1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Comp infected and can't drag and drop some things.

Discussion in 'Virus & Other Malware Removal' started by boydphoto, May 22, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. boydphoto

    boydphoto Thread Starter

    Joined:
    Nov 25, 2005
    Messages:
    641
    First Name:
    boyd
    One of the problems is that I can't copy and paste, or drag and drop an address link. I could do it ok yesterday. Also, I haven't been able to do system restore for a few weeks, from a variety of restore points. Thank you for helping me,
    Boyd.


    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz, Intel64 Family 6 Model 42 Stepping 7
    Processor Count: 4
    RAM: 4043 Mb
    Graphics Card: Intel(R) HD Graphics Family, 1797 Mb
    Hard Drives: C: Total - 584792 MB, Free - 248239 MB; D: Total - 21422 MB, Free - 2275 MB; E: Total - 4055 MB, Free - 10 MB; I: Total - 476937 MB, Free - 8415 MB;
    Motherboard: Hewlett-Packard, 1695
    Antivirus: Bitdefender Antivirus Free Edition, Updated and Enabled
     
  2. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Welcome :)

    Please download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Make sure that under Optional Scans, there is a checkmark on Addition.txt.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The tool will also produce another log (Addition.txt ). Please attach this to your reply.
     
  3. boydphoto

    boydphoto Thread Starter

    Joined:
    Nov 25, 2005
    Messages:
    641
    First Name:
    boyd
    Thanks for helping me, JS.

    Boyd.

    Double-click to run it. When the tool opens click Yes to disclaimer.
    Make sure that under Optional Scans, there is a checkmark on Addition.txt.
    Press Scan button.
    It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    The tool will also produce another log (Addition.txt ). Please attach this to your reply.

    __________________ Double-click to run it. When the tool opens click Yes to disclaimer.
    Make sure that under Optional Scans, there is a checkmark on Addition.txt.
    Press Scan button.
    It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    The tool will also produce another log (Addition.txt ). Please attach this to your reply.

    __________________Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01
    Ran by boydphoto (administrator) on BOYDPHOTO-HP on 23-05-2015 17:18:51
    Running from C:\Users\boydphoto\Desktop
    Loaded Profiles: boydphoto (Available Profiles: boydphoto)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
    (HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
    (Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
    (HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
    (FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManagerService64.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
    () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
    () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-12-30] (RealNetworks, Inc.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
    HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
    HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
    HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
    HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
    HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
    HKLM\...\Policies\Explorer: [NoFind] 0
    HKLM\...\Policies\Explorer: [NoFile] 0
    HKLM\...\Policies\Explorer: [HideClock] 0
    HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
    HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
    HKLM\...\Policies\Explorer: [NoSetFolders] 0
    HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
    HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
    HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
    HKLM\...\Policies\Explorer: [NoDFSTab] 0
    HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
    HKLM\...\Policies\Explorer: [NoLogoff] 0
    HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
    HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
    HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
    HKLM\...\Policies\Explorer: [NoResolveSearch] 0
    HKLM\...\Policies\Explorer: [NoSaveSettings] 0
    HKLM\...\Policies\Explorer: [NoHardwareTab] 0
    HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
    HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
    HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
    HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
    HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
    HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
    HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
    HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
    HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
    HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
    HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
    HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
    HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
    HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
    HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
    HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
    HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
    HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
    HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\system: [NoDispAppearancePage] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\system: [NoDispSettingsPage] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoViewOnDrive] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoViewContextMenu] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoFile] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [HideClock] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoSetFolders] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoSetTaskbar] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoDeletePrinter] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoDFSTab] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoLogoff] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoResolveSearch] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoSaveSettings] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoHardwareTab] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
    HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
    HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
    HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
    HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
    HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
    HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
    HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-05-23]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-10-16] ()
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://drudgereport.com/
    SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1479091243-4294284354-2124732490-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-10-27] (RealDownloader)
    BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (CANON INC.)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-03] (Oracle Corporation)
    BHO: No Name -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> No File
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-03] (Oracle Corporation)
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
    BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-10-27] (RealDownloader)
    BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-04] (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
    BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
    BHO-x32: IEDownloadCatcher.DownloadManager -> {AECB3C96-189C-35F9-9C0B-A3832B3C1839} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-20] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-04] (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
    BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
    Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.)
    Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
    DPF: HKLM-x32 {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
    Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

    FireFox:
    ========
    FF ProfilePath: C:\Users\boydphoto\AppData\Roaming\Mozilla\Firefox\Profiles\np1cre3q.default-1432329785634
    FF DefaultSearchEngine.US: Bing
    FF Homepage: hxxp://drudgereport.com/
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-23] ()
    FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-03] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-03] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-10-17] (Adobe Systems)
    FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-23] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1212152.dll No File
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2013-04-19] (CANON INC.)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-04] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-04] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-12-30] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-10-27] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-12-30] (RealPlayer Cloud)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] ()
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-10-17] (Adobe Systems)
    FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
    FF Plugin HKU\S-1-5-21-1479091243-4294284354-2124732490-1000: @citrixonline.com/appdetectorplugin -> C:\Users\boydphoto\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-03-31] (Citrix Online)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2014-12-30] (RealNetworks, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-09-04] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-09-04] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-09-04] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-09-04] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-09-04] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2014-12-30] (RealPlayer Cloud)
    FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\boydphoto\AppData\Roaming\Mozilla\Firefox\Profiles\np1cre3q.default-1432329785634\Extensions\[email protected] [2015-05-23]
    FF Extension: Bitdefender QuickScan - C:\Users\boydphoto\AppData\Roaming\Mozilla\Firefox\Profiles\np1cre3q.default-1432329785634\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-05-22]
    FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2015-05-18]
    FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
    FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-26]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
    FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-09-18]
    FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
    FF HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

    Chrome:
    =======
    CHR Profile: C:\Users\boydphoto\AppData\Local\Google\Chrome\User Data\default
    CHR Extension: (Google Slides) - C:\Users\boydphoto\AppData\Local\Google\Chrome\User Data\default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-18]
    CHR Extension: (Google Docs) - C:\Users\boydphoto\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-18]
    CHR Extension: (Google Drive) - C:\Users\boydphoto\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-18]
    CHR Extension: (YouTube) - C:\Users\boydphoto\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-18]
    CHR Extension: (Google Search) - C:\Users\boydphoto\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-18]
    CHR Extension: (Google Sheets) - C:\Users\boydphoto\AppData\Local\Google\Chrome\User Data\default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-18]
    CHR Extension: (Bookmark Manager) - C:\Users\boydphoto\AppData\Local\Google\Chrome\User Data\default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-18]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\boydphoto\AppData\Local\Google\Chrome\User Data\default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-18]
    CHR Extension: (Google Wallet) - C:\Users\boydphoto\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-11]
    CHR Extension: (Gmail) - C:\Users\boydphoto\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-18]
    CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
    S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244720 2012-02-08] (CyberLink)
    R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
    R2 FileOpenManagerService; C:\Program Files\FileOpen\Services\FileOpenManagerService64.exe [335288 2012-10-17] (FileOpen Systems Inc.)
    R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
    R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) []
    R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-27] ()
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
    R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
    R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-12-30] (RealNetworks, Inc.)
    R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) []
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
    S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
    R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
    R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
    R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
    S3 rcmirror; C:\Windows\System32\DRIVERS\rcmirror64.sys [13120 2012-08-13] (Windows (R) Win 7 DDK provider)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2014-12-11] ()
    R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
    S3 cpuz134; \??\C:\Users\BOYDPH~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
    U0 SR; No ImagePath
    U2 srservice; No ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-23 17:18 - 2015-05-23 17:19 - 00033332 _____ () C:\Users\boydphoto\Desktop\FRST.txt
    2015-05-23 17:14 - 2015-05-23 17:15 - 02108416 _____ (Farbar) C:\Users\boydphoto\Desktop\FRST64.exe
    2015-05-23 16:23 - 2015-05-23 16:23 - 00000000 ____D () C:\Users\boydphoto\Desktop\MY WED LINK
    2015-05-23 10:22 - 2015-05-23 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    2015-05-23 10:22 - 2015-05-23 10:22 - 00000000 ____D () C:\Program Files\McAfee Security Scan
    2015-05-23 06:13 - 2015-05-23 06:14 - 00000513 _____ () C:\Users\boydphoto\Desktop\'BEACHES' IMAGE EXPLANATION.txt
    2015-05-23 05:57 - 2015-05-23 05:59 - 00000000 ____D () C:\Users\boydphoto\Documents\SpeedFixTool
    2015-05-23 05:57 - 2015-05-23 05:57 - 00003476 _____ () C:\Windows\System32\Tasks\SpeedFixTool_Popup
    2015-05-23 05:57 - 2015-05-23 05:57 - 00003212 _____ () C:\Windows\System32\Tasks\SpeedFixTool_Start
    2015-05-23 05:57 - 2015-05-23 05:57 - 00000000 ____D () C:\Users\boydphoto\AppData\Local\RegCleaner
    2015-05-23 04:58 - 2015-05-23 10:22 - 00001891 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    2015-05-23 04:58 - 2015-05-23 10:22 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
    2015-05-22 17:07 - 2015-05-22 17:07 - 00000037 _____ () C:\Users\boydphoto\Desktop\GORDON EMAIL.txt
    2015-05-22 14:58 - 2015-05-22 14:58 - 00509440 _____ (Tech Support Guy System) C:\Users\boydphoto\Desktop\SysInfo.exe
    2015-05-22 14:19 - 2015-05-22 14:20 - 00000000 ____D () C:\Users\boydphoto\Desktop\MY VIDEO AND SLIDESHOW STUFF
    2015-05-22 13:39 - 2015-05-22 13:39 - 00000000 ____D () C:\Users\boydphoto\Desktop\MY WED ART LINK
    2015-05-22 13:27 - 2015-05-22 13:31 - 64793379 _____ () C:\Users\boydphoto\Desktop\BOYD BILBO WEDDING ART_5-22-15.mp4
    2015-05-22 13:17 - 2015-05-22 13:21 - 64793379 _____ () C:\Users\boydphoto\Desktop\BOYD BILBO WEDDING ART IV..mp4
    2015-05-22 12:24 - 2015-05-22 12:26 - 41643938 _____ () C:\Users\boydphoto\Desktop\BOYD BILBO FINE ART PORTRAITURE.mp4
    2015-05-22 10:28 - 2015-05-22 10:28 - 00005886 _____ () C:\Users\boydphoto\Desktop\Jimmy Smith - Honky Tonk for My Video.aup
    2015-05-22 10:28 - 2015-05-22 10:28 - 00000000 ____D () C:\Users\boydphoto\Desktop\Jimmy Smith - Honky Tonk for My Video_data
    2015-05-22 10:24 - 2015-05-22 10:27 - 14792248 _____ () C:\Users\boydphoto\Desktop\Jimmy Smith - Honky Tonk for My Video.wav
    2015-05-22 09:52 - 2015-05-22 09:52 - 15307096 _____ () C:\Users\boydphoto\Desktop\Jimmy Smith - Honky Tonk COPY.wav
    2015-05-22 09:38 - 2015-05-22 09:38 - 00000000 ____D () C:\Users\boydphoto\Desktop\Jimmy Smith - Honky Tonk_data
    2015-05-22 09:37 - 2015-05-22 09:37 - 76398332 _____ () C:\Users\boydphoto\Desktop\Jimmy Smith - Honky Tonk.wav
    2015-05-22 09:28 - 2015-05-22 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
    2015-05-22 09:28 - 2015-05-22 14:42 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
    2015-05-22 09:28 - 2015-05-22 14:42 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
    2015-05-22 09:28 - 2015-05-22 09:28 - 00001536 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
    2015-05-22 09:28 - 2015-05-22 09:28 - 00001245 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
    2015-05-22 09:27 - 2015-05-22 14:41 - 00000000 ____D () C:\Users\boydphoto\AppData\Roaming\DVDVideoSoft
    2015-05-22 09:25 - 2015-05-22 09:26 - 36088824 _____ (DVDVideoSoft Ltd. ) C:\Users\boydphoto\Downloads\FreeYouTubeToMP3Converter.exe
    2015-05-22 09:07 - 2015-05-22 09:07 - 00000062 _____ () C:\Users\boydphoto\Desktop\JIM WALKER EMAIL ADD.txt
    2015-05-22 09:01 - 2015-05-22 09:01 - 00184453 _____ () C:\Users\boydphoto\Desktop\watch.htm
    2015-05-21 15:48 - 2015-05-21 15:48 - 04878636 _____ () C:\Users\boydphoto\Desktop\DARWIN AWARD 2011.tif
    2015-05-21 12:19 - 2015-05-21 12:19 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
    2015-05-20 19:49 - 2015-05-20 19:49 - 00005793 _____ () C:\Users\boydphoto\Desktop\ANN COULTER, WHEN THEY LIE ABOUT 'MINOR DRUG CRIMES'.txt
    2015-05-20 11:36 - 2015-05-20 11:42 - 01613652 _____ () C:\Users\boydphoto\Desktop\FRED AND LYNN IN VENICE.tif
    2015-05-19 16:46 - 2015-05-20 15:41 - 00005793 _____ () C:\Users\boydphoto\Desktop\ANN COULTER, LYING ABOUT 'MINOR DRUG CRIMES'.txt
    2015-05-19 11:55 - 2014-05-26 17:01 - 07842688 _____ () C:\Users\boydphoto\Desktop\MEMORIAL DAY, 2012 IMAGE, Marine Corps Memorial With Crowd Reflection,_COPY.tif
    2015-05-19 11:25 - 2015-05-19 11:25 - 00001750 _____ () C:\Users\boydphoto\Desktop\JUDGE, 'ATHEISTS CAN'T STOP PLEDGE.txt
    2015-05-19 10:22 - 2015-05-19 10:22 - 00000495 _____ () C:\Users\boydphoto\Desktop\MY QUOTE FOR PORTRAITURE.txt
    2015-05-19 09:48 - 2015-05-19 09:50 - 16558012 _____ () C:\Users\boydphoto\Desktop\JEN LUKE ENG PHOTO ON EASEL.tif
    2015-05-19 09:40 - 2015-05-23 16:20 - 00000698 _____ () C:\Users\boydphoto\Desktop\MY QUOTE FOR ENGAGEMENT SESSION.txt
    2015-05-18 17:57 - 2015-05-18 17:57 - 00000047 _____ () C:\Users\boydphoto\Desktop\HILL LIE RY'S FANS ARE MORONS.txt
    2015-05-18 16:04 - 2015-05-22 14:18 - 00000111 _____ () C:\Users\boydphoto\Desktop\MY PORTRAITURE & MY WEDDING ART.txt
    2015-05-18 15:35 - 2015-05-18 15:35 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091bae6a9367a.job
    2015-05-18 15:31 - 2015-05-18 15:34 - 00000034 _____ () C:\Users\boydphoto\Desktop\MY W.A. IV.txt
    2015-05-18 14:28 - 2012-04-13 17:15 - 04415900 _____ () C:\Users\boydphoto\Desktop\HONKY_TONK.wav
    2015-05-18 14:22 - 2011-12-04 11:16 - 02891892 _____ () C:\Users\boydphoto\Desktop\MY NON-ROTARIAN RINGTONE.wav
    2015-05-18 11:08 - 2015-05-18 11:09 - 09555425 _____ () C:\Users\boydphoto\Desktop\My Movie.mp4
    2015-05-18 10:18 - 2015-05-22 12:26 - 00012308 _____ () C:\Users\boydphoto\Desktop\My Movie.wlmp
    2015-05-18 10:15 - 2015-05-18 11:20 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    2015-05-18 10:14 - 2015-05-22 14:42 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    2015-05-18 10:14 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
    2015-05-18 10:07 - 2015-05-18 10:07 - 01239752 _____ (Microsoft Corporation) C:\Users\boydphoto\Downloads\wlsetup-web(5).exe
    2015-05-18 09:55 - 2015-05-18 09:56 - 15648513 _____ () C:\Users\boydphoto\Desktop\My Wedding Art Movie IV.mp4
    2015-05-18 09:32 - 2015-05-22 08:03 - 00000000 ____D () C:\Users\boydphoto\Desktop\PORTRAITS FOR MY SLIDESHOW
    2015-05-18 08:11 - 2015-05-18 09:06 - 08995982 _____ () C:\Users\boydphoto\Desktop\MARY JO, SUNSET BEACH, CA..tif
    2015-05-18 06:28 - 2015-05-22 14:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-05-17 18:58 - 2015-05-17 19:01 - 04015616 _____ () C:\Users\boydphoto\Desktop\Untitled_Panorama1.tif
    2015-05-17 14:16 - 2015-05-17 14:16 - 00014046 _____ () C:\Users\boydphoto\Desktop\Scan Results.150517-1415.txt
    2015-05-17 13:06 - 2015-05-17 13:08 - 00000045 _____ () C:\Users\boydphoto\Desktop\BOYD'S WEDDING ART II.txt
    2015-05-17 12:35 - 2015-05-17 12:35 - 00000000 ____D () C:\TEMP
    2015-05-17 12:30 - 2015-05-17 12:30 - 10741384 _____ (Irfan Skiljan) C:\Users\boydphoto\Downloads\irfanview_plugins_438_setup.exe
    2015-05-17 11:10 - 2015-05-17 11:10 - 01898640 _____ (Irfan Skiljan) C:\Users\boydphoto\Downloads\iview438_setup.exe
    2015-05-17 10:54 - 2015-05-17 10:54 - 00000047 _____ () C:\Users\boydphoto\Desktop\YOU TUBE, MY WEDDING ART.txt
    2015-05-17 10:16 - 2015-05-23 11:22 - 00003356 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000
    2015-05-17 10:16 - 2015-05-23 11:22 - 00003230 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000
    2015-05-17 10:07 - 2015-05-22 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
    2015-05-17 10:07 - 2015-05-17 10:07 - 00171492 _____ () C:\ProgramData\1431882412.bdinstall.bin
    2015-05-17 10:06 - 2015-05-17 10:06 - 00037839 _____ () C:\ProgramData\1431882409.bdinstall.bin
    2015-05-17 09:49 - 2015-05-17 09:49 - 51789024 _____ (Microsoft Corporation) C:\Users\boydphoto\Downloads\Windows-KB890830-x64-V5.24.exe
    2015-05-17 09:24 - 2015-05-17 09:24 - 00703256 _____ (Generic software ) C:\Users\boydphoto\Downloads\WindowsMovieMakerSetup(1).exe
    2015-05-17 08:42 - 2015-05-17 08:42 - 00509440 _____ (Tech Support Guy System) C:\Users\boydphoto\Downloads\SysInfo(9).exe
    2015-05-17 07:35 - 2015-05-21 08:37 - 00003210 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForboydphoto
    2015-05-17 07:35 - 2015-05-21 08:37 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForboydphoto.job
    2015-05-16 16:15 - 2015-05-17 11:48 - 00000000 ____D () C:\FFOutput
    2015-05-16 14:43 - 2015-05-18 10:16 - 00002061 _____ () C:\Users\boydphoto\Desktop\FOR LIFELINE NEWSLETTER.txt
    2015-05-16 10:45 - 2015-05-19 10:27 - 00000000 ____D () C:\Users\boydphoto\Desktop\SAVED FILES, 5-16-15
    2015-05-16 06:57 - 2015-05-16 06:57 - 00000000 ____D () C:\Users\boydphoto\Desktop\SAMPLES OF MY GRAPHIC DESIGN_2
    2015-05-15 18:23 - 2015-05-15 18:23 - 00000215 _____ () C:\Users\boydphoto\Desktop\pursuing happiness.txt
    2015-05-15 15:50 - 2009-02-24 15:13 - 00002521 _____ () C:\Users\boydphoto\Desktop\LETTER FROM A FARM KID.txt
    2015-05-15 07:27 - 2015-05-15 07:27 - 00002115 _____ () C:\Users\boydphoto\Desktop\for charle st. newsletter..txt
    2015-05-15 06:48 - 2015-05-15 06:48 - 00171521 _____ () C:\ProgramData\1431697587.bdinstall.bin
    2015-05-15 06:46 - 2015-05-15 06:46 - 00037839 _____ () C:\ProgramData\1431697585.bdinstall.bin
    2015-05-15 06:44 - 2015-05-15 06:44 - 07029200 _____ () C:\Users\boydphoto\Downloads\bitdefender_av.exe_
    2015-05-14 08:35 - 2015-05-14 08:35 - 00000000 ____D () C:\Hewlett-Packard
    2015-05-13 12:46 - 2015-05-13 12:46 - 00000254 _____ () C:\Users\boydphoto\Desktop\NOTE, REVIEW FROM RENE.txt
    2015-05-13 12:16 - 2015-05-13 12:16 - 00008424 _____ () C:\Users\boydphoto\Desktop\solar-4-rebates.htm
    2015-05-13 12:06 - 2015-05-13 12:06 - 00000027 _____ () C:\Users\boydphoto\Desktop\TO REVIEW MY WORK.txt
    2015-05-13 10:11 - 2015-05-13 10:11 - 00000477 _____ () C:\Users\boydphoto\Desktop\click.htm
    2015-05-13 05:35 - 2015-05-13 05:35 - 00000000 _____ () C:\Windows\SysWOW64\sho8D9C.tmp
    2015-05-13 05:10 - 2015-05-01 06:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-05-13 05:10 - 2015-05-01 06:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-05-12 17:51 - 2015-05-04 18:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-05-12 17:51 - 2015-05-04 18:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-05-12 17:51 - 2015-04-21 19:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-05-12 17:51 - 2015-04-21 18:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-05-12 17:51 - 2015-04-21 10:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-05-12 17:51 - 2015-04-21 10:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-05-12 17:51 - 2015-04-21 10:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-05-12 17:51 - 2015-04-21 09:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-05-12 17:51 - 2015-04-21 09:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-05-12 17:51 - 2015-04-21 09:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-05-12 17:51 - 2015-04-21 09:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-05-12 17:51 - 2015-04-21 09:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-05-12 17:51 - 2015-04-21 09:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-05-12 17:51 - 2015-04-21 09:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-05-12 17:51 - 2015-04-21 09:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-05-12 17:51 - 2015-04-21 09:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-05-12 17:51 - 2015-04-21 09:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-05-12 17:51 - 2015-04-21 09:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-05-12 17:51 - 2015-04-21 09:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-05-12 17:51 - 2015-04-21 09:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-05-12 17:51 - 2015-04-21 09:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-05-12 17:51 - 2015-04-21 09:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-05-12 17:51 - 2015-04-21 09:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-05-12 17:51 - 2015-04-21 09:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-05-12 17:51 - 2015-04-21 09:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-05-12 17:51 - 2015-04-21 09:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-05-12 17:51 - 2015-04-21 09:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-05-12 17:51 - 2015-04-21 09:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-05-12 17:51 - 2015-04-21 09:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-05-12 17:51 - 2015-04-21 09:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-05-12 17:51 - 2015-04-21 09:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-05-12 17:51 - 2015-04-21 09:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-05-12 17:51 - 2015-04-21 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-05-12 17:51 - 2015-04-21 09:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-05-12 17:51 - 2015-04-21 09:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-05-12 17:51 - 2015-04-21 09:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-05-12 17:51 - 2015-04-21 09:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-05-12 17:51 - 2015-04-21 09:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-05-12 17:51 - 2015-04-21 08:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-05-12 17:51 - 2015-04-21 08:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-05-12 17:51 - 2015-04-21 08:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-05-12 17:51 - 2015-04-21 08:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-05-12 17:51 - 2015-04-21 08:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-05-12 17:51 - 2015-04-21 08:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-05-12 17:51 - 2015-04-21 08:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-05-12 17:51 - 2015-04-21 08:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-05-12 17:51 - 2015-04-21 08:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-05-12 17:51 - 2015-04-21 08:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-05-12 17:51 - 2015-04-21 08:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-05-12 17:51 - 2015-04-21 08:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-05-12 17:51 - 2015-04-21 08:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-05-12 17:51 - 2015-04-21 08:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-05-12 17:51 - 2015-04-21 08:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-05-12 17:51 - 2015-04-21 08:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-05-12 17:51 - 2015-04-21 08:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-05-12 17:51 - 2015-04-21 08:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-05-12 17:51 - 2015-04-21 08:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-05-12 17:51 - 2015-04-21 08:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-05-12 17:51 - 2015-04-21 08:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-05-12 17:51 - 2015-04-21 08:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-05-12 17:51 - 2015-04-21 07:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-05-12 17:51 - 2015-04-21 07:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-05-12 17:51 - 2015-04-17 20:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2015-05-12 17:51 - 2015-04-17 19:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2015-05-12 17:51 - 2015-04-12 20:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2015-05-12 17:50 - 2015-04-27 12:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-05-12 17:50 - 2015-04-27 12:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-05-12 17:50 - 2015-04-27 12:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-05-12 17:50 - 2015-04-27 12:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2015-05-12 17:50 - 2015-04-27 12:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-05-12 17:50 - 2015-04-27 12:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-05-12 17:50 - 2015-04-27 12:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2015-05-12 17:50 - 2015-04-27 12:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-05-12 17:50 - 2015-04-27 12:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-05-12 17:50 - 2015-04-27 12:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2015-05-12 17:50 - 2015-04-27 12:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
    2015-05-12 17:50 - 2015-04-27 12:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
    2015-05-12 17:50 - 2015-04-27 12:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-05-12 17:50 - 2015-04-27 12:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
    2015-05-12 17:50 - 2015-04-27 12:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-05-12 17:50 - 2015-04-27 12:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-05-12 17:50 - 2015-04-27 12:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 12:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-05-12 17:50 - 2015-04-27 12:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-05-12 17:50 - 2015-04-27 12:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-05-12 17:50 - 2015-04-27 12:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2015-05-12 17:50 - 2015-04-27 12:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-05-12 17:50 - 2015-04-27 12:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-05-12 17:50 - 2015-04-27 12:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-05-12 17:50 - 2015-04-27 12:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
    2015-05-12 17:50 - 2015-04-27 12:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-05-12 17:50 - 2015-04-27 12:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-05-12 17:50 - 2015-04-27 12:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-05-12 17:50 - 2015-04-27 12:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2015-05-12 17:50 - 2015-04-27 12:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2015-05-12 17:50 - 2015-04-27 12:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-05-12 17:50 - 2015-04-27 12:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
    2015-05-12 17:50 - 2015-04-27 12:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
    2015-05-12 17:50 - 2015-04-27 12:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
    2015-05-12 17:50 - 2015-04-27 12:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
    2015-05-12 17:50 - 2015-04-27 12:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2015-05-12 17:50 - 2015-04-27 12:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-05-12 17:50 - 2015-04-27 12:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2015-05-12 17:50 - 2015-04-27 12:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2015-05-12 17:50 - 2015-04-27 12:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-05-12 17:50 - 2015-04-27 12:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-05-12 17:50 - 2015-04-27 12:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
    2015-05-12 17:50 - 2015-04-27 12:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2015-05-12 17:50 - 2015-04-27 12:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-05-12 17:50 - 2015-04-27 12:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 11:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-05-12 17:50 - 2015-04-27 10:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2015-05-12 17:50 - 2015-04-27 10:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2015-05-12 17:50 - 2015-04-27 10:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 10:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-27 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2015-05-12 17:50 - 2015-04-19 20:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-05-12 17:50 - 2015-04-19 20:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-05-12 17:50 - 2015-04-19 19:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2015-05-12 17:50 - 2015-04-19 19:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-05-12 17:50 - 2015-04-07 20:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-05-12 17:50 - 2015-04-07 20:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
    2015-05-12 17:50 - 2015-03-03 21:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-05-12 17:50 - 2015-03-03 21:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2015-05-12 17:50 - 2015-03-03 21:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-05-12 17:50 - 2015-03-03 21:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2015-05-12 17:50 - 2015-03-03 21:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
    2015-05-12 17:50 - 2015-03-03 21:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2015-05-12 17:50 - 2015-03-03 21:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2015-05-12 17:50 - 2015-02-18 00:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2015-05-12 17:50 - 2015-02-18 00:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2015-05-12 17:50 - 2015-01-28 20:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2015-05-12 17:50 - 2015-01-28 20:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2015-05-12 16:17 - 2015-05-12 16:17 - 01239752 _____ (Microsoft Corporation) C:\Users\boydphoto\Downloads\wlsetup-web(4).exe
    2015-05-12 14:23 - 2015-05-12 14:58 - 140447214 _____ () C:\Users\boydphoto\Downloads\ce49e00a8129d66cfd0736f0189cf4a31377355231-480-266-400-h264.flv
    2015-05-12 13:53 - 2015-05-12 13:53 - 00000031 _____ () C:\Users\boydphoto\Desktop\U. S. PHARMACY.txt
    2015-05-12 09:18 - 2015-05-12 09:18 - 00019140 _____ () C:\Users\boydphoto\Desktop\Tweaking.com - Windows Repair - Found Reparse Points.txt
    2015-05-12 08:13 - 2015-05-12 08:13 - 12873576 _____ () C:\Users\boydphoto\Downloads\tweaking.com_windows_repair_aio_setup(2).exe
    2015-05-12 08:11 - 2015-05-12 08:11 - 12873576 _____ () C:\Users\boydphoto\Downloads\tweaking.com_windows_repair_aio_setup(1).exe
    2015-05-11 17:18 - 2015-05-18 11:15 - 00001915 _____ () C:\Windows\DirectX.log
    2015-05-11 17:15 - 2015-05-11 17:15 - 01239752 _____ (Microsoft Corporation) C:\Users\boydphoto\Downloads\wlsetup-web(3).exe
    2015-05-11 15:44 - 2015-05-11 15:44 - 01239752 _____ (Microsoft Corporation) C:\Users\boydphoto\Downloads\wlsetup-web(2).exe
    2015-05-11 15:36 - 2015-05-11 15:35 - 07357440 _____ () C:\Users\boydphoto\Downloads\WindowsMovieMakerSetup [1].exe
    2015-05-11 15:35 - 2015-05-17 09:24 - 07357440 _____ () C:\Users\boydphoto\Downloads\WindowsMovieMakerSetup.exe
    2015-05-11 14:37 - 2010-10-15 15:12 - 00005652 _____ () C:\Users\boydphoto\Desktop\COULTER, PATTY MURRAY IS THE STUPIDEST PERSON IN AMERICA.txt
    2015-05-11 12:46 - 2015-05-11 12:46 - 00000464 _____ () C:\Windows\system32\ScannerSettings
    2015-05-11 12:44 - 2015-05-11 12:44 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BOYDPHOTO-HP-Windows-7-Home-Premium-(64-bit).dat
    2015-05-11 12:44 - 2015-05-11 12:44 - 00000000 ____D () C:\RegBackup
    2015-05-11 11:37 - 2015-05-17 07:10 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2015-05-11 11:37 - 2015-05-12 08:12 - 00003670 _____ () C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
    2015-05-11 11:37 - 2015-05-11 11:37 - 12849824 _____ () C:\Users\boydphoto\Downloads\tweaking.com_windows_repair_aio_setup.exe
    2015-05-11 10:42 - 2015-05-11 10:42 - 00000000 ____D () C:\Users\boydphoto\Desktop\windows_repair_all_in_one
    2015-05-11 10:41 - 2015-05-11 10:41 - 00008305 _____ () C:\Users\boydphoto\Desktop\windows_repair_all_in_one.rar
    2015-05-11 10:36 - 2015-05-11 10:36 - 00032869 _____ () C:\Users\boydphoto\Desktop\windows_repair_all_in_one.html
    2015-05-11 06:52 - 2015-05-11 06:52 - 00125309 _____ () C:\Users\boydphoto\Desktop\RING 0401378_S.psd
    2015-05-11 06:32 - 2015-05-11 06:32 - 00512536 _____ () C:\Users\boydphoto\Desktop\wedding-engagement-rings.tif
    2015-05-10 17:31 - 2015-05-10 17:31 - 05268872 _____ () C:\Users\boydphoto\Desktop\IRINA!.tif
    2015-05-10 09:09 - 2015-05-10 09:09 - 00000064 _____ () C:\Users\boydphoto\Desktop\'LOVE' WITH SCRABBLE TILES AND A RING.txt
    2015-05-10 07:07 - 2015-05-19 14:31 - 00000000 ____D () C:\Users\boydphoto\Desktop\SLIDESHOW STUFF
    2015-05-10 05:56 - 2015-05-10 06:02 - 15002256 _____ () C:\Users\boydphoto\Desktop\mother at b and j.psd
    2015-05-10 05:03 - 2015-05-10 05:03 - 00391086 _____ () C:\Users\boydphoto\Desktop\wsuket.htm
    2015-05-09 12:45 - 2015-05-09 13:00 - 00000165 _____ () C:\Windows\Reimage.ini
    2015-05-09 12:45 - 2015-05-09 12:45 - 00768512 _____ (Reimage®) C:\Users\boydphoto\Downloads\ReimageRepair.exe
    2015-05-09 10:03 - 2015-05-09 10:03 - 00000025 _____ () C:\Users\boydphoto\Desktop\FOR CLIENT REVIEWS.txt
    2015-05-08 15:39 - 2015-05-08 15:39 - 10055868 _____ () C:\Users\boydphoto\Downloads\kadys_still_at_it.wmv
    2015-05-08 15:32 - 2015-05-08 15:32 - 07469925 _____ () C:\Users\boydphoto\Downloads\1(1).wmv
    2015-05-08 15:31 - 2015-05-08 15:31 - 07469925 _____ () C:\Users\boydphoto\Downloads\1.wmv
    2015-05-08 13:17 - 2015-05-08 13:18 - 02829352 _____ () C:\Users\boydphoto\Desktop\Pictures_Video.avi
    2015-05-08 13:08 - 2015-05-17 07:13 - 00000000 ____D () C:\Users\boydphoto\AppData\Roaming\OpenCandy
    2015-05-08 13:08 - 2015-05-08 13:09 - 00000000 ____D () C:\Users\boydphoto\AppData\Local\Safer Technologies
    2015-05-08 13:08 - 2015-05-08 13:08 - 00000000 ____D () C:\Users\boydphoto\AppData\Roaming\New Version Available
    2015-05-08 13:06 - 2015-05-08 13:05 - 06369080 _____ (VisionGem Co., Ltd. ) C:\Users\boydphoto\Downloads\FreeSlideshowMaker [1].exe
    2015-05-08 13:05 - 2015-05-08 13:05 - 00700240 _____ () C:\Users\boydphoto\Downloads\FreeSlideshowMaker.exe
    2015-05-08 12:58 - 2015-05-08 12:58 - 01239752 _____ (Microsoft Corporation) C:\Users\boydphoto\Downloads\wlsetup-web(1).exe
    2015-05-08 08:59 - 2015-05-08 08:59 - 00000050 _____ () C:\Users\boydphoto\Desktop\trisha winberry quote.txt
    2015-05-08 08:43 - 2015-05-08 08:43 - 00000094 _____ () C:\Users\boydphoto\Desktop\REPY TO SFC SCANNOW.txt
    2015-05-07 16:39 - 2015-05-07 16:39 - 00034160 _____ (Microsoft Corporation) C:\Users\boydphoto\Downloads\WLXPhotoBase.dll
    2015-05-07 12:42 - 2015-05-07 12:42 - 10017108 _____ () C:\Users\boydphoto\Downloads\Fog-Mist-Gavtrain-CS6-CC.zip
    2015-05-07 12:23 - 2015-05-07 12:23 - 00173968 _____ () C:\ProgramData\1431026597.bdinstall.bin
    2015-05-07 12:23 - 2015-05-07 12:23 - 00037823 _____ () C:\ProgramData\1431026595.bdinstall.bin
    2015-05-07 12:23 - 2015-05-07 12:23 - 00000000 ____D () C:\ProgramData\GZ
    2015-05-07 10:39 - 2015-05-07 10:39 - 42096984 _____ (Apple Inc.) C:\Users\boydphoto\Downloads\QuickTimeInstaller.exe
    2015-05-06 15:52 - 2015-05-06 18:14 - 00000000 ____D () C:\Program Files (x86)\DLLSuite
    2015-05-06 08:54 - 2015-05-06 08:54 - 42207192 _____ () C:\Users\boydphoto\Downloads\wowslider-win-setup.zip
    2015-05-06 08:49 - 2015-05-06 08:49 - 00000000 ____D () C:\Users\boydphoto\Documents\My Smilebox Creations
    2015-05-06 08:27 - 2015-05-06 08:27 - 00104558 _____ () C:\Users\boydphoto\Desktop\BOYD BILBO WEDDING ART IV.ive
    2015-05-06 07:44 - 2015-05-06 07:45 - 00000000 ____D () C:\ProgramData\iSkysoft
    2015-05-06 07:43 - 2015-05-07 09:28 - 00000000 ____D () C:\Users\boydphoto\Documents\iSkysoft Video Editor
    2015-05-06 07:43 - 2015-05-06 07:43 - 00000000 ____D () C:\Users\boydphoto\AppData\Local\iSkysoft
    2015-05-06 07:42 - 2015-05-07 09:28 - 00000000 ____D () C:\Users\Public\Documents\iSkysoft
    2015-05-05 14:00 - 2015-05-05 14:01 - 00000000 ____D () C:\Users\boydphoto\Documents\ezvid
    2015-05-05 09:48 - 2015-05-05 09:48 - 00000000 ____D () C:\Users\boydphoto\Documents\Photostage Projects
    2015-05-05 08:09 - 2015-05-07 09:28 - 00000000 ____D () C:\Users\boydphoto\AppData\Roaming\NCH Software
    2015-05-05 08:09 - 2015-05-05 09:47 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
    2015-05-05 08:09 - 2015-05-05 08:09 - 00000000 ____D () C:\ProgramData\NCH Software
    2015-05-05 07:51 - 2015-05-05 07:57 - 02278816 _____ () C:\Users\boydphoto\Desktop\bgonbeachwborder_wsun.psd
    2015-05-05 06:48 - 2015-05-05 06:48 - 00000000 ____D () C:\Users\boydphoto\Desktop\ROCKY COAST HDR BATCH
    2015-05-04 12:41 - 2015-05-04 12:42 - 14427898 _____ () C:\Users\boydphoto\Desktop\My Wedding Art Movie_III.mp4
    2015-05-04 12:22 - 2015-05-04 12:23 - 14428303 _____ () C:\Users\boydphoto\Desktop\My Wedding Art Movie_II.mp4
    2015-05-04 11:28 - 2015-05-04 11:28 - 00000039 _____ () C:\Users\boydphoto\Desktop\BKGD MUSIC FOR MY ART.txt
    2015-05-04 10:25 - 2015-05-04 10:26 - 14278530 _____ () C:\Users\boydphoto\Desktop\My Wedding Art Movie.mp4
    2015-05-04 09:50 - 2015-05-04 09:56 - 00000000 ____D () C:\Program Files (x86)\Youtube Movie Maker
    2015-05-04 09:17 - 2011-03-31 14:40 - 03269467 _____ () C:\Users\boydphoto\Desktop\03 Etudes Op 10 - no 3 in E major.wma
    2015-05-02 10:25 - 2015-05-02 10:28 - 00000258 _____ () C:\Users\boydphoto\Desktop\FIX MY MOVIE FILE.txt
    2015-05-01 12:09 - 2015-05-01 12:10 - 07852389 _____ () C:\Users\boydphoto\Downloads\Arbenting-Blurred-Textures.zip
    2015-05-01 12:07 - 2015-05-01 12:08 - 12096628 _____ () C:\Users\boydphoto\Downloads\My_Cloud_Brushes_by_SaviourMachine.abr
    2015-05-01 12:03 - 2015-05-01 12:03 - 18451475 _____ () C:\Users\boydphoto\Downloads\hi_res_clouds_ps_brush_set_2_by_fudgegraphics.zip
    2015-05-01 12:03 - 2015-05-01 12:03 - 18451475 _____ () C:\Users\boydphoto\Downloads\hi_res_clouds_ps_brush_set_2_by_fudgegraphics(1).zip
    2015-05-01 04:58 - 2015-05-04 05:51 - 02200022 _____ () C:\Users\boydphoto\Desktop\cabo eve..tif
    2015-04-30 18:33 - 2015-04-30 18:33 - 00001922 _____ () C:\Users\boydphoto\Documents\My Movie.wlmp
    2015-04-30 11:36 - 2015-04-30 11:36 - 00001305 _____ () C:\Users\boydphoto\Desktop\Movie Maker.lnk
    2015-04-30 10:40 - 2015-04-30 10:41 - 00027602 _____ () C:\Users\boydphoto\Downloads\alex-brush.zip
    2015-04-30 10:33 - 2015-04-30 10:33 - 00564594 _____ () C:\Users\boydphoto\Downloads\måns-grebäck_respective.zip
    2015-04-30 10:18 - 2015-04-30 10:18 - 00666711 _____ () C:\Users\boydphoto\Downloads\cabin(2).zip
    2015-04-30 10:04 - 2015-04-30 10:05 - 01884758 _____ () C:\Users\boydphoto\Downloads\Cabin-Italic(1).zip
    2015-04-30 10:03 - 2015-04-30 10:03 - 01884758 _____ () C:\Users\boydphoto\Downloads\Cabin-Italic.zip
    2015-04-30 09:48 - 2015-04-30 09:48 - 00086588 _____ () C:\Users\boydphoto\Downloads\mf_wedding_bells.zip
    2015-04-30 09:44 - 2015-04-30 09:44 - 00016793 _____ () C:\Users\boydphoto\Downloads\dragon_is_coming.zip
    2015-04-30 09:12 - 2015-04-30 09:14 - 00000000 ____D () C:\Program Files (x86)\Wondershare
    2015-04-30 09:12 - 2015-04-30 09:12 - 00000000 ____D () C:\Users\boydphoto\Documents\Wondershare DVD Slideshow Builder Deluxe
    2015-04-30 09:12 - 2015-04-30 09:12 - 00000000 ____D () C:\Users\boydphoto\AppData\Local\Wondershare
    2015-04-30 09:11 - 2015-04-30 09:11 - 36665367 _____ (WonderShare Software Co.,Ltd. ) C:\Users\boydphoto\Downloads\dsb-deluxe-bing_full965.exe
    2015-04-30 05:24 - 2015-04-30 05:25 - 00238748 _____ () C:\Users\boydphoto\Downloads\cabin(1).zip
    2015-04-30 05:22 - 2015-04-30 05:22 - 00238748 _____ () C:\Users\boydphoto\Downloads\cabin.zip
    2015-04-30 05:19 - 2015-04-30 05:19 - 00022648 _____ () C:\Users\boydphoto\Downloads\LeagueGothic-Italic.otf
    2015-04-29 15:19 - 2014-02-15 05:49 - 00003272 _____ () C:\Users\boydphoto\Desktop\KIDS' DEFINITIONS OF LOVE.txt
    2015-04-29 15:08 - 2014-06-06 14:23 - 365821636 _____ () C:\Users\boydphoto\Desktop\Asian_Girls_Love_White_Girls___Videos_1610732_japanese_girl_is_addicted_to_white_girls (2).flv
    2015-04-27 14:10 - 2015-04-27 14:10 - 00448512 _____ (OldTimer Tools) C:\Users\boydphoto\Downloads\TFC.exe
    2015-04-27 12:36 - 2015-04-27 12:36 - 00000000 ____D () C:\Users\boydphoto\AppData\Roaming\SUPERAntiSpyware.com
    2015-04-27 12:36 - 2015-04-27 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2015-04-27 12:35 - 2015-04-27 12:35 - 21737608 _____ (SUPERAntiSpyware) C:\Users\boydphoto\Downloads\SUPERAntiSpyware(3).exe
    2015-04-27 05:38 - 2015-05-17 08:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-04-27 05:37 - 2015-04-27 05:38 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\boydphoto\Downloads\mbam-setup-2.1.6.1022(2).exe
    2015-04-27 05:36 - 2015-04-27 05:36 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\boydphoto\Downloads\mbam-setup-2.1.6.1022.exe
    2015-04-27 05:36 - 2015-04-27 05:36 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\boydphoto\Downloads\mbam-setup-2.1.6.1022(1).exe
    2015-04-26 09:18 - 2015-05-07 09:26 - 00000000 ____D () C:\ProgramData\Baidu
    2015-04-26 05:16 - 2015-04-26 05:16 - 02224640 _____ () C:\Users\boydphoto\Downloads\adwcleaner_4.202(1).exe
    2015-04-25 09:52 - 2015-04-26 05:19 - 00000000 ____D () C:\AdwCleaner
    2015-04-25 09:49 - 2015-04-25 09:49 - 02224640 _____ () C:\Users\boydphoto\Downloads\adwcleaner_4.202.exe
    2015-04-24 19:57 - 2015-04-24 19:57 - 00927920 _____ (Adobe Systems Incorporated) C:\Users\boydphoto\Downloads\uninstall_flash_player(1).exe
    2015-04-24 13:56 - 2015-04-24 13:56 - 00509440 _____ (Tech Support Guy System) C:\Users\boydphoto\Downloads\SysInfo(8).exe

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-23 17:18 - 2014-09-06 18:26 - 00000000 ____D () C:\FRST
    2015-05-23 16:53 - 2015-02-09 05:48 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-05-23 16:41 - 2014-05-21 05:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-05-23 16:40 - 2009-07-13 21:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-05-23 16:40 - 2009-07-13 21:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-05-23 16:35 - 2012-07-19 12:20 - 01998196 _____ () C:\Windows\WindowsUpdate.log
    2015-05-23 16:31 - 2015-02-09 05:48 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-05-23 16:29 - 2015-03-24 05:11 - 00006946 _____ () C:\Windows\setupact.log
    2015-05-23 16:29 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-05-23 11:55 - 2014-03-18 18:33 - 00000000 ____D () C:\Users\boydphoto\Desktop\PHOTOS, 3-18-14
    2015-05-23 11:55 - 2014-01-23 11:11 - 00000000 ____D () C:\Users\boydphoto\Desktop\INFO
    2015-05-23 11:54 - 2014-11-19 05:29 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2015-05-23 06:18 - 2014-11-17 07:58 - 00000000 ____D () C:\Users\boydphoto\Desktop\New folder (2)
    2015-05-23 05:03 - 2013-10-04 04:55 - 00000000 ____D () C:\Users\boydphoto\AppData\Local\Adobe
    2015-05-23 04:57 - 2014-05-21 05:19 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-05-23 04:57 - 2014-05-21 05:19 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-05-23 04:57 - 2014-05-21 05:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-05-22 19:05 - 2014-10-04 10:31 - 00000000 ____D () C:\Users\boydphoto\AppData\Roaming\QuickScan
    2015-05-22 14:42 - 2015-03-20 12:13 - 00000000 ____D () C:\Program Files\iTunes
    2015-05-22 14:42 - 2015-03-20 12:13 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2015-05-22 14:42 - 2015-02-25 11:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2015-05-22 14:42 - 2015-02-09 05:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-05-22 14:42 - 2015-01-07 13:35 - 00000000 ____D () C:\Program Files\PhotomatixPro5
    2015-05-22 14:42 - 2014-12-31 12:54 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
    2015-05-22 14:42 - 2014-12-11 13:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-05-22 14:42 - 2014-11-11 10:09 - 00000000 ____D () C:\Program Files (x86)\Sothink DVD Ripper
    2015-05-22 14:42 - 2013-11-27 16:34 - 00000000 ____D () C:\Program Files (x86)\KUSO EXIF Viewer
    2015-05-22 14:42 - 2013-08-20 11:10 - 00000000 ____D () C:\Program Files\WinRAR
    2015-05-22 14:42 - 2013-06-12 14:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2015-05-22 14:42 - 2013-06-08 11:00 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-05-22 14:42 - 2013-04-26 16:26 - 00000000 ____D () C:\Program Files (x86)\FlashGet
    2015-05-22 14:42 - 2013-02-13 19:03 - 00000000 ____D () C:\Program Files (x86)\QuickTime
    2015-05-22 14:42 - 2012-11-11 15:46 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
    2015-05-22 14:42 - 2012-10-19 11:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
    2015-05-22 14:42 - 2012-10-18 13:51 - 00000000 ____D () C:\Program Files (x86)\Audacity
    2015-05-22 14:42 - 2012-10-03 13:01 - 00000000 ____D () C:\Program Files\Eraser
    2015-05-22 14:42 - 2012-07-19 12:31 - 00000000 ____D () C:\Program Files (x86)\HP SimplePass 2012
    2015-05-22 14:42 - 2011-10-15 19:36 - 00000000 ____D () C:\Program Files (x86)\PlayReady
    2015-05-22 14:41 - 2015-04-05 05:21 - 00000000 ___SD () C:\Windows\system32\GWX
    2015-05-22 14:41 - 2013-06-07 09:32 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
    2015-05-22 14:41 - 2012-11-11 15:46 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
    2015-05-22 14:41 - 2012-10-19 11:45 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
    2015-05-22 14:41 - 2012-10-18 13:52 - 00000000 ____D () C:\Users\boydphoto\AppData\Roaming\Audacity
    2015-05-22 14:41 - 2012-09-18 00:08 - 00000000 ____D () C:\Users\boydphoto
    2015-05-22 14:41 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
    2015-05-22 14:23 - 2014-11-25 16:52 - 00000000 ____D () C:\Users\boydphoto\Desktop\Old Firefox Data
    2015-05-22 14:07 - 2015-01-13 10:39 - 00000000 ____D () C:\Users\boydphoto\Desktop\12-8-14
    2015-05-22 13:51 - 2015-03-24 05:11 - 00016704 _____ () C:\Windows\PFRO.log
    2015-05-22 11:52 - 2013-10-12 04:59 - 00000000 ____D () C:\Users\boydphoto\AppData\Local\CrashDumps
    2015-05-22 10:11 - 2012-11-01 12:27 - 00000000 ____D () C:\Users\boydphoto\AppData\Local\Windows Live
    2015-05-22 07:57 - 2014-11-17 08:35 - 00000000 ____D () C:\Users\boydphoto\Desktop\PORTRAITS FOR MY WS
    2015-05-21 05:15 - 2009-07-13 22:13 - 00779110 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-05-20 10:44 - 2012-09-19 19:06 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2015-05-20 05:10 - 2014-12-11 13:57 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-05-18 18:07 - 2014-02-02 12:06 - 00000000 ____D () C:\Users\boydphoto\AppData\Roaming\IrfanView
    2015-05-18 11:21 - 2014-05-22 16:25 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2015-05-18 11:20 - 2013-12-19 19:17 - 00001184 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2015-05-18 10:16 - 2013-01-12 17:05 - 00000000 ____D () C:\Users\boydphoto\Tracing
    2015-05-18 10:15 - 2011-10-15 19:48 - 00000000 ____D () C:\Program Files (x86)\Windows Live
    2015-05-18 10:14 - 2014-05-22 16:21 - 00000000 ____D () C:\Program Files\Windows Live
    2015-05-17 16:12 - 2014-12-18 10:16 - 00000000 ____D () C:\Users\boydphoto\Desktop\FOR JOBS
    2015-05-17 10:02 - 2015-04-05 05:21 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
    2015-05-17 07:13 - 2014-11-19 05:29 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
    2015-05-17 07:13 - 2014-08-22 05:18 - 00000000 ____D () C:\Users\boydphoto\Desktop\REASS DVD
    2015-05-17 07:13 - 2012-09-18 00:10 - 00000000 ____D () C:\Users\boydphoto\AppData\Local\Hewlett-Packard
    2015-05-17 07:13 - 2011-10-15 19:55 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
    2015-05-17 07:13 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
    2015-05-17 07:13 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\servicing
    2015-05-17 07:13 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2015-05-17 07:11 - 2012-11-21 05:43 - 00000000 ____D () C:\ProgramData\Real
    2015-05-17 07:11 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
    2015-05-17 07:10 - 2013-03-13 21:32 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2015-05-17 07:10 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
    2015-05-17 07:09 - 2011-10-15 19:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2015-05-16 12:09 - 2013-10-04 14:41 - 00000000 ____D () C:\Users\boydphoto\AppData\Local\Windows Live Writer
    2015-05-16 10:16 - 2013-08-14 20:15 - 00000000 ____D () C:\Windows\system32\MRT
    2015-05-14 17:02 - 2014-05-16 17:39 - 00014848 ___SH () C:\Users\boydphoto\Thumbs.db
    2015-05-13 05:38 - 2009-07-13 21:45 - 04986912 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-05-13 05:34 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
    2015-05-13 05:17 - 2012-10-08 17:58 - 00795398 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2015-05-13 05:10 - 2013-03-20 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-05-12 17:22 - 2014-01-28 13:43 - 00000000 ____D () C:\Users\boydphoto\Documents\Youcam
    2015-05-12 12:53 - 2013-10-04 08:33 - 00065320 _____ () C:\Users\boydphoto\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-05-12 09:30 - 2009-07-13 19:34 - 00000439 _____ () C:\Windows\win.ini
    2015-05-11 13:00 - 2009-07-13 19:34 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_204
    2015-05-11 12:50 - 2013-06-10 05:47 - 00088056 _____ () C:\Windows\system32\ScanResults.xml
    2015-05-11 12:24 - 2014-07-30 17:02 - 00000000 ____D () C:\Users\HomeGroupUser$
    2015-05-11 12:24 - 2014-07-30 17:02 - 00000000 ____D () C:\Users\Guest
    2015-05-11 12:24 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Default
    2015-05-07 09:28 - 2014-05-22 16:26 - 00000000 ____D () C:\Windows\en
    2015-05-05 09:41 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SchCache
    2015-04-30 10:07 - 2012-09-20 00:48 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-04-29 17:54 - 2015-02-18 12:53 - 00000000 ____D () C:\Users\boydphoto\Desktop\IMAGES FOR TIVOLI TERRACE
    2015-04-29 08:41 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\security
    2015-04-25 06:08 - 2014-11-06 09:39 - 00000000 ____D () C:\Program Files (x86)\Bonjour
    2015-04-23 13:13 - 2015-03-31 11:45 - 00000000 ____D () C:\Users\boydphoto\AppData\Local\Citrix
    2015-04-23 04:17 - 2015-03-12 14:13 - 00003670 _____ () C:\Windows\System32\Tasks\Driver Support

    ==================== Files in the root of some directories =======

    2015-01-07 18:30 - 2015-01-23 09:59 - 10395072 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
    2014-12-22 12:19 - 2014-12-22 12:19 - 0000132 _____ () C:\Users\boydphoto\AppData\Roaming\Adobe GIF Format CC Prefs
    2014-12-08 14:12 - 2014-12-08 14:12 - 0000132 _____ () C:\Users\boydphoto\AppData\Roaming\Adobe PNG Format CC Prefs
    2013-02-05 10:52 - 2013-02-05 10:53 - 0000173 _____ () C:\Users\boydphoto\AppData\Roaming\hpmirrordriver.log
    2013-11-16 07:40 - 2015-03-07 17:38 - 0000112 _____ () C:\Users\boydphoto\AppData\Roaming\JP2K CS6 Prefs
    2015-01-18 13:04 - 2015-01-18 13:05 - 0000115 _____ () C:\Users\boydphoto\AppData\Roaming\LogFile.txt
    2013-11-12 16:50 - 2013-11-12 16:50 - 0000119 _____ () C:\Users\boydphoto\AppData\Roaming\mbam.context.scan
    2013-07-17 12:54 - 2013-07-17 12:54 - 0000005 _____ () C:\Users\boydphoto\AppData\Roaming\WBPU-TTL.DAT
    2014-02-17 06:25 - 2014-11-08 06:47 - 0001456 _____ () C:\Users\boydphoto\AppData\Local\Adobe Save for Web 13.0 Prefs
    2014-10-04 10:31 - 2014-10-04 10:32 - 0005991 _____ () C:\ProgramData\1412443876.1908.bin
    2014-10-04 10:32 - 2014-10-04 10:32 - 0002133 _____ () C:\ProgramData\1412443876.1940.bin
    2014-10-04 10:32 - 2014-10-04 10:32 - 0009155 _____ () C:\ProgramData\1412443876.2588.bin
    2014-10-04 10:31 - 2014-10-04 10:33 - 0049898 _____ () C:\ProgramData\1412443876.3536.bin
    2014-10-04 10:31 - 2014-10-04 10:33 - 0015503 _____ () C:\ProgramData\1412443876.4120.bin
    2014-10-04 10:31 - 2014-10-04 10:31 - 0013603 _____ () C:\ProgramData\1412443876.5856.bin
    2014-10-04 10:32 - 2014-10-04 10:32 - 0004448 _____ () C:\ProgramData\1412443876.7500.bin
    2014-10-04 10:36 - 2014-10-04 10:38 - 0005991 _____ () C:\ProgramData\1412444185.2568.bin
    2014-10-04 10:38 - 2014-10-04 10:38 - 0002133 _____ () C:\ProgramData\1412444185.2764.bin
    2014-10-04 10:38 - 2014-10-04 10:38 - 0004508 _____ () C:\ProgramData\1412444185.4156.bin
    2014-10-04 10:38 - 2014-10-04 10:38 - 0009155 _____ () C:\ProgramData\1412444185.4920.bin
    2014-10-04 10:36 - 2014-10-04 10:38 - 0049433 _____ () C:\ProgramData\1412444185.5376.bin
    2014-10-04 10:36 - 2014-10-04 10:38 - 0010863 _____ () C:\ProgramData\1412444185.6596.bin
    2014-10-04 10:37 - 2014-10-04 10:37 - 0012991 _____ () C:\ProgramData\1412444185.7672.bin
    2015-03-29 12:24 - 2015-03-29 12:24 - 0045498 _____ () C:\ProgramData\1427657079.bdinstall.bin
    2015-03-29 12:35 - 2015-03-29 12:35 - 0214913 _____ () C:\ProgramData\1427657381.bdinstall.bin
    2015-05-07 12:23 - 2015-05-07 12:23 - 0037823 _____ () C:\ProgramData\1431026595.bdinstall.bin
    2015-05-07 12:23 - 2015-05-07 12:23 - 0173968 _____ () C:\ProgramData\1431026597.bdinstall.bin
    2015-05-15 06:46 - 2015-05-15 06:46 - 0037839 _____ () C:\ProgramData\1431697585.bdinstall.bin
    2015-05-15 06:48 - 2015-05-15 06:48 - 0171521 _____ () C:\ProgramData\1431697587.bdinstall.bin
    2015-05-17 10:06 - 2015-05-17 10:06 - 0037839 _____ () C:\ProgramData\1431882409.bdinstall.bin
    2015-05-17 10:07 - 2015-05-17 10:07 - 0171492 _____ () C:\ProgramData\1431882412.bdinstall.bin
    2014-10-10 15:46 - 2014-10-10 15:46 - 0000088 _____ () C:\ProgramData\FS.dat

    Files to move or delete:
    ====================
    C:\ProgramData\FS.dat


    Some files in TEMP:
    ====================
    C:\Users\boydphoto\AppData\Local\Temp\iv_uninstall.exe
    C:\Users\boydphoto\AppData\Local\Temp\ReimagePackage.exe
    C:\Users\boydphoto\AppData\Local\Temp\ReiSysUpdate.exe
    C:\Users\boydphoto\AppData\Local\Temp\sqlite3.exe
     
  4. boydphoto

    boydphoto Thread Starter

    Joined:
    Nov 25, 2005
    Messages:
    641
    First Name:
    boyd
    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-05-20 09:30

    ==================== End of log ============================
     
  5. boydphoto

    boydphoto Thread Starter

    Joined:
    Nov 25, 2005
    Messages:
    641
    First Name:
    boyd
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015 01
    Ran by boydphoto at 2015-05-23 17:19:54
    Running from C:\Users\boydphoto\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1479091243-4294284354-2124732490-500 - Administrator - Disabled)
    boydphoto (S-1-5-21-1479091243-4294284354-2124732490-1000 - Administrator - Enabled) => C:\Users\boydphoto
    Guest (S-1-5-21-1479091243-4294284354-2124732490-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1479091243-4294284354-2124732490-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
    Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
    Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
    FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
    Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
    iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
    iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
    Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
    Photomatix Pro version 5.0.5a (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.5a - HDRsoft Ltd)
    RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
    RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
    RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
    RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Sothink DVD Ripper (HKLM-x32\...\{185E5BA3-64B1-4BE2-8326-923D3483CA83}_is1) (Version: 2.1 - SourceTec Software Co., LTD)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
    SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
    UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
    Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
    Windows 7 Codec Pack 4.1.0 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.1.0 - Windows 7 Codec Pack)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1479091243-4294284354-2124732490-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\boydphoto\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
    CustomCLSID: HKU\S-1-5-21-1479091243-4294284354-2124732490-1000_Classes\CLSID\{0F14C970-5557-4AA3-B88C-0AD751400AF4}\InprocServer32 -> C:\Users\boydphoto\AppData\Local\TNT2\Profiles\10261\passport64.dll No File
    CustomCLSID: HKU\S-1-5-21-1479091243-4294284354-2124732490-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\boydphoto\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-1479091243-4294284354-2124732490-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\boydphoto\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-1479091243-4294284354-2124732490-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\boydphoto\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-1479091243-4294284354-2124732490-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\boydphoto\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-1479091243-4294284354-2124732490-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\boydphoto\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

    ==================== Restore Points =========================

    04-05-2015 17:32:12 Installed DirectX
    04-05-2015 17:33:22 Installed DirectX
    04-05-2015 17:34:30 WLSetup
    05-05-2015 08:45:04 Windows Live Essentials
    05-05-2015 08:46:06 Installed DirectX
    05-05-2015 08:47:43 Installed DirectX
    05-05-2015 08:48:50 Installed DirectX
    05-05-2015 08:49:56 WLSetup
    05-05-2015 10:02:03 Revo Uninstaller's restore point - PhotoStage Slideshow Producer
    05-05-2015 12:16:32 Removed Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    05-05-2015 14:05:06 Revo Uninstaller's restore point - Ezvid
    06-05-2015 14:47:41 Restore Operation
    06-05-2015 18:03:38 Revo Uninstaller's restore point - DLL Suite 2013
    06-05-2015 18:16:00 Removed Microsoft Primary Interoperability Assemblies 2005
    06-05-2015 18:18:37 Revo Uninstaller's restore point - Smilebox
    06-05-2015 18:22:28 Restore Operation
    07-05-2015 10:52:53 Windows Update
    08-05-2015 12:59:45 Windows Live Essentials
    08-05-2015 13:00:41 Installed DirectX
    08-05-2015 13:01:52 Installed DirectX
    08-05-2015 13:02:46 Installed DirectX
    08-05-2015 13:03:55 WLSetup
    11-05-2015 12:45:20 Tweaking.com - Windows Repair
    11-05-2015 13:15:39 Windows Live Essentials
    11-05-2015 13:16:51 WLSetup
    11-05-2015 17:16:26 Windows Live Essentials
    11-05-2015 17:17:12 Installed DirectX
    11-05-2015 17:18:23 Installed DirectX
    11-05-2015 17:19:33 Installed DirectX
    11-05-2015 17:20:31 WLSetup
    12-05-2015 08:03:26 Windows Live Essentials
    12-05-2015 08:04:17 WLSetup
    12-05-2015 16:18:42 Windows Live Essentials
    12-05-2015 16:19:31 Installed DirectX
    12-05-2015 16:20:41 Installed DirectX
    12-05-2015 16:21:44 Installed DirectX
    12-05-2015 16:22:40 WLSetup
    12-05-2015 16:47:04 Restore Operation
    13-05-2015 05:07:40 Windows Update
    13-05-2015 08:40:06 Windows Live Essentials
    13-05-2015 08:41:59 WLSetup
    14-05-2015 08:41:45 Windows Update
    14-05-2015 09:05:53 Restore Operation
    14-05-2015 10:43:43 Tweaking.com - Windows Repair
    14-05-2015 10:46:08 Restore Operation
    16-05-2015 10:06:15 Windows Update
    17-05-2015 07:31:01 Windows Live Essentials
    17-05-2015 07:32:42 WLSetup
    17-05-2015 08:03:53 Revo Uninstaller's restore point - Malwarebytes Anti-Malware version 2.1.6.1022
    17-05-2015 09:27:23 Installed DirectX
    17-05-2015 09:28:02 Installed DirectX
    17-05-2015 09:28:50 Installed DirectX
    17-05-2015 09:32:42 Revo Uninstaller's restore point - Malwarebytes Anti-Malware version 2.1.6.1022
    17-05-2015 09:34:07 Revo Uninstaller's restore point - Tweaking.com - Windows Repair
    17-05-2015 10:01:57 Windows Update
    18-05-2015 10:09:15 Windows Live Essentials
    18-05-2015 10:10:19 Installed DirectX
    18-05-2015 10:11:18 Installed DirectX
    18-05-2015 10:12:08 Installed DirectX
    18-05-2015 10:13:15 WLSetup
    18-05-2015 11:14:48 Installed DirectX
    18-05-2015 11:15:39 Installed DirectX
    18-05-2015 11:17:40 Installed DirectX
    22-05-2015 14:32:26 Restore Operation

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 19:34 - 2015-05-12 09:31 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0218C388-A90A-4E5A-A33B-9DDD1DE6201E} - System32\Tasks\{A03E838D-B95C-4FBD-923C-71857392BED0} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
    Task: {05456CD6-187B-4C32-BCB5-42611988EB6B} - System32\Tasks\{D0C54F90-AA52-4CF3-ACF3-53E3F4A4881A} => pcalua.exe -a "C:\Users\boydphoto\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1AB1AN87\faster-downloader.exe" -d C:\Users\boydphoto\Desktop
    Task: {0C969156-90E2-4EE4-8C06-433E608B7766} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {14B0B669-61CF-425C-91C8-5F214F1BC366} - System32\Tasks\{7628D3B4-6D33-4EA0-AE81-1E0BAEE016A2} => pcalua.exe -a C:\Users\BOYDPH~1\AppData\Local\Temp\Shockwave_Installer_FF.exe -d "C:\Program Files (x86)\Mozilla Firefox"
    Task: {15F42D34-E055-41BE-8463-1A03A9C363E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {34C29C07-A6D2-4D57-B83F-B3EC96572A9A} - System32\Tasks\SpeedFixTool_Start => C:\Program Files (x86)\Speed Fix Tool\SpeedFixTool.exe
    Task: {36AB3174-358C-4CDE-832C-FBF80B9CA14B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {3A00B4D5-33ED-4FA1-A60A-E998FC94FFE3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2013-05-16] (Safer-Networking Ltd.)
    Task: {421BFF3F-4F29-43C6-98DF-6E0DC213BD3D} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
    Task: {4BC7AC7E-00CA-4C04-BA6B-5323BEE302BA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
    Task: {4F637EC2-D78C-4D5C-8A54-AF5CCC9270E5} - System32\Tasks\{EAEA8864-C274-4939-8D81-781A2BA4B981} => pcalua.exe -a C:\Users\boydphoto\Downloads\ADE_2.0_Installer.exe -d C:\Users\boydphoto\Downloads
    Task: {51B2C21E-19CC-4E81-81E4-4E95794751A3} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
    Task: {51B40E57-4F0D-4EB8-BCD9-E1BD26F5FC7D} - System32\Tasks\{9849761C-BD29-430D-AB54-8DDC4292510E} => pcalua.exe -a C:\SWSetup\HPCM41\HPCMSetup.exe -d C:\SwSetup\HPCM41
    Task: {5ABB0E33-27BA-42AA-8FD8-AFA2C352C74C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
    Task: {6D8CDC48-EC20-4397-9C1B-90D8A9884201} - System32\Tasks\{BE38BA6D-CDC3-4086-B75E-F0279E5771AF} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe"
    Task: {866A7DAB-FA69-43BF-A463-A2154714306C} - System32\Tasks\SpeedFixTool_Popup => C:\Program Files (x86)\Speed Fix Tool\Splash.exe
    Task: {877DD175-9512-432B-A865-E7142D269E33} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2013-05-16] (Safer-Networking Ltd.)
    Task: {8AFB02AC-C414-4D8E-B782-F06652EA0809} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
    Task: {909DC105-8771-4394-AB18-D955564A3F0E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
    Task: {9E4E8B20-67B6-44BB-B2FF-84C8D7665327} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
    Task: {A5E0D92C-438D-4842-A969-DC19AC8B8C93} - System32\Tasks\Driver Support => C:\Program Files (x86)\Driver Support\DriverSupport.exe
    Task: {A72E77B1-D111-4B11-A7D4-DBE00E800141} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-22] (CyberLink)
    Task: {ABCDB344-0373-422B-8916-7EAE00374E56} - System32\Tasks\HPCeeScheduleForboydphoto => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
    Task: {AFC2490A-3987-48DD-98F6-07006D2C3261} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
    Task: {B9654534-9DA5-4A18-B4C8-09F924BF3A39} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2013-05-16] (Safer-Networking Ltd.)
    Task: {B97E94B6-AA8F-46E1-9A51-46BF4670515F} - System32\Tasks\{B46472DE-A4AC-4D1D-B742-728F70D89BF3} => pcalua.exe -a C:\Users\boydphoto\Downloads\ADE_2.0_Installer(6).exe -d C:\Users\boydphoto\Downloads
    Task: {BA00542A-3A91-4711-873B-3D8108A87DF7} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
    Task: {C26D6148-A451-4BBE-88D0-51D87786821E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-23] (Adobe Systems Incorporated)
    Task: {C26EA670-0B2D-4EEE-AA0E-8823B5EFACD4} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2011-09-28] ()
    Task: {C345678D-1E09-4859-89C5-504981BA93DF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {C4F6725C-F93D-4663-9D59-5AEA8EE042DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.)
    Task: {C93259E0-CD65-4AAD-967B-866A762015B2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
    Task: {C945DA1F-E603-4AA1-A162-A8A96638DC08} - System32\Tasks\AdobeAAMUpdater-1.0-boydphoto-HP-boydphoto => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
    Task: {CB1D4D93-95D2-4D56-91AE-D47F9D5BEB25} - System32\Tasks\{6668533C-BC91-4F09-9377-04669932BA50} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
    Task: {D2A0200D-25BD-4BF1-992B-6AA6E49DBD82} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {DC73E6A7-1BF0-4161-BB58-B45168B57A88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: {E4B205CB-AA53-481F-802B-1161E45CE050} - System32\Tasks\{7737ABDE-D23F-4066-8C14-2DE8EAEA1D05} => pcalua.exe -a "C:\Users\boydphoto\AppData\Local\Temp\Temp1_PhotoFrame_4.6.5_Free.zip\PhotoFrame 4.6.5 Free.exe"
    Task: {E52882F5-A7E3-445E-8BCA-947BD78B93AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.)
    Task: {EA2A8EFC-70B3-4796-BF27-DA014B162195} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
    Task: {EC3CA254-5D20-4F99-AF08-2063F800D1FE} - System32\Tasks\{FB19F2CA-7258-4905-90B7-AD079C603625} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
    Task: {F6878535-6E51-42CC-ABF2-473E09AF1408} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091bae6a9367a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForboydphoto.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2015-03-29 12:34 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
    2015-03-29 12:34 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
    2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
    2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-02-11 14:24 - 2012-03-27 20:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    2014-10-26 23:59 - 2014-10-26 23:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    2014-10-30 06:41 - 2014-10-30 06:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
    2014-10-29 20:06 - 2014-10-29 20:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
    2014-12-30 08:54 - 2014-12-30 08:54 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
    2014-10-30 06:41 - 2014-10-30 06:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
    2014-10-30 06:41 - 2014-10-30 06:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
    2014-10-30 06:41 - 2014-10-30 06:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
    2015-02-25 11:53 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2015-02-25 11:53 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2015-02-25 11:53 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2015-02-25 11:53 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2015-02-25 11:53 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2014-10-16 10:40 - 2014-10-16 10:40 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b2363cf94faf59386ab4778a39c16e2b\IsdiInterop.ni.dll
    2012-07-19 12:22 - 2011-05-20 10:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
    2014-10-29 20:01 - 2014-10-29 20:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
    2015-05-23 04:57 - 2015-05-23 04:57 - 16867504 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:5C321E34
    AlternateDataStreams: C:\Users\boydphoto\Desktop\39D901EB-000015C4.eml:OECustomProperty
    AlternateDataStreams: C:\Users\boydphoto\Desktop\57EA104B-00000A19.eml:OECustomProperty
    AlternateDataStreams: C:\Users\boydphoto\Desktop\57EA104B-00000A19.eml:OEStandardProperty
    AlternateDataStreams: C:\Users\boydphoto\Desktop\6E4256A8-000011DF.eml:OECustomProperty
    AlternateDataStreams: C:\Users\boydphoto\Desktop\6E4256A8-000011DF.eml:OEStandardProperty
    AlternateDataStreams: C:\Users\boydphoto\Desktop\FRST64.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Desktop\SysInfo.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\adwcleaner_4.202(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\adwcleaner_4.202.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\dsb-deluxe-bing_full965.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\FreeSlideshowMaker.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\FreeYouTubeToMP3Converter.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\GoToWebinar Launcher(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\irfanview_plugins_438_setup.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\iview438_setup.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\mbam-setup-2.1.6.1022(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\mbam-setup-2.1.6.1022(2).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\mbam-setup-2.1.6.1022.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\ReimageRepair.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\SUPERAntiSpyware(3).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\SysInfo(8).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\TFC.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\tweaking.com_windows_repair_aio_setup(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\tweaking.com_windows_repair_aio_setup(2).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\tweaking.com_windows_repair_aio_setup.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\uninstall_flash_player(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\wlsetup-web(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\wlsetup-web(2).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\wlsetup-web(3).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\wlsetup-web(4).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\wlsetup-web(5).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\WLXPhotoBase.dll:BDU
    AlternateDataStreams: C:\Users\boydphoto\AppData\Local\Temporary Internet Files:BDnat5SZojSNgUczR6WdYE

    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
    HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!

    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\driversupport.com -> hxxp://apps.driversupport.com
    IE trusted site: HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\driversupport.com -> hxxps://apps.driversupport.com


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\boydphoto\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 209.18.47.61 - 209.18.47.62

    ==================== MSCONFIG/TASK MANAGER Error getting ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackTrayMenu.lnk => C:\Windows\pss\CodecPackTrayMenu.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^boydphoto^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Definition Of Crosstalk In Aa.lnk => C:\Windows\pss\Definition Of Crosstalk In Aa.lnk.Startup
    MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
    MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
    MSCONFIG\startupreg: BullGuard => "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
    MSCONFIG\startupreg: BullGuardUpdate2 => c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe
    MSCONFIG\startupreg: DownBook => "C:\Users\boydphoto\AppData\Local\DownBook\DownBook.exe" c127befb2a56523b5396b54562650e8f 6
    MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
    MSCONFIG\startupreg: FileOpenBroker => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
    MSCONFIG\startupreg: Flashget => "C:\Program Files (x86)\FlashGet\FlashGet.exe" /min
    MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
    MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
    MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
    MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    MSCONFIG\startupreg: SetDefault => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
    MSCONFIG\startupreg: Sothink YouTube Downloader => "C:\Program Files (x86)\Sothink YouTube Downloader\YouTubeDownloader.exe" -hide
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
    MSCONFIG\startupreg: TelevisionFanatic Browser Plugin Loader => C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe
    MSCONFIG\startupreg: TelevisionFanatic Browser Plugin Loader 64 => C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon64.exe
    MSCONFIG\startupreg: TelevisionFanatic EPM Support => "C:\PROGRA~2\TELEVI~2\bar\1.bin\64medint.exe" T8EPMSUP.DLL,S
    MSCONFIG\startupreg: TelevisionFanatic Home Page Guard 64 bit => "C:\PROGRA~2\TELEVI~2\bar\1.bin\AppIntegrator64.exe"
    MSCONFIG\startupreg: TelevisionFanatic Search Scope Monitor => "C:\PROGRA~2\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h
    MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    MSCONFIG\startupreg: Web Video Downloader => "C:\Program Files (x86)\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe"
    MSCONFIG\startupreg: WebVideoDownloader => "C:\Program Files (x86)\WebVideoDownloader\GUI_WebGrabber.exe" -slient

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{4A3C164A-4FCA-412C-AC01-CAD2C8FCB6C9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
    FirewallRules: [{17739C6A-5898-4C44-B208-54F6DB4C1106}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
    FirewallRules: [{038CD6D4-AB00-41CB-8ADA-FBA8E24365B4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\IndivDRM.exe
    FirewallRules: [{46A2F8AC-2058-42AF-A1C1-460E9400EE31}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\IndivDRM.exe
    FirewallRules: [{53A23AD9-E4B9-40E0-AF87-A00634AD0242}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
    FirewallRules: [{05980EBE-CDAF-4086-833F-F9B0BFE9B401}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{4090595D-98FB-48F9-935D-9C8A424E0C36}] => (Allow) C:\Users\boydphoto\AppData\Local\Temp\7zS33CC.tmp\SymNRT.exe
    FirewallRules: [{4544FA72-2587-4B8F-8468-2B66A4CCE11A}] => (Allow) C:\Users\boydphoto\AppData\Local\Temp\7zS33CC.tmp\SymNRT.exe
    FirewallRules: [{5D5F9967-13AB-451B-AD93-64E05AA4E7BB}] => (Allow) C:\Users\boydphoto\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [TCP Query User{622FBB18-25DA-4868-98F3-50CC3356A66D}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
    FirewallRules: [UDP Query User{CB99F69D-C9D9-4C1A-AB43-069E32BA2586}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
    FirewallRules: [TCP Query User{E801AC1D-01A9-4834-986D-6FDF46C66A58}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [UDP Query User{E5732C31-B0E5-45E5-8C48-A631B44ACF4E}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [TCP Query User{5942E980-F60E-4C48-A92A-D0E63831E2EE}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
    FirewallRules: [UDP Query User{D0ED210A-3521-4ABC-975B-C3E178ABAF16}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
    FirewallRules: [{88E4D60D-EF59-4074-B71E-A2172E9B80A1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
    FirewallRules: [{168807B4-D6C0-4B0A-8C14-3C36E25FC071}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{FDA7670E-BFFE-4DBF-AF8B-8D4F0377E3C8}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{1C50872A-E8C0-4ED8-B844-274CBE5BF9FF}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{668541D5-E5F3-441C-BA6C-CE6FD7DA389F}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [TCP Query User{325A7840-74EA-4948-ADBB-830946DABD60}C:\program files (x86)\flashget\flashget.exe] => (Block) C:\program files (x86)\flashget\flashget.exe
    FirewallRules: [UDP Query User{29FCC96E-EB0F-4EF7-8432-FBCF3F9E349F}C:\program files (x86)\flashget\flashget.exe] => (Block) C:\program files (x86)\flashget\flashget.exe
    FirewallRules: [TCP Query User{260074C8-EC46-4F14-88D6-AB027FD9C672}C:\program files (x86)\flashget\flashget.exe] => (Block) C:\program files (x86)\flashget\flashget.exe
    FirewallRules: [UDP Query User{19474440-8BC0-42C7-BE69-49E7F42C8DCE}C:\program files (x86)\flashget\flashget.exe] => (Block) C:\program files (x86)\flashget\flashget.exe
    FirewallRules: [{B1FF2DFC-C12A-49CF-AC38-FCC08EE1DC10}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
    FirewallRules: [{96574277-25DA-4182-9E09-262E749359BF}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
    FirewallRules: [{CC5C9C2A-B223-40E4-A75A-72DB420A5FB0}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
    FirewallRules: [{D66E6572-4FE4-488A-BEF6-587AC3BDFDBD}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
    FirewallRules: [{45903E45-D00D-41D4-B1DD-E61C94DF737B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
    FirewallRules: [{A9B0DA87-0214-4C80-A886-51D5F84E3A1F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
    FirewallRules: [{98D197AA-EEDC-4A50-988B-44DAD1DF9E6E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    FirewallRules: [{0A0A199C-00B2-45BB-B0CA-13CC3FF34897}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    FirewallRules: [{B97259E5-6104-4E23-BC19-A34FD4E2AB3C}] => (Allow) C:\Program Files (x86)\ExpressFiles\expressdl.exe
    FirewallRules: [{94A1C87D-5F9B-45D3-8143-EDDACD5F3C74}] => (Allow) C:\Program Files (x86)\ExpressFiles\expressdl.exe
    FirewallRules: [{B95994D6-4FD5-4C5B-B07B-F5D37E368A2B}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe
    FirewallRules: [{13F87826-AB8A-4C80-A9E7-C35096608743}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe
    FirewallRules: [{EED063C0-AAF2-494E-BD5C-ECF271E4488C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
    FirewallRules: [{42EE6217-9B0F-4724-8C2B-C561D4FBD44B}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
    FirewallRules: [TCP Query User{69C492FB-E69E-465B-ABB2-C401628C9E58}C:\users\boydphoto\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_instantchat.exe] => (Allow) C:\users\boydphoto\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_instantchat.exe
    FirewallRules: [UDP Query User{33750813-0A55-41B5-955F-2437DCACDACC}C:\users\boydphoto\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_instantchat.exe] => (Allow) C:\users\boydphoto\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_instantchat.exe
    FirewallRules: [TCP Query User{D5360516-329D-4FCA-9053-31B6D522C5AB}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [UDP Query User{8CF76B82-A43F-46C0-9285-1EC0093C74AF}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [{096E14B5-9AA2-4E24-A25E-BCAA1AC033DE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{AF719DBB-DDE1-4DD1-A3A0-F9F4548BA14A}] => (Allow) LPort=2869
    FirewallRules: [{E9F151E2-3F52-4D39-A86A-ACAB84D493DE}] => (Allow) LPort=1900
    FirewallRules: [{5394026D-E729-4C36-BA7A-BC1CF54C6101}] => (Allow) C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe
    FirewallRules: [{DD041CE0-1868-4FCB-BAEE-413319B8707D}] => (Allow) C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe
    FirewallRules: [{82867BD1-7E2B-46B6-A6BE-BA690C4C7566}] => (Allow) C:\Users\boydphoto\Desktop\Crusaders_Cross_downloader.exe
    FirewallRules: [{844BBE42-FA01-421A-8B7D-E7970706BF3C}] => (Allow) C:\Users\boydphoto\Desktop\Crusaders_Cross_downloader.exe
    FirewallRules: [TCP Query User{CD300384-BE24-45B1-B49C-FE79E9523EDB}C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe] => (Allow) C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe
    FirewallRules: [UDP Query User{A7867129-7402-4079-9D88-8CF9EE74125F}C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe] => (Allow) C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe
    FirewallRules: [TCP Query User{9C2B9D24-1E5D-43A7-BD2C-177E35B06CED}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe] => (Allow) C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe
    FirewallRules: [UDP Query User{4C2A5D8D-30D3-4161-A038-917DD98B1107}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe] => (Allow) C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe
    FirewallRules: [TCP Query User{635F9AEF-3205-4291-B60A-E22D599CA9F8}C:\users\boydphoto\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\boydphoto\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [UDP Query User{86F2A48B-81BA-4CBF-8954-1C5FF04F0788}C:\users\boydphoto\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\boydphoto\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [{38240D7F-E21C-4254-A023-755C20E3A9A1}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{81F284E7-7EF6-49B9-AFF9-B70197243A53}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{7D632C67-E993-4BFE-B243-099CD4D3CA0B}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
    FirewallRules: [{6E52D93B-3254-4EA8-96D9-9A13B03A7042}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{842CFD74-CE31-4CA2-BACC-5F9E2C97EA9F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{2608FD50-8360-4E84-8C87-568DA19E60F7}] => (Allow) C:\Users\BOYDPH~1\AppData\Local\Temp\nssF0FC.tmp\CnetInstaller-10702106.exe
    FirewallRules: [{3E557A38-AAA3-48EF-A6F2-6268C5513EB7}] => (Allow) C:\Users\BOYDPH~1\AppData\Local\Temp\nssF0FC.tmp\CnetInstaller-10702106.exe
    FirewallRules: [TCP Query User{8ACB3B77-5F72-40C1-95F8-0478231BB85A}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
    FirewallRules: [UDP Query User{37457A1D-1369-4717-9895-1D5AB5176B1C}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
    FirewallRules: [TCP Query User{B13D840B-9CD8-42EA-A263-DF096EC77343}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
    FirewallRules: [UDP Query User{AEFF748D-32C7-43AB-AAF3-2744FDFDC023}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
    FirewallRules: [TCP Query User{DA55AB9C-79AD-487A-B68D-307E83115DFC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{D790D833-4B0A-48F0-A682-6505465942C2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{A4C5B932-E431-4140-A9E8-86256D65FC24}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{BE119236-FA2D-47FF-A487-C788DA797659}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [TCP Query User{1CD84F8D-0382-4CFB-8D53-17B86CC3473A}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [UDP Query User{6097BFB0-5753-4226-95BC-CCBF2C2A9457}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [{D326C321-56B6-4D04-B398-17F72F8A5668}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
    FirewallRules: [{4A3D6537-21E2-4FB4-9FB1-8B3493129592}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (05/23/2015 04:31:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (05/23/2015 09:59:41 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
    Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/23/2015 04:54:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (05/22/2015 01:53:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (05/22/2015 11:52:37 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17801, time stamp: 0x5536642c
    Faulting module name: KERNELBASE.dll, version: 6.1.7601.18839, time stamp: 0x553e88ab
    Exception code: 0xe06d7363
    Fault offset: 0x0000c42d
    Faulting process id: 0x173c
    Faulting application start time: 0xIEXPLORE.EXE0
    Faulting application path: IEXPLORE.EXE1
    Faulting module path: IEXPLORE.EXE2
    Report Id: IEXPLORE.EXE3

    Error: (05/21/2015 00:15:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (05/21/2015 00:07:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (05/21/2015 04:29:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (05/20/2015 09:31:04 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
    Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/20/2015 05:10:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    System errors:
    =============
    Error: (05/23/2015 04:34:51 PM) (Source: BROWSER) (EventID: 8032) (User: )
    Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{8F7489A6-8F5C-4C2A-BBA9-57DFBA84D824}.
    The backup browser is stopping.

    Error: (05/23/2015 04:32:29 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
    Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

    Error: (05/23/2015 04:30:42 PM) (Source: NETLOGON) (EventID: 3095) (User: )
    Description: This computer is configured as a member of a workgroup, not as
    a member of a domain. The Netlogon service does not need to run in this
    configuration.

    Error: (05/23/2015 04:30:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Print Spooler service failed to start due to the following error:
    %%1053

    Error: (05/23/2015 04:30:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Print Spooler service to connect.

    Error: (05/23/2015 04:27:23 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

    Error: (05/23/2015 02:22:51 PM) (Source: BROWSER) (EventID: 8032) (User: )
    Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{8F7489A6-8F5C-4C2A-BBA9-57DFBA84D824}.
    The backup browser is stopping.

    Error: (05/23/2015 04:54:21 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
    Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

    Error: (05/23/2015 04:53:02 AM) (Source: NETLOGON) (EventID: 3095) (User: )
    Description: This computer is configured as a member of a workgroup, not as
    a member of a domain. The Netlogon service does not need to run in this
    configuration.

    Error: (05/23/2015 04:52:41 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.


    Microsoft Office:
    =========================
    Error: (05/23/2015 04:31:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (05/23/2015 09:59:41 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}\recordingmanager.exe

    Error: (05/23/2015 04:54:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (05/22/2015 01:53:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (05/22/2015 11:52:37 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: IEXPLORE.EXE11.0.9600.178015536642cKERNELBASE.dll6.1.7601.18839553e88abe06d73630000c42d173c01d0949b51f72012C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\syswow64\KERNELBASE.dllb6a5cc22-00b3-11e5-8508-78e3b575eacb

    Error: (05/21/2015 00:15:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (05/21/2015 00:07:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (05/21/2015 04:29:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (05/20/2015 09:31:04 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}\recordingmanager.exe

    Error: (05/20/2015 05:10:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    CodeIntegrity Errors:
    ===================================
    Date: 2014-08-06 11:58:12.180
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-08-06 11:58:12.102
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-08-06 11:58:12.024
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-08-06 11:58:11.946
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-04-08 09:57:25.651
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-04-08 09:57:25.558
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-06-09 21:02:07.787
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\eplgHooks.dll because the set of per-page image hashes could not be found on the system.

    Date: 2013-06-09 21:01:29.943
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\eplgHooks.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
    Percentage of memory in use: 57%
    Total physical RAM: 4043.86 MB
    Available physical RAM: 1709.46 MB
    Total Pagefile: 8085.93 MB
    Available Pagefile: 5371.41 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.83 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:571.09 GB) (Free:241.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (Recovery) (Fixed) (Total:20.92 GB) (Free:2.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:0.01 GB) FAT32
    Drive g: () (Removable) (Total:14.92 GB) (Free:8.96 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 6F916D90)
    Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=571.1 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=20.9 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

    ========================================================
    Disk: 1 (Size: 14.9 GB) (Disk ID: 00000000)

    Partition: GPT Partition Type.

    ==================== End of log ============================
     
  6. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Please remove the following Programs:

    RealPlayer Cloud
    Spybot, Search and destroy.


    Please download the attached file, Fixlist.txt, and save it in the same directory as FRST is saved.
    • Start FRST with Administrator privileges.
    • Press the Fix button.
    • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
      Please copy and paste its contents in your next reply.

    Please download Farbar Service Scanner and run it on the computer with the issue.
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center
      • Windows Update
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.
     

    Attached Files:

  7. boydphoto

    boydphoto Thread Starter

    Joined:
    Nov 25, 2005
    Messages:
    641
    First Name:
    boyd
    CreateRestorePoint:
    HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKLM\...\Policies\Explorer:

    [DisableLocalMachineRun] 0
    HKLM\...\Policies\Explorer:

    [DisableLocalMachineRunOnce] 0
    HKLM\...\Policies\Explorer:

    [DisableCurrentUserRun] 0
    HKLM\...\Policies\Explorer:

    [DisableCurrentUserRunOnce] 0
    HKLM\...\Policies\Explorer: [NoViewContextMenu]

    0
    HKLM\...\Policies\Explorer: [NoShellSearchButton]

    0
    HKLM\...\Policies\Explorer: [NoFind] 0
    HKLM\...\Policies\Explorer: [NoFile] 0
    HKLM\...\Policies\Explorer: [HideClock] 0
    HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
    HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
    HKLM\...\Policies\Explorer: [NoSetFolders] 0
    HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
    HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
    HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
    HKLM\...\Policies\Explorer: [NoDFSTab] 0
    HKLM\...\Policies\Explorer: [NoChangeStartMenu]

    0
    HKLM\...\Policies\Explorer: [NoLogoff] 0
    HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
    HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
    HKLM\...\Policies\Explorer:

    [NoRunasInstallPrompt] 0
    HKLM\...\Policies\Explorer: [NoResolveSearch] 0
    HKLM\...\Policies\Explorer: [NoSaveSettings] 0
    HKLM\...\Policies\Explorer: [NoHardwareTab] 0
    HKLM\...\Policies\Explorer:

    [NoStartMenuSubFolders] 0
    HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
    HKU\S-1-5-19\...\Policies\system:

    [NoDispAppearancePage] 0
    HKU\S-1-5-19\...\Policies\system:

    [NoDispBackgroundPage] 0
    HKU\S-1-5-19\...\Policies\system:

    [NoDispSettingsPage] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoFolderOptions] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoViewOnDrive] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoControlPanel] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [DisableLocalMachineRun] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [DisableLocalMachineRunOnce] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [DisableCurrentUserRun] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [DisableCurrentUserRunOnce] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoViewContextMenu] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoShellSearchButton] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
    HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoTrayContextMenu] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoTrayItemsDisplay] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders]

    0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoDevMgrUpdate] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar]

    0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoDeletePrinter] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoChangeStartMenu] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoWindowsUpdate] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoEncryptOnMove] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoRunasInstallPrompt] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoResolveSearch] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoSaveSettings] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoHardwareTab] 0
    HKU\S-1-5-19\...\Policies\Explorer:

    [NoStartMenuSubFolders] 0
    HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
    HKU\S-1-5-20\...\Policies\system:

    [NoDispAppearancePage] 0
    HKU\S-1-5-20\...\Policies\system:

    [NoDispBackgroundPage] 0
    HKU\S-1-5-20\...\Policies\system:

    [NoDispSettingsPage] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoFolderOptions] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoViewOnDrive] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoControlPanel] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [DisableLocalMachineRun] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [DisableLocalMachineRunOnce] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [DisableCurrentUserRun] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [DisableCurrentUserRunOnce] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoViewContextMenu] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoShellSearchButton] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
    HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoTrayContextMenu] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoTrayItemsDisplay] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders]

    0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoDevMgrUpdate] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar]

    0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoDeletePrinter] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoChangeStartMenu] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoWindowsUpdate] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoEncryptOnMove] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoRunasInstallPrompt] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoResolveSearch] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoSaveSettings] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoHardwareTab] 0
    HKU\S-1-5-20\...\Policies\Explorer:

    [NoStartMenuSubFolders] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\system:

    [NoDispAppearancePage] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\system:

    [NoDispSettingsPage] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoViewOnDrive] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [DisableLocalMachineRun] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [DisableLocalMachineRunOnce] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [DisableCurrentUserRun] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [DisableCurrentUserRunOnce] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoViewContextMenu] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer: [NoFile] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [HideClock] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoTrayContextMenu] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoSetFolders] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoSetTaskbar] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoDeletePrinter] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoDFSTab] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoChangeStartMenu] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer: [NoLogoff]

    0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoWindowsUpdate] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoEncryptOnMove] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoRunasInstallPrompt] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoResolveSearch] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoSaveSettings] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoHardwareTab] 0
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Policies\Explorer:

    [NoStartMenuSubFolders] 0
    HKU\S-1-5-18\...\Policies\system:

    [NoDispAppearancePage] 0
    HKU\S-1-5-18\...\Policies\system:

    [NoDispSettingsPage] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [NoViewOnDrive] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [DisableLocalMachineRun] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [DisableLocalMachineRunOnce] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [DisableCurrentUserRun] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [DisableCurrentUserRunOnce] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [NoViewContextMenu] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
    HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [NoTrayContextMenu] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders]

    0
    HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar]

    0
    HKU\S-1-5-18\...\Policies\Explorer:

    [NoDeletePrinter] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [NoChangeStartMenu] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [NoWindowsUpdate] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [NoEncryptOnMove] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [NoRunasInstallPrompt] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [NoResolveSearch] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [NoSaveSettings] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [NoHardwareTab] 0
    HKU\S-1-5-18\...\Policies\Explorer:

    [NoStartMenuSubFolders] 0
    ShellIconOverlayIdentifiers: [00avast] ->

    {472083B0-C522-11CF-8763-00608CC02F24}

    => No File
    Startup: C:\ProgramData\Microsoft\Windows\Start

    Menu\Programs\Startup\McAfee Security Scan

    Plus.lnk [2015-05-23]
    ShortcutTarget: McAfee Security Scan Plus.lnk ->

    C:\Program Files\McAfee Security Scan

    \3.8.150\SSScheduler.exe (McAfee, Inc.)
    HKLM\SOFTWARE\Policies\Microsoft\Internet

    Explorer: Policy restriction <======= ATTENTION
    HKU\.DEFAULT\SOFTWARE\Policies\Microsoft

    \Internet Explorer: Policy restriction <=======

    ATTENTION
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\SOFTWARE\Policies

    \Microsoft\Internet Explorer: Policy restriction

    <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer

    \Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet

    Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer

    \Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet

    Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\Software\Microsoft\Internet

    Explorer\Main,Secondary Start Pages =

    http://drudgereport.com/
    SearchScopes: HKU\.DEFAULT -> DefaultScope

    {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

    URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope

    {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

    URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope

    {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

    URL =
    SearchScopes: HKU\S-1-5-21-1479091243-

    4294284354-2124732490-1000 -> {632F07F3-

    19A1-4d16-A23F-E6CE9486BAB5} URL =
    BHO: No Name -> {8590886E-EC8C-43C1-

    A32C-E4C2B0B6395B} -> No File
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-

    40EB-8D9D-083EF7066A01} -> C:\Program Files

    \McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll

    [2014-04-09] (McAfee, Inc.)
    FF Homepage: hxxp://drudgereport.com/
    FF Extension: McAfee Security Scan Plus - C:

    \ProgramData\McAfee Security Scan\Extensions

    \{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

    [2014-04-04]
    FF HKU\S-1-5-21-1479091243-4294284354-

    2124732490-1000\...\Firefox\Extensions:

    [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:

    \ProgramData\McAfee Security Scan\Extensions

    \{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    S3 McComponentHostService; C:\Program Files

    \McAfee Security Scan\3.8.150\McCHSvc.exe

    [289256 2014-04-09] (McAfee, Inc.)
    S3 AvastVBoxSvc; C:\Program Files\AVAST

    Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
    S3 cpuz134; \??\C:\Users\BOYDPH~1\AppData

    \Local\Temp\cpuz134\cpuz134_x64.sys [X]
    C:\Program Files\McAfee Security Scan
    C:\Users\Public\Desktop\McAfee Security Scan

    Plus.lnk
    C:\ProgramData\McAfee Security Scan
    C:\Windows\SysWOW64\sho8D9C.tmp
    2015-01-07 18:30 - 2015-01-23 09:59 - 10395072

    _____ (Webroot Software, Inc.) C:\Program Files

    (x86)\Common Files\wruninstall.exe
    2014-12-22 12:19 - 2014-12-22 12:19 - 0000132

    _____ () C:\Users\boydphoto\AppData\Roaming

    \Adobe GIF Format CC Prefs
    2014-12-08 14:12 - 2014-12-08 14:12 - 0000132

    _____ () C:\Users\boydphoto\AppData\Roaming

    \Adobe PNG Format CC Prefs
    2013-02-05 10:52 - 2013-02-05 10:53 - 0000173

    _____ () C:\Users\boydphoto\AppData\Roaming

    \hpmirrordriver.log
    2013-11-16 07:40 - 2015-03-07 17:38 - 0000112

    _____ () C:\Users\boydphoto\AppData\Roaming

    \JP2K CS6 Prefs
    2015-01-18 13:04 - 2015-01-18 13:05 - 0000115

    _____ () C:\Users\boydphoto\AppData\Roaming

    \LogFile.txt
    2013-11-12 16:50 - 2013-11-12 16:50 - 0000119

    _____ () C:\Users\boydphoto\AppData\Roaming

    \mbam.context.scan
    2013-07-17 12:54 - 2013-07-17 12:54 - 0000005

    _____ () C:\Users\boydphoto\AppData\Roaming

    \WBPU-TTL.DAT
    2014-02-17 06:25 - 2014-11-08 06:47 - 0001456

    _____ () C:\Users\boydphoto\AppData\Local

    \Adobe Save for Web 13.0 Prefs
    2014-10-04 10:31 - 2014-10-04 10:32 - 0005991

    _____ () C:\ProgramData\1412443876.1908.bin
    2014-10-04 10:32 - 2014-10-04 10:32 - 0002133

    _____ () C:\ProgramData\1412443876.1940.bin
    2014-10-04 10:32 - 2014-10-04 10:32 - 0009155

    _____ () C:\ProgramData\1412443876.2588.bin
    2014-10-04 10:31 - 2014-10-04 10:33 - 0049898

    _____ () C:\ProgramData\1412443876.3536.bin
    2014-10-04 10:31 - 2014-10-04 10:33 - 0015503

    _____ () C:\ProgramData\1412443876.4120.bin
    2014-10-04 10:31 - 2014-10-04 10:31 - 0013603

    _____ () C:\ProgramData\1412443876.5856.bin
    2014-10-04 10:32 - 2014-10-04 10:32 - 0004448

    _____ () C:\ProgramData\1412443876.7500.bin
    2014-10-04 10:36 - 2014-10-04 10:38 - 0005991

    _____ () C:\ProgramData\1412444185.2568.bin
    2014-10-04 10:38 - 2014-10-04 10:38 - 0002133

    _____ () C:\ProgramData\1412444185.2764.bin
    2014-10-04 10:38 - 2014-10-04 10:38 - 0004508

    _____ () C:\ProgramData\1412444185.4156.bin
    2014-10-04 10:38 - 2014-10-04 10:38 - 0009155

    _____ () C:\ProgramData\1412444185.4920.bin
    2014-10-04 10:36 - 2014-10-04 10:38 - 0049433

    _____ () C:\ProgramData\1412444185.5376.bin
    2014-10-04 10:36 - 2014-10-04 10:38 - 0010863

    _____ () C:\ProgramData\1412444185.6596.bin
    2014-10-04 10:37 - 2014-10-04 10:37 - 0012991

    _____ () C:\ProgramData\1412444185.7672.bin
    2015-03-29 12:24 - 2015-03-29 12:24 - 0045498

    _____ () C:\ProgramData

    \1427657079.bdinstall.bin
    2015-03-29 12:35 - 2015-03-29 12:35 - 0214913

    _____ () C:\ProgramData

    \1427657381.bdinstall.bin
    2015-05-07 12:23 - 2015-05-07 12:23 - 0037823

    _____ () C:\ProgramData

    \1431026595.bdinstall.bin
    2015-05-07 12:23 - 2015-05-07 12:23 - 0173968

    _____ () C:\ProgramData

    \1431026597.bdinstall.bin
    2015-05-15 06:46 - 2015-05-15 06:46 - 0037839

    _____ () C:\ProgramData

    \1431697585.bdinstall.bin
    2015-05-15 06:48 - 2015-05-15 06:48 - 0171521

    _____ () C:\ProgramData

    \1431697587.bdinstall.bin
    2015-05-17 10:06 - 2015-05-17 10:06 - 0037839

    _____ () C:\ProgramData

    \1431882409.bdinstall.bin
    2015-05-17 10:07 - 2015-05-17 10:07 - 0171492

    _____ () C:\ProgramData

    \1431882412.bdinstall.bin
    2014-10-10 15:46 - 2014-10-10 15:46 - 0000088

    _____ () C:\ProgramData\FS.dat
    C:\Users\boydphoto\AppData\Local\Temp

    \iv_uninstall.exe
    C:\Users\boydphoto\AppData\Local\Temp

    \ReimagePackage.exe
    C:\Users\boydphoto\AppData\Local\Temp

    \ReiSysUpdate.exe
    C:\Users\boydphoto\AppData\Local\Temp

    \sqlite3.exe
    Task: {0218C388-A90A-4E5A-A33B-

    9DDD1DE6201E} - System32\Tasks

    \{A03E838D-B95C-4FBD-923C-71857392BED0}

    => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
    Task: {05456CD6-187B-4C32-BCB5-

    42611988EB6B} - System32\Tasks\{D0C54F90-

    AA52-4CF3-ACF3-53E3F4A4881A} =>

    pcalua.exe -a "C:\Users\boydphoto\AppData\Local

    \Microsoft\Windows\Temporary Internet Files

    \Content.IE5\1AB1AN87\faster-downloader.exe" -d

    C:\Users\boydphoto\Desktop
    Task: {0C969156-90E2-4EE4-8C06-

    433E608B7766} - System32\Tasks\Hewlett-

    Packard\HP Support Assistant\PC Tuneup => C:

    \Program Files (x86)\Hewlett-Packard\HP Support

    Framework\HPSF.exe [2013-11-04] (Hewlett-

    Packard Company)
    Task: {14B0B669-61CF-425C-91C8-

    5F214F1BC366} - System32\Tasks\{7628D3B4-

    6D33-4EA0-AE81-1E0BAEE016A2} =>

    pcalua.exe -a C:\Users\BOYDPH~1\AppData

    \Local\Temp\Shockwave_Installer_FF.exe -d "C:

    \Program Files (x86)\Mozilla Firefox"
    Task: {15F42D34-E055-41BE-8463-

    1A03A9C363E2} - System32\Tasks\Hewlett-

    Packard\HP Support Assistant\PC Health Analysis

    => C:\Program Files (x86)\Hewlett-Packard\HP

    Support Framework\HPSF.exe [2013-11-04]

    (Hewlett-Packard Company)
    Task: {34C29C07-A6D2-4D57-B83F-

    B3EC96572A9A} - System32\Tasks

    \SpeedFixTool_Start => C:\Program Files

    (x86)\Speed Fix Tool\SpeedFixTool.exe
    Task: {36AB3174-358C-4CDE-832C-

    FBF80B9CA14B} - System32\Tasks\Microsoft

    \Windows\Setup\gwx\launchtrayprocess => C:

    \Windows\system32\GWX\GWX.exe [2015-05-07]

    (Microsoft Corporation)
    Task: {3A00B4D5-33ED-4FA1-A60A-

    E998FC94FFE3} - System32\Tasks\Safer-

    Networking\Spybot - Search and Destroy\Check for

    updates => C:\Program Files (x86)\Spybot -

    Search & Destroy 2\SDUpdate.exe [2013-05-16]

    (Safer-Networking Ltd.)
    Task: {421BFF3F-4F29-43C6-98DF-

    6E0DC213BD3D} - System32\Tasks

    \RealDownloaderRealUpgradeScheduledTaskS-1

    -5-21-1479091243-4294284354-2124732490-

    1000 => C:\Program Files (x86)\RealNetworks

    \RealDownloader\RealUpgrade.exe [2014-10-27]

    (RealNetworks, Inc.)
    Task: {4BC7AC7E-00CA-4C04-BA6B-

    5323BEE302BA} - System32\Tasks

    \RealUpgradeScheduledTaskS-1-5-21-

    1479091243-4294284354-2124732490-1000 =>

    C:\Program Files (x86)\Real\RealUpgrade

    \RealUpgrade.exe [2014-10-30] (RealNetworks,

    Inc.)
    Task: {4F637EC2-D78C-4D5C-8A54-

    AF5CCC9270E5} - System32\Tasks\{EAEA8864

    -C274-4939-8D81-781A2BA4B981} =>

    pcalua.exe -a C:\Users\boydphoto\Downloads

    \ADE_2.0_Installer.exe -d C:\Users\boydphoto

    \Downloads
    Task: {51B2C21E-19CC-4E81-81E4-

    4E95794751A3} - System32\Tasks

    \RealDownloaderRealUpgradeLogonTaskS-1-5-

    21-1479091243-4294284354-2124732490-1000

    => C:\Program Files (x86)\RealNetworks

    \RealDownloader\RealUpgrade.exe [2014-10-27]

    (RealNetworks, Inc.)
    Task: {51B40E57-4F0D-4EB8-BCD9-

    E1BD26F5FC7D} - System32\Tasks

    \{9849761C-BD29-430D-AB54-8DDC4292510E}

    => pcalua.exe -a C:\SWSetup

    \HPCM41\HPCMSetup.exe -d C:\SwSetup

    \HPCM41
    Task: {5ABB0E33-27BA-42AA-8FD8-

    AFA2C352C74C} - System32\Tasks\Microsoft

    \Windows\Setup\gwx\refreshgwxconfig => C:

    \Windows\system32\GWX

    \GWXConfigManager.exe [2015-05-07] (Microsoft

    Corporation)
    Task: {6D8CDC48-EC20-4397-9C1B-

    90D8A9884201} - System32\Tasks

    \{BE38BA6D-CDC3-4086-B75E-F0279E5771AF}

    => pcalua.exe -a C:\Windows

    \system32\pcwrun.exe -c "C:\Program Files

    (x86)\VideoLAN\VLC\vlc.exe"
    Task: {866A7DAB-FA69-43BF-A463-

    A2154714306C} - System32\Tasks

    \SpeedFixTool_Popup => C:\Program Files

    (x86)\Speed Fix Tool\Splash.exe
    Task: {877DD175-9512-432B-A865-

    E7142D269E33} - System32\Tasks\Safer-

    Networking\Spybot - Search and Destroy\Refresh

    immunization => C:\Program Files (x86)\Spybot -

    Search & Destroy 2\SDImmunize.exe [2013-05-

    16] (Safer-Networking Ltd.)
    Task: {8AFB02AC-C414-4D8E-B782-

    F06652EA0809} - System32\Tasks

    \RealPlayerRealUpgradeScheduledTaskS-1-5-21

    -1479091243-4294284354-2124732490-1000 =>

    C:\Program Files (x86)\Real\RealUpgrade

    \RealUpgrade.exe [2014-10-30] (RealNetworks,

    Inc.)
    Task: {909DC105-8771-4394-AB18-

    D955564A3F0E} - System32\Tasks

    \RealDownloaderDownloaderScheduledTaskS-1-

    5-21-1479091243-4294284354-2124732490-

    1000 => C:\Program Files (x86)\RealNetworks

    \RealDownloader\recordingmanager.exe [2014-10

    -26] (RealNetworks, Inc.)
    Task: {9E4E8B20-67B6-44BB-B2FF-

    84C8D7665327} - System32\Tasks\Tweaking.com

    - Windows Repair Tray Icon => C:\Program Files

    (x86)\Tweaking.com\Windows Repair (All in

    One)\WR_Tray_Icon.exe [2015-03-11]

    (Tweaking.com)
    Task: {A5E0D92C-438D-4842-A969-

    DC19AC8B8C93} - System32\Tasks\Driver

    Support => C:\Program Files (x86)\Driver Support

    \DriverSupport.exe
    Task: {A72E77B1-D111-4B11-A7D4-

    DBE00E800141} - System32\Tasks\MirageAgent

    => C:\Program Files (x86)\CyberLink\YouCam

    \YCMMirage.exe [2011-08-22] (CyberLink)
    Task: {ABCDB344-0373-422B-8916-

    7EAE00374E56} - System32\Tasks

    \HPCeeScheduleForboydphoto => C:\Program

    Files (x86)\Hewlett-Packard\HP Ceement

    \HPCEE.exe [2011-07-15] (Hewlett-Packard)
    Task: {AFC2490A-3987-48DD-98F6-

    07006D2C3261} - System32\Tasks\Hewlett-

    Packard\HP Support Assistant

    \WarrantyChecker_DeviceScan => C:\Program

    Files (x86)\Hewlett-Packard\HP Support

    Framework\Resources\HPWarrantyCheck

    \HPWarrantyChecker.exe [2015-04-14] (Hewlett-

    Packard)
    Task: {B9654534-9DA5-4A18-B4C8-

    09F924BF3A39} - System32\Tasks\Safer-

    Networking\Spybot - Search and Destroy\Scan the

    system => C:\Program Files (x86)\Spybot - Search

    & Destroy 2\SDScan.exe [2013-05-16] (Safer-

    Networking Ltd.)
    Task: {B97E94B6-AA8F-46E1-9A51-

    46BF4670515F} - System32\Tasks\{B46472DE-

    A4AC-4D1D-B742-728F70D89BF3} =>

    pcalua.exe -a C:\Users\boydphoto\Downloads

    \ADE_2.0_Installer(6).exe -d C:\Users\boydphoto

    \Downloads
    Task: {BA00542A-3A91-4711-873B-

    3D8108A87DF7} - System32\Tasks

    \SpyHunter4Startup => C:\Program Files\Enigma

    Software Group\SpyHunter\Spyhunter4.exe
    Task: {C26D6148-A451-4BBE-88D0-

    51D87786821E} - System32\Tasks\Adobe Flash

    Player Updater => C:\Windows

    \SysWOW64\Macromed\Flash

    \FlashPlayerUpdateService.exe [2015-05-23]

    (Adobe Systems Incorporated)
    Task: {C26EA670-0B2D-4EEE-AA0E-

    8823B5EFACD4} - System32\Tasks\Registration

    => C:\Program Files (x86)\Hewlett-Packard\HP

    Setup\Dependencies\RemEngine.exe [2011-09-

    28] ()
    Task: {C345678D-1E09-4859-89C5-

    504981BA93DF} - System32\Tasks\Apple

    \AppleSoftwareUpdate => C:\Program Files

    (x86)\Apple Software Update\SoftwareUpdate.exe

    [2011-06-01] (Apple Inc.)
    Task: {C4F6725C-F93D-4663-9D59-

    5AEA8EE042DC} - System32\Tasks

    \GoogleUpdateTaskMachineUA => C:\Program

    Files (x86)\Google\Update\GoogleUpdate.exe

    [2015-02-09] (Google Inc.)
    Task: {C93259E0-CD65-4AAD-967B-

    866A762015B2} - System32\Tasks

    \RealPlayerRealUpgradeLogonTaskS-1-5-21-

    1479091243-4294284354-2124732490-1000 =>

    C:\Program Files (x86)\Real\RealUpgrade

    \RealUpgrade.exe [2014-10-30] (RealNetworks,

    Inc.)
    Task: {C945DA1F-E603-4AA1-A162-

    A8A96638DC08} - System32\Tasks

    \AdobeAAMUpdater-1.0-boydphoto-HP-boydphoto

    => C:\Program Files (x86)\Common Files\Adobe

    \OOBE\PDApp\UWA\UpdaterStartupUtility.exe

    [2013-09-25] (Adobe Systems Incorporated)
    Task: {CB1D4D93-95D2-4D56-91AE-

    D47F9D5BEB25} - System32\Tasks\{6668533C-

    BC91-4F09-9377-04669932BA50} => C:\Program

    Files (x86)\VideoLAN\VLC\vlc.exe
    Task: {D2A0200D-25BD-4BF1-992B-

    6AA6E49DBD82} - System32\Tasks\Hewlett-

    Packard\HP Support Assistant\HP Support

    Assistant Quick Start => C:\Program Files

    (x86)\Hewlett-Packard\HP Support Framework

    \HPSF.exe [2013-11-04] (Hewlett-Packard

    Company)
    Task: {DC73E6A7-1BF0-4161-BB58-

    B45168B57A88} - System32\Tasks\Hewlett-

    Packard\HP Support Assistant\Update Check =>

    C:\ProgramData\Hewlett-Packard\HP Support

    Framework\Resources

    \Updater7\HPSFUpdater.exe [2014-05-12]

    (Hewlett-Packard Company)
    Task: {E4B205CB-AA53-481F-802B-

    1161E45CE050} - System32\Tasks\{7737ABDE-

    D23F-4066-8C14-2DE8EAEA1D05} =>

    pcalua.exe -a "C:\Users\boydphoto\AppData\Local

    \Temp\Temp1_PhotoFrame_4.6.5_Free.zip\Phot

    oFrame 4.6.5 Free.exe"
    Task: {E52882F5-A7E3-445E-8BCA-

    947BD78B93AD} - System32\Tasks

    \GoogleUpdateTaskMachineCore => C:\Program

    Files (x86)\Google\Update\GoogleUpdate.exe

    [2015-02-09] (Google Inc.)
    Task: {EA2A8EFC-70B3-4796-BF27-

    DA014B162195} - System32\Tasks

    \RealDownloader Update Check => C:\Program

    Files (x86)\RealNetworks\RealDownloader

    \downloader2.exe [2014-10-29] ()
    Task: {EC3CA254-5D20-4F99-AF08-

    2063F800D1FE} - System32\Tasks\{FB19F2CA-

    7258-4905-90B7-AD079C603625} => C:\Program

    Files (x86)\VideoLAN\VLC\vlc.exe
    Task: {F6878535-6E51-42CC-ABF2-

    473E09AF1408} - System32\Tasks

    \RealUpgradeLogonTaskS-1-5-21-1479091243-

    4294284354-2124732490-1000 => C:\Program

    Files (x86)\Real\RealUpgrade\RealUpgrade.exe

    [2014-10-30] (RealNetworks, Inc.)
    Task: C:\Windows\Tasks\Adobe Flash Player

    Updater.job => C:\Windows

    \SysWOW64\Macromed\Flash

    \FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks

    \GoogleUpdateTaskMachineCore.job => C:

    \Program Files (x86)\Google\Update

    \GoogleUpdate.exe
    Task: C:\Windows\Tasks

    \GoogleUpdateTaskMachineCore1d091bae6a936

    7a.job => C:\Program Files (x86)\Google\Update

    \GoogleUpdate.exe
    Task: C:\Windows\Tasks

    \GoogleUpdateTaskMachineUA.job => C:\Program

    Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks

    \HPCeeScheduleForboydphoto.job => C:\Program

    Files (x86)\Hewlett-Packard\HP Ceement

    \HPCEE.exe
    AlternateDataStreams: C:\ProgramData

    \Temp:5C321E34
    AlternateDataStreams: C:\Users\boydphoto

    \Desktop\39D901EB-

    000015C4.eml:OECustomProperty
    AlternateDataStreams: C:\Users\boydphoto

    \Desktop\57EA104B-

    00000A19.eml:OECustomProperty
    AlternateDataStreams: C:\Users\boydphoto

    \Desktop\57EA104B-

    00000A19.eml:OEStandardProperty
    AlternateDataStreams: C:\Users\boydphoto

    \Desktop\6E4256A8-

    000011DF.eml:OECustomProperty
    AlternateDataStreams: C:\Users\boydphoto

    \Desktop\6E4256A8-

    000011DF.eml:OEStandardProperty
    AlternateDataStreams: C:\Users\boydphoto

    \Desktop\FRST64.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Desktop\SysInfo.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\adwcleaner_4.202(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\adwcleaner_4.202.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\dsb-deluxe-bing_full965.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\FreeSlideshowMaker.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads

    \FreeYouTubeToMP3Converter.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\GoToWebinar Launcher(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads

    \irfanview_plugins_438_setup.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\iview438_setup.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\mbam-setup-2.1.6.1022(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\mbam-setup-2.1.6.1022(2).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\mbam-setup-2.1.6.1022.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\ReimageRepair.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\SUPERAntiSpyware(3).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\SysInfo(8).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\TFC.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads

    \tweaking.com_windows_repair_aio_setup

    (1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads

    \tweaking.com_windows_repair_aio_setup

    (2).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads

    \tweaking.com_windows_repair_aio_setup.exe:BD

    U
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\uninstall_flash_player(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\wlsetup-web(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\wlsetup-web(2).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\wlsetup-web(3).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\wlsetup-web(4).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\wlsetup-web(5).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \Downloads\WLXPhotoBase.dll:BDU
    AlternateDataStreams: C:\Users\boydphoto

    \AppData\Local\Temporary Internet

    Files:BDnat5SZojSNgUczR6WdYE
    HKU\S-1-5-19\Software\Classes\exefile: "%1" %*

    <===== ATTENTION!
    HKU\S-1-5-20\Software\Classes\exefile: "%1" %*

    <===== ATTENTION!
    IE trusted site: HKU\S-1-5-21-1479091243-

    4294284354-2124732490-1000\...

    \driversupport.com ->

    hxxp://apps.driversupport.com
    IE trusted site: HKU\S-1-5-21-1479091243-

    4294284354-2124732490-1000\...

    \driversupport.com ->

    hxxps://apps.driversupport.com
    FirewallRules: [{4A3C164A-4FCA-412C-AC01-

    CAD2C8FCB6C9}] => (Allow) C:\Program Files

    (x86)\Hewlett-Packard\MediaSmart\RoxioNow

    \RNow.exe
    FirewallRules: [{17739C6A-5898-4C44-B208-

    54F6DB4C1106}] => (Allow) C:\Program Files

    (x86)\Hewlett-Packard\MediaSmart\RoxioNow

    \RNow.exe
    FirewallRules: [{038CD6D4-AB00-41CB-8ADA-

    FBA8E24365B4}] => (Allow) C:\Program Files

    (x86)\Hewlett-Packard\MediaSmart\RoxioNow

    \IndivDRM.exe
    FirewallRules: [{46A2F8AC-2058-42AF-A1C1-

    460E9400EE31}] => (Allow) C:\Program Files

    (x86)\Hewlett-Packard\MediaSmart\RoxioNow

    \IndivDRM.exe
    FirewallRules: [{53A23AD9-E4B9-40E0-AF87-

    A00634AD0242}] => (Allow) C:\Program Files

    (x86)\CyberLink\PowerDVD10\PowerDVD

    Cinema\PowerDVDCinema10.exe
    FirewallRules: [{05980EBE-CDAF-4086-833F-

    F9B0BFE9B401}] => (Allow) C:\Program Files

    (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{4090595D-98FB-48F9-935D-

    9C8A424E0C36}] => (Allow) C:\Users\boydphoto

    \AppData\Local\Temp\7zS33CC.tmp\SymNRT.exe
    FirewallRules: [{4544FA72-2587-4B8F-8468-

    2B66A4CCE11A}] => (Allow) C:\Users\boydphoto

    \AppData\Local\Temp\7zS33CC.tmp\SymNRT.exe
    FirewallRules: [{5D5F9967-13AB-451B-AD93-

    64E05AA4E7BB}] => (Allow) C:\Users\boydphoto

    \AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [TCP Query User{622FBB18-

    25DA-4868-98F3-50CC3356A66D}C:\program

    files (x86)\real\realplayer\realplay.exe] => (Allow)

    C:\program files (x86)\real\realplayer\realplay.exe
    FirewallRules: [UDP Query User{CB99F69D-

    C9D9-4C1A-AB43-069E32BA2586}C:\program

    files (x86)\real\realplayer\realplay.exe] => (Allow)

    C:\program files (x86)\real\realplayer\realplay.exe
    FirewallRules: [TCP Query User{E801AC1D-

    01A9-4834-986D-6FDF46C66A58}C:\program

    files (x86)\mozilla firefox\plugin-container.exe] =>

    (Allow) C:\program files (x86)\mozilla firefox

    \plugin-container.exe
    FirewallRules: [UDP Query User{E5732C31-B0E5

    -45E5-8C48-A631B44ACF4E}C:\program files

    (x86)\mozilla firefox\plugin-container.exe] =>

    (Allow) C:\program files (x86)\mozilla firefox

    \plugin-container.exe
    FirewallRules: [TCP Query User{5942E980-

    F60E-4C48-A92A-D0E63831E2EE}C:\program

    files\onone software\perfect effects 4\perfect

    effects 4.exe] => (Allow) C:\program files\onone

    software\perfect effects 4\perfect effects 4.exe
    FirewallRules: [UDP Query User{D0ED210A-

    3521-4ABC-975B-C3E178ABAF16}C:\program

    files\onone software\perfect effects 4\perfect

    effects 4.exe] => (Allow) C:\program files\onone

    software\perfect effects 4\perfect effects 4.exe
    FirewallRules: [{88E4D60D-EF59-4074-B71E-

    A2172E9B80A1}] => (Allow) C:\Program Files

    (x86)\Hewlett-Packard\HP Support Framework

    \Resources\HPWarrantyCheck

    \HPWarrantyChecker.exe
    FirewallRules: [{168807B4-D6C0-4B0A-8C14-

    3C36E25FC071}] => (Allow) C:\Program Files

    (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{FDA7670E-BFFE-4DBF-AF8B-

    8D4F0377E3C8}] => (Allow) C:\Program Files

    (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{1C50872A-E8C0-4ED8-B844-

    274CBE5BF9FF}] => (Allow) C:\Program Files

    (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{668541D5-E5F3-441C-BA6C-

    CE6FD7DA389F}] => (Allow) C:\Program Files

    (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [TCP Query User{325A7840-

    74EA-4948-ADBB-830946DABD60}C:\program

    files (x86)\flashget\flashget.exe] => (Block) C:

    \program files (x86)\flashget\flashget.exe
    FirewallRules: [UDP Query User{29FCC96E-

    EB0F-4EF7-8432-FBCF3F9E349F}C:\program

    files (x86)\flashget\flashget.exe] => (Block) C:

    \program files (x86)\flashget\flashget.exe
    FirewallRules: [TCP Query User{260074C8-EC46

    -4F14-88D6-AB027FD9C672}C:\program files

    (x86)\flashget\flashget.exe] => (Block) C:\program

    files (x86)\flashget\flashget.exe
    FirewallRules: [UDP Query User{19474440-8BC0

    -42C7-BE69-49E7F42C8DCE}C:\program files

    (x86)\flashget\flashget.exe] => (Block) C:\program

    files (x86)\flashget\flashget.exe
    FirewallRules: [{B1FF2DFC-C12A-49CF-AC38-

    FCC08EE1DC10}] => (Allow) C:\Program Files

    (x86)\YourFileDownloader\Downloader.exe
    FirewallRules: [{96574277-25DA-4182-9E09-

    262E749359BF}] => (Allow) C:\Program Files

    (x86)\YourFileDownloader\Downloader.exe
    FirewallRules: [{CC5C9C2A-B223-40E4-A75A-

    72DB420A5FB0}] => (Allow) C:\Program Files

    (x86)\YourFileDownloader\YourFile.exe
    FirewallRules: [{D66E6572-4FE4-488A-BEF6-

    587AC3BDFDBD}] => (Allow) C:\Program Files

    (x86)\YourFileDownloader\YourFile.exe
    FirewallRules: [{45903E45-D00D-41D4-B1DD-

    E61C94DF737B}] => (Allow) C:\Program Files

    (x86)\TeamViewer\Version6\TeamViewer.exe
    FirewallRules: [{A9B0DA87-0214-4C80-A886-

    51D5F84E3A1F}] => (Allow) C:\Program Files

    (x86)\TeamViewer\Version6\TeamViewer.exe
    FirewallRules: [{98D197AA-EEDC-4A50-988B-

    44DAD1DF9E6E}] => (Allow) C:\Program Files

    (x86)\TeamViewer

    \Version6\TeamViewer_Service.exe
    FirewallRules: [{0A0A199C-00B2-45BB-B0CA-

    13CC3FF34897}] => (Allow) C:\Program Files

    (x86)\TeamViewer

    \Version6\TeamViewer_Service.exe
    FirewallRules: [{B97259E5-6104-4E23-BC19-

    A34FD4E2AB3C}] => (Allow) C:\Program Files

    (x86)\ExpressFiles\expressdl.exe
    FirewallRules: [{94A1C87D-5F9B-45D3-8143-

    EDDACD5F3C74}] => (Allow) C:\Program Files

    (x86)\ExpressFiles\expressdl.exe
    FirewallRules: [{B95994D6-4FD5-4C5B-B07B-

    F5D37E368A2B}] => (Allow) C:\Program Files

    (x86)\ExpressFiles\ExpressFiles.exe
    FirewallRules: [{13F87826-AB8A-4C80-A9E7-

    C35096608743}] => (Allow) C:\Program Files

    (x86)\ExpressFiles\ExpressFiles.exe
    FirewallRules: [{EED063C0-AAF2-494E-BD5C-

    ECF271E4488C}] => (Allow) C:\Program Files

    (x86)\AVG\AVG2014\avgmfapx.exe
    FirewallRules: [{42EE6217-9B0F-4724-8C2B-

    C561D4FBD44B}] => (Allow) C:\Program Files

    (x86)\AVG\AVG2014\avgmfapx.exe
    FirewallRules: [TCP Query User{69C492FB-

    E69E-465B-ABB2-C401628C9E58}C:\users

    \boydphoto\appdata\local\logmein rescue applet

    \lmir0001.tmp\lmi_instantchat.exe] => (Allow) C:

    \users\boydphoto\appdata\local\logmein rescue

    applet\lmir0001.tmp\lmi_instantchat.exe
    FirewallRules: [UDP Query User{33750813-0A55

    -41B5-955F-2437DCACDACC}C:\users

    \boydphoto\appdata\local\logmein rescue applet

    \lmir0001.tmp\lmi_instantchat.exe] => (Allow) C:

    \users\boydphoto\appdata\local\logmein rescue

    applet\lmir0001.tmp\lmi_instantchat.exe
    FirewallRules: [TCP Query User{D5360516-

    329D-4FCA-9053-31B6D522C5AB}C:\program

    files\onone software\perfect effects 8\perfect

    effects 8.exe] => (Allow) C:\program files\onone

    software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [UDP Query User{8CF76B82-

    A43F-46C0-9285-1EC0093C74AF}C:\program

    files\onone software\perfect effects 8\perfect

    effects 8.exe] => (Allow) C:\program files\onone

    software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [{096E14B5-9AA2-4E24-A25E-

    BCAA1AC033DE}] => (Allow) C:\Program Files

    (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{AF719DBB-DDE1-4DD1-A3A0-

    F9F4548BA14A}] => (Allow) LPort=2869
    FirewallRules: [{E9F151E2-3F52-4D39-A86A-

    ACAB84D493DE}] => (Allow) LPort=1900
    FirewallRules: [{5394026D-E729-4C36-BA7A-

    BC1CF54C6101}] => (Allow) C:\Program Files

    (x86)\Lavasoft\AdAware SecureSearch Toolbar

    \dtUser.exe
    FirewallRules: [{DD041CE0-1868-4FCB-BAEE-

    413319B8707D}] => (Allow) C:\Program Files

    (x86)\Lavasoft\AdAware SecureSearch Toolbar

    \dtUser.exe
    FirewallRules: [{82867BD1-7E2B-46B6-A6BE-

    BA690C4C7566}] => (Allow) C:\Users\boydphoto

    \Desktop\Crusaders_Cross_downloader.exe
    FirewallRules: [{844BBE42-FA01-421A-8B7D-

    E7970706BF3C}] => (Allow) C:\Users\boydphoto

    \Desktop\Crusaders_Cross_downloader.exe
    FirewallRules: [TCP Query User{CD300384-BE24

    -45B1-B49C-FE79E9523EDB}C:\program files

    \onone software\perfect photo suite 9\perfect

    photo suite 9.exe] => (Allow) C:\program files

    \onone software\perfect photo suite 9\perfect

    photo suite 9.exe
    FirewallRules: [UDP Query User{A7867129-7402

    -4079-9D88-8CF9EE74125F}C:\program files

    \onone software\perfect photo suite 9\perfect

    photo suite 9.exe] => (Allow) C:\program files

    \onone software\perfect photo suite 9\perfect

    photo suite 9.exe
    FirewallRules: [TCP Query User{9C2B9D24-

    1E5D-43A7-BD2C-177E35B06CED}C:\program

    files\onone software\perfect effects free 9\perfect

    effects free 9.exe] => (Allow) C:\program files

    \onone software\perfect effects free 9\perfect

    effects free 9.exe
    FirewallRules: [UDP Query User{4C2A5D8D-

    30D3-4161-A038-917DD98B1107}C:\program

    files\onone software\perfect effects free 9\perfect

    effects free 9.exe] => (Allow) C:\program files

    \onone software\perfect effects free 9\perfect

    effects free 9.exe
    FirewallRules: [TCP Query User{635F9AEF-3205

    -4291-B60A-E22D599CA9F8}C:\users

    \boydphoto\appdata\roaming\dropbox\bin

    \dropbox.exe] => (Allow) C:\users\boydphoto

    \appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [UDP Query User{86F2A48B-

    81BA-4CBF-8954-1C5FF04F0788}C:\users

    \boydphoto\appdata\roaming\dropbox\bin

    \dropbox.exe] => (Allow) C:\users\boydphoto

    \appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [{38240D7F-E21C-4254-A023-

    755C20E3A9A1}] => (Allow) C:\Program Files

    \AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{81F284E7-7EF6-49B9-AFF9-

    B70197243A53}] => (Allow) C:\Program Files

    \AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{7D632C67-E993-4BFE-B243-

    099CD4D3CA0B}] => (Allow) c:\program files

    (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
    FirewallRules: [{6E52D93B-3254-4EA8-96D9-

    9A13B03A7042}] => (Allow) C:\Program Files

    (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{842CFD74-CE31-4CA2-BACC-

    5F9E2C97EA9F}] => (Allow) C:\Program Files

    (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{2608FD50-8360-4E84-8C87-

    568DA19E60F7}] => (Allow) C:\Users

    \BOYDPH~1\AppData\Local\Temp\nssF0FC.tmp

    \CnetInstaller-10702106.exe
    FirewallRules: [{3E557A38-AAA3-48EF-A6F2-

    6268C5513EB7}] => (Allow) C:\Users

    \BOYDPH~1\AppData\Local\Temp\nssF0FC.tmp

    \CnetInstaller-10702106.exe
    FirewallRules: [TCP Query User{8ACB3B77-5F72

    -40C1-95F8-0478231BB85A}C:\program files

    (x86)\freetime\formatfactory\formatfactory.exe] =>

    (Allow) C:\program files (x86)\freetime

    \formatfactory\formatfactory.exe
    FirewallRules: [UDP Query User{37457A1D-1369

    -4717-9895-1D5AB5176B1C}C:\program files

    (x86)\freetime\formatfactory\formatfactory.exe] =>

    (Allow) C:\program files (x86)\freetime

    \formatfactory\formatfactory.exe
    FirewallRules: [TCP Query User{B13D840B-

    9CD8-42EA-A263-DF096EC77343}C:\program

    files (x86)\spybot - search & destroy

    2\sdupdate.exe] => (Allow) C:\program files

    (x86)\spybot - search & destroy 2\sdupdate.exe
    FirewallRules: [UDP Query User{AEFF748D-

    32C7-43AB-AAF3-2744FDFDC023}C:\program

    files (x86)\spybot - search & destroy

    2\sdupdate.exe] => (Allow) C:\program files

    (x86)\spybot - search & destroy 2\sdupdate.exe
    FirewallRules: [TCP Query User{DA55AB9C-

    79AD-487A-B68D-307E83115DFC}C:\program

    files (x86)\mozilla firefox\firefox.exe] => (Allow) C:

    \program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{D790D833-

    4B0A-48F0-A682-6505465942C2}C:\program

    files (x86)\mozilla firefox\firefox.exe] => (Allow) C:

    \program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{A4C5B932-E431-4140-A9E8-

    86256D65FC24}] => (Allow) C:\Program Files

    \iTunes\iTunes.exe
    FirewallRules: [{BE119236-FA2D-47FF-A487-

    C788DA797659}] => (Allow) C:\Program Files

    (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [TCP Query User{1CD84F8D-0382

    -4CFB-8D53-17B86CC3473A}C:\program files

    \onone software\perfect effects 8\perfect effects

    8.exe] => (Allow) C:\program files\onone software

    \perfect effects 8\perfect effects 8.exe
    FirewallRules: [UDP Query User{6097BFB0-5753

    -4226-95BC-CCBF2C2A9457}C:\program files

    \onone software\perfect effects 8\perfect effects

    8.exe] => (Allow) C:\program files\onone software

    \perfect effects 8\perfect effects 8.exe
    FirewallRules: [{D326C321-56B6-4D04-B398-

    17F72F8A5668}] => (Allow) C:\Program Files

    (x86)\Hewlett-Packard\HP Support Framework

    \Resources\HPWarrantyCheck

    \HPDeviceDetection3.exe
    FirewallRules: [{4A3D6537-21E2-4FB4-9FB1-

    8B3493129592}] => (Allow) C:\Program Files

    (x86)\Google\Chrome\Application\chrome.exe
    StandardProfile\AuthorizedApplications: [C:

    \Program Files (x86)\Spybot - Search & Destroy

    2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray

    Icon
    StandardProfile\AuthorizedApplications: [C:

    \Program Files (x86)\Spybot - Search & Destroy

    2\SDFSSvc.exe] => Enabled:Spybot-S&D 2

    Scanner Service
    StandardProfile\AuthorizedApplications: [C:

    \Program Files (x86)\Spybot - Search & Destroy

    2\SDUpdate.exe] => Enabled:Spybot-S&D 2

    Updater
    StandardProfile\AuthorizedApplications: [C:

    \Program Files (x86)\Spybot - Search & Destroy

    2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2

    Background update service
     
  8. boydphoto

    boydphoto Thread Starter

    Joined:
    Nov 25, 2005
    Messages:
    641
    First Name:
    boyd
    Farbar Service Scanner Version: 17-01-2015
    Ran by boydphoto (administrator) on 24-05-2015 at 08:49:37
    Running from "C:\Users\boydphoto\Desktop"
    Microsoft Windows 7 Home Premium Service Pack 1 (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Policy:
    ========================


    Action Center:
    ============


    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => File is digitally signed
    C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
    C:\Windows\System32\dhcpcore.dll => File is digitally signed
    C:\Windows\System32\drivers\afd.sys => File is digitally signed
    C:\Windows\System32\drivers\tdx.sys => File is digitally signed
    C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
    C:\Windows\System32\dnsrslvr.dll => File is digitally signed
    C:\Windows\System32\mpssvc.dll => File is digitally signed
    C:\Windows\System32\bfe.dll => File is digitally signed
    C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
    C:\Windows\System32\SDRSVC.dll => File is digitally signed
    C:\Windows\System32\vssvc.exe => File is digitally signed
    C:\Windows\System32\wscsvc.dll => File is digitally signed
    C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
    C:\Windows\System32\wuaueng.dll => File is digitally signed
    C:\Windows\System32\qmgr.dll => File is digitally signed
    C:\Windows\System32\es.dll => File is digitally signed
    C:\Windows\System32\cryptsvc.dll => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed


    **** End of log ****
     
  9. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    You didn't follow the instructions on Post 6. The attached file should be downloaded and saved in the same location FRST is saved. Both files must be in the same location.

    Open FRST as an administrator and click on the Fix button.Upon completion a log, fixlog.txt (not fixlist.txt) will be produced. Post the contents of the fixlog.txt produced.
     
  10. boydphoto

    boydphoto Thread Starter

    Joined:
    Nov 25, 2005
    Messages:
    641
    First Name:
    boyd
    Sorry. I'll try to do it right. ok, I ran it, but now I can't find fixlog to post.
     
  11. boydphoto

    boydphoto Thread Starter

    Joined:
    Nov 25, 2005
    Messages:
    641
    First Name:
    boyd
    Fix result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015 01
    Ran by boydphoto at 2015-05-24 15:54:12 Run:3
    Running from C:\Users\boydphoto\Desktop
    Loaded Profiles: boydphoto (Available Profiles: boydphoto)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    CreateRestorePoint:
    HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
    HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
    HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
    HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
    HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
    HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
    HKLM\...\Policies\Explorer: [NoFind] 0
    HKLM\...\Policies\Explorer: [NoFile] 0
    HKLM\...\Policies\Explorer: [HideClock] 0
    HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
    HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
    HKLM\...\Policies\Explorer: [NoSetFolders] 0
    HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
    HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
    HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
    HKLM\...\Policies\Explorer: [NoDFSTab] 0
    HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
    HKLM\...\Policies\Explorer: [NoLogoff] 0
    HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
    HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
    HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
    HKLM\...\Policies\Explorer: [NoResolveSearch] 0
    HKLM\...\Policies\Explorer: [NoSaveSettings] 0
    HKLM\...\Policies\Explorer: [NoHardwareTab] 0
    HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
    HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
    HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
    HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
    HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
    HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
    HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
    HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
    HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
    HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
    HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
    HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
    HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
    HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
    HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
    HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
    HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
    HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
    HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
    HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
    HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\system: [NoDispAppearancePage] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\system: [NoDispSettingsPage] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoViewOnDrive] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoViewContextMenu] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoFile] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [HideClock] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoSetFolders] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoSetTaskbar] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoDeletePrinter] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoDFSTab] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoLogoff] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoResolveSearch] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoSaveSettings] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoHardwareTab] 0
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
    HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
    HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
    HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
    HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
    HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
    HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
    HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-05-23]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://drudgereport.com/
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1479091243-4294284354-2124732490-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
    BHO: No Name -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> No File
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
    FF Homepage: hxxp://drudgereport.com/
    FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
    FF HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
    S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
    S3 cpuz134; \??\C:\Users\BOYDPH~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
    C:\Program Files\McAfee Security Scan
    C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    C:\ProgramData\McAfee Security Scan
    C:\Windows\SysWOW64\sho8D9C.tmp
    2015-01-07 18:30 - 2015-01-23 09:59 - 10395072 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe
    2014-12-22 12:19 - 2014-12-22 12:19 - 0000132 _____ () C:\Users\boydphoto\AppData\Roaming\Adobe GIF Format CC Prefs
    2014-12-08 14:12 - 2014-12-08 14:12 - 0000132 _____ () C:\Users\boydphoto\AppData\Roaming\Adobe PNG Format CC Prefs
    2013-02-05 10:52 - 2013-02-05 10:53 - 0000173 _____ () C:\Users\boydphoto\AppData\Roaming\hpmirrordriver.log
    2013-11-16 07:40 - 2015-03-07 17:38 - 0000112 _____ () C:\Users\boydphoto\AppData\Roaming\JP2K CS6 Prefs
    2015-01-18 13:04 - 2015-01-18 13:05 - 0000115 _____ () C:\Users\boydphoto\AppData\Roaming\LogFile.txt
    2013-11-12 16:50 - 2013-11-12 16:50 - 0000119 _____ () C:\Users\boydphoto\AppData\Roaming\mbam.context.scan
    2013-07-17 12:54 - 2013-07-17 12:54 - 0000005 _____ () C:\Users\boydphoto\AppData\Roaming\WBPU-TTL.DAT
    2014-02-17 06:25 - 2014-11-08 06:47 - 0001456 _____ () C:\Users\boydphoto\AppData\Local\Adobe Save for Web 13.0 Prefs
    2014-10-04 10:31 - 2014-10-04 10:32 - 0005991 _____ () C:\ProgramData\1412443876.1908.bin
    2014-10-04 10:32 - 2014-10-04 10:32 - 0002133 _____ () C:\ProgramData\1412443876.1940.bin
    2014-10-04 10:32 - 2014-10-04 10:32 - 0009155 _____ () C:\ProgramData\1412443876.2588.bin
    2014-10-04 10:31 - 2014-10-04 10:33 - 0049898 _____ () C:\ProgramData\1412443876.3536.bin
    2014-10-04 10:31 - 2014-10-04 10:33 - 0015503 _____ () C:\ProgramData\1412443876.4120.bin
    2014-10-04 10:31 - 2014-10-04 10:31 - 0013603 _____ () C:\ProgramData\1412443876.5856.bin
    2014-10-04 10:32 - 2014-10-04 10:32 - 0004448 _____ () C:\ProgramData\1412443876.7500.bin
    2014-10-04 10:36 - 2014-10-04 10:38 - 0005991 _____ () C:\ProgramData\1412444185.2568.bin
    2014-10-04 10:38 - 2014-10-04 10:38 - 0002133 _____ () C:\ProgramData\1412444185.2764.bin
    2014-10-04 10:38 - 2014-10-04 10:38 - 0004508 _____ () C:\ProgramData\1412444185.4156.bin
    2014-10-04 10:38 - 2014-10-04 10:38 - 0009155 _____ () C:\ProgramData\1412444185.4920.bin
    2014-10-04 10:36 - 2014-10-04 10:38 - 0049433 _____ () C:\ProgramData\1412444185.5376.bin
    2014-10-04 10:36 - 2014-10-04 10:38 - 0010863 _____ () C:\ProgramData\1412444185.6596.bin
    2014-10-04 10:37 - 2014-10-04 10:37 - 0012991 _____ () C:\ProgramData\1412444185.7672.bin
    2015-03-29 12:24 - 2015-03-29 12:24 - 0045498 _____ () C:\ProgramData\1427657079.bdinstall.bin
    2015-03-29 12:35 - 2015-03-29 12:35 - 0214913 _____ () C:\ProgramData\1427657381.bdinstall.bin
    2015-05-07 12:23 - 2015-05-07 12:23 - 0037823 _____ () C:\ProgramData\1431026595.bdinstall.bin
    2015-05-07 12:23 - 2015-05-07 12:23 - 0173968 _____ () C:\ProgramData\1431026597.bdinstall.bin
    2015-05-15 06:46 - 2015-05-15 06:46 - 0037839 _____ () C:\ProgramData\1431697585.bdinstall.bin
    2015-05-15 06:48 - 2015-05-15 06:48 - 0171521 _____ () C:\ProgramData\1431697587.bdinstall.bin
    2015-05-17 10:06 - 2015-05-17 10:06 - 0037839 _____ () C:\ProgramData\1431882409.bdinstall.bin
    2015-05-17 10:07 - 2015-05-17 10:07 - 0171492 _____ () C:\ProgramData\1431882412.bdinstall.bin
    2014-10-10 15:46 - 2014-10-10 15:46 - 0000088 _____ () C:\ProgramData\FS.dat
    C:\Users\boydphoto\AppData\Local\Temp\iv_uninstall.exe
    C:\Users\boydphoto\AppData\Local\Temp\ReimagePackage.exe
    C:\Users\boydphoto\AppData\Local\Temp\ReiSysUpdate.exe
    C:\Users\boydphoto\AppData\Local\Temp\sqlite3.exe
    Task: {0218C388-A90A-4E5A-A33B-9DDD1DE6201E} - System32\Tasks\{A03E838D-B95C-4FBD-923C-71857392BED0} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
    Task: {05456CD6-187B-4C32-BCB5-42611988EB6B} - System32\Tasks\{D0C54F90-AA52-4CF3-ACF3-53E3F4A4881A} => pcalua.exe -a "C:\Users\boydphoto\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1AB1AN87\faster-downloader.exe" -d C:\Users\boydphoto\Desktop
    Task: {0C969156-90E2-4EE4-8C06-433E608B7766} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {14B0B669-61CF-425C-91C8-5F214F1BC366} - System32\Tasks\{7628D3B4-6D33-4EA0-AE81-1E0BAEE016A2} => pcalua.exe -a C:\Users\BOYDPH~1\AppData\Local\Temp\Shockwave_Installer_FF.exe -d "C:\Program Files (x86)\Mozilla Firefox"
    Task: {15F42D34-E055-41BE-8463-1A03A9C363E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {34C29C07-A6D2-4D57-B83F-B3EC96572A9A} - System32\Tasks\SpeedFixTool_Start => C:\Program Files (x86)\Speed Fix Tool\SpeedFixTool.exe
    Task: {36AB3174-358C-4CDE-832C-FBF80B9CA14B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {3A00B4D5-33ED-4FA1-A60A-E998FC94FFE3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2013-05-16] (Safer-Networking Ltd.)
    Task: {421BFF3F-4F29-43C6-98DF-6E0DC213BD3D} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
    Task: {4BC7AC7E-00CA-4C04-BA6B-5323BEE302BA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
    Task: {4F637EC2-D78C-4D5C-8A54-AF5CCC9270E5} - System32\Tasks\{EAEA8864-C274-4939-8D81-781A2BA4B981} => pcalua.exe -a C:\Users\boydphoto\Downloads\ADE_2.0_Installer.exe -d C:\Users\boydphoto\Downloads
    Task: {51B2C21E-19CC-4E81-81E4-4E95794751A3} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)
    Task: {51B40E57-4F0D-4EB8-BCD9-E1BD26F5FC7D} - System32\Tasks\{9849761C-BD29-430D-AB54-8DDC4292510E} => pcalua.exe -a C:\SWSetup\HPCM41\HPCMSetup.exe -d C:\SwSetup\HPCM41
    Task: {5ABB0E33-27BA-42AA-8FD8-AFA2C352C74C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
    Task: {6D8CDC48-EC20-4397-9C1B-90D8A9884201} - System32\Tasks\{BE38BA6D-CDC3-4086-B75E-F0279E5771AF} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe"
    Task: {866A7DAB-FA69-43BF-A463-A2154714306C} - System32\Tasks\SpeedFixTool_Popup => C:\Program Files (x86)\Speed Fix Tool\Splash.exe
    Task: {877DD175-9512-432B-A865-E7142D269E33} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2013-05-16] (Safer-Networking Ltd.)
    Task: {8AFB02AC-C414-4D8E-B782-F06652EA0809} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
    Task: {909DC105-8771-4394-AB18-D955564A3F0E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
    Task: {9E4E8B20-67B6-44BB-B2FF-84C8D7665327} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
    Task: {A5E0D92C-438D-4842-A969-DC19AC8B8C93} - System32\Tasks\Driver Support => C:\Program Files (x86)\Driver Support\DriverSupport.exe
    Task: {A72E77B1-D111-4B11-A7D4-DBE00E800141} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-22] (CyberLink)
    Task: {ABCDB344-0373-422B-8916-7EAE00374E56} - System32\Tasks\HPCeeScheduleForboydphoto => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
    Task: {AFC2490A-3987-48DD-98F6-07006D2C3261} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
    Task: {B9654534-9DA5-4A18-B4C8-09F924BF3A39} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2013-05-16] (Safer-Networking Ltd.)
    Task: {B97E94B6-AA8F-46E1-9A51-46BF4670515F} - System32\Tasks\{B46472DE-A4AC-4D1D-B742-728F70D89BF3} => pcalua.exe -a C:\Users\boydphoto\Downloads\ADE_2.0_Installer(6).exe -d C:\Users\boydphoto\Downloads
    Task: {BA00542A-3A91-4711-873B-3D8108A87DF7} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
    Task: {C26D6148-A451-4BBE-88D0-51D87786821E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-23] (Adobe Systems Incorporated)
    Task: {C26EA670-0B2D-4EEE-AA0E-8823B5EFACD4} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2011-09-28] ()
    Task: {C345678D-1E09-4859-89C5-504981BA93DF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {C4F6725C-F93D-4663-9D59-5AEA8EE042DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.)
    Task: {C93259E0-CD65-4AAD-967B-866A762015B2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
    Task: {C945DA1F-E603-4AA1-A162-A8A96638DC08} - System32\Tasks\AdobeAAMUpdater-1.0-boydphoto-HP-boydphoto => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
    Task: {CB1D4D93-95D2-4D56-91AE-D47F9D5BEB25} - System32\Tasks\{6668533C-BC91-4F09-9377-04669932BA50} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
    Task: {D2A0200D-25BD-4BF1-992B-6AA6E49DBD82} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {DC73E6A7-1BF0-4161-BB58-B45168B57A88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: {E4B205CB-AA53-481F-802B-1161E45CE050} - System32\Tasks\{7737ABDE-D23F-4066-8C14-2DE8EAEA1D05} => pcalua.exe -a "C:\Users\boydphoto\AppData\Local\Temp\Temp1_PhotoFrame_4.6.5_Free.zip\Phot oFrame 4.6.5 Free.exe"
    Task: {E52882F5-A7E3-445E-8BCA-947BD78B93AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.)
    Task: {EA2A8EFC-70B3-4796-BF27-DA014B162195} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
    Task: {EC3CA254-5D20-4F99-AF08-2063F800D1FE} - System32\Tasks\{FB19F2CA-7258-4905-90B7-AD079C603625} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
    Task: {F6878535-6E51-42CC-ABF2-473E09AF1408} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091bae6a9367a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForboydphoto.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    AlternateDataStreams: C:\ProgramData\Temp:5C321E34
    AlternateDataStreams: C:\Users\boydphoto\Desktop\39D901EB-000015C4.eml:OECustomProperty
    AlternateDataStreams: C:\Users\boydphoto\Desktop\57EA104B-00000A19.eml:OECustomProperty
    AlternateDataStreams: C:\Users\boydphoto\Desktop\57EA104B-00000A19.eml:OEStandardProperty
    AlternateDataStreams: C:\Users\boydphoto\Desktop\6E4256A8-000011DF.eml:OECustomProperty
    AlternateDataStreams: C:\Users\boydphoto\Desktop\6E4256A8-000011DF.eml:OEStandardProperty
    AlternateDataStreams: C:\Users\boydphoto\Desktop\FRST64.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Desktop\SysInfo.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\adwcleaner_4.202(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\adwcleaner_4.202.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\dsb-deluxe-bing_full965.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\FreeSlideshowMaker.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\FreeYouTubeToMP3Converter.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\GoToWebinar Launcher(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\irfanview_plugins_438_setup.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\iview438_setup.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\mbam-setup-2.1.6.1022(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\mbam-setup-2.1.6.1022(2).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\mbam-setup-2.1.6.1022.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\ReimageRepair.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\SUPERAntiSpyware(3).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\SysInfo(8).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\TFC.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\tweaking.com_windows_repair_aio_setup(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\tweaking.com_windows_repair_aio_setup(2).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\tweaking.com_windows_repair_aio_setup.exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\uninstall_flash_player(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\wlsetup-web(1).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\wlsetup-web(2).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\wlsetup-web(3).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\wlsetup-web(4).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\wlsetup-web(5).exe:BDU
    AlternateDataStreams: C:\Users\boydphoto\Downloads\WLXPhotoBase.dll:BDU
    AlternateDataStreams: C:\Users\boydphoto\AppData\Local\Temporary Internet Files:BDnat5SZojSNgUczR6WdYE
    HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
    HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
    IE trusted site: HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\driversupport.com -> hxxp://apps.driversupport.com
    IE trusted site: HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\...\driversupport.com -> hxxps://apps.driversupport.com
    FirewallRules: [{4A3C164A-4FCA-412C-AC01-CAD2C8FCB6C9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
    FirewallRules: [{17739C6A-5898-4C44-B208-54F6DB4C1106}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
    FirewallRules: [{038CD6D4-AB00-41CB-8ADA-FBA8E24365B4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\IndivDRM.exe
    FirewallRules: [{46A2F8AC-2058-42AF-A1C1-460E9400EE31}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\IndivDRM.exe
    FirewallRules: [{53A23AD9-E4B9-40E0-AF87-A00634AD0242}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
    FirewallRules: [{05980EBE-CDAF-4086-833F-F9B0BFE9B401}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{4090595D-98FB-48F9-935D-9C8A424E0C36}] => (Allow) C:\Users\boydphoto\AppData\Local\Temp\7zS33CC.tmp\SymNRT.exe
    FirewallRules: [{4544FA72-2587-4B8F-8468-2B66A4CCE11A}] => (Allow) C:\Users\boydphoto\AppData\Local\Temp\7zS33CC.tmp\SymNRT.exe
    FirewallRules: [{5D5F9967-13AB-451B-AD93-64E05AA4E7BB}] => (Allow) C:\Users\boydphoto\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [TCP Query User{622FBB18-25DA-4868-98F3-50CC3356A66D}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
    FirewallRules: [UDP Query User{CB99F69D-C9D9-4C1A-AB43-069E32BA2586}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
    FirewallRules: [TCP Query User{E801AC1D-01A9-4834-986D-6FDF46C66A58}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [UDP Query User{E5732C31-B0E5-45E5-8C48-A631B44ACF4E}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
    FirewallRules: [TCP Query User{5942E980-F60E-4C48-A92A-D0E63831E2EE}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
    FirewallRules: [UDP Query User{D0ED210A-3521-4ABC-975B-C3E178ABAF16}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
    FirewallRules: [{88E4D60D-EF59-4074-B71E-A2172E9B80A1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
    FirewallRules: [{168807B4-D6C0-4B0A-8C14-3C36E25FC071}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{FDA7670E-BFFE-4DBF-AF8B-8D4F0377E3C8}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{1C50872A-E8C0-4ED8-B844-274CBE5BF9FF}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{668541D5-E5F3-441C-BA6C-CE6FD7DA389F}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [TCP Query User{325A7840-74EA-4948-ADBB-830946DABD60}C:\program files (x86)\flashget\flashget.exe] => (Block) C:\program files (x86)\flashget\flashget.exe
    FirewallRules: [UDP Query User{29FCC96E-EB0F-4EF7-8432-FBCF3F9E349F}C:\program files (x86)\flashget\flashget.exe] => (Block) C:\program files (x86)\flashget\flashget.exe
    FirewallRules: [TCP Query User{260074C8-EC46-4F14-88D6-AB027FD9C672}C:\program files (x86)\flashget\flashget.exe] => (Block) C:\program files (x86)\flashget\flashget.exe
    FirewallRules: [UDP Query User{19474440-8BC0-42C7-BE69-49E7F42C8DCE}C:\program files (x86)\flashget\flashget.exe] => (Block) C:\program files (x86)\flashget\flashget.exe
    FirewallRules: [{B1FF2DFC-C12A-49CF-AC38-FCC08EE1DC10}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
    FirewallRules: [{96574277-25DA-4182-9E09-262E749359BF}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
    FirewallRules: [{CC5C9C2A-B223-40E4-A75A-72DB420A5FB0}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
    FirewallRules: [{D66E6572-4FE4-488A-BEF6-587AC3BDFDBD}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
    FirewallRules: [{45903E45-D00D-41D4-B1DD-E61C94DF737B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
    FirewallRules: [{A9B0DA87-0214-4C80-A886-51D5F84E3A1F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
    FirewallRules: [{98D197AA-EEDC-4A50-988B-44DAD1DF9E6E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    FirewallRules: [{0A0A199C-00B2-45BB-B0CA-13CC3FF34897}] => (Allow) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    FirewallRules: [{B97259E5-6104-4E23-BC19-A34FD4E2AB3C}] => (Allow) C:\Program Files (x86)\ExpressFiles\expressdl.exe
    FirewallRules: [{94A1C87D-5F9B-45D3-8143-EDDACD5F3C74}] => (Allow) C:\Program Files (x86)\ExpressFiles\expressdl.exe
    FirewallRules: [{B95994D6-4FD5-4C5B-B07B-F5D37E368A2B}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe
    FirewallRules: [{13F87826-AB8A-4C80-A9E7-C35096608743}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe
    FirewallRules: [{EED063C0-AAF2-494E-BD5C-ECF271E4488C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
    FirewallRules: [{42EE6217-9B0F-4724-8C2B-C561D4FBD44B}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
    FirewallRules: [TCP Query User{69C492FB-E69E-465B-ABB2-C401628C9E58}C:\users\boydphoto\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_instantchat.exe] => (Allow) C:\users\boydphoto\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_instantchat.exe
    FirewallRules: [UDP Query User{33750813-0A55-41B5-955F-2437DCACDACC}C:\users\boydphoto\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_instantchat.exe] => (Allow) C:\users\boydphoto\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_instantchat.exe
    FirewallRules: [TCP Query User{D5360516-329D-4FCA-9053-31B6D522C5AB}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [UDP Query User{8CF76B82-A43F-46C0-9285-1EC0093C74AF}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [{096E14B5-9AA2-4E24-A25E-BCAA1AC033DE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{AF719DBB-DDE1-4DD1-A3A0-F9F4548BA14A}] => (Allow) LPort=2869
    FirewallRules: [{E9F151E2-3F52-4D39-A86A-ACAB84D493DE}] => (Allow) LPort=1900
    FirewallRules: [{5394026D-E729-4C36-BA7A-BC1CF54C6101}] => (Allow) C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe
    FirewallRules: [{DD041CE0-1868-4FCB-BAEE-413319B8707D}] => (Allow) C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe
    FirewallRules: [{82867BD1-7E2B-46B6-A6BE-BA690C4C7566}] => (Allow) C:\Users\boydphoto\Desktop\Crusaders_Cross_downloader.exe
    FirewallRules: [{844BBE42-FA01-421A-8B7D-E7970706BF3C}] => (Allow) C:\Users\boydphoto\Desktop\Crusaders_Cross_downloader.exe
    FirewallRules: [TCP Query User{CD300384-BE24-45B1-B49C-FE79E9523EDB}C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe] => (Allow) C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe
    FirewallRules: [UDP Query User{A7867129-7402-4079-9D88-8CF9EE74125F}C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe] => (Allow) C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe
    FirewallRules: [TCP Query User{9C2B9D24-1E5D-43A7-BD2C-177E35B06CED}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe] => (Allow) C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe
    FirewallRules: [UDP Query User{4C2A5D8D-30D3-4161-A038-917DD98B1107}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe] => (Allow) C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe
    FirewallRules: [TCP Query User{635F9AEF-3205-4291-B60A-E22D599CA9F8}C:\users\boydphoto\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\boydphoto\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [UDP Query User{86F2A48B-81BA-4CBF-8954-1C5FF04F0788}C:\users\boydphoto\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\boydphoto\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [{38240D7F-E21C-4254-A023-755C20E3A9A1}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{81F284E7-7EF6-49B9-AFF9-B70197243A53}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
    FirewallRules: [{7D632C67-E993-4BFE-B243-099CD4D3CA0B}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
    FirewallRules: [{6E52D93B-3254-4EA8-96D9-9A13B03A7042}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{842CFD74-CE31-4CA2-BACC-5F9E2C97EA9F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{2608FD50-8360-4E84-8C87-568DA19E60F7}] => (Allow) C:\Users\BOYDPH~1\AppData\Local\Temp\nssF0FC.tmp\CnetInstaller-10702106.exe
    FirewallRules: [{3E557A38-AAA3-48EF-A6F2-6268C5513EB7}] => (Allow) C:\Users\BOYDPH~1\AppData\Local\Temp\nssF0FC.tmp\CnetInstaller-10702106.exe
    FirewallRules: [TCP Query User{8ACB3B77-5F72-40C1-95F8-0478231BB85A}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
    FirewallRules: [UDP Query User{37457A1D-1369-4717-9895-1D5AB5176B1C}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
    FirewallRules: [TCP Query User{B13D840B-9CD8-42EA-A263-DF096EC77343}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
    FirewallRules: [UDP Query User{AEFF748D-32C7-43AB-AAF3-2744FDFDC023}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
    FirewallRules: [TCP Query User{DA55AB9C-79AD-487A-B68D-307E83115DFC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{D790D833-4B0A-48F0-A682-6505465942C2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{A4C5B932-E431-4140-A9E8-86256D65FC24}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{BE119236-FA2D-47FF-A487-C788DA797659}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [TCP Query User{1CD84F8D-0382-4CFB-8D53-17B86CC3473A}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [UDP Query User{6097BFB0-5753-4226-95BC-CCBF2C2A9457}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [{D326C321-56B6-4D04-B398-17F72F8A5668}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
    FirewallRules: [{4A3D6537-21E2-4FB4-9FB1-8B3493129592}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
    *****************

    Restore point was successfully created.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoShellSearchButton => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayItemsDisplay => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDevMgrUpdate => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value Removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableCMD => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispAppearancePage => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispBackgroundPage => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispSettingsPage => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoShellSearchButton => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayItemsDisplay => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDevMgrUpdate => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value Removed successfully
    HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableCMD => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispAppearancePage => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispBackgroundPage => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispSettingsPage => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoShellSearchButton => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayItemsDisplay => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDevMgrUpdate => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value Removed successfully
    HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispAppearancePage => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispSettingsPage => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispAppearancePage => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispSettingsPage => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value Removed successfully
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key Removed successfully
    HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => Moved successfully.
    C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe => Moved successfully.
    "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully
    "HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully
    "HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully
    HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value restored successfully
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value restored successfully
    HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value restored successfully
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value restored successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value Removed successfully
    HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
    HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
    HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
    "HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => key Removed successfully
    HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}" => key Removed successfully
    HKCR\CLSID\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} => key not found.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => key Removed successfully
    "HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => key Removed successfully
    Firefox homepage Removed successfully
    C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => Moved successfully.
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => value Removed successfully
    McComponentHostService => Service Removed successfully
    AvastVBoxSvc => Service Removed successfully
    cpuz134 => Service Removed successfully
    C:\Program Files\McAfee Security Scan => Moved successfully.
    C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk => Moved successfully.
    C:\ProgramData\McAfee Security Scan => Moved successfully.
    C:\Windows\SysWOW64\sho8D9C.tmp => Moved successfully.
    C:\Program Files (x86)\Common Files\wruninstall.exe => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\Adobe GIF Format CC Prefs => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\Adobe PNG Format CC Prefs => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\hpmirrordriver.log => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\JP2K CS6 Prefs => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\LogFile.txt => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\mbam.context.scan => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\WBPU-TTL.DAT => Moved successfully.
    C:\Users\boydphoto\AppData\Local\Adobe Save for Web 13.0 Prefs => Moved successfully.
    C:\ProgramData\1412443876.1908.bin => Moved successfully.
    C:\ProgramData\1412443876.1940.bin => Moved successfully.
    C:\ProgramData\1412443876.2588.bin => Moved successfully.
    C:\ProgramData\1412443876.3536.bin => Moved successfully.
    C:\ProgramData\1412443876.4120.bin => Moved successfully.
    C:\ProgramData\1412443876.5856.bin => Moved successfully.
    C:\ProgramData\1412443876.7500.bin => Moved successfully.
    C:\ProgramData\1412444185.2568.bin => Moved successfully.
    C:\ProgramData\1412444185.2764.bin => Moved successfully.
    C:\ProgramData\1412444185.4156.bin => Moved successfully.
    C:\ProgramData\1412444185.4920.bin => Moved successfully.
    C:\ProgramData\1412444185.5376.bin => Moved successfully.
    C:\ProgramData\1412444185.6596.bin => Moved successfully.
    C:\ProgramData\1412444185.7672.bin => Moved successfully.
    C:\ProgramData\1427657079.bdinstall.bin => Moved successfully.
    C:\ProgramData\1427657381.bdinstall.bin => Moved successfully.
    C:\ProgramData\1431026595.bdinstall.bin => Moved successfully.
    C:\ProgramData\1431026597.bdinstall.bin => Moved successfully.
    C:\ProgramData\1431697585.bdinstall.bin => Moved successfully.
    C:\ProgramData\1431697587.bdinstall.bin => Moved successfully.
    C:\ProgramData\1431882409.bdinstall.bin => Moved successfully.
    C:\ProgramData\1431882412.bdinstall.bin => Moved successfully.
    C:\ProgramData\FS.dat => Moved successfully.
    C:\Users\boydphoto\AppData\Local\Temp\iv_uninstall.exe => Moved successfully.
    C:\Users\boydphoto\AppData\Local\Temp\ReimagePackage.exe => Moved successfully.
    C:\Users\boydphoto\AppData\Local\Temp\ReiSysUpdate.exe => Moved successfully.
    C:\Users\boydphoto\AppData\Local\Temp\sqlite3.exe => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0218C388-A90A-4E5A-A33B-9DDD1DE6201E}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0218C388-A90A-4E5A-A33B-9DDD1DE6201E}" => key Removed successfully
    C:\Windows\System32\Tasks\{A03E838D-B95C-4FBD-923C-71857392BED0} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A03E838D-B95C-4FBD-923C-71857392BED0}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05456CD6-187B-4C32-BCB5-42611988EB6B}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05456CD6-187B-4C32-BCB5-42611988EB6B}" => key Removed successfully
    C:\Windows\System32\Tasks\{D0C54F90-AA52-4CF3-ACF3-53E3F4A4881A} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D0C54F90-AA52-4CF3-ACF3-53E3F4A4881A}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C969156-90E2-4EE4-8C06-433E608B7766}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C969156-90E2-4EE4-8C06-433E608B7766}" => key Removed successfully
    C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\PC Tuneup" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14B0B669-61CF-425C-91C8-5F214F1BC366}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14B0B669-61CF-425C-91C8-5F214F1BC366}" => key Removed successfully
    C:\Windows\System32\Tasks\{7628D3B4-6D33-4EA0-AE81-1E0BAEE016A2} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7628D3B4-6D33-4EA0-AE81-1E0BAEE016A2}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15F42D34-E055-41BE-8463-1A03A9C363E2}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15F42D34-E055-41BE-8463-1A03A9C363E2}" => key Removed successfully
    C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\PC Health Analysis" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{34C29C07-A6D2-4D57-B83F-B3EC96572A9A}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34C29C07-A6D2-4D57-B83F-B3EC96572A9A}" => key Removed successfully
    C:\Windows\System32\Tasks\SpeedFixTool_Start => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedFixTool_Start" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36AB3174-358C-4CDE-832C-FBF80B9CA14B}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36AB3174-358C-4CDE-832C-FBF80B9CA14B}" => key Removed successfully
    C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key Removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A00B4D5-33ED-4FA1-A60A-E998FC94FFE3} => key not found.
    C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{421BFF3F-4F29-43C6-98DF-6E0DC213BD3D}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{421BFF3F-4F29-43C6-98DF-6E0DC213BD3D}" => key Removed successfully
    C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BC7AC7E-00CA-4C04-BA6B-5323BEE302BA}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BC7AC7E-00CA-4C04-BA6B-5323BEE302BA}" => key Removed successfully
    C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F637EC2-D78C-4D5C-8A54-AF5CCC9270E5}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F637EC2-D78C-4D5C-8A54-AF5CCC9270E5}" => key Removed successfully
    C:\Windows\System32\Tasks\{EAEA8864-C274-4939-8D81-781A2BA4B981} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EAEA8864-C274-4939-8D81-781A2BA4B981}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{51B2C21E-19CC-4E81-81E4-4E95794751A3}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51B2C21E-19CC-4E81-81E4-4E95794751A3}" => key Removed successfully
    C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51B40E57-4F0D-4EB8-BCD9-E1BD26F5FC7D}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51B40E57-4F0D-4EB8-BCD9-E1BD26F5FC7D}" => key Removed successfully
    C:\Windows\System32\Tasks\{9849761C-BD29-430D-AB54-8DDC4292510E} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9849761C-BD29-430D-AB54-8DDC4292510E}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5ABB0E33-27BA-42AA-8FD8-AFA2C352C74C}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ABB0E33-27BA-42AA-8FD8-AFA2C352C74C}" => key Removed successfully
    C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D8CDC48-EC20-4397-9C1B-90D8A9884201}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D8CDC48-EC20-4397-9C1B-90D8A9884201}" => key Removed successfully
    C:\Windows\System32\Tasks\{BE38BA6D-CDC3-4086-B75E-F0279E5771AF} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BE38BA6D-CDC3-4086-B75E-F0279E5771AF}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{866A7DAB-FA69-43BF-A463-A2154714306C}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{866A7DAB-FA69-43BF-A463-A2154714306C}" => key Removed successfully
    C:\Windows\System32\Tasks\SpeedFixTool_Popup => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedFixTool_Popup" => key Removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{877DD175-9512-432B-A865-E7142D269E33} => key not found.
    C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AFB02AC-C414-4D8E-B782-F06652EA0809}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AFB02AC-C414-4D8E-B782-F06652EA0809}" => key Removed successfully
    C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{909DC105-8771-4394-AB18-D955564A3F0E}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{909DC105-8771-4394-AB18-D955564A3F0E}" => key Removed successfully
    C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderDownloaderScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9E4E8B20-67B6-44BB-B2FF-84C8D7665327}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E4E8B20-67B6-44BB-B2FF-84C8D7665327}" => key Removed successfully
    C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Tweaking.com - Windows Repair Tray Icon" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A5E0D92C-438D-4842-A969-DC19AC8B8C93}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5E0D92C-438D-4842-A969-DC19AC8B8C93}" => key Removed successfully
    C:\Windows\System32\Tasks\Driver Support => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Support" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A72E77B1-D111-4B11-A7D4-DBE00E800141}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A72E77B1-D111-4B11-A7D4-DBE00E800141}" => key Removed successfully
    C:\Windows\System32\Tasks\MirageAgent => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MirageAgent" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ABCDB344-0373-422B-8916-7EAE00374E56}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ABCDB344-0373-422B-8916-7EAE00374E56}" => key Removed successfully
    C:\Windows\System32\Tasks\HPCeeScheduleForboydphoto => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForboydphoto" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AFC2490A-3987-48DD-98F6-07006D2C3261}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFC2490A-3987-48DD-98F6-07006D2C3261}" => key Removed successfully
    C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" => key Removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9654534-9DA5-4A18-B4C8-09F924BF3A39} => key not found.
    C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B97E94B6-AA8F-46E1-9A51-46BF4670515F}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B97E94B6-AA8F-46E1-9A51-46BF4670515F}" => key Removed successfully
    C:\Windows\System32\Tasks\{B46472DE-A4AC-4D1D-B742-728F70D89BF3} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B46472DE-A4AC-4D1D-B742-728F70D89BF3}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BA00542A-3A91-4711-873B-3D8108A87DF7}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA00542A-3A91-4711-873B-3D8108A87DF7}" => key Removed successfully
    C:\Windows\System32\Tasks\SpyHunter4Startup => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C26D6148-A451-4BBE-88D0-51D87786821E}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C26D6148-A451-4BBE-88D0-51D87786821E}" => key Removed successfully
    C:\Windows\System32\Tasks\Adobe Flash Player Updater => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C26EA670-0B2D-4EEE-AA0E-8823B5EFACD4}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C26EA670-0B2D-4EEE-AA0E-8823B5EFACD4}" => key Removed successfully
    C:\Windows\System32\Tasks\Registration => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Registration" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C345678D-1E09-4859-89C5-504981BA93DF}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C345678D-1E09-4859-89C5-504981BA93DF}" => key Removed successfully
    C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4F6725C-F93D-4663-9D59-5AEA8EE042DC}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4F6725C-F93D-4663-9D59-5AEA8EE042DC}" => key Removed successfully
    C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C93259E0-CD65-4AAD-967B-866A762015B2}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C93259E0-CD65-4AAD-967B-866A762015B2}" => key Removed successfully
    C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C945DA1F-E603-4AA1-A162-A8A96638DC08}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C945DA1F-E603-4AA1-A162-A8A96638DC08}" => key Removed successfully
    C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-boydphoto-HP-boydphoto => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-boydphoto-HP-boydphoto" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB1D4D93-95D2-4D56-91AE-D47F9D5BEB25}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB1D4D93-95D2-4D56-91AE-D47F9D5BEB25}" => key Removed successfully
    C:\Windows\System32\Tasks\{6668533C-BC91-4F09-9377-04669932BA50} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6668533C-BC91-4F09-9377-04669932BA50}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D2A0200D-25BD-4BF1-992B-6AA6E49DBD82}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2A0200D-25BD-4BF1-992B-6AA6E49DBD82}" => key Removed successfully
    C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC73E6A7-1BF0-4161-BB58-B45168B57A88}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC73E6A7-1BF0-4161-BB58-B45168B57A88}" => key Removed successfully
    C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\Update Check" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4B205CB-AA53-481F-802B-1161E45CE050}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4B205CB-AA53-481F-802B-1161E45CE050}" => key Removed successfully
    C:\Windows\System32\Tasks\{7737ABDE-D23F-4066-8C14-2DE8EAEA1D05} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7737ABDE-D23F-4066-8C14-2DE8EAEA1D05}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E52882F5-A7E3-445E-8BCA-947BD78B93AD}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E52882F5-A7E3-445E-8BCA-947BD78B93AD}" => key Removed successfully
     
  12. boydphoto

    boydphoto Thread Starter

    Joined:
    Nov 25, 2005
    Messages:
    641
    First Name:
    boyd
    \\NoRunasInstallPrompt => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispAppearancePage => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispSettingsPage => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value Removed successfully
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value Removed successfully
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key Removed successfully
    HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => Moved successfully.
    C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe => Moved successfully.
    "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully
    "HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully
    "HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully
    HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value restored successfully
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value restored successfully
    HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value restored successfully
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value restored successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value Removed successfully
    HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
    HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
    HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
    "HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => key Removed successfully
    HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}" => key Removed successfully
    HKCR\CLSID\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} => key not found.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => key Removed successfully
    "HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => key Removed successfully
    Firefox homepage Removed successfully
    C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => Moved successfully.
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => value Removed successfully
    McComponentHostService => Service Removed successfully
    AvastVBoxSvc => Service Removed successfully
    cpuz134 => Service Removed successfully
    C:\Program Files\McAfee Security Scan => Moved successfully.
    C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk => Moved successfully.
    C:\ProgramData\McAfee Security Scan => Moved successfully.
    C:\Windows\SysWOW64\sho8D9C.tmp => Moved successfully.
    C:\Program Files (x86)\Common Files\wruninstall.exe => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\Adobe GIF Format CC Prefs => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\Adobe PNG Format CC Prefs => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\hpmirrordriver.log => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\JP2K CS6 Prefs => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\LogFile.txt => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\mbam.context.scan => Moved successfully.
    C:\Users\boydphoto\AppData\Roaming\WBPU-TTL.DAT => Moved successfully.
    C:\Users\boydphoto\AppData\Local\Adobe Save for Web 13.0 Prefs => Moved successfully.
    C:\ProgramData\1412443876.1908.bin => Moved successfully.
    C:\ProgramData\1412443876.1940.bin => Moved successfully.
    C:\ProgramData\1412443876.2588.bin => Moved successfully.
    C:\ProgramData\1412443876.3536.bin => Moved successfully.
    C:\ProgramData\1412443876.4120.bin => Moved successfully.
    C:\ProgramData\1412443876.5856.bin => Moved successfully.
    C:\ProgramData\1412443876.7500.bin => Moved successfully.
    C:\ProgramData\1412444185.2568.bin => Moved successfully.
    C:\ProgramData\1412444185.2764.bin => Moved successfully.
    C:\ProgramData\1412444185.4156.bin => Moved successfully.
    C:\ProgramData\1412444185.4920.bin => Moved successfully.
    C:\ProgramData\1412444185.5376.bin => Moved successfully.
    C:\ProgramData\1412444185.6596.bin => Moved successfully.
    C:\ProgramData\1412444185.7672.bin => Moved successfully.
    C:\ProgramData\1427657079.bdinstall.bin => Moved successfully.
    C:\ProgramData\1427657381.bdinstall.bin => Moved successfully.
    C:\ProgramData\1431026595.bdinstall.bin => Moved successfully.
    C:\ProgramData\1431026597.bdinstall.bin => Moved successfully.
    C:\ProgramData\1431697585.bdinstall.bin => Moved successfully.
    C:\ProgramData\1431697587.bdinstall.bin => Moved successfully.
    C:\ProgramData\1431882409.bdinstall.bin => Moved successfully.
    C:\ProgramData\1431882412.bdinstall.bin => Moved successfully.
    C:\ProgramData\FS.dat => Moved successfully.
    C:\Users\boydphoto\AppData\Local\Temp\iv_uninstall.exe => Moved successfully.
    C:\Users\boydphoto\AppData\Local\Temp\ReimagePackage.exe => Moved successfully.
    C:\Users\boydphoto\AppData\Local\Temp\ReiSysUpdate.exe => Moved successfully.
    C:\Users\boydphoto\AppData\Local\Temp\sqlite3.exe => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0218C388-A90A-4E5A-A33B-9DDD1DE6201E}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0218C388-A90A-4E5A-A33B-9DDD1DE6201E}" => key Removed successfully
    C:\Windows\System32\Tasks\{A03E838D-B95C-4FBD-923C-71857392BED0} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A03E838D-B95C-4FBD-923C-71857392BED0}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05456CD6-187B-4C32-BCB5-42611988EB6B}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05456CD6-187B-4C32-BCB5-42611988EB6B}" => key Removed successfully
    C:\Windows\System32\Tasks\{D0C54F90-AA52-4CF3-ACF3-53E3F4A4881A} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D0C54F90-AA52-4CF3-ACF3-53E3F4A4881A}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C969156-90E2-4EE4-8C06-433E608B7766}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C969156-90E2-4EE4-8C06-433E608B7766}" => key Removed successfully
    C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\PC Tuneup" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14B0B669-61CF-425C-91C8-5F214F1BC366}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14B0B669-61CF-425C-91C8-5F214F1BC366}" => key Removed successfully
    C:\Windows\System32\Tasks\{7628D3B4-6D33-4EA0-AE81-1E0BAEE016A2} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7628D3B4-6D33-4EA0-AE81-1E0BAEE016A2}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15F42D34-E055-41BE-8463-1A03A9C363E2}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15F42D34-E055-41BE-8463-1A03A9C363E2}" => key Removed successfully
    C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\PC Health Analysis" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{34C29C07-A6D2-4D57-B83F-B3EC96572A9A}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34C29C07-A6D2-4D57-B83F-B3EC96572A9A}" => key Removed successfully
    C:\Windows\System32\Tasks\SpeedFixTool_Start => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedFixTool_Start" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36AB3174-358C-4CDE-832C-FBF80B9CA14B}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36AB3174-358C-4CDE-832C-FBF80B9CA14B}" => key Removed successfully
    C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key Removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A00B4D5-33ED-4FA1-A60A-E998FC94FFE3} => key not found.
    C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{421BFF3F-4F29-43C6-98DF-6E0DC213BD3D}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{421BFF3F-4F29-43C6-98DF-6E0DC213BD3D}" => key Removed successfully
    C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BC7AC7E-00CA-4C04-BA6B-5323BEE302BA}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BC7AC7E-00CA-4C04-BA6B-5323BEE302BA}" => key Removed successfully
    C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F637EC2-D78C-4D5C-8A54-AF5CCC9270E5}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F637EC2-D78C-4D5C-8A54-AF5CCC9270E5}" => key Removed successfully
    C:\Windows\System32\Tasks\{EAEA8864-C274-4939-8D81-781A2BA4B981} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EAEA8864-C274-4939-8D81-781A2BA4B981}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{51B2C21E-19CC-4E81-81E4-4E95794751A3}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51B2C21E-19CC-4E81-81E4-4E95794751A3}" => key Removed successfully
    C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51B40E57-4F0D-4EB8-BCD9-E1BD26F5FC7D}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51B40E57-4F0D-4EB8-BCD9-E1BD26F5FC7D}" => key Removed successfully
    C:\Windows\System32\Tasks\{9849761C-BD29-430D-AB54-8DDC4292510E} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9849761C-BD29-430D-AB54-8DDC4292510E}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5ABB0E33-27BA-42AA-8FD8-AFA2C352C74C}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ABB0E33-27BA-42AA-8FD8-AFA2C352C74C}" => key Removed successfully
    C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D8CDC48-EC20-4397-9C1B-90D8A9884201}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D8CDC48-EC20-4397-9C1B-90D8A9884201}" => key Removed successfully
    C:\Windows\System32\Tasks\{BE38BA6D-CDC3-4086-B75E-F0279E5771AF} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BE38BA6D-CDC3-4086-B75E-F0279E5771AF}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{866A7DAB-FA69-43BF-A463-A2154714306C}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{866A7DAB-FA69-43BF-A463-A2154714306C}" => key Removed successfully
    C:\Windows\System32\Tasks\SpeedFixTool_Popup => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedFixTool_Popup" => key Removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{877DD175-9512-432B-A865-E7142D269E33} => key not found.
    C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AFB02AC-C414-4D8E-B782-F06652EA0809}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AFB02AC-C414-4D8E-B782-F06652EA0809}" => key Removed successfully
    C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{909DC105-8771-4394-AB18-D955564A3F0E}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{909DC105-8771-4394-AB18-D955564A3F0E}" => key Removed successfully
    C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderDownloaderScheduledTaskS-1-5-21-1479091243-4294284354-2124732490-1000" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9E4E8B20-67B6-44BB-B2FF-84C8D7665327}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E4E8B20-67B6-44BB-B2FF-84C8D7665327}" => key Removed successfully
    C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Tweaking.com - Windows Repair Tray Icon" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A5E0D92C-438D-4842-A969-DC19AC8B8C93}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5E0D92C-438D-4842-A969-DC19AC8B8C93}" => key Removed successfully
    C:\Windows\System32\Tasks\Driver Support => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Support" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A72E77B1-D111-4B11-A7D4-DBE00E800141}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A72E77B1-D111-4B11-A7D4-DBE00E800141}" => key Removed successfully
    C:\Windows\System32\Tasks\MirageAgent => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MirageAgent" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ABCDB344-0373-422B-8916-7EAE00374E56}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ABCDB344-0373-422B-8916-7EAE00374E56}" => key Removed successfully
    C:\Windows\System32\Tasks\HPCeeScheduleForboydphoto => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForboydphoto" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AFC2490A-3987-48DD-98F6-07006D2C3261}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFC2490A-3987-48DD-98F6-07006D2C3261}" => key Removed successfully
    C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" => key Removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9654534-9DA5-4A18-B4C8-09F924BF3A39} => key not found.
    C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B97E94B6-AA8F-46E1-9A51-46BF4670515F}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B97E94B6-AA8F-46E1-9A51-46BF4670515F}" => key Removed successfully
    C:\Windows\System32\Tasks\{B46472DE-A4AC-4D1D-B742-728F70D89BF3} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B46472DE-A4AC-4D1D-B742-728F70D89BF3}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BA00542A-3A91-4711-873B-3D8108A87DF7}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA00542A-3A91-4711-873B-3D8108A87DF7}" => key Removed successfully
    C:\Windows\System32\Tasks\SpyHunter4Startup => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C26D6148-A451-4BBE-88D0-51D87786821E}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C26D6148-A451-4BBE-88D0-51D87786821E}" => key Removed successfully
    C:\Windows\System32\Tasks\Adobe Flash Player Updater => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C26EA670-0B2D-4EEE-AA0E-8823B5EFACD4}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C26EA670-0B2D-4EEE-AA0E-8823B5EFACD4}" => key Removed successfully
    C:\Windows\System32\Tasks\Registration => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Registration" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C345678D-1E09-4859-89C5-504981BA93DF}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C345678D-1E09-4859-89C5-504981BA93DF}" => key Removed successfully
    C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4F6725C-F93D-4663-9D59-5AEA8EE042DC}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4F6725C-F93D-4663-9D59-5AEA8EE042DC}" => key Removed successfully
    C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C93259E0-CD65-4AAD-967B-866A762015B2}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C93259E0-CD65-4AAD-967B-866A762015B2}" => key Removed successfully
    C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C945DA1F-E603-4AA1-A162-A8A96638DC08}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C945DA1F-E603-4AA1-A162-A8A96638DC08}" => key Removed successfully
    C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-boydphoto-HP-boydphoto => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-boydphoto-HP-boydphoto" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB1D4D93-95D2-4D56-91AE-D47F9D5BEB25}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB1D4D93-95D2-4D56-91AE-D47F9D5BEB25}" => key Removed successfully
    C:\Windows\System32\Tasks\{6668533C-BC91-4F09-9377-04669932BA50} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6668533C-BC91-4F09-9377-04669932BA50}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D2A0200D-25BD-4BF1-992B-6AA6E49DBD82}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2A0200D-25BD-4BF1-992B-6AA6E49DBD82}" => key Removed successfully
    C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC73E6A7-1BF0-4161-BB58-B45168B57A88}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC73E6A7-1BF0-4161-BB58-B45168B57A88}" => key Removed successfully
    C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\Update Check" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4B205CB-AA53-481F-802B-1161E45CE050}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4B205CB-AA53-481F-802B-1161E45CE050}" => key Removed successfully
    C:\Windows\System32\Tasks\{7737ABDE-D23F-4066-8C14-2DE8EAEA1D05} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7737ABDE-D23F-4066-8C14-2DE8EAEA1D05}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E52882F5-A7E3-445E-8BCA-947BD78B93AD}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E52882F5-A7E3-445E-8BCA-947BD78B93AD}" => key Removed successfully
    C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key Removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA2A8EFC-70B3-4796-BF27-DA014B162195} => key not found.
    C:\Windows\System32\Tasks\RealDownloader Update Check not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloader Update Check => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC3CA254-5D20-4F99-AF08-2063F800D1FE}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC3CA254-5D20-4F99-AF08-2063F800D1FE}" => key Removed successfully
    C:\Windows\System32\Tasks\{FB19F2CA-7258-4905-90B7-AD079C603625} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FB19F2CA-7258-4905-90B7-AD079C603625}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F6878535-6E51-42CC-ABF2-473E09AF1408}" => key Removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6878535-6E51-42CC-ABF2-473E09AF1408}" => key Removed successfully
    C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealUpgradeLogonTaskS-1-5-21-1479091243-4294284354-2124732490-1000" => key Removed successfully
    C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
    C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
    C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d091bae6a9367a.job => Moved successfully.
    C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
    C:\Windows\Tasks\HPCeeScheduleForboydphoto.job => Moved successfully.
    C:\ProgramData\Temp => ":5C321E34" ADS Removed successfully.
    C:\Users\boydphoto\Desktop\39D901EB-000015C4.eml => ":OECustomProperty" ADS Removed successfully.
    C:\Users\boydphoto\Desktop\57EA104B-00000A19.eml => ":OECustomProperty" ADS Removed successfully.
    C:\Users\boydphoto\Desktop\57EA104B-00000A19.eml => ":OEStandardProperty" ADS Removed successfully.
    C:\Users\boydphoto\Desktop\6E4256A8-000011DF.eml => ":OECustomProperty" ADS Removed successfully.
    C:\Users\boydphoto\Desktop\6E4256A8-000011DF.eml => ":OEStandardProperty" ADS Removed successfully.
    C:\Users\boydphoto\Desktop\FRST64.exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Desktop\SysInfo.exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\adwcleaner_4.202(1).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\adwcleaner_4.202.exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\dsb-deluxe-bing_full965.exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\FreeSlideshowMaker.exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\FreeYouTubeToMP3Converter.exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\GoToWebinar Launcher(1).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\irfanview_plugins_438_setup.exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\iview438_setup.exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\mbam-setup-2.1.6.1022(1).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\mbam-setup-2.1.6.1022(2).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\mbam-setup-2.1.6.1022.exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\ReimageRepair.exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\SUPERAntiSpyware(3).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\SysInfo(8).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\TFC.exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\tweaking.com_windows_repair_aio_setup(1).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\tweaking.com_windows_repair_aio_setup(2).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\tweaking.com_windows_repair_aio_setup.exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\uninstall_flash_player(1).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\wlsetup-web(1).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\wlsetup-web(2).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\wlsetup-web(3).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\wlsetup-web(4).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\wlsetup-web(5).exe => ":BDU" ADS Removed successfully.
    C:\Users\boydphoto\Downloads\WLXPhotoBase.dll => ":BDU" ADS Removed successfully.
    "C:\Users\boydphoto\AppData\Local\Temporary Internet Files" => ":BDnat5SZojSNgUczR6WdYE" ADS not found.
    "HKU\S-1-5-19\Software\Classes\exefile" => key Removed successfully
    "HKU\S-1-5-20\Software\Classes\exefile" => key Removed successfully
    "HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\driversupport.com" => key Removed successfully
    HKU\S-1-5-21-1479091243-4294284354-2124732490-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\driversupport.com => key not found.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A3C164A-4FCA-412C-AC01-CAD2C8FCB6C9} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17739C6A-5898-4C44-B208-54F6DB4C1106} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{038CD6D4-AB00-41CB-8ADA-FBA8E24365B4} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{46A2F8AC-2058-42AF-A1C1-460E9400EE31} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{53A23AD9-E4B9-40E0-AF87-A00634AD0242} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{05980EBE-CDAF-4086-833F-F9B0BFE9B401} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4090595D-98FB-48F9-935D-9C8A424E0C36} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4544FA72-2587-4B8F-8468-2B66A4CCE11A} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5D5F9967-13AB-451B-AD93-64E05AA4E7BB} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{622FBB18-25DA-4868-98F3-50CC3356A66D}C:\program files (x86)\real\realplayer\realplay.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CB99F69D-C9D9-4C1A-AB43-069E32BA2586}C:\program files (x86)\real\realplayer\realplay.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E801AC1D-01A9-4834-986D-6FDF46C66A58}C:\program files (x86)\mozilla firefox\plugin-container.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E5732C31-B0E5-45E5-8C48-A631B44ACF4E}C:\program files (x86)\mozilla firefox\plugin-container.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5942E980-F60E-4C48-A92A-D0E63831E2EE}C:\program files\onone software\perfect effects 4\perfect effects 4.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D0ED210A-3521-4ABC-975B-C3E178ABAF16}C:\program files\onone software\perfect effects 4\perfect effects 4.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{88E4D60D-EF59-4074-B71E-A2172E9B80A1} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{168807B4-D6C0-4B0A-8C14-3C36E25FC071} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FDA7670E-BFFE-4DBF-AF8B-8D4F0377E3C8} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1C50872A-E8C0-4ED8-B844-274CBE5BF9FF} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{668541D5-E5F3-441C-BA6C-CE6FD7DA389F} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{325A7840-74EA-4948-ADBB-830946DABD60}C:\program files (x86)\flashget\flashget.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{29FCC96E-EB0F-4EF7-8432-FBCF3F9E349F}C:\program files (x86)\flashget\flashget.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{260074C8-EC46-4F14-88D6-AB027FD9C672}C:\program files (x86)\flashget\flashget.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{19474440-8BC0-42C7-BE69-49E7F42C8DCE}C:\program files (x86)\flashget\flashget.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B1FF2DFC-C12A-49CF-AC38-FCC08EE1DC10} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96574277-25DA-4182-9E09-262E749359BF} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CC5C9C2A-B223-40E4-A75A-72DB420A5FB0} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D66E6572-4FE4-488A-BEF6-587AC3BDFDBD} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45903E45-D00D-41D4-B1DD-E61C94DF737B} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A9B0DA87-0214-4C80-A886-51D5F84E3A1F} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{98D197AA-EEDC-4A50-988B-44DAD1DF9E6E} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A0A199C-00B2-45BB-B0CA-13CC3FF34897} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B97259E5-6104-4E23-BC19-A34FD4E2AB3C} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{94A1C87D-5F9B-45D3-8143-EDDACD5F3C74} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B95994D6-4FD5-4C5B-B07B-F5D37E368A2B} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{13F87826-AB8A-4C80-A9E7-C35096608743} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EED063C0-AAF2-494E-BD5C-ECF271E4488C} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{42EE6217-9B0F-4724-8C2B-C561D4FBD44B} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{69C492FB-E69E-465B-ABB2-C401628C9E58}C:\users\boydphoto\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_instantchat.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{33750813-0A55-41B5-955F-2437DCACDACC}C:\users\boydphoto\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_instantchat.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D5360516-329D-4FCA-9053-31B6D522C5AB}C:\program files\onone software\perfect effects 8\perfect effects 8.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8CF76B82-A43F-46C0-9285-1EC0093C74AF}C:\program files\onone software\perfect effects 8\perfect effects 8.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{096E14B5-9AA2-4E24-A25E-BCAA1AC033DE} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF719DBB-DDE1-4DD1-A3A0-F9F4548BA14A} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9F151E2-3F52-4D39-A86A-ACAB84D493DE} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5394026D-E729-4C36-BA7A-BC1CF54C6101} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DD041CE0-1868-4FCB-BAEE-413319B8707D} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{82867BD1-7E2B-46B6-A6BE-BA690C4C7566} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{844BBE42-FA01-421A-8B7D-E7970706BF3C} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CD300384-BE24-45B1-B49C-FE79E9523EDB}C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A7867129-7402-4079-9D88-8CF9EE74125F}C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9C2B9D24-1E5D-43A7-BD2C-177E35B06CED}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4C2A5D8D-30D3-4161-A038-917DD98B1107}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{635F9AEF-3205-4291-B60A-E22D599CA9F8}C:\users\boydphoto\appdata\roaming\dropbox\bin\dropbox.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{86F2A48B-81BA-4CBF-8954-1C5FF04F0788}C:\users\boydphoto\appdata\roaming\dropbox\bin\dropbox.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{38240D7F-E21C-4254-A023-755C20E3A9A1} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{81F284E7-7EF6-49B9-AFF9-B70197243A53} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D632C67-E993-4BFE-B243-099CD4D3CA0B} => Value not found.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6E52D93B-3254-4EA8-96D9-9A13B03A7042} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{842CFD74-CE31-4CA2-BACC-5F9E2C97EA9F} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2608FD50-8360-4E84-8C87-568DA19E60F7} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E557A38-AAA3-48EF-A6F2-6268C5513EB7} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8ACB3B77-5F72-40C1-95F8-0478231BB85A}C:\program files (x86)\freetime\formatfactory\formatfactory.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{37457A1D-1369-4717-9895-1D5AB5176B1C}C:\program files (x86)\freetime\formatfactory\formatfactory.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B13D840B-9CD8-42EA-A263-DF096EC77343}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AEFF748D-32C7-43AB-AAF3-2744FDFDC023}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DA55AB9C-79AD-487A-B68D-307E83115DFC}C:\program files (x86)\mozilla firefox\firefox.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D790D833-4B0A-48F0-A682-6505465942C2}C:\program files (x86)\mozilla firefox\firefox.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4C5B932-E431-4140-A9E8-86256D65FC24} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BE119236-FA2D-47FF-A487-C788DA797659} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1CD84F8D-0382-4CFB-8D53-17B86CC3473A}C:\program files\onone software\perfect effects 8\perfect effects 8.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6097BFB0-5753-4226-95BC-CCBF2C2A9457}C:\program files\onone software\perfect effects 8\perfect effects 8.exe => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D326C321-56B6-4D04-B398-17F72F8A5668} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A3D6537-21E2-4FB4-9FB1-8B3493129592} => value Removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe => Value not found.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe => Value not found.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe => Value not found.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe => Value not found.

    ==== End of Fixlog 15:54:44 ====
     
  13. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    How is the computer doing?
     
  14. boydphoto

    boydphoto Thread Starter

    Joined:
    Nov 25, 2005
    Messages:
    641
    First Name:
    boyd
    Mostly good, JS. but I'm still having trouble pasting some things. When I right-click, the word, "paste", doesn't always appear.
     
  15. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Lets try the System File Checker.

    Open an administrator Command prompt (Click on Start, type CMD on search and press CRTL+SHIFT+Enter to obtain an administrator command prompt). At the prompt type the following and press Enter:

    SFC /ScanNow

    Wait until it completes 100% of the process. See If files needed to be fixed. Restart the computer and attempt the Copy and Paste.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1148676

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice