br3wskee

Command prompts keep popping up. Puter running slower and slower. Cant open certain programs like Google chrome.

I dont know anything about hacks. Is there someway i can take whatever is "hacked" off my computer?

attached file FRST notepad.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-01-2015 Ran by User (2016-01-08 14:01:00) Running from C:\Users\User\Downloads Windows 10 Home (X64) (2015-12-16 09:49:29) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-162144670-2588058485-1568270811-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-162144670-2588058485-1568270811-503 - Limited - Disabled) Guest (S-1-5-21-162144670-2588058485-1568270811-501 - Limited - Disabled) => C:\Users\Guest HomeGroupUser$ (S-1-5-21-162144670-2588058485-1568270811-1002 - Limited - Enabled) User (S-1-5-21-162144670-2588058485-1568270811-1000 - Administrator - Enabled) => C:\Users\User ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{B7908254-D208-7C46-8201-7EBC1BFF8D12}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AnyMeeting (HKLM-x32\...\{4DF71428-E2A8-4FED-8D67-B37D706D008F}) (Version: 3.1.0 - AnyMeeting, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) Citrix Online Launcher (HKLM-x32\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix) Forex Broker Inc MT4 Client Terminal (HKLM-x32\...\Forex Broker Inc MT4 Client Terminal) (Version: 4.00 - MetaQuotes Software Corp.) FXCM Trading Station (HKLM-x32\...\FXCM Trading Station) (Version: 030615 - ) FXCM Trading Station (x32 Version: 030615 - FXCM) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden GoToMeeting 7.8.1.4190 (HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\GoToMeeting) (Version: 7.8.1.4190 - CitrixOnline) Gpg4win (2.3.0) (HKLM-x32\...\GPG4Win) (Version: 2.3.0 - The Gpg4win Project) HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.) iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation) LogMeIn (HKLM-x32\...\{A8E20B99-B1A2-4FC0-B38A-A255033D339A}) (Version: 4.1.5022 - LogMeIn, Inc.) LogMeIn Client (HKLM-x32\...\{D2300C4F-CC9B-4D00-BC53-B4C806A6C7AB}) (Version: 1.3.1675 - LogMeIn, Inc.) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.) QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.) Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.0 - Samsung) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics) Screen Recorder Launcher (HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\ScreenRecorderLauncher) (Version: 1.7 - ) Screencast-O-Matic v2.0 (HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\Screencast-O-Matic v2.0) (Version: v2-1.8 - Screencast-O-Matic) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.) SteelSeries Engine 3.3.0 (HKLM\...\SteelSeries Engine 3) (Version: 3.3.0 - SteelSeries ApS) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer) thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc) TP-LINK TL-WDN3800 Driver (HKLM-x32\...\{D2FAC054-7623-436B-9239-E4C8E752FA14}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Traders Way MetaTrader 4 (HKLM-x32\...\Traders Way MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.) VirtualDJ 8 (HKLM-x32\...\{F7A68F9D-BBF0-48FF-B138-2EFB5165638C}) (Version: 8.0.2048.0 - Atomix Productions) WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-162144670-2588058485-1568270811-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-162144670-2588058485-1568270811-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\User\AppData\Local\Citrix\GoToMeeting\4190\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01EF5829-6A5C-448A-9C12-90EBB4A0E144} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-12-01] (Apple Inc.) Task: {02FBCEA2-51C6-4014-9763-465CA800CB0F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {0585FD3F-85F4-4500-95B4-66E559D84E77} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {05DBFB74-8577-4704-9C8B-CDD9E3B47083} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {0F46D3D7-6878-4830-BEE4-39371A58A16B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {122ACAB0-75B0-49D5-B14A-551FAC191197} - System32\Tasks\G2MUploadTask-S-1-5-21-162144670-2588058485-1568270811-1000 => C:\Users\User\AppData\Local\Citrix\GoToMeeting\4190\g2mupload.exe [2016-01-05] (Citrix Online, a division of Citrix Systems, Inc.) Task: {16A504E1-C9A2-40B8-8FB9-5A9EA9C924F0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {177151F7-D80F-4756-9E83-CFF87D8A86E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {19F77EA4-8E69-493D-B2B6-DD8058CA2E33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {1EE6D5C5-C4F3-4496-AE96-6A051CDB6851} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {266C130D-84D7-481D-A7A9-80A80E3455ED} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {2B637725-33DC-4EE4-B321-3564E93A05D2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated) Task: {2DE519D2-CD8F-40A9-906A-79A60375F435} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {2F9C9C25-DD28-4D5B-93BA-A3EE48CC02F1} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {45AE8AA4-DCA6-4244-AD1F-8AE0D1F8DD39} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {50E99C6C-D31F-4D9F-AB6F-F7EA8D90DB93} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {51A00EF2-B082-4A8E-8254-E09CE7EFCF68} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation) Task: {557522BF-21C8-43A4-AAE9-B8F683DF0020} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {5A64F481-3108-476D-9F77-36CD5948463D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {5CDCDBB3-072F-4BB4-857F-AD08EE30DC29} - System32\Tasks\ASUS UEFI => C:\Program Files (x86)\ASUS\UEFI\ASUS UEFI.exe Task: {625A4CCD-F705-49F6-B744-B1093F7A59C4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {68DFB54E-075E-4007-9E84-E95EE74EBBA7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {699F82AD-F055-48CC-A89C-3A4E05990020} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {6E0214EB-A744-42E5-884A-7F798A6C56E3} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated) Task: {71532917-6DCA-413C-95C0-5DB4838AF341} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {7300ADB3-B5AF-433D-8DDA-5EE477C8B72B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {76877072-F895-4EF2-B3BE-E3443C54E5EC} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.) Task: {769CDD80-D8DD-4E11-9A3C-44E1F306A27F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {7D769A54-F8D0-46AD-9845-DDFA2854A918} - System32\Tasks\G2MUpdateTask-S-1-5-21-162144670-2588058485-1568270811-1000 => C:\Users\User\AppData\Local\Citrix\GoToMeeting\4190\g2mupdate.exe [2016-01-05] (Citrix Online, a division of Citrix Systems, Inc.) Task: {80C38757-4D4B-46E7-9A99-910FED232D78} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {84F98A9B-487F-4826-8BE8-A7643451C8A0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {85A9BEC5-6473-4FAE-A502-8F18A91D05C3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {9829E736-A4A1-48A2-801F-DE66886A1613} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {9C2071DC-425D-4851-8C74-1E49BB21846D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {A1F2383F-255E-4813-B57E-739217518184} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {B5798F9F-C205-46A7-87FF-42F12305EE1A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {C0D4E163-6AF5-4268-9452-55A108B7565E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {C12B8B0D-238B-48ED-810B-C49BC21AE558} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {C79C5080-0073-4CFD-B367-835DA0E0BDCA} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {CA78FB6C-D8D7-45C1-A641-8D2F70FBFF64} - System32\Tasks\{FE2C1352-A693-4347-B931-40938ED56C7B} => pcalua.exe -a "C:\Users\User\Downloads\chromeinstall-8u25 (1).exe" -d C:\Users\User\Downloads Task: {CD09EB21-4522-4D0D-9224-89F89E427995} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {D57DBEFC-C7A3-4DF8-B707-F22D6661950E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {D700B2DF-38CE-4A65-BDFF-C8828765EF2E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {D87C2B8B-25EA-4BF7-8839-2A1E4FCB6372} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {EDA26DAF-379B-4463-AA53-355BA2EEB76E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {F0ADD373-D6B7-4BDF-90C1-972FBAFC7BC4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {F792BAA6-074D-42D8-BCF8-979521F233BB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {FA72A218-59E6-4981-A6C3-BDA582B9492F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-162144670-2588058485-1568270811-1000.job => C:\Users\User\AppData\Local\Citrix\GoToMeeting\4190\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-162144670-2588058485-1568270811-1000.job => C:\Users\User\AppData\Local\Citrix\GoToMeeting\4190\g2mupload.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 01:18 - 2015-10-30 01:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-08-21 22:09 - 2015-08-21 22:09 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2015-08-21 22:09 - 2015-08-21 22:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-12-16 05:38 - 2015-12-16 05:38 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-16 05:38 - 2015-12-16 05:38 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2015-12-18 07:33 - 2015-12-06 22:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 07:33 - 2015-12-06 22:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2014-10-30 15:45 - 2014-10-30 15:45 - 17542656 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe 2015-12-17 04:14 - 2015-12-17 04:15 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-18 07:33 - 2015-12-06 21:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-12-18 07:33 - 2015-12-06 21:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-12-18 07:33 - 2015-12-06 21:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-12-18 07:33 - 2015-12-06 21:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-12-15 06:10 - 2015-12-15 06:11 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2015-12-15 06:10 - 2015-12-15 06:11 - 11542016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2015-11-20 07:59 - 2015-11-20 08:00 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-11-06 17:12 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll 2015-12-16 15:19 - 2015-12-10 21:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll 2015-12-16 15:19 - 2015-12-10 21:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll 2015-12-17 04:14 - 2015-12-17 04:15 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2015-12-17 04:14 - 2015-12-17 04:15 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-12-24 12:24 - 2015-12-24 07:46 - 16792256 _____ () C:\Users\User\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 20:34 - 2015-04-12 09:08 - 00001028 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-162144670-2588058485-1568270811-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Pictures\hack wallpaper.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: lfsvc => 3 HKLM\...\StartupApproved\StartupFolder: => "TP-LINK Wireless Configuration Utility.lnk" HKLM\...\StartupApproved\Run: => "LogMeIn GUI" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\StartupFolder: => "AnyMeeting.lnk" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\Run: => "Jing" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\Run: => "Screencast-O-Matic Tray" HKU\S-1-5-21-162144670-2588058485-1568270811-1000\...\StartupApproved\Run: => "GoToMeeting" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{2318E79C-6382-4168-B7FB-CA6017F29C14}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{75D42E66-3311-44B9-B4FC-DECEE3D39C6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{71A1FAE0-565E-490C-8E32-5D137AB69FD8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{B1368E8D-E7D1-4F66-BF77-543C8FC8AB1C}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6986F691-AB7B-4693-AA39-9BFD40605FCE}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{26D32993-2A76-4A09-9A22-52E953289071}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{1610BFB8-409A-423D-9203-4C9D065CB1A0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{E65561AC-2481-4E89-9C91-EECA21B82CEA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{32DB10C1-F9DC-4156-89F0-540B0CBC3109}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{2ECA3D8A-55B7-4E77-855A-AD4B3CE37FEF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{C244891D-539B-4956-9C49-7A79C073BD4C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A51EDABA-79D0-4A9C-BBFE-B2A12020AC8E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{E4CCBA40-D03D-46B9-9869-EBC99BC29A9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{4E6FF56F-1538-49A3-978E-2760BE2E9785}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{5FA6E094-43F1-4D29-BBEC-9FF34F9E55C9}] => (Allow) LPort=5353 FirewallRules: [{E1F5D728-5DCA-4E41-8B7C-0D829D117719}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe FirewallRules: [{F897B794-7EFF-4669-8012-62B36EDB5EB4}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe FirewallRules: [{25A377FF-ECE7-4721-964E-6FB7D9E51DBF}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{EDEA64A4-C0DF-48B7-BD2A-495AFA8CC873}] => (Allow) LPort=9322 FirewallRules: [{67BD3C90-BAB1-445A-890C-28ED8475FD3B}] => (Allow) LPort=5353 ==================== Restore Points ========================= 05-01-2016 17:23:07 Windows Update ==================== Faulty Device Manager Devices ============= Name: Unknown USB Device (Device Descriptor Request Failed) Description: Unknown USB Device (Device Descriptor Request Failed) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors: ================== Error: (01/08/2016 12:36:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: utorrentie.exe, version: 1.0.0.41372, time stamp: 0x564b8ce9 Faulting module name: Flash.ocx, version: 20.0.0.272, time stamp: 0x56870c97 Exception code: 0xc0000005 Fault offset: 0x00356e7b Faulting process id: 0x2198 Faulting application start time: 0xutorrentie.exe0 Faulting application path: utorrentie.exe1 Faulting module path: utorrentie.exe2 Report Id: utorrentie.exe3 Faulting package full name: utorrentie.exe4 Faulting package-relative application ID: utorrentie.exe5 Error: (01/07/2016 01:46:21 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6390 Error: (01/07/2016 01:46:21 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6390 Error: (01/07/2016 01:46:21 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/07/2016 01:46:20 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4765 Error: (01/07/2016 01:46:20 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4765 Error: (01/07/2016 01:46:20 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/07/2016 01:46:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3171 Error: (01/07/2016 01:46:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3171 Error: (01/07/2016 01:46:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (01/07/2016 11:54:39 AM) (Source: DCOM) (EventID: 10016) (User: User-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-162144670-2588058485-1568270811-1000LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (01/07/2016 11:54:39 AM) (Source: DCOM) (EventID: 10016) (User: User-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-162144670-2588058485-1568270811-1000LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (01/07/2016 10:24:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: %%1058 Error: (01/07/2016 10:23:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_8ce24 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (01/07/2016 10:06:20 AM) (Source: DCOM) (EventID: 10016) (User: User-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-162144670-2588058485-1568270811-1000LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (01/07/2016 10:06:20 AM) (Source: DCOM) (EventID: 10016) (User: User-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}User-PCUserS-1-5-21-162144670-2588058485-1568270811-1000LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (01/07/2016 10:04:17 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: %%1058 Error: (01/07/2016 10:04:16 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 9:50:03 AM on ‎1/‎7/‎2016 was unexpected. Error: (01/07/2016 10:04:04 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY) Description: 32212256844621350451833504 Error: (01/07/2016 08:53:02 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service. CodeIntegrity: =================================== Date: 2016-01-08 12:14:10.904 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:10.893 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:10.882 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:10.827 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:10.816 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:10.804 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:05.377 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:05.366 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:05.349 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:14:05.337 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: AMD A10-6800K APU with Radeon HD Graphics Percentage of memory in use: 25% Total physical RAM: 16328.81 MB Available physical RAM: 12164.54 MB Total Virtual: 32712.81 MB Available Virtual: 27774.38 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.22 GB) (Free:238.39 GB) NTFS Drive d: (New Volume) (Fixed) (Total:1863.01 GB) (Free:1403.47 GB) NTFS Drive g: (B NASH) (Removable) (Total:7.45 GB) (Free:0.32 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D4CF3A72) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2305F4C0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 3 (Size: 7.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================

It wont let me run windows defender offline.

My malwayre bytes working again. Here is my log file. Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 1/7/2016Scan Time: 10:10 AMLogfile: Administrator: Yes Version: 2.2.0.1024Malware Database: v2016.01.07.03Rootkit Database: v2016.01.05.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 10CPU: x64File System: NTFSUser: User Scan Type: Threat ScanResult: CompletedObjects Scanned: 469166Time Elapsed: 11 min, 31 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end)

This is from FixExec. this is all it showed me. Now im going to try the windows defender. FixExec by Lawrence Abrams (Grinler)http://www.bleepingcomputer.com/Copyright 2008-2016 BleepingComputer.comMore Information about FixExec can be found at this link: http://www.bleepingcomputer.com/download/windows/utilities/fixexec Program started at: 01/06/2016 02:51:11 PM in x64 mode.Windows Version: Windows 8 Checking for processes to terminate before fixing executable associations. * No processes found to kill. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Program finished at: 01/06/2016 02:51:32 PMExecution time: 0 hours(s), 0 minute(s), and 21 seconds(s)

Windows 10 64bit. Yes i have access to a usb flash drive.

Thats not working either. I tried it twice. My computer is starting to malfunction.

rogue killer is not working either

My computer wont let me open up malwarebytes anti-malware. This is a personal computer.

Whenever i try to start my malwarebytes anti-malware and my gotomeeting software i get these error screens. mbam.exe and g2mui.exe. My computer has been starting slower and slower lately.

After i uninstalled Adobe flash player and went to the download link, it said that google already has the latest version but i dont see Adobe Flash on my list of programs anymore.

# AdwCleaner v2.002 - Logfile created 09/17/2012 at 11:15:46 # Updated 16/09/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : B-Nash - BR3WSKEE # Boot Mode : Normal # Running from : C:\Users\B-Nash\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** Folder Found : C:\Program Files (x86)\AVG Secure Search Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Found : C:\Program Files (x86)\Common Files\FreeCause Folder Found : C:\Program Files (x86)\Conduit Folder Found : C:\ProgramData\AVG Secure Search Folder Found : C:\ProgramData\Partner Folder Found : C:\ProgramData\Tarma Installer Folder Found : C:\Users\B-Nash\AppData\Local\AVG Secure Search Folder Found : C:\Users\B-Nash\AppData\Local\Conduit Folder Found : C:\Users\B-Nash\AppData\LocalLow\AVG Secure Search Folder Found : C:\Users\B-Nash\AppData\LocalLow\Conduit Folder Found : C:\Users\B-Nash\AppData\Roaming\OpenCandy ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Compete Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\AVG Secure Search Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKCU\Software\ShopToWin Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\Software\AVG Secure Search Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Found : HKLM\SOFTWARE\Classes\AppID\{A57F7191-1E7F-4852-BAAF-F80A43E2687A} Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Found : HKLM\SOFTWARE\Classes\AppID\{DBBBC528-9C8C-4051-9187-ED6F01A457C9} Key Found : HKLM\SOFTWARE\Classes\AppID\{DD7C44CC-0F60-4FD9-A38F-5CF30D698AC2} Key Found : HKLM\SOFTWARE\Classes\AppID\{EB583FE1-9458-4EDA-AC68-24D24F17C70F} Key Found : HKLM\SOFTWARE\Classes\AppID\CptUrlPassthru.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\dca-api.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\dca-bho.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\ShoppingBHO.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Found : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor Key Found : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpMonitor.1 Key Found : HKLM\SOFTWARE\Classes\dcabho.Dca Key Found : HKLM\SOFTWARE\Classes\dcabho.Dca.1 Key Found : HKLM\SOFTWARE\Classes\FCSB000062385.JSOptionsImpl Key Found : HKLM\SOFTWARE\Classes\FCSB000062385.JSOptionsImpl.1 Key Found : HKLM\SOFTWARE\Classes\FCSB000063451.JSOptionsImpl Key Found : HKLM\SOFTWARE\Classes\FCSB000063451.JSOptionsImpl.1 Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{7BAB653D-88FB-4F60-AFC2-8E6FD59FAFF3} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A57F7191-1E7F-4852-BAAF-F80A43E2687A} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C8758BC4-4581-48C7-BA38-C1A650477AE9} Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Found : HKLM\Software\Conduit Key Found : HKLM\SOFTWARE\FCSB000062385 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60260024-AA48-4A2F-84DA-2C2DCB24AAD0} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F2CF666-0EC7-418E-B86A-459AD43BCAB1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4} Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1 Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C} Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Classes\Interface\{3F2CF666-0EC7-418E-B86A-459AD43BCAB1} Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found : HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Found : HKU\S-1-5-21-1876199669-471561695-2787328992-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={899774C8-7090-4ACA-BA24-C7CC87A38491}&mid=e7c40c96410247d1911b1943ef769635-0aef54f47091cdecbfea0b242cafff63e9b6e487〈=en&ds=ins10&pr=sa&d=2012-02-04 01:13:19&v=9.0.0.23&sap=nt -\\ Google Chrome v21.0.1180.89 File : C:\Users\B-Nash\AppData\Local\Google\Chrome\User Data\Default\Preferences Found [l.53] : icon_url = "hxxp://isearch.avg.com/favicon.ico", Found [l.56] : keyword = "isearch.avg.com", Found [l.59] : search_url = "hxxp://isearch.avg.com/search?cid={DCD6F596-E4AB-4EB7-BC9F-CD17FBE9489A}&mid=e7c40c96410247d1911b1943ef769635-0aef54f47091cdecbfea0b242cafff63e9b6e487〈=en&ds=AVG&pr=fr&d=2012-02-20 13:38:12&v=11.1.0.12&sap=dsp&q={searchTerms}", ************************* AdwCleaner[R1].txt - [10097 octets] - [17/09/2012 11:15:46] ########## EOF - C:\AdwCleaner[R1].txt - [10158 octets] ##########

Results of screen317's Security Check version 0.99.51 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG Anti-Virus Free Edition 2012 Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.0.1400 AVG PC Tuneup Wise Registry Cleaner 6.14 JavaFX 2.1.1 Java 6 Update 29 Java 7 Update 5 Java version out of Date! Adobe Flash Player 9 Flash Player out of Date! Adobe Reader X (10.1.4) Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe AVG avgwdsvc.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 3% ````````````````````End of Log``````````````````````