Fix result of Farbar Recovery Scan Tool (x64) Version:17-11-2015 Ran by Adiorz (2015-11-18 10:04:24) Run:1 Running from C:\Users\Adiorz\Desktop\fix Loaded Profiles: Adiorz (Available Profiles: Adiorz & NeroMediaHomeUser.4) Boot Mode: Safe Mode (minimal) ============================================== fixlist content: ***************** CloseProcesses: HKLM-x32\...\Run: [mbot_jp_145] => C:\Program Files (x86)\mbot_jp_145\mbot_jp_145.exe [3976136 2014-11-05] () HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE HKLM-x32\...\RunOnce: [upmbot_jp_145.exe] => C:\Users\Adiorz\AppData\Local\mbot_jp_145\upmbot_jp_145.exe -runonce HKU\S-1-5-21-319641768-3134415942-743037567-1000\...\Policies\Explorer: [] HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-319641768-3134415942-743037567-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.dashi.com HKU\S-1-5-21-319641768-3134415942-743037567-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKU\S-1-5-21-319641768-3134415942-743037567-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006 SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-319641768-3134415942-743037567-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-319641768-3134415942-743037567-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-319641768-3134415942-743037567-1006 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll => No File BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll => No File Toolbar: HKU\S-1-5-21-319641768-3134415942-743037567-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File FF DefaultSearchEngine: Yahoo FF SelectedSearchEngine: Yahoo FF PLUGIN HKU\S-1-5-21-319641768-3134415942-743037567-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Adiorz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adiorz\AppData ROAMING\Dropbox\bin\DropboxExt64.24.dll No File ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2015\acad.exe => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File CustomCLSID: HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adiorz\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File Task: {088BCA5E-21AF-4BF6-9B8F-7D0A6909D333} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000UA => C:\Users\Adiorz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {0ADE385F-14C5-48C6-8828-29805A8A4FF9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000Core => C:\Users\Adiorz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {49B3FE08-87D3-4A98-B726-143D2FD2C0A1} - System32\Tasks\{09C82817-2C3F-4398-B972-A407D3F24B43} => pcalua.exe -a C:\Users\Adiorz\Downloads\widescreen-v3.05.exe -d C:\Users\Adiorz\Downloads Task: {4FF3074A-EF6A-4747-B1D7-F7C5570C56D3} - System32\Tasks\{05E7C2B8-156C-4122-BB66-BEFF987219F4} => pcalua.exe -a C:\Users\Adiorz\Downloads\irfanview_plugins_438_setup.exe -d C:\Users\Adiorz\Downloads Task: {84EEA1C5-B189-4FCF-931A-21CCA27BB0CC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo) Task: {B2E6E789-ED72-484F-BA4C-6FE72F5A636D} - System32\Tasks\{A49270A1-AD49-4039-86DE-09691EC658CF} => pcalua.exe -a F:\Software\ASUS\WINFLASH\XP32_Vista32_Vista64_Win7_32_Win7_64_2.29.0\Setup.exe -d F:\Software\ASUS\WINFLASH\XP32_Vista32_Vista64_Win7_32_Win7_64_2.29.0 -c /qn /norestart Task: {BB910DEF-B3EC-45CD-AD28-0CE6FD5DEE82} - System32\Tasks\{17CFFC38-7CC7-43E5-A282-9E9F2E4D0EB6} => pcalua.exe -a F:\Software\ASUS\WINFLASH\XP32_Vista32_Vista64_Win7_32_Win7_64_2.29.0\Setup.exe -d F:\Software\ASUS\WINFLASH\XP32_Vista32_Vista64_Win7_32_Win7_64_2.29.0 -c /qn /norestart Task: {CAE244B2-8303-48BF-98AB-74172218C22C} - System32\Tasks\{E4AC4DE1-C955-46F7-8CA9-38D54CAD26AD} => pcalua.exe -a C:\Users\Adiorz\Downloads\msicuu_7.2.exe -d C:\Users\Adiorz\Downloads Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000Core.job => C:\Users\Adiorz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000UA.job => C:\Users\Adiorz\AppData\Local\Facebook\Update\FacebookUpdate.exe DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo S3 ALSysIO; \??\C:\Users\Adiorz\AppData\Local\Temp\ALSysIO64.sys [X] C:\Program Files (x86)\Lenovo C:\Program Files (x86)\mbot_jp_145 C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cygwin C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GNU Octave 3.2.4 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Impressions Games C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY C:\Users\Adiorz\REACHit C:\Users\Adiorz\AppData\Local\Google\Chrome\User Data\Chrome App Launcher.lnk C:\Users\Adiorz\AppData\Local\Google\Chrome\User Data\Default\Preferences C:\Users\Adiorz\AppData\Local\Google\Chrome\User Data\Default\Web Data C:\Users\Adiorz\AppData\Local\Microsoft\Windows\GameExplorer\{E5DA8FD5-4699-4CBB-BE24-1C9E8F440713} C:\Users\Adiorz\AppData\Roaming\GoldenGate C:\Users\Adiorz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk C:\Users\Adiorz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk C:\Users\Adiorz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin C:\Users\Adiorz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com C:\Users\Adiorz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs STEAM C:\Users\Adiorz\Desktop\Continue installation .lnk C:\Windows\System32\Tasks\Lenovo C:\Windows\SysWOW64\REN*.tmp Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSKAppManager" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Autodesk Sync" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray" /f EmptyTemp: ***************** Processes closed successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_jp_145 => value not found. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdReg => value removed successfully HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\upmbot_jp_145.exe => value not found. HKU\S-1-5-21-319641768-3134415942-743037567-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully HKU\S-1-5-21-319641768-3134415942-743037567-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully HKU\S-1-5-21-319641768-3134415942-743037567-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully HKU\S-1-5-21-319641768-3134415942-743037567-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found. HKU\S-1-5-21-319641768-3134415942-743037567-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully "HKU\S-1-5-21-319641768-3134415942-743037567-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found. HKU\S-1-5-21-319641768-3134415942-743037567-1006\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully "HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully "HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully HKU\S-1-5-21-319641768-3134415942-743037567-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found. Firefox DefaultSearchEngine removed successfully Firefox SelectedSearchEngine removed successfully HKU\S-1-5-21-319641768-3134415942-743037567-1000\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin => key not found. C:\Users\Adiorz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => not found. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom => value removed successfully "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully "HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully "HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully "HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => key removed successfully "HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6} => key not found. HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98} => key not found. HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005} => key not found. HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found. HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found. HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found. HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found. "HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully "HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully "HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully "HKU\S-1-5-21-319641768-3134415942-743037567-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{088BCA5E-21AF-4BF6-9B8F-7D0A6909D333}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088BCA5E-21AF-4BF6-9B8F-7D0A6909D333}" => key removed successfully C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000UA => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000UA" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0ADE385F-14C5-48C6-8828-29805A8A4FF9}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ADE385F-14C5-48C6-8828-29805A8A4FF9}" => key removed successfully C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000Core => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000Core" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49B3FE08-87D3-4A98-B726-143D2FD2C0A1}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49B3FE08-87D3-4A98-B726-143D2FD2C0A1}" => key removed successfully C:\Windows\System32\Tasks\{09C82817-2C3F-4398-B972-A407D3F24B43} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{09C82817-2C3F-4398-B972-A407D3F24B43}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4FF3074A-EF6A-4747-B1D7-F7C5570C56D3}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FF3074A-EF6A-4747-B1D7-F7C5570C56D3}" => key removed successfully C:\Windows\System32\Tasks\{05E7C2B8-156C-4122-BB66-BEFF987219F4} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{05E7C2B8-156C-4122-BB66-BEFF987219F4}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84EEA1C5-B189-4FCF-931A-21CCA27BB0CC}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84EEA1C5-B189-4FCF-931A-21CCA27BB0CC}" => key removed successfully C:\Windows\System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program 64" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2E6E789-ED72-484F-BA4C-6FE72F5A636D}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2E6E789-ED72-484F-BA4C-6FE72F5A636D}" => key removed successfully C:\Windows\System32\Tasks\{A49270A1-AD49-4039-86DE-09691EC658CF} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A49270A1-AD49-4039-86DE-09691EC658CF}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB910DEF-B3EC-45CD-AD28-0CE6FD5DEE82}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB910DEF-B3EC-45CD-AD28-0CE6FD5DEE82}" => key removed successfully C:\Windows\System32\Tasks\{17CFFC38-7CC7-43E5-A282-9E9F2E4D0EB6} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{17CFFC38-7CC7-43E5-A282-9E9F2E4D0EB6}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CAE244B2-8303-48BF-98AB-74172218C22C}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAE244B2-8303-48BF-98AB-74172218C22C}" => key removed successfully C:\Windows\System32\Tasks\{E4AC4DE1-C955-46F7-8CA9-38D54CAD26AD} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E4AC4DE1-C955-46F7-8CA9-38D54CAD26AD}" => key removed successfully C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000Core.job => moved successfully C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-319641768-3134415942-743037567-1000UA.job => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo => key removed successfully ALSysIO => service removed successfully C:\Program Files (x86)\Lenovo => moved successfully "C:\Program Files (x86)\mbot_jp_145" => not found. C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cygwin => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GNU Octave 3.2.4 => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Impressions Games => moved successfully "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY" => not found. C:\Users\Adiorz\REACHit => moved successfully C:\Users\Adiorz\AppData\Local\Google\Chrome\User Data\Chrome App Launcher.lnk => moved successfully C:\Users\Adiorz\AppData\Local\Google\Chrome\User Data\Default\Preferences => moved successfully C:\Users\Adiorz\AppData\Local\Google\Chrome\User Data\Default\Web Data => moved successfully C:\Users\Adiorz\AppData\Local\Microsoft\Windows\GameExplorer\{E5DA8FD5-4699-4CBB-BE24-1C9E8F440713} => moved successfully C:\Users\Adiorz\AppData\Roaming\GoldenGate => moved successfully C:\Users\Adiorz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk => moved successfully C:\Users\Adiorz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk => moved successfully C:\Users\Adiorz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin => moved successfully C:\Users\Adiorz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com => moved successfully "C:\Users\Adiorz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs STEAM" => not found. "C:\Users\Adiorz\Desktop\Continue installation .lnk" => not found. C:\Windows\System32\Tasks\Lenovo => moved successfully =========== "C:\Windows\SysWOW64\REN*.tmp" ========== C:\Windows\SysWOW64\REN2EF6.tmp => moved successfully ========= End -> "C:\Windows\SysWOW64\REN*.tmp" ======== ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSKAppManager" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Autodesk Sync" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray" /f ========= The operation completed successfully. ========= End of Reg: ========= EmptyTemp: => 1 GB temporary data Removed. The system needed a reboot. ==== End of Fixlog 10:04:54 ====