn Rescue Applet
2015-08-07 20:36 - 2015-08-07 20:36 - 00002226 _____ C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee TechMaster.lnk
2015-08-07 19:37 - 2015-08-07 19:37 - 00000464 _____ C:\Windows\Tasks\249565D8-E2D1-4B44-93D2-5145ADAC4691.job
2015-08-07 19:26 - 2015-08-07 19:29 - 00000000 _____ C:\Users\Rob\Downloads\iphist.dat
2015-08-07 19:25 - 2015-08-07 19:30 - 00000000 ____D C:\Users\Rob\AppData\Roaming\McAfee TechCheck
2015-08-07 19:24 - 2015-08-07 19:25 - 03373592 _____ C:\Users\Rob\Downloads\McAfee_TechCheck.exe
2015-08-07 19:11 - 2015-08-07 19:11 - 00000000 ____D C:\Users\Rob\AppData\Local\CEF
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-30 22:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-30 21:41 - 2014-12-30 19:33 - 00000000 ____D C:\Users\Rob\AppData\Local\CrashDumps
2015-08-30 21:17 - 2014-03-18 10:53 - 00958360 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-30 21:14 - 2014-12-30 19:36 - 00000000 ____D C:\Users\Rob\OneDrive
2015-08-30 21:12 - 2015-01-24 22:00 - 00000338 _____ C:\Windows\Tasks\HPCeeScheduleForRob.job
2015-08-30 21:12 - 2013-08-22 15:46 - 00050305 _____ C:\Windows\setupact.log
2015-08-30 21:12 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-30 21:11 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-08-30 21:10 - 2014-12-30 19:25 - 01540889 _____ C:\Windows\WindowsUpdate.log
2015-08-30 21:09 - 2015-04-21 21:13 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-08-30 19:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-30 13:27 - 2014-12-30 22:10 - 00000000 ____D C:\Users\Rob\Documents\mixmeister
2015-08-30 12:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2015-08-30 12:06 - 2014-12-30 19:32 - 00000000 ____D C:\Users\Rob
2015-08-30 12:02 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-08-23 23:03 - 2015-05-31 13:36 - 00000000 ____D C:\Users\Rob\AppData\Local\Spotify
2015-08-23 22:30 - 2015-05-31 13:35 - 00000000 ____D C:\Users\Rob\AppData\Roaming\Spotify
2015-08-19 23:30 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-16 20:47 - 2015-03-06 18:59 - 00000000 ____D C:\Users\sheff_000\AppData\Roaming\CyberLink
2015-08-16 20:47 - 2015-01-09 23:55 - 00000000 ____D C:\Users\sheff_000\AppData\Local\CrashDumps
2015-08-16 20:47 - 2015-01-09 23:36 - 00000000 ___RD C:\Users\sheff_000\OneDrive
2015-08-16 13:42 - 2014-12-30 19:35 - 00000000 ____D C:\Users\Rob\Documents\Youcam
2015-08-16 13:36 - 2014-12-30 19:35 - 00000000 ____D C:\Users\Rob\AppData\Local\CyberLink
2015-08-14 20:49 - 2013-08-22 15:44 - 00491624 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-14 20:47 - 2014-03-18 10:44 - 00073098 _____ C:\Windows\PFRO.log
2015-08-12 23:27 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 23:27 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 23:27 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 23:27 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 01:58 - 2014-04-03 00:51 - 00000000 ____D C:\Windows\Panther
2015-08-12 01:52 - 2015-07-10 17:49 - 00000000 ___HD C:\$Windows.~BT
2015-08-12 00:32 - 2015-01-09 22:05 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 00:27 - 2015-01-09 22:05 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 00:26 - 2015-04-18 13:16 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 00:26 - 2015-04-18 13:16 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 00:25 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 00:25 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 22:42 - 2015-01-09 23:43 - 00000000 __SHD C:\Users\sheff_000\AppData\Local\EmieUserList
2015-08-11 22:42 - 2015-01-09 23:43 - 00000000 __SHD C:\Users\sheff_000\AppData\Local\EmieSiteList
2015-08-11 22:42 - 2015-01-09 23:43 - 00000000 __SHD C:\Users\sheff_000\AppData\Local\EmieBrowserModeList
2015-08-10 20:03 - 2015-03-07 10:23 - 00000000 ____D C:\Users\Rob\AppData\Roaming\Skype
2015-08-09 20:01 - 2014-08-26 02:21 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-08-09 19:28 - 2014-08-26 03:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-09 19:28 - 2014-08-26 03:34 - 00000000 ____D C:\ProgramData\WildTangent
2015-08-09 19:28 - 2014-08-26 03:34 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-08-09 19:10 - 2015-05-30 19:30 - 00000000 ____D C:\Users\Rob\Documents\Add-in Express
2015-08-09 18:44 - 2015-02-01 19:59 - 00000000 ____D C:\ProgramData\Oracle
2015-08-09 18:44 - 2015-02-01 19:59 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-09 18:43 - 2015-02-01 19:59 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-09 10:22 - 2015-02-13 22:43 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-08 19:57 - 2015-07-30 22:44 - 00000000 ____D C:\Quarantine
2015-08-08 19:54 - 2014-08-26 02:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-08-08 19:52 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-08-08 14:55 - 2013-08-22 16:38 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 14:55 - 2013-08-22 16:38 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 09:33 - 2014-12-30 19:32 - 00000000 ____D C:\Users\Rob\AppData\Local\Packages
2015-08-08 00:37 - 2015-03-06 23:30 - 00000000 ____D C:\ProgramData\Skype
2015-08-08 00:36 - 2015-03-06 23:30 - 00000000 ____D C:\Users\sheff_000\AppData\Roaming\Skype
2015-08-08 00:25 - 2015-01-09 23:32 - 00000000 ____D C:\Users\sheff_000\Documents\Youcam
2015-08-07 23:50 - 2015-07-19 23:28 - 00000352 ____H C:\Windows\Tasks\OLSAVSCDSCHBGEJV.job
2015-08-07 23:50 - 2015-07-19 23:28 - 00000340 _____ C:\Windows\Tasks\BPYQUYNLBX1.job
2015-08-07 22:32 - 2014-08-26 03:32 - 00000000 ____D C:\ProgramData\Temp
2015-08-07 22:27 - 2013-08-22 14:25 - 00000160 _____ C:\Windows\win.ini
2015-08-07 22:16 - 2015-03-01 17:53 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-07 22:15 - 2015-07-19 23:43 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-07 22:15 - 2015-04-18 11:46 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-07 21:55 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
 
==================== Files in the root of some directories =======
 
2015-08-08 19:53 - 2015-08-08 19:54 - 27093992 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-03-30 09:30 - 2015-03-30 09:30 - 0000093 _____ () C:\Users\Rob\AppData\Roaming\ARCompanion.log
 
Some files in TEMP:
====================
C:\Users\Rob\AppData\Local\Temp\Quarantine.exe
C:\Users\Rob\AppData\Local\Temp\sqlite3.dll
C:\Users\sheff_000\AppData\Local\Temp\COMAP.EXE
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll
[2015-04-21 21:12] - [2015-07-19 23:39] - 0498688 ____A (Microsoft Corporation) A2B1D4C7F59AE928B042A098BAFF8914
 
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-08 18:56
 
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-08-2015
Ran by Rob (2015-08-30 22:07:46)
Running from C:\Users\Rob\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-464141180-2275970661-1890588188-500 - Administrator - Disabled)
Guest (S-1-5-21-464141180-2275970661-1890588188-501 - Limited - Disabled)
Rob (S-1-5-21-464141180-2275970661-1890588188-1001 - Administrator - Enabled) => C:\Users\Rob
sheff_000 (S-1-5-21-464141180-2275970661-1890588188-1002 - Limited - Enabled) => C:\Users\sheff_000
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Amazon Music (HKU\S-1-5-21-464141180-2275970661-1890588188-1001\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.1.5406 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.1.5406 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3121 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.1.3121 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4223 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{7FE016CC-DAA9-4E21-BD2F-98390D1E6F3F}) (Version: 7.6.23.8 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{E20B0C89-ACCF-4EBB-909D-2E5BD4A9C024}) (Version: 1.1.11 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{DCD5C599-5CCC-4E37-8938-FBB548D780C6}) (Version: 2.5.3 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
ManyCam 4.1.1 (HKLM-x32\...\ManyCam) (Version: 4.1.1 - Visicom Media Inc.)
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 14.0.4119 - McAfee, Inc.)
McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.1.10 - McAfee, Inc.)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4737.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
MixMeister Pro 6 (HKLM-x32\...\{6FF6CE46-2F27-4A4B-916F-AB1C678C8F5E}) (Version: 6.0.3.0 - MixMeister Technology LLC)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Pro PC Cleaner (HKLM-x32\...\{23497AFC-382C-417E-AC1F-42D98A5A8ADA}) (Version: 2.5.6 - Rainmaker Software Group LLC.) <==== ATTENTION
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.17 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.33 - REALTEK Semiconductor Corp.)
Self-service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-464141180-2275970661-1890588188-1001\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.16 - Synaptics Incorporated)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.81 - NCH Software)
VodBurner (HKLM-x32\...\{656957B8-41DB-4E43-AAA1-B128C2213D50}) (Version: 1.1.0 - Netralia)
WD Drive Utilities (HKLM-x32\...\{439A51F7-84B1-4603-BEC8-647EB2AC307F}) (Version: 1.0.1.5 - Western Digital)
WD Security (HKLM-x32\...\{8172B41A-9BB5-4A64-BF28-1FB5FE43C3FF}) (Version: 1.0.1.5 - Western Digital)
WD SmartWare (HKLM\...\{22A51951-1F45-4C8A-B888-306527F9C45F}) (Version: 1.6.2.6 - Western Digital)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-464141180-2275970661-1890588188-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-464141180-2275970661-1890588188-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
 
==================== Restore Points =========================
 
09-08-2015 19:22:22 Removed Bonjour
19-08-2015 23:26:58 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2015-08-11 06:05 - 00000835 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {006E650B-C0F4-4DA5-ADB8-C4BD9A2F842B} - \Microsoft\Windows\Shell\FamilySafetyMonitor -> No File <==== ATTENTION
Task: {012E63DF-0A7E-4B4D-BD7D-1DD3581FF33D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {01693D02-1027-498C-94DB-F7E1C3E2F6A3} - \Microsoft\Windows\NetTrace\GatherNetworkInfo -> No File <==== ATTENTION
Task: {044C0ECB-D77C-4D85-A7C5-01275585901D} - \Microsoft\Windows\Autochk\Proxy -> No File <==== ATTENTION
Task: {05293577-D647-4185-B859-C94839A0B2E3} - \Microsoft\Windows\SettingSync\NetworkStateChangeTask -> No File <==== ATTENTION
Task: {07F95A97-C70A-4D92-8596-BD35F4221CDC} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector -> No File <==== ATTENTION
Task: {0A3BE64C-8C85-4159-8FF4-BED3FB76A2EE} - \Hewlett-Packard\HP Support Assistant\Update Check -> No File <==== ATTENTION
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - \Microsoft\Windows\WS\WSRefreshBannedAppsListTask -> No File <==== ATTENTION
Task: {0C6409F4-9174-415C-84AC-38611941847B} - \Microsoft\Windows\Shell\CreateObjectTask -> No File <==== ATTENTION
Task: {0D21BBCE-5FF6-4613-B62C-48148CA6EAA1} - \Microsoft\Windows\RAC\RacTask -> No File <==== ATTENTION
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1060E8E2-1C0F-453E-8F7F-520C3B7DCF2F} - \Microsoft\Office\OfficeTelemetryAgentFallBack -> No File <==== ATTENTION
Task: {10975A53-35AD-483E-A000-6391231B9360} - \Optimize Start Menu Cache Files-S-1-5-21-464141180-2275970661-1890588188-500 -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {1A4230A2-E136-4936-9B22-DDF624BB8332} - \Microsoft\Windows\IME\SQM data sender -> No File <==== ATTENTION
Task: {1A65E0DE-77EF-4608-A58B-7D4753BA0398} - \Microsoft\Windows\User Profile Service\HiveUploadTask -> No File <==== ATTENTION
Task: {1C2B7966-1B19-46CB-8ADD-9EC628E03FE5} - \Microsoft\Office\Office Automatic Updates -> No File <==== ATTENTION
Task: {1EFFB9C8-B178-41D3-906D-D567219D1B46} - \Microsoft\Windows\Multimedia\SystemSoundsService -> No File <==== ATTENTION
Task: {1F2C0744-7FA3-451F-A615-F30DDE6F3C68} - \lU4srfqOpdO1hP68BQGExBZtdq8 -> No File <==== ATTENTION
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - \Microsoft\Windows\Sysmain\WsSwapAssessmentTask -> No File <==== ATTENTION
Task: {21199D4C-F9E7-4A63-8AFD-C469861365D8} - \Microsoft\Windows\DiskFootprint\Diagnostics -> No File <==== ATTENTION
Task: {220E064D-E9B1-4188-AC26-847D32799B09} - \BPYQUYNLBX1 -> No File <==== ATTENTION
Task: {221203AC-EBF6-499E-817E-E0EFB5EAB1BF} - \Microsoft\Windows\WS\WSTask -> No File <==== ATTENTION
Task: {263E5967-166D-4ACA-A1CD-474D0FC4FE84} - \HPCeeScheduleForRob -> No File <==== ATTENTION
Task: {2915C42F-E211-4D5D-81D0-B302D9139E16} - \ProPCCleaner_Popup -> No File <==== ATTENTION
Task: {2B1673D5-AC80-4782-9F66-988126D61CBA} - \OLSAVSCDSCHBGEJV -> No File <==== ATTENTION
Task: {2BC666B2-C77B-492D-A698-30536C6C4D42} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator -> No File <==== ATTENTION
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - \Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate -> No File <==== ATTENTION
Task: {31B81D25-0A03-4AE5-9C4D-1D1182F422F6} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2015-07-21] (McAfee, Inc.)
Task: {329D0FF6-145E-4A45-9CBD-CBE6BB2FC8D8} - \Microsoft\Windows\PI\Sqm-Tasks -> No File <==== ATTENTION
Task: {34946D56-A8FF-4198-BD85-43FA91981A0F} - \Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - \Microsoft\Windows\Workplace Join\Automatic-Workplace-Join -> No File <==== ATTENTION
Task: {358EE060-BD59-4F93-9741-A57AE6887DC0} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon -> No File <==== ATTENTION
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - \Microsoft\Windows\Time Zone\SynchronizeTimeZone -> No File <==== ATTENTION
Task: {45561755-0BB2-49DF-9B3C-3F0CEB4AB61E} - \Microsoft\Windows\WS\Badge Update -> No File <==== ATTENTION
Task: {456F3D46-7452-4F09-A5B4-DD291AB26A0D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {45AB20ED-D19C-4298-86C6-57B2B9D837F9} - \YCMServiceAgent -> No File <==== ATTENTION
Task: {478EE66A-D3A8-4E2E-A008-100A0980568A} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {47BFE674-5DFA-4395-B88C-47D28D6E5597} - \Microsoft\Windows\Maintenance\WinSAT -> No File <==== ATTENTION
Task: {47F2FE21-70DC-4139-AE7C-3ED2181C917F} - \Apple\AppleSoftwareUpdate -> No File <==== ATTENTION
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - \Microsoft\Windows\Sysmain\HybridDriveCacheRebalance -> No File <==== ATTENTION
Task: {551EEC5C-4FF1-4BA8-83F2-17C07B2BC0C2} - \Hewlett-Packard\HP Support Assistant\WarrantyChecker -> No File <==== ATTENTION
Task: {55912F86-946C-4671-BE09-5FDA30093416} - \2C3FEF4A-3157-4A65-8373-42953571A788 -> No File <==== ATTENTION
Task: {55E46F05-2A1C-4F8F-8254-26482B40C290} - \Microsoft\Windows\Plug and Play\Device Install Reboot Required -> No File <==== ATTENTION
Task: {5705047A-8B57-4B41-881F-DAEA70D97A9C} - \Microsoft\Windows\Plug and Play\Device Install Group Policy -> No File <==== ATTENTION
Task: {57D2908A-C2C5-4156-BF22-3FDC8E3F83BA} - \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan -> No File <==== ATTENTION
Task: {57E1AB59-8B1F-47D2-AD45-7F2A4F5CDF39} - \Microsoft\Windows\TPM\Tpm-Maintenance -> No File <==== ATTENTION
Task: {5A046A88-4559-4B49-BB1F-16272F3F9C78} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - \Microsoft\Windows\Customer Experience Improvement Program\BthSQM -> No File <==== ATTENTION
Task: {5B996296-48A1-463D-BC02-5CAAAFBCE035} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver -> No File <==== ATTENTION
Task: {63F6939C-B9DF-4331-98D2-52523A79EAE0} - \McAfee\McAfee Auto Maintenance Task Agent -> No File <==== ATTENTION
Task: {668F8557-652D-433B-9CD3-CB95162F402D} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip -> No File <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> No File <==== ATTENTION
Task: {6D21C8E9-C77F-4EE7-9252-2D30C930528A} - \Microsoft\Windows\Defrag\ScheduledDefrag -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - \Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task -> No File <==== ATTENTION
Task: {6E0A5DF3-F077-4F27-AFA1-AFA5B4F0F05F} - \McAfee Remediation (Prepare) -> No File <==== ATTENTION
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - \Microsoft\Windows\Application Experience\StartupAppTask -> No File <==== ATTENTION
Task: {73D1388C-336E-40EC-B0B4-62CB862AF2BE} - \Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers -> No File <==== ATTENTION
Task: {7455D819-E7EF-4B39-A9D4-CF3BC2CA7EDB} - \Microsoft\Windows\Ras\MobilityManager -> No File <==== ATTENTION
Task: {749102D2-7D46-4F95-BC84-AB37533FD1C3} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> No File <==== ATTENTION
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - \Microsoft\Windows\ApplicationData\CleanupTemporaryState -> No File <==== ATTENTION
Task: {7A1CA63A-3611-4E61-AAFA-1B56F8746F3A} - \Microsoft\Windows\AppID\PolicyConverter -> No File <==== ATTENTION
Task: {7DD666D5-AC93-428A-B051-BD4F13C8356D} - \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask -> No File <==== ATTENTION
Task: {80559494-F08A-462B-B944-3CC33776C306} - \{9AE41131-74B7-4994-85DF-52DEAA3D64FF} -> No File <==== ATTENTION
Task: {84400372-B6DB-4852-B387-6CE186EAE25B} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {863C7071-1182-42E3-8503-613F99320509} - \Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan -> No File <==== ATTENTION
Task: {86C209A4-74BB-48FE-B626-53EE71A07511} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - \Microsoft\Windows\SkyDrive\Routine Maintenance Task -> No File <==== ATTENTION
Task: {8B6F734B-452C-40E4-88DC-346EB19A28F0} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {8C647326-2259-4737-AD98-68B1967684C7} - \Hewlett-Packard\HP Support Assistant\PC Health Analysis -> No File <==== ATTENTION
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - \Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup -> No File <==== ATTENTION
Task: {92908369-CCF2-493A-85AB-05A9F8E620B0} - \Microsoft\Windows\SettingSync\BackgroundUploadTask -> No File <==== ATTENTION
Task: {94E12419-82B1-4D1E-9DEF-5A2959B6C0B0} - \Microsoft\Windows\WindowsColorSystem\Calibration Loader -> No File <==== ATTENTION
Task: {953543E7-C8BF-4178-965A-CEB221B81ED8} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {96B095BB-12CF-465E-9072-863BA0F5696E} - \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery -> No File <==== ATTENTION
Task: {98292BAF-42C3-4FC1-9056-7EB1EE3B3C57} - \Microsoft\Windows\WOF\WIM-Hash-Validation -> No File <==== ATTENTION
Task: {9B3A5D95-1AE4-45DE-9991-05BD06F89D25} - \Microsoft\Windows\WDI\ResolutionHost -> No File <==== ATTENTION
Task: {9C8E21C9-6AB1-4D66-8DF5-73AF5359B24E} - \Microsoft\Windows\WS\Sync Licenses -> No File <==== ATTENTION
Task: {9EE8F73F-7CC2-4EB4-849B-4B4B8FCC3196} - \Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon -> No File <==== ATTENTION
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - \Microsoft\Windows\Work Folders\Work Folders Maintenance Work -> No File <==== ATTENTION
Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - \Microsoft\Windows\Bluetooth\UninstallDeviceTask -> No File <==== ATTENTION
Task: {A44A1624-C719-4A46-8833-AA65471469C9} - \Microsoft\Windows\SystemRestore\SR -> No File <==== ATTENTION
Task: {A4F8A26F-0DB2-44D5-AE95-1B68904BDEE1} - \{23F47B71-8734-4CAE-A42C-88BE09919421} -> No File <==== ATTENTION
Task: {A519896B-8EEF-41EC-9342-151518A8339B} - \Microsoft\Office\OfficeTelemetryAgentLogOn -> No File <==== ATTENTION
Task: {A5480E25-AF71-4B88-A76E-C9C3BA1588EE} - \Microsoft\Windows\FileHistory\File History (maintenance mode) -> No File <==== ATTENTION
Task: {A693A6E9-FB8C-46CA-932B-88DC7684BE1C} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange -> No File <==== ATTENTION
Task: {A98AD887-1E81-47AF-B3DF-F06329AB67E5} - \Microsoft\Windows\Shell\IndexerAutomaticMaintenance -> No File <==== ATTENTION
Task: {AAA89DAF-1B4F-447D-AF21-7F0559AC9962} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> No File <==== ATTENTION
Task: {B66EFECF-24F6-4999-AB0F-AABF04ECCF91} - \Microsoft\Office\Office ClickToRun Service Monitor -> No File <==== ATTENTION
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - \Microsoft\Windows\UPnP\UPnPHostConfig -> No File <==== ATTENTION
Task: {BC537794-54F5-4702-8CEB-06F584ECD24A} - \Microsoft\Windows\SpacePort\SpaceAgentTask -> No File <==== ATTENTION
Task: {BD50F9D1-96F6-4CFA-A79F-701151C176D3} - \Microsoft\Windows\CertificateServicesClient\UserTask-Roam -> No File <==== ATTENTION
Task: {BDC5F196-D189-4E25-9F26-E31CAE62A0A8} - \Microsoft\Windows\Shell\FamilySafetyRefresh -> No File <==== ATTENTION
Task: {C1871B11-4A68-44D9-98B3-EE63B16D29E1} - \Microsoft\Windows\Task Manager\Interactive -> No File <==== ATTENTION
Task: {C2599556-050C-48B7-98E3-CD224A313FE3} - \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck -> No File <==== ATTENTION
Task: {C371F25E-745F-4A1E-BEF3-959161B56258} - \Microsoft\Windows\AppID\SmartScreenSpecific -> No File <==== ATTENTION
Task: {C3BC58BF-FE17-4E06-B231-415CA4048DE7} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork -> No File <==== ATTENTION
Task: {C4AE3C3E-C327-4689-B6FD-C11FB31AE88B} - \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler -> No File <==== ATTENTION
Task: {CBD3EF37-0E38-431A-A6E8-607C56893A63} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {CBDA51B5-18F3-4C3F-BBAD-09E7E42FDD0E} - \Microsoft\Windows\DiskCleanup\SilentCleanup -> No File <==== ATTENTION
Task: {CCFEBB07-718E-418A-804E-3E5593D0793F} - \Microsoft\Windows\Registry\RegIdleBackup -> No File <==== ATTENTION
Task: {CD3F71A5-25DA-4A71-B641-3B0B338D3B10} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask -> No File <==== ATTENTION
Task: {CD5B361C-450C-456E-AF2C-B490D5AD4938} - \Microsoft\Windows\Chkdsk\ProactiveScan -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {D00E7CB4-F82A-4A72-AB0F-7BB86DCA6F2F} - \Microsoft\Windows\CertificateServicesClient\UserTask -> No File <==== ATTENTION
Task: {D1D8F1BA-2E8D-4582-8CB7-7777C9E26E39} - \Microsoft\Windows\Diagnosis\Scheduled -> No File <==== ATTENTION
Task: {D352DA66-6B83-46D8-9915-8E7B856C5978} - \Microsoft\Windows\WOF\WIM-Hash-Management -> No File <==== ATTENTION
Task: {D6F4A061-CEFB-4F38-81EC-6E80ECDD3011} - \Microsoft\Windows\Location\Notifications -> No File <==== ATTENTION
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - \Microsoft\Windows\WS\License Validation -> No File <==== ATTENTION
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - \Microsoft\Windows\Work Folders\Work Folders Logon Synchronization -> No File <==== ATTENTION
Task: {DD62B08C-8ADF-4D65-A611-F6510E165B9F} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {DF8FF214-D536-45F4-90EC-1767F65DBED4} - \Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic -> No File <==== ATTENTION
Task: {E075AC73-7FC0-4ACD-9F28-DD590C391C1C} - \Microsoft\Windows\Windows Error Reporting\QueueReporting -> No File <==== ATTENTION
Task: {E131C6A0-5FFC-419B-ABFA-CE4CB36CDE8A} - \Microsoft\Windows\Time Synchronization\ForceSynchronizeTime -> No File <==== ATTENTION
Task: {E367590C-10F8-4401-B924-5839261DC94E} - \Microsoft\Windows\Wininet\CacheTask -> No File <==== ATTENTION
Task: {E5135623-6AEB-4D87-89F6-F2CE60F3BDC5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E64595D9-E1AF-4E09-8D36-1721FC82AEE3} - \Microsoft\Windows\CertificateServicesClient\SystemTask -> No File <==== ATTENTION
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - \Microsoft\Windows\RecoveryEnvironment\VerifyWinRE -> No File <==== ATTENTION
Task: {E8CC75DC-A5F5-4267-BD93-8A3479D0A822} - \Microsoft\Windows\TextServicesFramework\MsCtfMonitor -> No File <==== ATTENTION
Task: {EDCAD10E-42B8-45F3-AAEF-DE86F7373643} - \Microsoft\Windows\Time Synchronization\SynchronizeTime -> No File <==== ATTENTION
Task: {F15E0568-C1DA-446E-86C9-4AF3857BADF7} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) -> No File <==== ATTENTION
Task: {F3033906-E419-4CA4-AAA0-8E9B8B3154E2} - \Microsoft\Windows\PI\Secure-Boot-Update -> No File <==== ATTENTION
Task: {F4EBE7C4-324C-4F26-BA65-EC979EEE970E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F61C1098-6385-4992-9119-CE0F68340314} - \Microsoft\Windows\Servicing\StartComponentCleanup -> No File <==== ATTENTION
Task: {F62D3A5B-5E2E-4305-A06A-A7CE9DE361B0} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) -> No File <==== ATTENTION
Task: {F90AD544-5E56-44B6-A795-75A108D0B743} - \Microsoft\Windows\Shell\FamilySafetyUpload -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\249565D8-E2D1-4B44-93D2-5145ADAC4691.job => C:\Users\Rob\AppData\Local\249565D8-E2D1-4B44-93D2-5145ADAC4691\249565D8-E2D1-4B44-93D2-5145ADAC4691.exe <==== ATTENTION
Task: C:\Windows\Tasks\BPYQUYNLBX1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRob.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\lU4srfqOpdO1hP68BQGExBZtdq8.job => C:\Users\TEMP\AppData\Roaming\lU4srfqOpdO1hP68BQGExBZtdq8.exe <==== ATTENTION
Task: C:\Windows\Tasks\OLSAVSCDSCHBGEJV.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: C:\Windows\Tasks\TunePro360 Updater.job => C:\Program Files (x86)\adlevel\TunePro360Updater.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-03-28 13:31 - 2014-03-28 13:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-08-26 03:21 - 2014-07-04 11:24 - 00094936 ____N () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-03-01 17:53 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-04 08:44 - 2013-12-04 08:44 - 00200168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 08:44 - 2013-12-04 08:44 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 08:44 - 2013-12-04 08:44 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2015-03-13 22:53 - 2015-01-27 16:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-28 13:36 - 2014-03-28 13:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-08-23 22:46 - 2015-07-21 06:02 - 05887808 _____ () C:\Users\Rob\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-11 22:46 - 2015-08-08 01:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-11 22:46 - 2015-08-08 01:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-08-11 22:46 - 2015-08-08 01:13 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll
2014-08-26 03:11 - 2013-12-10 16:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2004-09-11 10:45 - 2004-09-11 10:45 - 00705696 _____ () C:\Program Files (x86)\MixMeister Pro 6\MmVideo.DLL
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Rob\OneDrive:ms-properties
AlternateDataStreams: C:\Users\sheff_000\OneDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-464141180-2275970661-1890588188-1001\...\lewissilkin.net -> hxxps://citrix.lewissilkin.net
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-464141180-2275970661-1890588188-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-464141180-2275970661-1890588188-1001\...\StartupApproved\Run: => "Spotify Web Helper"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{763BF30E-6BDD-4565-A443-85F54A1DF8FB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: ManyCam Virtual Webcam
Description: ManyCam Virtual Webcam
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Visicom Media Inc.
Service: ManyCam
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
Name: ManyCam Virtual Microphone
Description: ManyCam Virtual Microphone
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Visicom Media Inc.
Service: mcaudrv_simple
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/30/2015 10:08:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2115-08-06T21:08:32Z. Error Code: 0x80070002.
 
Error: (08/30/2015 10:08:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2115-08-06T21:08:02Z. Error Code: 0x80070002.
 
Error: (08/30/2015 10:07:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2115-08-06T21:07:32Z. Error Code: 0x80070002.
 
Error: (08/30/2015 10:07:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2115-08-06T21:07:02Z. Error Code: 0x80070002.
 
Error: (08/30/2015 10:06:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2115-08-06T21:06:32Z. Error Code: 0x80070002.
 
Error: (08/30/2015 10:06:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2115-08-06T21:06:02Z. Error Code: 0x80070002.
 
Error: (08/30/2015 10:05:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2115-08-06T21:05:32Z. Error Code: 0x80070002.
 
Error: (08/30/2015 10:05:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2115-08-06T21:05:02Z. Error Code: 0x80070002.
 
Error: (08/30/2015 10:04:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2115-08-06T21:04:32Z. Error Code: 0x80070002.
 
Error: (08/30/2015 10:04:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2115-08-06T21:04:02Z. Error Code: 0x80070002.
 
 
System errors:
=============
Error: (08/30/2015 09:11:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
 
Error: (08/30/2015 09:11:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
 
Error: (08/30/2015 09:10:00 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\system32\Rtlihvs.dll
 
Error: (08/30/2015 09:10:00 PM) (Source: DCOM) (EventID: 10010) (User: ROBSPC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 
Error: (08/30/2015 09:09:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WD Backup service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (08/30/2015 09:09:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WD Rules service terminated unexpectedly. It has done this 1 time(s).
 
Error: (08/30/2015 09:09:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).
 
Error: (08/30/2015 09:09:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (08/30/2015 09:09:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s).
 
Error: (08/30/2015 09:09:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).
 
 
Microsoft Office:
=========================
Error: (08/30/2015 10:08:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700022115-08-06T21:08:32Z
 
Error: (08/30/2015 10:08:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700022115-08-06T21:08:02Z
 
Error: (08/30/2015 10:07:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700022115-08-06T21:07:32Z
 
Error: (08/30/2015 10:07:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700022115-08-06T21:07:02Z
 
Error: (08/30/2015 10:06:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700022115-08-06T21:06:32Z
 
Error: (08/30/2015 10:06:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700022115-08-06T21:06:02Z
 
Error: (08/30/2015 10:05:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700022115-08-06T21:05:32Z
 
Error: (08/30/2015 10:05:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700022115-08-06T21:05:02Z
 
Error: (08/30/2015 10:04:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700022115-08-06T21:04:32Z
 
Error: (08/30/2015 10:04:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700022115-08-06T21:04:02Z
 
 
CodeIntegrity:
===================================
  Date: 2015-08-08 00:23:43.157
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-08-08 00:23:43.000
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-08-07 23:30:39.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-08-07 23:30:39.013
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-08-06 21:22:32.204
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\Cofvopjy64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-08-06 21:22:32.070
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\Cofvopjy64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-31 19:07:49.520
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\Cofvopjy64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-31 19:07:49.190
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\Cofvopjy64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-30 23:43:58.618
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\Cofvopjy64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-30 23:43:58.476
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\Cofvopjy64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4288U CPU @ 2.60GHz
Percentage of memory in use: 33%
Total physical RAM: 8122.15 MB
Available physical RAM: 5404.36 MB
Total Virtual: 9402.15 MB
Available Virtual: 6449.95 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:1375.16 GB) (Free:697.54 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.09 GB) (Free:2.37 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 39ED847C)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:11 AM

Posted 03 September 2015 - 07:15 AM

Hello Rob,

My sincerest apologies for the delay!

I noticed that you are using three adblockers - Adblock Plus, Adblock and Adblock Pro. It is best that you only use one and remove the other two, since their primary function is pretty much the same.

Alternatively you can use uBlock Origin which is a lightweight multi-purpose blocker for Chrome and Firefox.

===

:step1: Fix with Farbar Recovery Scan Tool
  • Please download the attached fixlist.txt and save it to your Desktop.
    Note: It's important that both FRST64.exe and fixlist.txt are in the same location or the fix will not work!
    WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system!
  • Run FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log named Fixlog.txt on the Desktop, please post it to your reply.
===

:step2: Uninstalling Programs

Click the Start orb on the taskbar, and then click the Control Panel button.
  • If you use Category mode, click on Uninstall a Program.
  • If you use Icons mode, click on Program and Features.
A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking on the below entries and selecting Remove:

globalupdate Helper
Pro PC Cleaner


Additional instructions can be found here if needed.

===

In your next reply, I will need the following information:
  • Contents of Fixlog.txt;
  • Confirmation that you have uninstalled both programs.
Regards,
Alex

Edited by Alexstrasza, 03 September 2015 - 07:15 AM.


#5 aquaplex

aquaplex
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:11 AM

Posted 03 September 2015 - 06:04 PM

Thanks Alex

 

Pop ups still occurring LaSuperba is the name the ads are 'powered by' when they pop up (rather than Jabuticaba).

 

I uninstalled global update helper but could not find Pro PC Cleaner. I can remember the name of that program and did try deleting it a while back. It didn't show on control panel.



#6 aquaplex

aquaplex
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:11 AM

Posted 03 September 2015 - 06:07 PM

As for the text stuff:

 

Fix result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Rob (2015-09-03 23:31:25) Run:2
Running from C:\Users\Rob\Desktop
Loaded Profiles: Rob (Available Profiles: Rob & sheff_000)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM-x32\...\Run: [gmsd_gb_005010035] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010036] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010040] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010041] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010043] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010044] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010046] => [X]
HKLM-x32\...\Run: [gmsd_gb_005010054] => [X]
FF HKLM\...\Firefox\Extensions: [{de953a75-7d9c-4649-84d0-056fbe2dd8e9}] - C:\Program Files\shopperz15072015\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{de953a75-7d9c-4649-84d0-056fbe2dd8e9}] - C:\Program Files\shopperz15072015\Firefox
C:\Program Files\shopperz15072015
FF HKLM-x32\...\Firefox\Extensions: [{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}] - \distribution\bundles\{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Task: {006E650B-C0F4-4DA5-ADB8-C4BD9A2F842B} - \Microsoft\Windows\Shell\FamilySafetyMonitor -> No File <==== ATTENTION
Task: {01693D02-1027-498C-94DB-F7E1C3E2F6A3} - \Microsoft\Windows\NetTrace\GatherNetworkInfo -> No File <==== ATTENTION
Task: {044C0ECB-D77C-4D85-A7C5-01275585901D} - \Microsoft\Windows\Autochk\Proxy -> No File <==== ATTENTION
Task: {05293577-D647-4185-B859-C94839A0B2E3} - \Microsoft\Windows\SettingSync\NetworkStateChangeTask -> No File <==== ATTENTION
Task: {07F95A97-C70A-4D92-8596-BD35F4221CDC} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector -> No File <==== ATTENTION
Task: {0A3BE64C-8C85-4159-8FF4-BED3FB76A2EE} - \Hewlett-Packard\HP Support Assistant\Update Check -> No File <==== ATTENTION
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - \Microsoft\Windows\WS\WSRefreshBannedAppsListTask -> No File <==== ATTENTION
Task: {0C6409F4-9174-415C-84AC-38611941847B} - \Microsoft\Windows\Shell\CreateObjectTask -> No File <==== ATTENTION
Task: {0D21BBCE-5FF6-4613-B62C-48148CA6EAA1} - \Microsoft\Windows\RAC\RacTask -> No File <==== ATTENTION
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1060E8E2-1C0F-453E-8F7F-520C3B7DCF2F} - \Microsoft\Office\OfficeTelemetryAgentFallBack -> No File <==== ATTENTION
Task: {10975A53-35AD-483E-A000-6391231B9360} - \Optimize Start Menu Cache Files-S-1-5-21-464141180-2275970661-1890588188-500 -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {1A4230A2-E136-4936-9B22-DDF624BB8332} - \Microsoft\Windows\IME\SQM data sender -> No File <==== ATTENTION
Task: {1A65E0DE-77EF-4608-A58B-7D4753BA0398} - \Microsoft\Windows\User Profile Service\HiveUploadTask -> No File <==== ATTENTION
Task: {1C2B7966-1B19-46CB-8ADD-9EC628E03FE5} - \Microsoft\Office\Office Automatic Updates -> No File <==== ATTENTION
Task: {1EFFB9C8-B178-41D3-906D-D567219D1B46} - \Microsoft\Windows\Multimedia\SystemSoundsService -> No File <==== ATTENTION
Task: {1F2C0744-7FA3-451F-A615-F30DDE6F3C68} - \lU4srfqOpdO1hP68BQGExBZtdq8 -> No File <==== ATTENTION
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - \Microsoft\Windows\Sysmain\WsSwapAssessmentTask -> No File <==== ATTENTION
Task: {21199D4C-F9E7-4A63-8AFD-C469861365D8} - \Microsoft\Windows\DiskFootprint\Diagnostics -> No File <==== ATTENTION
Task: {220E064D-E9B1-4188-AC26-847D32799B09} - \BPYQUYNLBX1 -> No File <==== ATTENTION
Task: {221203AC-EBF6-499E-817E-E0EFB5EAB1BF} - \Microsoft\Windows\WS\WSTask -> No File <==== ATTENTION
Task: {263E5967-166D-4ACA-A1CD-474D0FC4FE84} - \HPCeeScheduleForRob -> No File <==== ATTENTION
Task: {2915C42F-E211-4D5D-81D0-B302D9139E16} - \ProPCCleaner_Popup -> No File <==== ATTENTION
Task: {2B1673D5-AC80-4782-9F66-988126D61CBA} - \OLSAVSCDSCHBGEJV -> No File <==== ATTENTION
Task: {2BC666B2-C77B-492D-A698-30536C6C4D42} - \Microsoft\Windows\Customer Experience Improvement Program\Consolidator -> No File <==== ATTENTION
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - \Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate -> No File <==== ATTENTION
Task: {329D0FF6-145E-4A45-9CBD-CBE6BB2FC8D8} - \Microsoft\Windows\PI\Sqm-Tasks -> No File <==== ATTENTION
Task: {34946D56-A8FF-4198-BD85-43FA91981A0F} - \Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - \Microsoft\Windows\Workplace Join\Automatic-Workplace-Join -> No File <==== ATTENTION
Task: {358EE060-BD59-4F93-9741-A57AE6887DC0} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon -> No File <==== ATTENTION
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - \Microsoft\Windows\Time Zone\SynchronizeTimeZone -> No File <==== ATTENTION
Task: {45561755-0BB2-49DF-9B3C-3F0CEB4AB61E} - \Microsoft\Windows\WS\Badge Update -> No File <==== ATTENTION
Task: {456F3D46-7452-4F09-A5B4-DD291AB26A0D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {45AB20ED-D19C-4298-86C6-57B2B9D837F9} - \YCMServiceAgent -> No File <==== ATTENTION
Task: {47BFE674-5DFA-4395-B88C-47D28D6E5597} - \Microsoft\Windows\Maintenance\WinSAT -> No File <==== ATTENTION
Task: {47F2FE21-70DC-4139-AE7C-3ED2181C917F} - \Apple\AppleSoftwareUpdate -> No File <==== ATTENTION
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - \Microsoft\Windows\Sysmain\HybridDriveCacheRebalance -> No File <==== ATTENTION
Task: {551EEC5C-4FF1-4BA8-83F2-17C07B2BC0C2} - \Hewlett-Packard\HP Support Assistant\WarrantyChecker -> No File <==== ATTENTION
Task: {55912F86-946C-4671-BE09-5FDA30093416} - \2C3FEF4A-3157-4A65-8373-42953571A788 -> No File <==== ATTENTION
Task: {55E46F05-2A1C-4F8F-8254-26482B40C290} - \Microsoft\Windows\Plug and Play\Device Install Reboot Required -> No File <==== ATTENTION
Task: {5705047A-8B57-4B41-881F-DAEA70D97A9C} - \Microsoft\Windows\Plug and Play\Device Install Group Policy -> No File <==== ATTENTION
Task: {57D2908A-C2C5-4156-BF22-3FDC8E3F83BA} - \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan -> No File <==== ATTENTION
Task: {57E1AB59-8B1F-47D2-AD45-7F2A4F5CDF39} - \Microsoft\Windows\TPM\Tpm-Maintenance -> No File <==== ATTENTION
Task: {5A046A88-4559-4B49-BB1F-16272F3F9C78} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - \Microsoft\Windows\Customer Experience Improvement Program\BthSQM -> No File <==== ATTENTION
Task: {5B996296-48A1-463D-BC02-5CAAAFBCE035} - \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver -> No File <==== ATTENTION
Task: {63F6939C-B9DF-4331-98D2-52523A79EAE0} - \McAfee\McAfee Auto Maintenance Task Agent -> No File <==== ATTENTION
Task: {668F8557-652D-433B-9CD3-CB95162F402D} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip -> No File <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> No File <==== ATTENTION
Task: {6D21C8E9-C77F-4EE7-9252-2D30C930528A} - \Microsoft\Windows\Defrag\ScheduledDefrag -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - \Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task -> No File <==== ATTENTION
Task: {6E0A5DF3-F077-4F27-AFA1-AFA5B4F0F05F} - \McAfee Remediation (Prepare) -> No File <==== ATTENTION
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - \Microsoft\Windows\Application Experience\StartupAppTask -> No File <==== ATTENTION
Task: {73D1388C-336E-40EC-B0B4-62CB862AF2BE} - \Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers -> No File <==== ATTENTION
Task: {7455D819-E7EF-4B39-A9D4-CF3BC2CA7EDB} - \Microsoft\Windows\Ras\MobilityManager -> No File <==== ATTENTION
Task: {749102D2-7D46-4F95-BC84-AB37533FD1C3} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> No File <==== ATTENTION
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - \Microsoft\Windows\ApplicationData\CleanupTemporaryState -> No File <==== ATTENTION
Task: {7A1CA63A-3611-4E61-AAFA-1B56F8746F3A} - \Microsoft\Windows\AppID\PolicyConverter -> No File <==== ATTENTION
Task: {7DD666D5-AC93-428A-B051-BD4F13C8356D} - \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask -> No File <==== ATTENTION
Task: {80559494-F08A-462B-B944-3CC33776C306} - \{9AE41131-74B7-4994-85DF-52DEAA3D64FF} -> No File <==== ATTENTION
Task: {84400372-B6DB-4852-B387-6CE186EAE25B} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {863C7071-1182-42E3-8503-613F99320509} - \Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan -> No File <==== ATTENTION
Task: {86C209A4-74BB-48FE-B626-53EE71A07511} - \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - \Microsoft\Windows\SkyDrive\Routine Maintenance Task -> No File <==== ATTENTION
Task: {8B6F734B-452C-40E4-88DC-346EB19A28F0} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {8C647326-2259-4737-AD98-68B1967684C7} - \Hewlett-Packard\HP Support Assistant\PC Health Analysis -> No File <==== ATTENTION
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - \Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup -> No File <==== ATTENTION
Task: {92908369-CCF2-493A-85AB-05A9F8E620B0} - \Microsoft\Windows\SettingSync\BackgroundUploadTask -> No File <==== ATTENTION
Task: {94E12419-82B1-4D1E-9DEF-5A2959B6C0B0} - \Microsoft\Windows\WindowsColorSystem\Calibration Loader -> No File <==== ATTENTION
Task: {953543E7-C8BF-4178-965A-CEB221B81ED8} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {96B095BB-12CF-465E-9072-863BA0F5696E} - \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery -> No File <==== ATTENTION
Task: {98292BAF-42C3-4FC1-9056-7EB1EE3B3C57} - \Microsoft\Windows\WOF\WIM-Hash-Validation -> No File <==== ATTENTION
Task: {9B3A5D95-1AE4-45DE-9991-05BD06F89D25} - \Microsoft\Windows\WDI\ResolutionHost -> No File <==== ATTENTION
Task: {9C8E21C9-6AB1-4D66-8DF5-73AF5359B24E} - \Microsoft\Windows\WS\Sync Licenses -> No File <==== ATTENTION
Task: {9EE8F73F-7CC2-4EB4-849B-4B4B8FCC3196} - \Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon -> No File <==== ATTENTION
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - \Microsoft\Windows\Work Folders\Work Folders Maintenance Work -> No File <==== ATTENTION
Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - \Microsoft\Windows\Bluetooth\UninstallDeviceTask -> No File <==== ATTENTION
Task: {A44A1624-C719-4A46-8833-AA65471469C9} - \Microsoft\Windows\SystemRestore\SR -> No File <==== ATTENTION
Task: {A4F8A26F-0DB2-44D5-AE95-1B68904BDEE1} - \{23F47B71-8734-4CAE-A42C-88BE09919421} -> No File <==== ATTENTION
Task: {A519896B-8EEF-41EC-9342-151518A8339B} - \Microsoft\Office\OfficeTelemetryAgentLogOn -> No File <==== ATTENTION
Task: {A5480E25-AF71-4B88-A76E-C9C3BA1588EE} - \Microsoft\Windows\FileHistory\File History (maintenance mode) -> No File <==== ATTENTION
Task: {A693A6E9-FB8C-46CA-932B-88DC7684BE1C} - \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange -> No File <==== ATTENTION
Task: {A98AD887-1E81-47AF-B3DF-F06329AB67E5} - \Microsoft\Windows\Shell\IndexerAutomaticMaintenance -> No File <==== ATTENTION
Task: {AAA89DAF-1B4F-447D-AF21-7F0559AC9962} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> No File <==== ATTENTION
Task: {B66EFECF-24F6-4999-AB0F-AABF04ECCF91} - \Microsoft\Office\Office ClickToRun Service Monitor -> No File <==== ATTENTION
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - \Microsoft\Windows\UPnP\UPnPHostConfig -> No File <==== ATTENTION
Task: {BC537794-54F5-4702-8CEB-06F584ECD24A} - \Microsoft\Windows\SpacePort\SpaceAgentTask -> No File <==== ATTENTION
Task: {BD50F9D1-96F6-4CFA-A79F-701151C176D3} - \Microsoft\Windows\CertificateServicesClient\UserTask-Roam -> No File <==== ATTENTION
Task: {BDC5F196-D189-4E25-9F26-E31CAE62A0A8} - \Microsoft\Windows\Shell\FamilySafetyRefresh -> No File <==== ATTENTION
Task: {C1871B11-4A68-44D9-98B3-EE63B16D29E1} - \Microsoft\Windows\Task Manager\Interactive -> No File <==== ATTENTION
Task: {C2599556-050C-48B7-98E3-CD224A313FE3} - \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck -> No File <==== ATTENTION
Task: {C371F25E-745F-4A1E-BEF3-959161B56258} - \Microsoft\Windows\AppID\SmartScreenSpecific -> No File <==== ATTENTION
Task: {C3BC58BF-FE17-4E06-B231-415CA4048DE7} - \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork -> No File <==== ATTENTION
Task: {C4AE3C3E-C327-4689-B6FD-C11FB31AE88B} - \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler -> No File <==== ATTENTION
Task: {CBD3EF37-0E38-431A-A6E8-607C56893A63} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {CBDA51B5-18F3-4C3F-BBAD-09E7E42FDD0E} - \Microsoft\Windows\DiskCleanup\SilentCleanup -> No File <==== ATTENTION
Task: {CCFEBB07-718E-418A-804E-3E5593D0793F} - \Microsoft\Windows\Registry\RegIdleBackup -> No File <==== ATTENTION
Task: {CD3F71A5-25DA-4A71-B641-3B0B338D3B10} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask -> No File <==== ATTENTION
Task: {CD5B361C-450C-456E-AF2C-B490D5AD4938} - \Microsoft\Windows\Chkdsk\ProactiveScan -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {D00E7CB4-F82A-4A72-AB0F-7BB86DCA6F2F} - \Microsoft\Windows\CertificateServicesClient\UserTask -> No File <==== ATTENTION
Task: {D1D8F1BA-2E8D-4582-8CB7-7777C9E26E39} - \Microsoft\Windows\Diagnosis\Scheduled -> No File <==== ATTENTION
Task: {D352DA66-6B83-46D8-9915-8E7B856C5978} - \Microsoft\Windows\WOF\WIM-Hash-Management -> No File <==== ATTENTION
Task: {D6F4A061-CEFB-4F38-81EC-6E80ECDD3011} - \Microsoft\Windows\Location\Notifications -> No File <==== ATTENTION
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - \Microsoft\Windows\WS\License Validation -> No File <==== ATTENTION
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - \Microsoft\Windows\Work Folders\Work Folders Logon Synchronization -> No File <==== ATTENTION
Task: {DD62B08C-8ADF-4D65-A611-F6510E165B9F} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {DF8FF214-D536-45F4-90EC-1767F65DBED4} - \Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic -> No File <==== ATTENTION
Task: {E075AC73-7FC0-4ACD-9F28-DD590C391C1C} - \Microsoft\Windows\Windows Error Reporting\QueueReporting -> No File <==== ATTENTION
Task: {E131C6A0-5FFC-419B-ABFA-CE4CB36CDE8A} - \Microsoft\Windows\Time Synchronization\ForceSynchronizeTime -> No File <==== ATTENTION
Task: {E367590C-10F8-4401-B924-5839261DC94E} - \Microsoft\Windows\Wininet\CacheTask -> No File <==== ATTENTION
Task: {E5135623-6AEB-4D87-89F6-F2CE60F3BDC5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E64595D9-E1AF-4E09-8D36-1721FC82AEE3} - \Microsoft\Windows\CertificateServicesClient\SystemTask -> No File <==== ATTENTION
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - \Microsoft\Windows\RecoveryEnvironment\VerifyWinRE -> No File <==== ATTENTION
Task: {E8CC75DC-A5F5-4267-BD93-8A3479D0A822} - \Microsoft\Windows\TextServicesFramework\MsCtfMonitor -> No File <==== ATTENTION
Task: {EDCAD10E-42B8-45F3-AAEF-DE86F7373643} - \Microsoft\Windows\Time Synchronization\SynchronizeTime -> No File <==== ATTENTION
Task: {F15E0568-C1DA-446E-86C9-4AF3857BADF7} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) -> No File <==== ATTENTION
Task: {F3033906-E419-4CA4-AAA0-8E9B8B3154E2} - \Microsoft\Windows\PI\Secure-Boot-Update -> No File <==== ATTENTION
Task: {F4EBE7C4-324C-4F26-BA65-EC979EEE970E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F61C1098-6385-4992-9119-CE0F68340314} - \Microsoft\Windows\Servicing\StartComponentCleanup -> No File <==== ATTENTION
Task: {F62D3A5B-5E2E-4305-A06A-A7CE9DE361B0} - \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) -> No File <==== ATTENTION
Task: {F90AD544-5E56-44B6-A795-75A108D0B743} - \Microsoft\Windows\Shell\FamilySafetyUpload -> No File <==== ATTENTION
Task: C:\Windows\Tasks\249565D8-E2D1-4B44-93D2-5145ADAC4691.job => C:\Users\Rob\AppData\Local\249565D8-E2D1-4B44-93D2-5145ADAC4691\249565D8-E2D1-4B44-93D2-5145ADAC4691.exe <==== ATTENTION
C:\Users\Rob\AppData\Local\249565D8-E2D1-4B44-93D2-5145ADAC4691\
Task: C:\Windows\Tasks\BPYQUYNLBX1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
C:\ProgramData\FlashBeat
Task: C:\Windows\Tasks\lU4srfqOpdO1hP68BQGExBZtdq8.job => C:\Users\TEMP\AppData\Roaming\lU4srfqOpdO1hP68BQGExBZtdq8.exe <==== ATTENTION
C:\Users\TEMP\AppData\Roaming\lU4srfqOpdO1hP68BQGExBZtdq8.exe
Task: C:\Windows\Tasks\OLSAVSCDSCHBGEJV.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
C:\ProgramData\Service1291
Task: C:\Windows\Tasks\TunePro360 Updater.job => C:\Program Files (x86)\adlevel\TunePro360Updater.exe
C:\Program Files (x86)\adlevel
S4 fogirogi; C:\Program Files (x86)\34444335-1437344059-3632-3234-3863BBA64EE7\knso41E7.tmp [X]
IE trusted site: HKU\S-1-5-21-464141180-2275970661-1890588188-1001\...\lewissilkin.net -> hxxps://citrix.lewissilkin.net
S4 wsfd_vw_1_10_0_20; system32\drivers\wsfd_vw_1_10_0_20.sys [X]
cmd: sfc /scannow
Folder: C:\Windows\system32\sru
*****************
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value removed successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_005010035 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_005010036 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_005010040 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_005010041 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_005010043 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_005010044 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_005010046 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_005010054 => value removed successfully
HKLM\Software\Mozilla\Firefox\Extensions\\{de953a75-7d9c-4649-84d0-056fbe2dd8e9} => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{de953a75-7d9c-4649-84d0-056fbe2dd8e9} => value removed successfully
"C:\Program Files\shopperz15072015" => File/Folder not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c} => value removed successfully
C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg => moved successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{006E650B-C0F4-4DA5-ADB8-C4BD9A2F842B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{006E650B-C0F4-4DA5-ADB8-C4BD9A2F842B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\FamilySafetyMonitor" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01693D02-1027-498C-94DB-F7E1C3E2F6A3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01693D02-1027-498C-94DB-F7E1C3E2F6A3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetTrace\GatherNetworkInfo" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{044C0ECB-D77C-4D85-A7C5-01275585901D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044C0ECB-D77C-4D85-A7C5-01275585901D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Autochk\Proxy" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05293577-D647-4185-B859-C94839A0B2E3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05293577-D647-4185-B859-C94839A0B2E3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SettingSync\NetworkStateChangeTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07F95A97-C70A-4D92-8596-BD35F4221CDC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07F95A97-C70A-4D92-8596-BD35F4221CDC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A3BE64C-8C85-4159-8FF4-BED3FB76A2EE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A3BE64C-8C85-4159-8FF4-BED3FB76A2EE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\Update Check" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B545118-B563-42FC-8D07-B78F602FCF34}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B545118-B563-42FC-8D07-B78F602FCF34}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WS\WSRefreshBannedAppsListTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C6409F4-9174-415C-84AC-38611941847B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C6409F4-9174-415C-84AC-38611941847B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\CreateObjectTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{0D21BBCE-5FF6-4613-B62C-48148CA6EAA1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D21BBCE-5FF6-4613-B62C-48148CA6EAA1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RAC\RacTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D8A891D-890C-4808-84D8-2F436AB14653}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D8A891D-890C-4808-84D8-2F436AB14653}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1060E8E2-1C0F-453E-8F7F-520C3B7DCF2F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1060E8E2-1C0F-453E-8F7F-520C3B7DCF2F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentFallBack" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10975A53-35AD-483E-A000-6391231B9360}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10975A53-35AD-483E-A000-6391231B9360}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-464141180-2275970661-1890588188-500" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1274336E-AB06-46B6-A48C-0671C5557CC6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1274336E-AB06-46B6-A48C-0671C5557CC6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Maintenance Configurator" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1687544D-7247-4F5A-965A-A6E920E55278}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1687544D-7247-4F5A-965A-A6E920E55278}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Manual Maintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A4230A2-E136-4936-9B22-DDF624BB8332}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A4230A2-E136-4936-9B22-DDF624BB8332}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\IME\SQM data sender" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A65E0DE-77EF-4608-A58B-7D4753BA0398}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A65E0DE-77EF-4608-A58B-7D4753BA0398}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\User Profile Service\HiveUploadTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C2B7966-1B19-46CB-8ADD-9EC628E03FE5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C2B7966-1B19-46CB-8ADD-9EC628E03FE5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1EFFB9C8-B178-41D3-906D-D567219D1B46}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EFFB9C8-B178-41D3-906D-D567219D1B46}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SystemSoundsService" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1F2C0744-7FA3-451F-A615-F30DDE6F3C68}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F2C0744-7FA3-451F-A615-F30DDE6F3C68}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\lU4srfqOpdO1hP68BQGExBZtdq8" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2085BF56-520D-4951-B7C0-DF34AF90CC6A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2085BF56-520D-4951-B7C0-DF34AF90CC6A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Sysmain\WsSwapAssessmentTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21199D4C-F9E7-4A63-8AFD-C469861365D8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21199D4C-F9E7-4A63-8AFD-C469861365D8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskFootprint\Diagnostics" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{220E064D-E9B1-4188-AC26-847D32799B09}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{220E064D-E9B1-4188-AC26-847D32799B09}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BPYQUYNLBX1" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{221203AC-EBF6-499E-817E-E0EFB5EAB1BF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{221203AC-EBF6-499E-817E-E0EFB5EAB1BF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WS\WSTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{263E5967-166D-4ACA-A1CD-474D0FC4FE84}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{263E5967-166D-4ACA-A1CD-474D0FC4FE84}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForRob" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2915C42F-E211-4D5D-81D0-B302D9139E16}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2915C42F-E211-4D5D-81D0-B302D9139E16}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Popup => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2B1673D5-AC80-4782-9F66-988126D61CBA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B1673D5-AC80-4782-9F66-988126D61CBA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OLSAVSCDSCHBGEJV" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BC666B2-C77B-492D-A698-30536C6C4D42}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BC666B2-C77B-492D-A698-30536C6C4D42}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C9C0C6C-2A74-46F2-858A-4389D253EAD0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C9C0C6C-2A74-46F2-858A-4389D253EAD0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{329D0FF6-145E-4A45-9CBD-CBE6BB2FC8D8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{329D0FF6-145E-4A45-9CBD-CBE6BB2FC8D8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PI\Sqm-Tasks" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34946D56-A8FF-4198-BD85-43FA91981A0F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34946D56-A8FF-4198-BD85-43FA91981A0F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{358EE060-BD59-4F93-9741-A57AE6887DC0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{358EE060-BD59-4F93-9741-A57AE6887DC0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B6D8A73-F20B-4C93-B8FB-56A154F172D2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B6D8A73-F20B-4C93-B8FB-56A154F172D2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Time Zone\SynchronizeTimeZone" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45561755-0BB2-49DF-9B3C-3F0CEB4AB61E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45561755-0BB2-49DF-9B3C-3F0CEB4AB61E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WS\Badge Update" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{456F3D46-7452-4F09-A5B4-DD291AB26A0D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{456F3D46-7452-4F09-A5B4-DD291AB26A0D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45AB20ED-D19C-4298-86C6-57B2B9D837F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45AB20ED-D19C-4298-86C6-57B2B9D837F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YCMServiceAgent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47BFE674-5DFA-4395-B88C-47D28D6E5597}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47BFE674-5DFA-4395-B88C-47D28D6E5597}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\WinSAT" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47F2FE21-70DC-4139-AE7C-3ED2181C917F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47F2FE21-70DC-4139-AE7C-3ED2181C917F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49754026-21E1-41FC-94FD-727AFE414FE7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49754026-21E1-41FC-94FD-727AFE414FE7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{551EEC5C-4FF1-4BA8-83F2-17C07B2BC0C2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{551EEC5C-4FF1-4BA8-83F2-17C07B2BC0C2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\WarrantyChecker" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{55912F86-946C-4671-BE09-5FDA30093416}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55912F86-946C-4671-BE09-5FDA30093416}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2C3FEF4A-3157-4A65-8373-42953571A788" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55E46F05-2A1C-4F8F-8254-26482B40C290}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55E46F05-2A1C-4F8F-8254-26482B40C290}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Plug and Play\Device Install Reboot Required" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5705047A-8B57-4B41-881F-DAEA70D97A9C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5705047A-8B57-4B41-881F-DAEA70D97A9C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Plug and Play\Device Install Group Policy" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{57D2908A-C2C5-4156-BF22-3FDC8E3F83BA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57D2908A-C2C5-4156-BF22-3FDC8E3F83BA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57E1AB59-8B1F-47D2-AD45-7F2A4F5CDF39}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57E1AB59-8B1F-47D2-AD45-7F2A4F5CDF39}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TPM\Tpm-Maintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A046A88-4559-4B49-BB1F-16272F3F9C78}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A046A88-4559-4B49-BB1F-16272F3F9C78}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A3FB241-0B11-4EA5-BC66-0D9F1B406040}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A3FB241-0B11-4EA5-BC66-0D9F1B406040}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\BthSQM" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B996296-48A1-463D-BC02-5CAAAFBCE035}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B996296-48A1-463D-BC02-5CAAAFBCE035}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63F6939C-B9DF-4331-98D2-52523A79EAE0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63F6939C-B9DF-4331-98D2-52523A79EAE0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Auto Maintenance Task Agent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{668F8557-652D-433B-9CD3-CB95162F402D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{668F8557-652D-433B-9CD3-CB95162F402D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AA91E8C-DDBD-4979-8464-4062F7681A19}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AA91E8C-DDBD-4979-8464-4062F7681A19}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Plug and Play\Plug and Play Cleanup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D21C8E9-C77F-4EE7-9252-2D30C930528A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D21C8E9-C77F-4EE7-9252-2D30C930528A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Defrag\ScheduledDefrag" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DFCB649-0769-4F83-BB10-F60F235F6D3D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DFCB649-0769-4F83-BB10-F60F235F6D3D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E0A5DF3-F077-4F27-AFA1-AFA5B4F0F05F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E0A5DF3-F077-4F27-AFA1-AFA5B4F0F05F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee Remediation (Prepare)" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F02587F-8A2B-4552-97F6-DEEF229E335B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F02587F-8A2B-4552-97F6-DEEF229E335B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Idle Maintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73B1B253-CE67-4501-AE1A-377DD1D68B65}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73B1B253-CE67-4501-AE1A-377DD1D68B65}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupAppTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73D1388C-336E-40EC-B0B4-62CB862AF2BE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73D1388C-336E-40EC-B0B4-62CB862AF2BE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7455D819-E7EF-4B39-A9D4-CF3BC2CA7EDB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7455D819-E7EF-4B39-A9D4-CF3BC2CA7EDB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Ras\MobilityManager" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{749102D2-7D46-4F95-BC84-AB37533FD1C3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{749102D2-7D46-4F95-BC84-AB37533FD1C3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77F1D869-6E65-4079-A2A0-E2023408EF97}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77F1D869-6E65-4079-A2A0-E2023408EF97}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\ApplicationData\CleanupTemporaryState" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A1CA63A-3611-4E61-AAFA-1B56F8746F3A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A1CA63A-3611-4E61-AAFA-1B56F8746F3A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\PolicyConverter" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DD666D5-AC93-428A-B051-BD4F13C8356D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DD666D5-AC93-428A-B051-BD4F13C8356D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80559494-F08A-462B-B944-3CC33776C306}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80559494-F08A-462B-B944-3CC33776C306}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9AE41131-74B7-4994-85DF-52DEAA3D64FF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84400372-B6DB-4852-B387-6CE186EAE25B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84400372-B6DB-4852-B387-6CE186EAE25B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{863C7071-1182-42E3-8503-613F99320509}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{863C7071-1182-42E3-8503-613F99320509}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86C209A4-74BB-48FE-B626-53EE71A07511}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86C209A4-74BB-48FE-B626-53EE71A07511}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{872D0E53-FD2E-41E3-B431-698AF82882CE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{872D0E53-FD2E-41E3-B431-698AF82882CE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SkyDrive\Routine Maintenance Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B6F734B-452C-40E4-88DC-346EB19A28F0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B6F734B-452C-40E4-88DC-346EB19A28F0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C647326-2259-4737-AD98-68B1967684C7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C647326-2259-4737-AD98-68B1967684C7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\PC Health Analysis" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8CC813C9-712A-41EF-9512-B233444FC669}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CC813C9-712A-41EF-9512-B233444FC669}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92908369-CCF2-493A-85AB-05A9F8E620B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92908369-CCF2-493A-85AB-05A9F8E620B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SettingSync\BackgroundUploadTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{94E12419-82B1-4D1E-9DEF-5A2959B6C0B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94E12419-82B1-4D1E-9DEF-5A2959B6C0B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsColorSystem\Calibration Loader" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{953543E7-C8BF-4178-965A-CEB221B81ED8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{953543E7-C8BF-4178-965A-CEB221B81ED8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96B095BB-12CF-465E-9072-863BA0F5696E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96B095BB-12CF-465E-9072-863BA0F5696E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98292BAF-42C3-4FC1-9056-7EB1EE3B3C57}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98292BAF-42C3-4FC1-9056-7EB1EE3B3C57}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WOF\WIM-Hash-Validation" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B3A5D95-1AE4-45DE-9991-05BD06F89D25}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B3A5D95-1AE4-45DE-9991-05BD06F89D25}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\ResolutionHost" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C8E21C9-6AB1-4D66-8DF5-73AF5359B24E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C8E21C9-6AB1-4D66-8DF5-73AF5359B24E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WS\Sync Licenses" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9EE8F73F-7CC2-4EB4-849B-4B4B8FCC3196}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EE8F73F-7CC2-4EB4-849B-4B4B8FCC3196}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9FF4C139-5234-410C-B7FA-23EE2FD2AB53}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FF4C139-5234-410C-B7FA-23EE2FD2AB53}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Work Folders\Work Folders Maintenance Work" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A216000C-66D3-4E66-8A6E-D98AB5762D3C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A216000C-66D3-4E66-8A6E-D98AB5762D3C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Bluetooth\UninstallDeviceTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A44A1624-C719-4A46-8833-AA65471469C9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A44A1624-C719-4A46-8833-AA65471469C9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SystemRestore\SR" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4F8A26F-0DB2-44D5-AE95-1B68904BDEE1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4F8A26F-0DB2-44D5-AE95-1B68904BDEE1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{23F47B71-8734-4CAE-A42C-88BE09919421}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A519896B-8EEF-41EC-9342-151518A8339B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A519896B-8EEF-41EC-9342-151518A8339B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentLogOn" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5480E25-AF71-4B88-A76E-C9C3BA1588EE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5480E25-AF71-4B88-A76E-C9C3BA1588EE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\FileHistory\File History (maintenance mode)" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A693A6E9-FB8C-46CA-932B-88DC7684BE1C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A693A6E9-FB8C-46CA-932B-88DC7684BE1C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A98AD887-1E81-47AF-B3DF-F06329AB67E5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A98AD887-1E81-47AF-B3DF-F06329AB67E5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\IndexerAutomaticMaintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AAA89DAF-1B4F-447D-AF21-7F0559AC9962}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAA89DAF-1B4F-447D-AF21-7F0559AC9962}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B66EFECF-24F6-4999-AB0F-AABF04ECCF91}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B66EFECF-24F6-4999-AB0F-AABF04ECCF91}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office ClickToRun Service Monitor" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7992938-01F1-4F40-A0EC-0D23D2F0F152}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7992938-01F1-4F40-A0EC-0D23D2F0F152}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TaskScheduler\Regular Maintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP\UPnPHostConfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{BC537794-54F5-4702-8CEB-06F584ECD24A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC537794-54F5-4702-8CEB-06F584ECD24A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SpacePort\SpaceAgentTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD50F9D1-96F6-4CFA-A79F-701151C176D3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD50F9D1-96F6-4CFA-A79F-701151C176D3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\UserTask-Roam" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BDC5F196-D189-4E25-9F26-E31CAE62A0A8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDC5F196-D189-4E25-9F26-E31CAE62A0A8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\FamilySafetyRefresh" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1871B11-4A68-44D9-98B3-EE63B16D29E1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1871B11-4A68-44D9-98B3-EE63B16D29E1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Task Manager\Interactive" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{C2599556-050C-48B7-98E3-CD224A313FE3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2599556-050C-48B7-98E3-CD224A313FE3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C371F25E-745F-4A1E-BEF3-959161B56258}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C371F25E-745F-4A1E-BEF3-959161B56258}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\SmartScreenSpecific" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3BC58BF-FE17-4E06-B231-415CA4048DE7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3BC58BF-FE17-4E06-B231-415CA4048DE7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{C4AE3C3E-C327-4689-B6FD-C11FB31AE88B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4AE3C3E-C327-4689-B6FD-C11FB31AE88B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBD3EF37-0E38-431A-A6E8-607C56893A63}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBD3EF37-0E38-431A-A6E8-607C56893A63}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBDA51B5-18F3-4C3F-BBAD-09E7E42FDD0E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBDA51B5-18F3-4C3F-BBAD-09E7E42FDD0E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskCleanup\SilentCleanup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCFEBB07-718E-418A-804E-3E5593D0793F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCFEBB07-718E-418A-804E-3E5593D0793F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Registry\RegIdleBackup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD3F71A5-25DA-4A71-B641-3B0B338D3B10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD3F71A5-25DA-4A71-B641-3B0B338D3B10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD5B361C-450C-456E-AF2C-B490D5AD4938}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD5B361C-450C-456E-AF2C-B490D5AD4938}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Chkdsk\ProactiveScan" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE2DE968-E342-40D7-9566-427D45E4A886}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE2DE968-E342-40D7-9566-427D45E4A886}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFD7C21A-808B-487B-A6EC-8A10E44E8360}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFD7C21A-808B-487B-A6EC-8A10E44E8360}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SettingSync\BackupTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D00E7CB4-F82A-4A72-AB0F-7BB86DCA6F2F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D00E7CB4-F82A-4A72-AB0F-7BB86DCA6F2F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\UserTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1D8F1BA-2E8D-4582-8CB7-7777C9E26E39}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1D8F1BA-2E8D-4582-8CB7-7777C9E26E39}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Diagnosis\Scheduled" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D352DA66-6B83-46D8-9915-8E7B856C5978}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D352DA66-6B83-46D8-9915-8E7B856C5978}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WOF\WIM-Hash-Management" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6F4A061-CEFB-4F38-81EC-6E80ECDD3011}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6F4A061-CEFB-4F38-81EC-6E80ECDD3011}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D88FEC9E-A82A-46F9-87E2-B6B97B301C1A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D88FEC9E-A82A-46F9-87E2-B6B97B301C1A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WS\License Validation" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD62B08C-8ADF-4D65-A611-F6510E165B9F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD62B08C-8ADF-4D65-A611-F6510E165B9F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF8FF214-D536-45F4-90EC-1767F65DBED4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF8FF214-D536-45F4-90EC-1767F65DBED4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E075AC73-7FC0-4ACD-9F28-DD590C391C1C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E075AC73-7FC0-4ACD-9F28-DD590C391C1C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\QueueReporting" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E131C6A0-5FFC-419B-ABFA-CE4CB36CDE8A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E131C6A0-5FFC-419B-ABFA-CE4CB36CDE8A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E367590C-10F8-4401-B924-5839261DC94E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E367590C-10F8-4401-B924-5839261DC94E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Wininet\CacheTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5135623-6AEB-4D87-89F6-F2CE60F3BDC5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5135623-6AEB-4D87-89F6-F2CE60F3BDC5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{E64595D9-E1AF-4E09-8D36-1721FC82AEE3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E64595D9-E1AF-4E09-8D36-1721FC82AEE3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\SystemTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6D378FA-E068-4BCB-80DE-56D43A249507}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6D378FA-E068-4BCB-80DE-56D43A249507}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E8CC75DC-A5F5-4267-BD93-8A3479D0A822}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8CC75DC-A5F5-4267-BD93-8A3479D0A822}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\TextServicesFramework\MsCtfMonitor" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EDCAD10E-42B8-45F3-AAEF-DE86F7373643}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDCAD10E-42B8-45F3-AAEF-DE86F7373643}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Time Synchronization\SynchronizeTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F15E0568-C1DA-446E-86C9-4AF3857BADF7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F15E0568-C1DA-446E-86C9-4AF3857BADF7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3033906-E419-4CA4-AAA0-8E9B8B3154E2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3033906-E419-4CA4-AAA0-8E9B8B3154E2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PI\Secure-Boot-Update" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F4EBE7C4-324C-4F26-BA65-EC979EEE970E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4EBE7C4-324C-4F26-BA65-EC979EEE970E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F61C1098-6385-4992-9119-CE0F68340314}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F61C1098-6385-4992-9119-CE0F68340314}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Servicing\StartComponentCleanup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F62D3A5B-5E2E-4305-A06A-A7CE9DE361B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F62D3A5B-5E2E-4305-A06A-A7CE9DE361B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F90AD544-5E56-44B6-A795-75A108D0B743}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F90AD544-5E56-44B6-A795-75A108D0B743}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\FamilySafetyUpload" => key removed successfully
C:\Windows\Tasks\249565D8-E2D1-4B44-93D2-5145ADAC4691.job => moved successfully
"C:\Users\Rob\AppData\Local\249565D8-E2D1-4B44-93D2-5145ADAC4691" => File/Folder not found.
C:\Windows\Tasks\BPYQUYNLBX1.job => moved successfully
"C:\ProgramData\FlashBeat" => File/Folder not found.
C:\Windows\Tasks\lU4srfqOpdO1hP68BQGExBZtdq8.job => moved successfully
"C:\Users\TEMP\AppData\Roaming\lU4srfqOpdO1hP68BQGExBZtdq8.exe" => File/Folder not found.
C:\Windows\Tasks\OLSAVSCDSCHBGEJV.job => moved successfully
"C:\ProgramData\Service1291" => File/Folder not found.
C:\Windows\Tasks\TunePro360 Updater.job => moved successfully
"C:\Program Files (x86)\adlevel" => File/Folder not found.
fogirogi => service removed successfully
"HKU\S-1-5-21-464141180-2275970661-1890588188-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lewissilkin.net" => key removed successfully
wsfd_vw_1_10_0_20 => service removed successfully
 
=========  sfc /scannow =========
 
 
 
 
 B e g i n n i n g   s y s t e m   s c a n .     T h i s   p r o c e s s   w i l l   t a k e   s o m e   t i m e . 
 
 
 
 
 
 B e g i n n i n g   v e r i f i c a t i o n   p h a s e   o f   s y s t e m   s c a n . 
 
 
 V e r i f i c a t i o n   0 %   c o m p l e t e . V e r i f i c a t i o n   0 %   c o m p l e t e . V e r i f i c a t i o n   1 %   c o m p l e t e . V e r i f i c a t i o n   1 %   c o m p l e t e . V e r i f i c a t i o n   2 %   c o m p l e t e . V e r i f i c a t i o n   2 %   c o m p l e t e . V e r i f i c a t i o n   3 %   c o m p l e t e . V e r i f i c a t i o n   3 %   c o m p l e t e . V e r i f i c a t i o n   3 %   c o m p l e t e . V e r i f i c a t i o n   4 %   c o m p l e t e . V e r i f i c a t i o n   4 %   c o m p l e t e . V e r i f i c a t i o n   5 %   c o m p l e t e . V e r i f i c a t i o n   5 %   c o m p l e t e . V e r i f i c a t i o n   6 %   c o m p l e t e . V e r i f i c a t i o n   6 %   c o m p l e t e . V e r i f i c a t i o n   6 %   c o m p l e t e . V e r i f i c a t i o n   7 %   c o m p l e t e . V e r i f i c a t i o n   7 %   c o m p l e t e . V e r i f i c a t i o n   8 %   c o m p l e t e . V e r i f i c a t i o n   8 %   c o m p l e t e . V e r i f i c a t i o n   9 %   c o m p l e t e . V e r i f i c a t i o n   9 %   c o m p l e t e . V e r i f i c a t i o n   9 %   c o m p l e t e . V e r i f i c a t i o n   1 0 %   c o m p l e t e . V e r i f i c a t i o n   1 0 %   c o m p l e t e . V e r i f i c a t i o n   1 1 %   c o m p l e t e . V e r i f i c a t i o n   1 1 %   c o m p l e t e . V e r i f i c a t i o n   1 2 %   c o m p l e t e . V e r i f i c a t i o n   1 2 %   c o m p l e t e . V e r i f i c a t i o n   1 3 %   c o m p l e t e . V e r i f i c a t i o n   1 3 %   c o m p l e t e . V e r i f i c a t i o n   1 3 %   c o m p l e t e . V e r i f i c a t i o n   1 4 %   c o m p l e t e . V e r i f i c a t i o n   1 4 %   c o m p l e t e . V e r i f i c a t i o n   1 5 %   c o m p l e t e . V e r i f i c a t i o n   1 5 %   c o m p l e t e . V e r i f i c a t i o n   1 6 %   c o m p l e t e . V e r i f i c a t i o n   1 6 %   c o m p l e t e . V e r i f i c a t i o n   1 6 %   c o m p l e t e . V e r i f i c a t i o n   1 7 %   c o m p l e t e . V e r i f i c a t i o n   1 7 %   c o m p l e t e . V e r i f i c a t i o n   1 8 %   c o m p l e t e . V e r i f i c a t i o n   1 8 %   c o m p l e t e . V e r i f i c a t i o n   1 9 %   c o m p l e t e . V e r i f i c a t i o n   1 9 %   c o m p l e t e . V e r i f i c a t i o n   1 9 %   c o m p l e t e . V e r i f i c a t i o n   2 0 %   c o m p l e t e . V e r i f i c a t i o n   2 0 %   c o m p l e t e . V e r i f i c a t i o n   2 1 %   c o m p l e t e . V e r i f i c a t i o n   2 1 %   c o m p l e t e . V e r i f i c a t i o n   2 2 %   c o m p l e t e . V e r i f i c a t i o n   2 2 %   c o m p l e t e . V e r i f i c a t i o n   2 3 %   c o m p l e t e . V e r i f i c a t i o n   2 3 %   c o m p l e t e . V e r i f i c a t i o n   2 3 %   c o m p l e t e . V e r i f i c a t i o n   2 4 %   c o m p l e t e . V e r i f i c a t i o n   2 4 %   c o m p l e t e . V e r i f i c a t i o n   2 5 %   c o m p l e t e . V e r i f i c a t i o n   2 5 %   c o m p l e t e . V e r i f i c a t i o n   2 6 %   c o m p l e t e . V e r i f i c a t i o n   2 6 %   c o m p l e t e . V e r i f i c a t i o n   2 6 %   c o m p l e t e . V e r i f i c a t i o n   2 7 %   c o m p l e t e . V e r i f i c a t i o n   2 7 %   c o m p l e t e . V e r i f i c a t i o n   2 8 %   c o m p l e t e . V e r i f i c a t i o n   2 8 %   c o m p l e t e . V e r i f i c a t i o n   2 9 %   c o m p l e t e . V e r i f i c a t i o n   2 9 %   c o m p l e t e . V e r i f i c a t i o n   2 9 %   c o m p l e t e . V e r i f i c a t i o n   3 0 %   c o m p l e t e . V e r i f i c a t i o n   3 0 %   c o m p l e t e . V e r i f i c a t i o n   3 1 %   c o m p l e t e . V e r i f i c a t i o n   3 1 %   c o m p l e t e . V e r i f i c a t i o n   3 2 %   c o m p l e t e . V e r i f i c a t i o n   3 2 %   c o m p l e t e . V e r i f i c a t i o n   3 3 %   c o m p l e t e . V e r i f i c a t i o n   3 3 %   c o m p l e t e . V e r i f i c a t i o n   3 3 %   c o m p l e t e . V e r i f i c a t i o n   3 4 %   c o m p l e t e . V e r i f i c a t i o n   3 4 %   c o m p l e t e . V e r i f i c a t i o n   3 5 %   c o m p l e t e . V e r i f i c a t i o n   3 5 %   c o m p l e t e . V e r i f i c a t i o n   3 6 %   c o m p l e t e . V e r i f i c a t i o n   3 6 %   c o m p l e t e . V e r i f i c a t i o n   3 6 %   c o m p l e t e . V e r i f i c a t i o n   3 7 %   c o m p l e t e . V e r i f i c a t i o n   3 7 %   c o m p l e t e . V e r i f i c a t i o n   3 8 %   c o m p l e t e . V e r i f i c a t i o n   3 8 %   c o m p l e t e . V e r i f i c a t i o n   3 9 %   c o m p l e t e . V e r i f i c a t i o n   3 9 %   c o m p l e t e . V e r i f i c a t i o n   3 9 %   c o m p l e t e . V e r i f i c a t i o n   4 0 %   c o m p l e t e . V e r i f i c a t i o n   4 0 %   c o m p l e t e . V e r i f i c a t i o n   4 1 %   c o m p l e t e . V e r i f i c a t i o n   4 1 %   c o m p l e t e . V e r i f i c a t i o n   4 2 %   c o m p l e t e . V e r i f i c a t i o n   4 2 %   c o m p l e t e . V e r i f i c a t i o n   4 3 %   c o m p l e t e . V e r i f i c a t i o n   4 3 %   c o m p l e t e . V e r i f i c a t i o n   4 3 %   c o m p l e t e . V e r i f i c a t i o n   4 4 %   c o m p l e t e . V e r i f i c a t i o n   4 4 %   c o m p l e t e . V e r i f i c a t i o n   4 5 %   c o m p l e t e . V e r i f i c a t i o n   4 5 %   c o m p l e t e . V e r i f i c a t i o n   4 6 %   c o m p l e t e . V e r i f i c a t i o n   4 6 %   c o m p l e t e . V e r i f i c a t i o n   4 6 %   c o m p l e t e . V e r i f i c a t i o n   4 7 %   c o m p l e t e . V e r i f i c a t i o n   4 7 %   c o m p l e t e . V e r i f i c a t i o n   4 8 %   c o m p l e t e . V e r i f i c a t i o n   4 8 %   c o m p l e t e . V e r i f i c a t i o n   4 9 %   c o m p l e t e . V e r i f i c a t i o n   4 9 %   c o m p l e t e . V e r i f i c a t i o n   4 9 %   c o m p l e t e . V e r i f i c a t i o n   5 0 %   c o m p l e t e . V e r i f i c a t i o n   5 0 %   c o m p l e t e . V e r i f i c a t i o n   5 1 %   c o m p l e t e . V e r i f i c a t i o n   5 1 %   c o m p l e t e . V e r i f i c a t i o n   5 2 %   c o m p l e t e . V e r i f i c a t i o n   5 2 %   c o m p l e t e . V e r i f i c a t i o n   5 3 %   c o m p l e t e . V e r i f i c a t i o n   5 3 %   c o m p l e t e . V e r i f i c a t i o n   5 3 %   c o m p l e t e . V e r i f i c a t i o n   5 4 %   c o m p l e t e . V e r i f i c a t i o n   5 4 %   c o m p l e t e . V e r i f i c a t i o n   5 5 %   c o m p l e t e . V e r i f i c a t i o n   5 5 %   c o m p l e t e . V e r i f i c a t i o n   5 6 %   c o m p l e t e . V e r i f i c a t i o n   5 6 %   c o m p l e t e . V e r i f i c a t i o n   5 6 %   c o m p l e t e . V e r i f i c a t i o n   5 7 %   c o m p l e t e . V e r i f i c a t i o n   5 7 %   c o m p l e t e . V e r i f i c a t i o n   5 8 %   c o m p l e t e . V e r i f i c a t i o n   5 8 %   c o m p l e t e . V e r i f i c a t i o n   5 9 %   c o m p l e t e . V e r i f i c a t i o n   5 9 %   c o m p l e t e . V e r i f i c a t i o n   5 9 %   c o m p l e t e . V e r i f i c a t i o n   6 0 %   c o m p l e t e . V e r i f i c a t i o n   6 0 %   c o m p l e t e . V e r i f i c a t i o n   6 1 %   c o m p l e t e . V e r i f i c a t i o n   6 1 %   c o m p l e t e . V e r i f i c a t i o n   6 2 %   c o m p l e t e . V e r i f i c a t i o n   6 2 %   c o m p l e t e . V e r i f i c a t i o n   6 3 %   c o m p l e t e . V e r i f i c a t i o n   6 3 %   c o m p l e t e . V e r i f i c a t i o n   6 3 %   c o m p l e t e . V e r i f i c a t i o n   6 4 %   c o m p l e t e . V e r i f i c a t i o n   6 4 %   c o m p l e t e . V e r i f i c a t i o n   6 5 %   c o m p l e t e . V e r i f i c a t i o n   6 5 %   c o m p l e t e . V e r i f i c a t i o n   6 6 %   c o m p l e t e . V e r i f i c a t i o n   6 6 %   c o m p l e t e . V e r i f i c a t i o n   6 6 %   c o m p l e t e . V e r i f i c a t i o n   6 7 %   c o m p l e t e . V e r i f i c a t i o n   6 7 %   c o m p l e t e . V e r i f i c a t i o n   6 8 %   c o m p l e t e . V e r i f i c a t i o n   6 8 %   c o m p l e t e . V e r i f i c a t i o n   6 9 %   c o m p l e t e . V e r i f i c a t i o n   6 9 %   c o m p l e t e . V e r i f i c a t i o n   6 9 %   c o m p l e t e . V e r i f i c a t i o n   7 0 %   c o m p l e t e . V e r i f i c a t i o n   7 0 %   c o m p l e t e . V e r i f i c a t i o n   7 1 %   c o m p l e t e . V e r i f i c a t i o n   7 1 %   c o m p l e t e . V e r i f i c a t i o n   7 2 %   c o m p l e t e . V e r i f i c a t i o n   7 2 %   c o m p l e t e . V e r i f i c a t i o n   7 3 %   c o m p l e t e . V e r i f i c a t i o n   7 3 %   c o m p l e t e . V e r i f i c a t i o n   7 3 %   c o m p l e t e . V e r i f i c a t i o n   7 4 %   c o m p l e t e . V e r i f i c a t i o n   7 4 %   c o m p l e t e . V e r i f i c a t i o n   7 5 %   c o m p l e t e . V e r i f i c a t i o n   7 5 %   c o m p l e t e . V e r i f i c a t i o n   7 6 %   c o m p l e t e . V e r i f i c a t i o n   7 6 %   c o m p l e t e . V e r i f i c a t i o n   7 6 %   c o m p l e t e . V e r i f i c a t i o n   7 7 %   c o m p l e t e . V e r i f i c a t i o n   7 7 %   c o m p l e t e . V e r i f i c a t i o n   7 8 %   c o m p l e t e . V e r i f i c a t i o n   7 8 %   c o m p l e t e . V e r i f i c a t i o n   7 9 %   c o m p l e t e . V e r i f i c a t i o n   7 9 %   c o m p l e t e . V e r i f i c a t i o n   7 9 %   c o m p l e t e . V e r i f i c a t i o n   8 0 %   c o m p l e t e . V e r i f i c a t i o n   8 0 %   c o m p l e t e . V e r i f i c a t i o n   8 1 %   c o m p l e t e . V e r i f i c a t i o n   8 1 %   c o m p l e t e . V e r i f i c a t i o n   8 2 %   c o m p l e t e . V e r i f i c a t i o n   8 2 %   c o m p l e t e . V e r i f i c a t i o n   8 3 %   c o m p l e t e . V e r i f i c a t i o n   8 3 %   c o m p l e t e . V e r i f i c a t i o n   8 3 %   c o m p l e t e . V e r i f i c a t i o n   8 4 %   c o m p l e t e . V e r i f i c a t i o n   8 4 %   c o m p l e t e . V e r i f i c a t i o n   8 5 %   c o m p l e t e . V e r i f i c a t i o n   8 5 %   c o m p l e t e . V e r i f i c a t i o n   8 6 %   c o m p l e t e . V e r i f i c a t i o n   8 6 %   c o m p l e t e . V e r i f i c a t i o n   8 6 %   c o m p l e t e . V e r i f i c a t i o n   8 7 %   c o m p l e t e . V e r i f i c a t i o n   8 7 %   c o m p l e t e . V e r i f i c a t i o n   8 8 %   c o m p l e t e . V e r i f i c a t i o n   8 8 %   c o m p l e t e . V e r i f i c a t i o n   8 9 %   c o m p l e t e . V e r i f i c a t i o n   8 9 %   c o m p l e t e . V e r i f i c a t i o n   8 9 %   c o m p l e t e . V e r i f i c a t i o n   9 0 %   c o m p l e t e . V e r i f i c a t i o n   9 0 %   c o m p l e t e . V e r i f i c a t i o n   9 1 %   c o m p l e t e . V e r i f i c a t i o n   9 1 %   c o m p l e t e . V e r i f i c a t i o n   9 2 %   c o m p l e t e . V e r i f i c a t i o n   9 2 %   c o m p l e t e . V e r i f i c a t i o n   9 3 %   c o m p l e t e . V e r i f i c a t i o n   9 3 %   c o m p l e t e . V e r i f i c a t i o n   9 3 %   c o m p l e t e . V e r i f i c a t i o n   9 4 %   c o m p l e t e . V e r i f i c a t i o n   9 4 %   c o m p l e t e . V e r i f i c a t i o n   9 5 %   c o m p l e t e . V e r i f i c a t i o n   9 5 %   c o m p l e t e . V e r i f i c a t i o n   9 6 %   c o m p l e t e . V e r i f i c a t i o n   9 6 %   c o m p l e t e . V e r i f i c a t i o n   9 6 %   c o m p l e t e . V e r i f i c a t i o n   9 7 %   c o m p l e t e . V e r i f i c a t i o n   9 7 %   c o m p l e t e . V e r i f i c a t i o n   9 8 %   c o m p l e t e . V e r i f i c a t i o n   9 8 %   c o m p l e t e . V e r i f i c a t i o n   9 9 %   c o m p l e t e . V e r i f i c a t i o n   9 9 %   c o m p l e t e . V e r i f i c a t i o n   9 9 %   c o m p l e t e . V e r i f i c a t i o n   1 0 0 %   c o m p l e t e . 
 
 
 
 
 W i n d o w s   R e s o u r c e   P r o t e c t i o n   f o u n d   c o r r u p t   f i l e s   b u t   w a s   u n a b l e   t o   f i x   s o m e   
 
 
 o f   t h e m .   D e t a i l s   a r e   i n c l u d e d   i n   t h e   C B S . L o g   w i n d i r \ L o g s \ C B S \ C B S . l o g .   F o r   
 
 
 e x a m p l e   C : \ W i n d o w s \ L o g s \ C B S \ C B S . l o g .   N o t e   t h a t   l o g g i n g   i s   c u r r e n t l y   n o t   
 
 
 s u p p o r t e d   i n   o f f l i n e   s e r v i c i n g   s c e n a r i o s . 
 
 
 
 
 
 T h e   s y s t e m   f i l e   r e p a i r   c h a n g e s   w i l l   t a k e   e f f e c t   a f t e r   t h e   n e x t   r e b o o t . 
 
 
 
========= End of CMD: =========
 
 
========================= Folder: C:\Windows\system32\sru ========================
 
2014-03-18 11:00 - 2015-09-03 23:02 - 0008192 _____ () C:\Windows\system32\sru\SRU.chk
2014-03-18 11:00 - 2015-09-03 23:02 - 0065536 _____ () C:\Windows\system32\sru\SRU.log
2014-03-18 11:00 - 2015-09-03 23:00 - 0065536 _____ () C:\Windows\system32\sru\SRU00777.log
2014-03-18 11:00 - 2015-09-03 23:00 - 0065536 _____ () C:\Windows\system32\sru\SRU00778.log
2014-03-18 11:00 - 2015-09-03 23:02 - 10493952 _____ () C:\Windows\system32\sru\SRUDB.dat
2014-03-18 11:00 - 2014-03-18 11:00 - 0065536 _____ () C:\Windows\system32\sru\SRUres00001.jrs
2014-03-18 11:00 - 2014-03-18 11:00 - 0065536 _____ () C:\Windows\system32\sru\SRUres00002.jrs
2014-03-18 11:00 - 2015-09-03 23:00 - 0065536 _____ () C:\Windows\system32\sru\SRUtmp.log
 
====== End of Folder: ======
 
 
==== End of Fixlog 23:57:47 ====


#7 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:11 AM

Posted 05 September 2015 - 10:14 AM

Hello,

AdwCleaner by Xplode

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • DO NOT CLEAN ANYTHING! Removal will be done after analysis of the log.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
Regards,
Alex

#8 aquaplex

aquaplex
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:11 AM

Posted 06 September 2015 - 01:27 PM

Hmm not sure what this best price ninja stuff is!

 

# AdwCleaner v5.005 - Logfile created 06/09/2015 at 19:25:41
# Updated 31/08/2015 by Xplode
# Database : 2015-09-04.4 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Rob - ROBSPC
# Running from : C:\Users\Rob\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
Folder Found : C:\Users\Rob\AppData\Roaming\AdvertismentImages
 
***** [ Files ] *****
 
File Found : C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
File Found : C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
File Found : C:\Users\sheff_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
File Found : C:\Users\sheff_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\coupoon
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\coupoon
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
Key Found : HKU\S-1-5-18\Software\AppDataLow\Software\coupoon
Key Found : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
 
***** [ Web browsers ] *****
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2726 bytes] ##########


#9 aquaplex

aquaplex
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:11 AM

Posted 06 September 2015 - 03:08 PM

Also I will be on holiday from 8 Sept  - 16th so won't be able to follow instructions posted then. Please do not close the thread!

 

Thanks.



#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:11 AM

Posted 07 September 2015 - 12:11 PM

Hello,

I won't close this topic - enjoy your holiday :) You can follow the instructions once you returned.

AdwCleaner - Scan & Clean

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
===

Junkware Removal Tool by Malwarebytes Corporation

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
After you are done with both steps, please let me know how the computer is doing.

Regards,
Alex 

#11 aquaplex

aquaplex
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:11 AM

Posted 07 September 2015 - 03:15 PM

# AdwCleaner v5.006 - Logfile created 07/09/2015 at 21:07:17
# Updated 06/09/2015 by Xplode
# Database : 2015-09-07.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Rob - ROBSPC
# Running from : C:\Users\Rob\Desktop\AdwCleaner (1).exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Users\Rob\AppData\Roaming\AdvertismentImages
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\sheff_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\sheff_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5E04457F-D6D4-4A7E-8277-5EF1CA591CC7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\coupoon
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\coupoon
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\coupoon
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
 
***** [ Web browsers ] *****
 
 
*************************
 
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2952 bytes] ##########


#12 aquaplex

aquaplex
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:11 AM

Posted 07 September 2015 - 03:26 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 8.1 x64
Ran by Rob on 07/09/2015 at 21:22:35.22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9015D16D-118D-4CE8-ABC7-8D2E48BDB845}
 
 
 
~~~ Files
 
Failed to delete: [File] C:\Windows\SysWOW64\number of results
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pro pc cleaner
Successfully deleted: [Folder] C:\Users\Rob\Appdata\LocalLow\company
Successfully deleted: [Folder] C:\Users\Rob\Documents\add-in express
 
 
 
~~~ Chrome
 
 
[C:\Users\Rob\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Rob\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Rob\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Rob\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/09/2015 at 21:25:06.81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

No luck - those ads are still popping up :(



#13 aquaplex

aquaplex
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:11 AM

Posted 07 September 2015 - 04:09 PM

I tried running both a second time but the ads just come straight back

 

# AdwCleaner v5.006 - Logfile created 07/09/2015 at 21:49:03
# Updated 06/09/2015 by Xplode
# Database : 2015-09-07.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Rob - ROBSPC
# Running from : C:\Users\Rob\Desktop\AdwCleaner (1).exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
 
***** [ Web browsers ] *****
 
 
*************************
 
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1086 bytes] ##########


#14 aquaplex

aquaplex
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:06:11 AM

Posted 07 September 2015 - 04:11 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 8.1 x64
Ran by Rob on 07/09/2015 at 21:51:43.85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Failed to delete: [File] C:\Windows\SysWOW64\number of results
 
 
 
~~~ Folders
 
 
 
~~~ Chrome
 
 
[C:\Users\Rob\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Rob\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Rob\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Rob\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/09/2015 at 21:54:15.97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#15 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:11 AM

Posted 09 September 2015 - 11:27 AM

Hi there,

Please create a new set of FRST logs for me - remember to place a checkmark in Addition.txt!

Regards,
Alex




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users