How to remove rundll32.exe virus.

**Malnutrition** · 03-11-2017, 11:34 AM

Right click autoruns run as administrator.
Scroll to the task scheduler tab and the uncheck the items below.

[ATTACH]1824[/ATTACH]

+ “\Microsoft\Windows\Autochk\Proxy” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”
+ “\Microsoft\Windows\SystemRestore\SR” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”
+ “\Microsoft\Windows\Tcpip\IpAddressConflict1” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”
+ “\Microsoft\Windows\Tcpip\IpAddressConflict2” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”
+ “\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”
+ “\Microsoft\Windows\WindowsBackup\AutomaticBackup” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”
+ “\WPD\SqmUpload_S-1-5-21-590680974-46065942-2644484873-1000” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”

Reboot the machine and see if the error persist.

**toreee** · 03-11-2017, 02:57 PM

the error still persist. even after I have restart my pc

**Malnutrition** · 03-11-2017, 10:18 PM

Please post a new autoruns log for review…
Then…
Windows Repair.

Install (use the direct download) the Tweaking.com - Windows all in one repair tool. Then boot Windows into Safe Mode, (Make Certain To Run This Program As Administrator) then run through the Prescan on step 2 tab. Then skip to step 5 and create a system restore point. Then go to the repair tab…

Notice create a registry backup is ticked by default, so no need to do so in step 5… https://pchelpforum.net/attachments/...7-26-png.1290/

Now run the program, with the boxes ticked in the picture below.

Click Image Below For Better Resolution.

Forums - PC Help Forum

https://pchelpforum.net/attachments/upload_2017-1-5_18-40-40-png.1292/

PCHF Forums

May want to save picture or write down what boxes need ticked, since you will run this in Safe Mode.

Important: Make certain to reboot twice after running this tool!!

**toreee** · 03-12-2017, 12:11 AM

“HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms” “” “” “” “08/9/2015 8:23 AM” “”

“rdpclip” “” “” “File not found: rdpclip” “” “”
“HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ru n” “” “” “” “28/2/2017 7:58 PM” “”
“CCleaner” “CCleaner” “Piriform Ltd” “c:\program files\ccleaner\ccleaner.exe” “08/2/2017 6:17 AM” “”
“HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components” “” “” “” “21/8/2016 1:01 PM” “”
“Google Chrome” “Google Chrome Installer” “Google Inc.” “c:\program files\google\chrome\application\56.0.2924.87\insta ller\chrmstp.exe” “01/2/2017 11:48 AM” “”
“Microsoft Windows” “Windows Mail” “Microsoft Corporation” “c:\program files\windows mail\winmail.exe” “14/7/2009 3:42 AM” “”
“HKLM\SOFTWARE\Classes\Protocols\Filter” “” “” “” “23/4/2012 4:47 AM” “”
“text/xml” “Microsoft Office XML MIME Filter” “Microsoft Corporation” “c:\program files\common files\microsoft shared\office15\msoxmlmf.dll” “18/12/2013 12:15 AM” “”
“HKLM\SOFTWARE\Classes\Protocols\Handler” “” “” “” “25/2/2017 12:07 PM” “”
“ms-help” “Microsoft® Help Data Services Module” “Microsoft Corporation” “c:\program files\common files\microsoft shared\help\hxds.dll” “07/11/2012 2:30 PM” “”
“osf” “Microsoft Office 2013 component” “Microsoft Corporation” “c:\program files\microsoft office\office15\msosb.dll” “20/4/2016 2:34 AM” “”
“wlmailhtml” “Windows Live Mail” “Microsoft Corporation” “c:\program files\windows live\mail\mailcomm.dll” “10/11/2010 2:56 PM” “”
“wlpg” “Windows Live Album Download Protocol Handler” “Microsoft Corporation” “c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll” “10/11/2010 2:21 PM” “”
“HKLM\Software\Microsoft\Windows\CurrentVersion\Ex plorer\ShellExecuteHooks” “” “” “” “16/4/2012 3:31 AM” “”
“Groove GFS Stub Execution Hook” “Microsoft SharePoint Workspace Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office14\grooveex.dll” “19/12/2013 4:37 AM” “”
“HKLM\Software\Classes*\ShellEx\ContextMenuHandler s” “” “” “” “21/11/2016 7:12 PM” “”
“EPP” “Microsoft Security Client Shell Extension” “Microsoft Corporation” “c:\program files\microsoft security client\shellext.dll” “15/11/2016 7:58 AM” “”
“PismoFileMountAuditPackage” “Shell Extension - Pismo File Mount Audit Package” “Pismo Technic Inc.” “c:\windows\system32\pfmshx_178.dll” “01/7/2015 1:57 AM” “”
“XXX Groove GFS Context Menu Handler XXX” “Microsoft SharePoint Workspace Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office14\grooveex.dll” “19/12/2013 4:37 AM” “”
“HKLM\Software\Classes\Drive\ShellEx\ContextMenuHa ndlers” “” “” “” “21/11/2016 7:12 PM” “”
“EPP” “Microsoft Security Client Shell Extension” “Microsoft Corporation” “c:\program files\microsoft security client\shellext.dll” “15/11/2016 7:58 AM” “”
“PismoFileMountAuditPackage” “Shell Extension - Pismo File Mount Audit Package” “Pismo Technic Inc.” “c:\windows\system32\pfmshx_178.dll” “01/7/2015 1:57 AM” “”
“HKLM\Software\Classes*\ShellEx\PropertySheetHandl ers” “” “” “” “07/9/2015 10:31 AM” “”
“WDBackupPropSheetHandler” “WD ContextMenu Handler” “Western Digital Technologies, Inc.” “c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll” “23/7/2014 2:19 AM” “”
“HKLM\Software\Classes\AllFileSystemObjects\ShellE x\ContextMenuHandlers” “” “” “” “30/10/2016 4:23 AM” “”
“XXX Groove GFS Context Menu Handler XXX” “Microsoft SharePoint Workspace Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office14\grooveex.dll” “19/12/2013 4:37 AM” “”
“HKLM\Software\Classes\Directory\ShellEx\ContextMe nuHandlers” “” “” “” “21/11/2016 7:12 PM” “”
“EPP” “Microsoft Security Client Shell Extension” “Microsoft Corporation” “c:\program files\microsoft security client\shellext.dll” “15/11/2016 7:58 AM” “”
“XXX Groove GFS Context Menu Handler XXX” “Microsoft SharePoint Workspace Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office14\grooveex.dll” “19/12/2013 4:37 AM” “”
“HKLM\Software\Classes\Directory\Shellex\DragDropH andlers” “” “” “” “27/2/2012 9:53 AM” “”
“WinRAR” “” “” “c:\program files\winrar\rarext.dll” “12/12/2009 2:11 PM” “”
“WinZip” “WinZip Shell Extension DLL” “WinZip Computing, S.L.” “c:\program files\winzip\wzshlstb.dll” “29/10/2010 10:23 PM” “”
“HKLM\Software\Classes\Directory\Background\ShellE x\ContextMenuHandlers” “” “” “” “16/4/2012 3:31 AM” “”
“Gadgets” “Sidebar droptarget” “Microsoft Corporation” “c:\program files\windows sidebar\sbdrop.dll” “14/7/2009 5:09 AM” “”
“igfxcui” “igfxpph Module” “Intel Corporation” “c:\windows\system32\igfxpph.dll” “20/3/2012 2:12 AM” “”
“XXX Groove GFS Context Menu Handler XXX” “Microsoft SharePoint Workspace Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office14\grooveex.dll” “19/12/2013 4:37 AM” “”
“HKLM\Software\Classes\Folder\Shellex\ColumnHandle rs” “” “” “” “14/3/2015 2:25 PM” “”
“PDF Shell Extension” “PDF Shell Extension” “Adobe Systems, Inc.” “c:\program files\common files\adobe\acrobat\activex\pdfshell.dll” “11/5/2013 1:34 PM” “”
“HKLM\Software\Classes\Folder\ShellEx\ContextMenuH andlers” “” “” “” “30/10/2016 4:23 AM” “”
“PismoFileMountAuditPackage” “Shell Extension - Pismo File Mount Audit Package” “Pismo Technic Inc.” “c:\windows\system32\pfmshx_178.dll” “01/7/2015 1:57 AM” “”
“XXX Groove GFS Context Menu Handler XXX” “Microsoft SharePoint Workspace Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office14\grooveex.dll” “19/12/2013 4:37 AM” “”
“HKLM\Software\Classes\Folder\ShellEx\DragDropHand lers” “” “” “” “27/2/2012 9:53 AM” “”
“WinRAR” “” “” “c:\program files\winrar\rarext.dll” “12/12/2009 2:11 PM” “”
“WinZip” “WinZip Shell Extension DLL” “WinZip Computing, S.L.” “c:\program files\winzip\wzshlstb.dll” “29/10/2010 10:23 PM” “”
“HKLM\Software\Classes\Folder\ShellEx\PropertyShee tHandlers” “” “” “” “07/9/2015 10:31 AM” “”
“WDBackupPropSheetHandler” “WD ContextMenu Handler” “Western Digital Technologies, Inc.” “c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll” “23/7/2014 2:19 AM” “”
“HKLM\Software\Microsoft\Windows\CurrentVersion\Ex plorer\ShellIconOverlayIdentifiers” “” “” “” “23/7/2016 8:02 PM” “”
" SkyDrivePro1 (ErrorConflict)" “Microsoft OneDrive for Business Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office15\grooveex.dll” “01/11/2016 11:14 AM” “”
" SkyDrivePro2 (SyncInProgress)" “Microsoft OneDrive for Business Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office15\grooveex.dll” “01/11/2016 11:14 AM” “”
" SkyDrivePro3 (InSync)" “Microsoft OneDrive for Business Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office15\grooveex.dll” “01/11/2016 11:14 AM” “”
“Groove Explorer Icon Overlay 1 (GFS Unread Stub)” “Microsoft SharePoint Workspace Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office14\grooveex.dll” “19/12/2013 4:37 AM” “”
“Groove Explorer Icon Overlay 2 (GFS Stub)” “Microsoft SharePoint Workspace Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office14\grooveex.dll” “19/12/2013 4:37 AM” “”
“Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)” “Microsoft SharePoint Workspace Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office14\grooveex.dll” “19/12/2013 4:37 AM” “”
“Groove Explorer Icon Overlay 3 (GFS Folder)” “Microsoft SharePoint Workspace Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office14\grooveex.dll” “19/12/2013 4:37 AM” “”
“Groove Explorer Icon Overlay 4 (GFS Unread Mark)” “Microsoft SharePoint Workspace Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office14\grooveex.dll” “19/12/2013 4:37 AM” “”
“HKLM\Software\Microsoft\Windows\CurrentVersion\Ex plorer\Browser Helper Objects” “” “” “” “05/2/2017 12:41 PM” “”
“Groove GFS Browser Helper” “Microsoft SharePoint Workspace Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office14\grooveex.dll” “19/12/2013 4:37 AM” “”
“Java™ Plug-In 2 SSV Helper” “Java™ Platform SE binary” “Oracle Corporation” “c:\program files\java\jre1.8.0_121\bin\jp2ssv.dll” “13/12/2016 7:00 AM” “”
“Java™ Plug-In SSV Helper” “Java™ Platform SE binary” “Oracle Corporation” “c:\program files\java\jre1.8.0_121\bin\ssv.dll” “13/12/2016 7:00 AM” “”
“Microsoft SkyDrive Pro Browser Helper” “Microsoft OneDrive for Business Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office15\grooveex.dll” “01/11/2016 11:14 AM” “”
“Office Document Cache Handler” “Microsoft Office Document Cache Handler” “Microsoft Corporation” “c:\program files\microsoft office\office15\urlredir.dll” “18/12/2013 12:06 AM” “”
“Skype for Business Browser Helper” “Skype for Business” “Microsoft Corporation” “c:\program files\microsoft office\office15\ochelper.dll” “13/12/2016 10:42 AM” “”
“Windows Live ID Sign-in Helper” “Microsoft® Windows Live ID Login Helper” “Microsoft Corp.” “c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll” “22/9/2010 1:01 AM” “”
“Windows Live Messenger Companion Helper” “Windows Live Messenger Companion Core” “Microsoft Corporation” “c:\program files\windows live\companion\companioncore.dll” “10/11/2010 2:02 PM” “”
“HKLM\Software\Microsoft\Internet Explorer\Extensions” “” “” “” “09/9/2015 11:58 AM” “”
“&Blog This in Windows Live Writer” “Windows Live Writer Blog This Extension” “Microsoft Corporation” “c:\program files\windows live\writer\writerbrowserextension.dll” “10/11/2010 2:03 PM” “”
“Messenger Companion (Ctrl+Shift+C)” “Windows Live Messenger Companion Core” “Microsoft Corporation” “c:\program files\windows live\companion\companioncore.dll” “10/11/2010 2:02 PM” “”
“OneNote Lin&ked Notes” “Microsoft OneNote Internet Explorer Add-in” “Microsoft Corporation” “c:\program files\microsoft office\office15\onbttnielinkednotes.dll” “01/11/2016 11:18 AM” “”
“Se&nd to OneNote” “Microsoft OneNote Internet Explorer Add-in” “Microsoft Corporation” “c:\program files\microsoft office\office15\onbttnie.dll” “01/11/2016 11:28 AM” “”
“Skype for Business Click to Call” “Skype for Business” “Microsoft Corporation” “c:\program files\microsoft office\office15\ochelper.dll” “13/12/2016 10:42 AM” “”
“Task Scheduler” “” “” “” “” “”
“\CCleanerSkipUAC” “CCleaner” “Piriform Ltd” “c:\program files\ccleaner\ccleaner.exe” “08/2/2017 6:17 AM” “”
“\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan” “Microsoft Malware Protection Command Line Utility” “Microsoft Corporation” “c:\program files\microsoft security client\mpcmdrun.exe” “15/11/2016 7:57 AM” “”
“\Microsoft\Office\Office 15 Subscription Heartbeat” “Office Subscription Licensing Heartbeat” “Microsoft Corporation” “c:\program files\common files\microsoft shared\office15\olicenseheartbeat.exe” “18/12/2013 12:08 AM” “”
“\Microsoft\Office\OfficeTelemetryAgentFallBack” “Office Telemetry Agent” “Microsoft Corporation” “c:\program files\microsoft office\office15\msoia.exe” “18/12/2013 12:13 AM” “”
“\Microsoft\Office\OfficeTelemetryAgentLogOn” “Office Telemetry Agent” “Microsoft Corporation” “c:\program files\microsoft office\office15\msoia.exe” “18/12/2013 12:13 AM” “”
“\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task” “Windows Live Social Object Extractor Engine” “Microsoft Corporation” “c:\program files\windows live\soxe\wlsoxe.dll” “10/11/2010 2:02 PM” “”
X “\Microsoft\Windows\Autochk\Proxy” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”
“\Microsoft\Windows\NetTrace\GatherNetworkInfo” “” “” “c:\windows\system32\gathernetworkinfo.vbs” “11/6/2009 1:19 AM” “”
X “\Microsoft\Windows\SystemRestore\SR” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”
X “\Microsoft\Windows\Tcpip\IpAddressConflict1” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”
X “\Microsoft\Windows\Tcpip\IpAddressConflict2” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”
X “\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”
“\Microsoft\Windows\Windows Media Sharing\UpdateLibrary” “Windows Media Player Network Sharing Service Configuration Application” “Microsoft Corporation” “c:\program files\windows media player\wmpnscfg.exe” “14/7/2009 4:09 AM” “”
X “\Microsoft\Windows\WindowsBackup\AutomaticBackup” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”
X “\WPD\SqmUpload_S-1-5-21-590680974-46065942-2644484873-1000” “” “” “File not found: C:\windows\system32\rundll32.exe” “” “”
“HKLM\System\CurrentControlSet\Services” “” “” “” “11/3/2017 10:33 AM” “”
“cvhsvc” “Client Virtualization Handler Service (unlocalized description)” “Microsoft Corporation” “c:\program files\common files\microsoft shared\virtualization handler\cvhsvc.exe” “18/3/2015 11:48 PM” “”
“fsssvc” “This service enables Family Safety on the computer. If this service is not running, Family Safety will not work.” “Microsoft Corporation” “c:\program files\windows live\family safety\fsssvc.exe” “23/9/2010 11:16 AM” “”
“Microsoft SharePoint Workspace Audit Service” “Microsoft SharePoint Workspace” “Microsoft Corporation” “c:\program files\microsoft office\office14\groove.exe” “19/12/2013 4:34 AM” “”
“MsMpSvc” “Helps protect users from malware and other potentially unwanted software” “Microsoft Corporation” “c:\program files\microsoft security client\msmpeng.exe” “15/11/2016 7:57 AM” “”
“NisSrv” “Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols” “Microsoft Corporation” “c:\program files\microsoft security client\nissrv.exe” “15/11/2016 7:57 AM” “”
“ose” “Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.” “Microsoft Corporation” “c:\program files\common files\microsoft shared\source engine\ose.exe” “07/11/2012 2:37 PM” “”
“osppsvc” “Enables the download, installation, and enforcement of digital licenses for Microsoft Office applications. These applications require this service for proper operation. It is strongly recommended that you keep this service enabled.” “Microsoft Corporation” “c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.ex e” “06/7/2012 3:41 AM” “”
“sftlist” “Streams and manages applications.” “Microsoft Corporation” “c:\program files\microsoft application virtualization client\sftlist.exe” “25/6/2013 11:04 PM” “”
“sftvsa” “Monitors global service events and launches virtual services.” “Microsoft Corporation” “c:\program files\microsoft application virtualization client\sftvsa.exe” “25/6/2013 11:02 PM” “”
“WinDefend” “Protection against spyware and potentially unwanted software” “Microsoft Corporation” “c:\program files\windows defender\mpsvc.dll” “27/5/2013 8:57 AM” “”
“wlidsvc” “Enables Windows Live ID authentication.” “Microsoft Corp.” “c:\program files\common files\microsoft shared\windows live\wlidsvc.exe” “22/9/2010 1:00 AM” “”
“WMPNetworkSvc” “Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play” “Microsoft Corporation” “c:\program files\windows media player\wmpnetwk.exe” “20/11/2010 2:36 PM” “”
“HKLM\System\CurrentControlSet\Services” “” “” “” “11/3/2017 10:33 AM” “”
“acsock” “Cisco AnyConnect Kernel Driver Framework Socket Layer Interceptor” “Cisco Systems, Inc.” “c:\windows\system32\drivers\acsock.sys” “07/11/2012 6:27 AM” “”
“adp94xx” “Adaptec Windows SAS/SATA Storport Driver” “Adaptec, Inc.” “c:\windows\system32\drivers\adp94xx.sys” “06/12/2008 3:59 AM” “”
“adpahci” “Adaptec Windows SATA Storport Driver” “Adaptec, Inc.” “c:\windows\system32\drivers\adpahci.sys” “01/5/2007 9:29 PM” “”
“adpu320” “Adaptec StorPort Ultra320 SCSI Driver” “Adaptec, Inc.” “c:\windows\system32\drivers\adpu320.sys” “28/2/2007 4:03 AM” “”
“aic78xx” “Adaptec Ultra SCSI miniport” “Adaptec, Inc.” “c:\windows\system32\drivers\djsvs.sys” “12/4/2006 4:20 AM” “”
“aliide” “ALi mini IDE Driver” “Acer Laboratories Inc.” “c:\windows\system32\drivers\aliide.sys” “14/7/2009 3:11 AM” “”
“amdsata” “AHCI 1.2 Device Driver” “Advanced Micro Devices” “c:\windows\system32\drivers\amdsata.sys” “19/3/2010 5:08 AM” “”
“amdsbs” “AMD Technology AHCI Compatible Controller Driver for Windows family” “AMD Technologies Inc.” “c:\windows\system32\drivers\amdsbs.sys” “20/3/2009 10:35 PM” “”
“amdxata” “Storage Filter Driver” “Advanced Micro Devices” “c:\windows\system32\drivers\amdxata.sys” “19/3/2010 8:19 PM” “”
“arc” “Adaptec RAID Storport Driver” “Adaptec, Inc.” “c:\windows\system32\drivers\arc.sys” “25/5/2007 1:31 AM” “”
“arcsas” “Adaptec SAS RAID WS03 Driver” “Adaptec, Inc.” “c:\windows\system32\drivers\arcsas.sys” “14/1/2009 11:26 PM” “”
“athr” “Atheros Extensible Wireless LAN device driver” “Atheros Communications, Inc.” “c:\windows\system32\drivers\athr.sys” “21/6/2011 12:00 PM” “”
“b06bdrv” “Broadcom NetXtreme II GigE VBD” “Broadcom Corporation” “c:\windows\system32\drivers\bxvbdx.sys” “14/2/2009 2:10 AM” “”
“b57nd60x” “Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver.” “Broadcom Corporation” “c:\windows\system32\drivers\b57nd60x.sys” “26/4/2009 3:15 PM” “”
“BrFiltLo” “Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver” “Brother Industries, Ltd.” “c:\windows\system32\drivers\brfiltlo.sys” “07/8/2006 1:33 AM” “”
“BrFiltUp” “Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver” “Brother Industries, Ltd.” “c:\windows\system32\drivers\brfiltup.sys” “07/8/2006 1:33 AM” “”
“Brserid” “Brotehr Serial I/F Driver (WDM)” “Brother Industries Ltd.” “c:\windows\system32\drivers\brserid.sys” “07/8/2006 1:33 AM” “”
“BrSerWdm” “Brother Serial driver (WDM version)” “Brother Industries Ltd.” “c:\windows\system32\drivers\brserwdm.sys” “07/8/2006 1:33 AM” “”
“BrUsbMdm” "Brother USB MDM Driver " “Brother Industries Ltd.” “c:\windows\system32\drivers\brusbmdm.sys” “07/8/2006 1:33 AM” “”
“BrUsbSer” “Brother USB Serial Driver” “Brother Industries Ltd.” “c:\windows\system32\drivers\brusbser.sys” “09/8/2006 4:02 PM” “”
“clwvd” “CyberLink WebCam Virtual Driver” “CyberLink Corporation” “c:\windows\system32\drivers\clwvd.sys” “28/7/2010 5:13 AM” “”
“cmdide” “CMD PCI IDE Bus Driver” “CMD Technology, Inc.” “c:\windows\system32\drivers\cmdide.sys” “14/7/2009 3:11 AM” “”
“ebdrv” “Broadcom NetXtreme II 10 GigE VBD” “Broadcom Corporation” “c:\windows\system32\drivers\evbdx.sys” “31/12/2008 8:06 PM” “”
“elxstor” “Storport Miniport Driver for LightPulse HBAs” “Emulex” “c:\windows\system32\drivers\elxstor.sys” “04/2/2009 2:09 AM” “”
“hcw85cir” “Hauppauge WinTV 885 Consumer IR Driver for eHome” “Hauppauge Computer Works, Inc.” “c:\windows\system32\drivers\hcw85cir.sys” “11/5/2009 11:22 AM” “”
“HpSAMD” “Smart Array SAS/SATA Controller Media Driver” “Hewlett-Packard Company” “c:\windows\system32\drivers\hpsamd.sys” “19/5/2009 3:42 AM” “”
“htcnprot” “HTC NDIS Protocol Driver” “Windows (R) Win 7 DDK provider” “c:\windows\system32\drivers\htcnprot.sys” “23/6/2010 6:24 AM” “”
“HtcVCom32” “USB Modem/Serial Device Driver” “QUALCOMM Incorporated” “c:\windows\system32\drivers\htcvcomv32.sys” “26/10/2009 4:01 PM” “”
“HWiNFO32” “HWiNFO x86 Kernel Driver” “REALiX™” “c:\windows\system32\drivers\hwinfo32.sys” “23/11/2014 8:24 PM” “”
“iaStorV” “Intel Matrix Storage Manager driver - ia32” “Intel Corporation” “c:\windows\system32\drivers\iastorv.sys” “11/6/2010 4:45 AM” “”
“IDMWFP” “Internet Download Manager WFP Driver” “Tonec Inc.” “c:\windows\system32\drivers\idmwfp.sys” “26/1/2012 5:47 PM” “”
“igfx” “Intel Graphics Kernel Mode Driver” “Intel Corporation” “c:\windows\system32\drivers\igdkmd32.sys” “20/3/2012 3:26 AM” “”
“iirsp” “Intel/ICP Raid Storport Driver” “Intel Corp./ICP vortex GmbH” “c:\windows\system32\drivers\iirsp.sys” “14/12/2005 1:48 AM” “”
“IntcDAud” “Intel(R) Display Audio Driver” “Intel(R) Corporation” “c:\windows\system32\drivers\intcdaud.sys” “15/10/2010 12:27 PM” “”
“ivusb” “Initio Default Vendor Specific Device Driver” “Initio Corporation” “c:\windows\system32\drivers\ivusb.sys” “14/5/2010 6:41 AM” “”
“L1C” “Atheros L1c PCI-E Gigabit Ethernet Controller” “Atheros Communications, Inc.” “c:\windows\system32\drivers\l1c62x86.sys” “27/9/2010 10:36 AM” “”
“LSI_FC” “LSI Fusion-MPT FC Driver (StorPort)” “LSI Corporation” “c:\windows\system32\drivers\lsi_fc.sys” “10/12/2008 2:28 AM” “”
“LSI_SAS” “LSI Fusion-MPT SAS Driver (StorPort)” “LSI Corporation” “c:\windows\system32\drivers\lsi_sas.sys” “19/5/2009 4:19 AM” “”
“LSI_SAS2” “LSI SAS Gen2 Driver (StorPort)” “LSI Corporation” “c:\windows\system32\drivers\lsi_sas2.sys” “19/5/2009 4:31 AM” “”
“LSI_SCSI” “LSI Fusion-MPT SCSI Driver (StorPort)” “LSI Corporation” “c:\windows\system32\drivers\lsi_scsi.sys” “17/4/2009 2:14 AM” “”
“megasas” “MEGASAS RAID Controller Driver for Windows 7 for x86” “LSI Corporation” “c:\windows\system32\drivers\megasas.sys” “19/5/2009 5:09 AM” “”
“MegaSR” “LSI MegaRAID Software RAID Driver” “LSI Corporation, Inc.” “c:\windows\system32\drivers\megasr.sys” “19/5/2009 5:25 AM” “”
“MEI” “Intel(R) Management Engine Interface” “Intel Corporation” “c:\windows\system32\drivers\heci.sys” “20/10/2010 3:33 AM” “”
“netr28u” “Ralink 802.11n Wireless Adapter Driver” “Ralink Technology Corp.” “c:\windows\system32\drivers\netr28u.sys” “13/11/2009 1:44 PM” “”
“nfrd960” “IBM ServeRAID Controller Driver” “IBM Corporation” “c:\windows\system32\drivers\nfrd960.sys” “07/6/2006 1:12 AM” “”
“nvraid” “NVIDIA® nForce™ RAID Driver” “NVIDIA Corporation” “c:\windows\system32\drivers\nvraid.sys” “20/3/2010 1:00 AM” “”
“nvstor” “NVIDIA® nForce™ Sata Performance Driver” “NVIDIA Corporation” “c:\windows\system32\drivers\nvstor.sys” “20/3/2010 12:51 AM” “”
“pfmfs_178” “System Extension - Pismo File Mount” “Pismo Technic Inc.” “c:\windows\system32\drivers\pfmfs_178.sys” “01/7/2015 1:56 AM” “”
“ql2300” “QLogic Fibre Channel Stor Miniport Driver” “QLogic Corporation” “c:\windows\system32\drivers\ql2300.sys” “23/1/2009 3:28 AM” “”
“ql40xx” “QLogic iSCSI Storport Miniport Driver” “QLogic Corporation” “c:\windows\system32\drivers\ql40xx.sys” “19/5/2009 5:17 AM” “”
“rbtnfd_srv” “Riverbed Steelhead Mobile NDIS6 filter driver” “Riverbed Technology, Inc” “c:\windows\system32\drivers\rbtnfd.sys” “05/10/2013 3:34 AM” “”
“RSUSBVSTOR” “Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7” “Realtek Semiconductor Corp.” “c:\windows\system32\drivers\rtsuvstor.sys” “15/3/2011 1:57 PM” “”
“RTL8167” "Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver " "Realtek " “c:\windows\system32\drivers\rt86win7.sys” “10/6/2011 10:31 AM” “”
“SiSRaid2” “SiS RAID Stor Miniport Driver” “Silicon Integrated Systems Corp.” “c:\windows\system32\drivers\sisraid2.sys” “24/9/2008 10:19 PM” “”
“SiSRaid4” “SiS AHCI Stor-Miniport Driver” “Silicon Integrated Systems” “c:\windows\system32\drivers\sisraid4.sys” “02/10/2008 1:52 AM” “”
“stexstor” "Promise SuperTrak EX Series Driver for Windows " “Promise Technology” “c:\windows\system32\drivers\stexstor.sys” “18/2/2009 3:03 AM” “”
“TrueSight” “” “” “c:\windows\system32\drivers\truesight.sys” “16/1/2016 12:17 AM” “”
“ujiyodk3” “AVZGuard Driver” “Zaitsev Oleg, 2006” “c:\windows\system32\drivers\ujiyodk3.sys” “31/3/2011 7:04 PM” “”
“USBAAPL” “Apple Mobile Device USB Driver” “Apple, Inc.” “c:\windows\system32\drivers\usbaapl.sys” “28/11/2012 3:37 AM” “”
“utiyodk3” “AVZ Driver” “” “c:\windows\system32\drivers\utiyodk3.sys” “12/1/2008 6:51 PM” “”
“viaide” “VIA Generic PCI IDE Bus Driver” “VIA Technologies, Inc.” “c:\windows\system32\drivers\viaide.sys” “14/7/2009 3:11 AM” “”
“vncmirror” “VNC Mirror Miniport” “RealVNC Ltd.” “c:\windows\system32\drivers\vncmirror.sys” “14/3/2008 9:42 PM” “”
“vpnva” “Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows” “Cisco Systems, Inc.” “c:\windows\system32\drivers\vpnva-6.sys” “15/6/2013 12:18 AM” “”
“vsmraid” “VIA RAID DRIVER FOR AMD-X86-64” “VIA Technologies Inc.,Ltd” “c:\windows\system32\drivers\vsmraid.sys” “31/1/2009 5:13 AM” “”
“WDC_SAM” “Manages WD external storage products.” “Western Digital Technologies” “c:\windows\system32\drivers\wdcsam.sys” “16/4/2008 12:27 PM” “”
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers” “” “” “” “14/7/2009 8:41 AM” “”
“Adobe Type Manager” “Windows NT OpenType/Type 1 Font Driver” “Adobe Systems Incorporated” “c:\windows\system32\atmfd.dll” “02/11/2016 6:53 PM” “”
“HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32” “” “” “” “23/5/2015 12:37 PM” “”
“msacm.aacacm” “AAC ACM Codec” “fccHandler” “c:\windows\system32\aacacm.acm” “01/10/2011 5:03 AM” “”
“msacm.ac3acm” “AC-3 ACM Codec” “fccHandler” “c:\windows\system32\ac3acm.acm” “22/12/2011 4:14 AM” “”
“msacm.ac3filter” “” “” “c:\windows\system32\ac3filter.acm” “11/8/2009 9:18 PM” “”
“msacm.avis” “ffdshow ACM codec” “” “c:\windows\system32\ff_acm.acm” “28/1/2012 2:10 PM” “”
“msacm.l3acm” “MPEG Layer-3 Audio Codec for MSACM” “Fraunhofer Institut Integrierte Schaltungen IIS” “c:\windows\system32\l3codeca.acm” “14/7/2009 5:06 AM” “”
“msacm.l3pacm” “MPEG Audio Layer-3 Codec for MSACM” “Fraunhofer Institut Integrierte Schaltungen IIS” “c:\windows\system32\l3codecp.acm” “14/7/2009 5:06 AM” “”
“msacm.lameacm” “Lame MP3 codec engine” " http://www.mp3dev.org/ " “c:\windows\system32\lameacm.acm” “24/9/2008 11:41 PM” “”
“vidc.cvid” “Cinepak® Codec” “Radius Inc.” “c:\windows\system32\iccvid.dll” “20/11/2010 3:59 PM” “”
“VIDC.FFDS” “ffdshow VFW” “” “c:\windows\system32\ff_vfw.dll” “28/1/2012 2:54 AM” “”
“VIDC.LAGS” “Lagarith” " " “c:\windows\system32\lagarith.dll” “08/12/2011 4:32 AM” “”
“VIDC.X264” “” “” “c:\windows\system32\x264vfw.dll” “19/1/2012 1:29 PM” “”
“VIDC.XVID” “” “” “c:\windows\system32\xvidvfw.dll” “24/6/2011 6:44 PM” “”
“VIDC.YV12” “” “” “c:\windows\system32\xvidvfw.dll” “24/6/2011 6:44 PM” “”
“HKLM\Software\Classes\CLSID{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance” “” “” “” “28/8/2016 1:55 PM” “”
“AC3File” “” “” “c:\program files\k-lite codec pack\filters\ac3file.ax” “04/8/2009 9:09 AM” “”
“Audio Source” “Windows Media Preview Object” “Microsoft Corporation” “c:\program files\windows media components\encoder\wmprevu.dll” “12/12/2002 5:34 AM” “”
“Capture File Writer” “Windows Live Video Acquisition Filters” “Microsoft Corporation” “c:\program files\windows live\photo gallery\wlxvafilt.dll” “10/11/2010 2:21 PM” “”
“DC-Bass Source” “DirectShow™ Audio Decoder” " http://www.dsp-worx.de " “c:\program files\k-lite codec pack\filters\dcbasssource.ax” “20/6/1992 2:22 AM” “”
“DirectVobSub” “VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth” “MPC-HC Team” “c:\program files\k-lite codec pack\filters\vsfilter.dll” “06/2/2012 2:36 AM” “”
“DirectVobSub (auto-loading version)” “VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth” “MPC-HC Team” “c:\program files\k-lite codec pack\filters\vsfilter.dll” “06/2/2012 2:36 AM” “”
“DXVA Filter” “MPEG-1/2 Decoder Filter for DirectShow” “Gabest” “c:\program files\gretech\gomplayer\codecs\mpeg2decfilter.ax” “05/6/2004 12:09 PM” “”
“ffdshow Audio Decoder” “DirectShow and VFW video and audio decoding/encoding/processing filter” “” “c:\program files\k-lite codec pack\ffdshow\ffdshow.ax” “06/2/2012 10:13 PM” “”
“ffdshow Audio Processor” “DirectShow and VFW video and audio decoding/encoding/processing filter” “” “c:\program files\k-lite codec pack\ffdshow\ffdshow.ax” “06/2/2012 10:13 PM” “”
“ffdshow DXVA Video Decoder” “DirectShow and VFW video and audio decoding/encoding/processing filter” “” “c:\program files\k-lite codec pack\ffdshow\ffdshow.ax” “06/2/2012 10:13 PM” “”
“ffdshow raw video filter” “DirectShow and VFW video and audio decoding/encoding/processing filter” “” “c:\program files\k-lite codec pack\ffdshow\ffdshow.ax” “06/2/2012 10:13 PM” “”
“ffdshow subtitles filter” “DirectShow and VFW video and audio decoding/encoding/processing filter” “” “c:\program files\k-lite codec pack\ffdshow\ffdshow.ax” “06/2/2012 10:13 PM” “”
“ffdshow Video Decoder” “DirectShow and VFW video and audio decoding/encoding/processing filter” “” “c:\program files\k-lite codec pack\ffdshow\ffdshow.ax” “06/2/2012 10:13 PM” “”
“File Source (Monkey Audio)” “” “” “c:\program files\k-lite codec pack\filters\monkeysource.ax” “20/6/1992 2:22 AM” “”
“Gretech AAC Source Filter” “Gretech Source Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\gsfu.ax” “26/12/2013 5:41 AM” “”
“Gretech ASF Source Filter” “Gretech Source Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\gsfu.ax” “26/12/2013 5:41 AM” “”
“Gretech AsfEx Source Filter” “Gretech Source Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\gsfu.ax” “26/12/2013 5:41 AM” “”
“Gretech Audio Filter” “Gretech Audio Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\gaf.ax” “09/6/2016 2:20 PM” “”
“Gretech AVI Source Filter” “Gretech Source Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\gsfu.ax” “26/12/2013 5:41 AM” “”
“Gretech FLV Source Filter” “Gretech Source Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\gsfu.ax” “26/12/2013 5:41 AM” “”
“Gretech MKV Source Filter” “Gretech Source Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\gsfu.ax” “26/12/2013 5:41 AM” “”
“Gretech MP3 Source Filter” “Gretech Source Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\gsfu.ax” “26/12/2013 5:41 AM” “”
“Gretech MP4 Source Filter” “Gretech Source Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\gsfu.ax” “26/12/2013 5:41 AM” “”
“Gretech MPEG Source Filter” “Gretech Source Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\gsfu.ax” “26/12/2013 5:41 AM” “”
“Gretech MPEG Source Filter2” “Gretech Source Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\gsfu.ax” “26/12/2013 5:41 AM” “”
“Gretech Network(AVI) Filter” “Gretech Corp.” “Gretech Corp.” “c:\program files\gretech\gomplayer\gnf.ax” “03/3/2014 1:27 PM” “”
“Gretech Network(FLV) Filter” “Gretech Corp.” “Gretech Corp.” “c:\program files\gretech\gomplayer\gnf.ax” “03/3/2014 1:27 PM” “”
“Gretech Network(GOM) Filter” “Gretech Corp.” “Gretech Corp.” “c:\program files\gretech\gomplayer\gnf.ax” “03/3/2014 1:27 PM” “”
“Gretech Network(MP4) Filter” “Gretech Corp.” “Gretech Corp.” “c:\program files\gretech\gomplayer\gnf.ax” “03/3/2014 1:27 PM” “”
“Gretech Network(OGG) Filter” “Gretech Corp.” “Gretech Corp.” “c:\program files\gretech\gomplayer\gnf.ax” “03/3/2014 1:27 PM” “”
“Gretech Network(SHOUTcast) Filter” “Gretech Corp.” “Gretech Corp.” “c:\program files\gretech\gomplayer\gnf.ax” “03/3/2014 1:27 PM” “”
“Gretech OGG Source Filter” “Gretech Source Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\gsfu.ax” “26/12/2013 5:41 AM” “”
“Gretech OGG Source Filter2” “Gretech Source Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\gsfu.ax” “26/12/2013 5:41 AM” “”
“Gretech Source Filter” “Gretech Media Source Filter” “Gretech Corp.” “c:\program files\gretech\gomplayer\mediasource.ax” “22/7/2016 11:20 AM” “”
“Gretech Video Filter” “Gretech Video Filter” “Gretech” “c:\program files\gretech\gomplayer\gvf.ax” “08/8/2016 10:41 AM” “”
“Haali Matroska Muxer” “Haali Media Splitter” “” “c:\program files\k-lite codec pack\filters\haali\splitter.ax” “08/9/2011 6:01 PM” “”
“Haali Media Splitter” “Haali Media Splitter” “” “c:\program files\k-lite codec pack\filters\haali\splitter.ax” “08/9/2011 6:01 PM” “”
“Haali Media Splitter (AR)” “Haali Media Splitter” “” “c:\program files\k-lite codec pack\filters\haali\splitter.ax” “08/9/2011 6:01 PM” “”
“Haali Simple Media Splitter” “Haali Media Splitter” “” “c:\program files\k-lite codec pack\filters\haali\splitter.ax” “08/9/2011 6:01 PM” “”
“Haali Video Renderer” “” “” “c:\program files\k-lite codec pack\filters\haali\dxr.dll” “08/9/2011 6:00 PM” “”
“Haali Video Sink” “Haali Media Splitter” “” “c:\program files\k-lite codec pack\filters\haali\splitter.ax” “08/9/2011 6:01 PM” “”
“LAV Audio Decoder” “LAV Audio Decoder - DirectShow Audio Decoder” “1f0.de - Hendrik Leppkes” “c:\program files\k-lite codec pack\filters\lav\lavaudio.ax” “06/2/2012 10:27 PM” “”
“LAV Splitter” “LAV Splitter - DirectShow Media Splitter” “1f0.de - Hendrik Leppkes” “c:\program files\k-lite codec pack\filters\lav\lavsplitter.ax” “06/2/2012 10:27 PM” “”
“LAV Splitter Source” “LAV Splitter - DirectShow Media Splitter” “1f0.de - Hendrik Leppkes” “c:\program files\k-lite codec pack\filters\lav\lavsplitter.ax” “06/2/2012 10:27 PM” “”
“LAV Video Decoder” “LAV Video Decoder - DirectShow Video Decoder” “1f0.de - Hendrik Leppkes” “c:\program files\k-lite codec pack\filters\lav\lavvideo.ax” “06/2/2012 10:27 PM” “”
“madFlac Decoder” “DirectShow FLAC Decoder” “www.madshi.net” “c:\program files\k-lite codec pack\filters\madflac.ax” “20/6/1992 2:22 AM” “”
“madFlac Source” “DirectShow FLAC Decoder” “www.madshi.net” “c:\program files\k-lite codec pack\filters\madflac.ax” “20/6/1992 2:22 AM” “”
“madVR” “madshi’s D3D9 based video renderer” “madshi.net” “c:\program files\k-lite codec pack\filters\madvr\madvr.ax” “19/12/2011 12:25 AM” “”
“MONOGRAM AMR Decoder” “AMR Filter Pack” “MONOGRAM Multimedia, s.r.o.” “c:\program files\k-lite codec pack\filters\mmamr.ax” “16/3/2008 5:30 PM” “”
“MONOGRAM AMR Encoder” “AMR Filter Pack” “MONOGRAM Multimedia, s.r.o.” “c:\program files\k-lite codec pack\filters\mmamr.ax” “16/3/2008 5:30 PM” “”
“MONOGRAM AMR Mux” “AMR Filter Pack” “MONOGRAM Multimedia, s.r.o.” “c:\program files\k-lite codec pack\filters\mmamr.ax” “16/3/2008 5:30 PM” “”
“MONOGRAM AMR Splitter” “AMR Filter Pack” “MONOGRAM Multimedia, s.r.o.” “c:\program files\k-lite codec pack\filters\mmamr.ax” “16/3/2008 5:30 PM” “”
“MONOGRAM Musepack Decoder” “mmmpcdec” “” “c:\program files\k-lite codec pack\filters\mmmpcdec.ax” “18/1/2009 3:03 PM” “”
“MONOGRAM Musepack Splitter” “mmmpcdmx” “” “c:\program files\k-lite codec pack\filters\mmmpcdmx.ax” “18/1/2009 8:15 PM” “”
“MPC - DTS/AC3/DD+ Source” “DTS/AC3 Source Filter” “MPC-HC Team” “c:\program files\win7codecs\filters\dtsac3source.ax” “09/2/2012 3:55 PM” “”
“MPC Matroska Source” “Matroska Splitter” “MPC-HC Team” “c:\program files\win7codecs\filters\matroskasplitter.ax” “09/2/2012 3:54 PM” “”
“MPC Matroska Splitter” “Matroska Splitter” “MPC-HC Team” “c:\program files\win7codecs\filters\matroskasplitter.ax” “09/2/2012 3:54 PM” “”
“MPC Ogg Source” “Ogg Splitter” “MPC-HC Team” “c:\program files\win7codecs\filters\oggsplitter.ax” “09/2/2012 3:54 PM” “”
“MPC Ogg Splitter” “Ogg Splitter” “MPC-HC Team” “c:\program files\win7codecs\filters\oggsplitter.ax” “09/2/2012 3:54 PM” “”
“MPC RealAudio Decoder” “RealMedia Splitter” “MPC-HC Team” “c:\program files\win7codecs\filters\realmediasplitter.ax” “06/2/2012 1:45 AM” “”
“MPC RealMedia Source” “RealMedia Splitter” “MPC-HC Team” “c:\program files\win7codecs\filters\realmediasplitter.ax” “06/2/2012 1:45 AM” “”
“MPC RealMedia Splitter” “RealMedia Splitter” “MPC-HC Team” “c:\program files\win7codecs\filters\realmediasplitter.ax” “06/2/2012 1:45 AM” “”
“MPC RealVideo Decoder” “RealMedia Splitter” “MPC-HC Team” “c:\program files\win7codecs\filters\realmediasplitter.ax” “06/2/2012 1:45 AM” “”
“MPEG Audio Decoder (MAD)” “Mpeg Audio Decoder for DirectShow, based on libmad” “Gabest” “c:\program files\gretech\gomplayer\codecs\mpadecfilter.ax” “18/5/2004 8:06 AM” “”
“Mpeg2Dec Filter” “MPEG-1/2 Decoder Filter for DirectShow” “Gabest” “c:\program files\gretech\gomplayer\codecs\mpeg2decfilter.ax” “05/6/2004 12:09 PM” “”
“Nero Digital Parser” “NeroDigital / mp4 / avi / mov parser” “Nero AG” “c:\program files\win7codecs\filters\ndparser.ax” “26/1/2006 8:29 PM” “”
“Nero ES Video Reader” “NeroDigital / mp4 / avi / mov parser” “Nero AG” “c:\program files\win7codecs\filters\ndparser.ax” “26/1/2006 8:29 PM” “”
“RadLight OptimFROG DirectShow Filter” “RLOFRDec” “RadLight” “c:\program files\win7codecs\filters\rlofrdec.ax” “27/4/2004 7:03 PM” “”
“Record Queue” “Windows Live Video Acquisition Filters” “Microsoft Corporation” “c:\program files\windows live\photo gallery\wlxvafilt.dll” “10/11/2010 2:21 PM” “”
“Record Queue” “WME Record Queue” “Microsoft Corporation” “c:\program files\windows media components\encoder\wmedque.dll” “12/12/2002 5:34 AM” “”
“T” “VP7 Decompression Filter” “On2.com Inc.” “c:\program files\k-lite codec pack\filters\vp7dec.ax” “25/3/2006 2:09 AM” “”
“Video Source” “Windows Media Preview Object” “Microsoft Corporation” “c:\program files\windows media components\encoder\wmprevu.dll” “12/12/2002 5:34 AM” “”
“WavPack Audio Decoder” “WavPack Audio DirectShow Decoder” “-” “c:\program files\k-lite codec pack\filters\wavpackdsdecoder.ax” “04/3/2007 1:50 PM” “”
“WavPack Audio Splitter” “WavPack Audio DirectShow Splitter” “-” “c:\program files\k-lite codec pack\filters\wavpackdssplitter.ax” “03/10/2007 2:09 AM” “”
“WM VIH2 Fix” “Windows Live Video Acquisition Filters” “Microsoft Corporation” “c:\program files\windows live\photo gallery\wlxvafilt.dll” “10/11/2010 2:21 PM” “”
“WMEnc Screen Capture Filter” “WMESrcWp Module” “Microsoft Corporation” “c:\program files\windows media components\encoder\wmesrcwp.dll” “12/12/2002 5:34 AM” “”
“WMT DV Extract Filter” “Windows Live Video Acquisition Filters” “Microsoft Corporation” “c:\program files\windows live\photo gallery\wlxvafilt.dll” “10/11/2010 2:21 PM” “”
“WMT Sample Info Filter” “Windows Live Video Acquisition Filters” “Microsoft Corporation” “c:\program files\windows live\photo gallery\wlxvafilt.dll” “10/11/2010 2:21 PM” “”
“WMT Switch Filter” “Windows Live Video Acquisition Filters” “Microsoft Corporation” “c:\program files\windows live\photo gallery\wlxvafilt.dll” “10/11/2010 2:21 PM” “”
“WMT Virtual Renderer” “Windows Live Video Acquisition Filters” “Microsoft Corporation” “c:\program files\windows live\photo gallery\wlxvafilt.dll” “10/11/2010 2:21 PM” “”
“WMT Virtual Source” “Windows Live Video Acquisition Filters” “Microsoft Corporation” “c:\program files\windows live\photo gallery\wlxvafilt.dll” “10/11/2010 2:21 PM” “”
“HKLM\SOFTWARE\Classes\Htmlfile\Shell\Open\Command (Default)” “” “” “” “21/5/2013 11:38 PM” “”
“C:\Program Files\Internet Explorer\iexplore.exe” “Internet Explorer” “Microsoft Corporation” “c:\program files\internet explorer\iexplore.exe” “12/11/2016 8:56 PM” “”
“HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Au thentication\Credential Providers” “” “” “” “28/2/2012 12:32 AM” “”
“WLIDCredentialProvider” “Microsoft® Windows Live ID Credential Provider” “Microsoft Corp.” “c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll” “22/9/2010 1:01 AM” “”
“HKLM\System\CurrentControlSet\Services\WinSock2\P arameters\NameSpace_Catalog5\Catalog_Entries” “” “” “” “05/6/2015 6:56 PM” “”
“WindowsLive Local NSP” “Microsoft® Windows Live ID Namespace Provider” “Microsoft Corp.” “c:\program files\common files\microsoft shared\windows live\wlidnsp.dll” “22/9/2010 1:00 AM” “”
“WindowsLive NSP” “Microsoft® Windows Live ID Namespace Provider” “Microsoft Corp.” “c:\program files\common files\microsoft shared\windows live\wlidnsp.dll” “22/9/2010 1:00 AM” “”
“HKLM\SYSTEM\CurrentControlSet\Control\Print\Monit ors” “” “” “” “17/10/2016 6:33 PM” “”
“Canon BJ FAX Language Monitor MX420 series” “Canon Inkjet Fax Driver” “CANON INC.” “c:\windows\system32\cncalam.dll” “21/10/2010 4:22 AM” “”
“Canon BJ Language Monitor MX420 series” “IJ Language Monitor” “CANON INC.” “c:\windows\system32\cnmlmam.dll” “13/3/2012 10:15 AM” “”
“Canon BJNP Port” “Canon IJ Network 32bit comm Module” “CANON INC.” “c:\windows\system32\cnmnppm.dll” “14/6/2012 12:18 PM” “”
“MONVNC” “Port Monitor DLL” “” “c:\windows\system32\vncpm.dll” “24/2/2009 8:26 PM” “”
“PDF Converter Elite 3.0 Monitor” “” “” “File not found: pc3PCR2PortMon.dll” “” “”
“PDFill Writer Monitor” “DDK Local Monitor DLL” “Windows (R) Codename Longhorn DDK provider” “c:\program files\plotsoft\pdfill\pdfwriter\driver\pdfillwrite rmon.dll” “21/6/2008 5:24 PM” “”
“HKLM\SYSTEM\CurrentControlSet\Control\NetworkProv ider\Order” “” “” “” “08/9/2015 1:42 PM” “”
“pfmunc” “Pismo File Mount” “Pismo Technic Inc.” “c:\windows\system32\pfmapi_178.dll” “01/7/2015 1:56 AM” “”
“WMI Database Entries” “” “” “” “” “”
“BVTConsumer” “” “” “File not found: KernCap.vbs” “” “”
“HKLM\Software\Microsoft\Office\Outlook\Addins” “” “” “” “20/10/2015 10:17 PM” “”
X “BCSAddin Connect class” “Microsoft Office 2010 component” “Microsoft Corporation” “c:\program files\microsoft office\office14\addins\bcsaddin.dll” “05/11/2012 7:24 PM” “”
“Connect Class” “Outlook Social Connector 2013” “Microsoft Corporation” “c:\program files\microsoft office\office15\socialconnector.dll” “12/5/2015 7:22 PM” “”
“FormRegionAddin Class” “” “” “c:\program files\microsoft office\office15\addins\umoutlookaddin.dll” “13/10/2015 12:52 PM” “”
“Groove OutlookProxyAddIn” “Microsoft SharePoint Workspace Extensions” “Microsoft Corporation” “c:\program files\microsoft office\office14\grooveex.dll” “19/12/2013 4:37 AM” “”
“LyncAddin Class” “Skype for Business” “Microsoft Corporation” “c:\program files\microsoft office\office15\ucaddin.dll” “13/12/2016 10:32 AM” “”
“Microsoft VBA for Outlook Addin” “Outlook VBA Integration Add-In” “Microsoft Corporation” “c:\program files\microsoft office\office15\addins\outlvba.dll” “13/12/2016 10:41 AM” “”
“OneNote Notes about Outlook Items” “Microsoft OneNote Outlook Add-in” “Microsoft Corporation” “c:\program files\microsoft office\office15\onbttnol.dll” “01/11/2016 11:28 AM” “”
“TeamViewerMeetingAddIn.AddIn” “FileDescription” “CompanyName” “c:\program files\teamviewer\outlook\teamviewermeetingaddinshi m.dll” “11/9/2015 7:34 PM” “”
“HKCU\Software\Microsoft\Office\Outlook\Addins” “” “” “” “18/9/2015 7:02 AM” “”
“Access COM Addin for Outlook” “Access Outlook Data Collection Addin” “Microsoft Corporation” “c:\program files\microsoft office\office14\addins\accolk.dll” “13/10/2015 3:40 PM” “”
“ColleagueImportAddIn Class” “Microsoft Office 2013 component” “Microsoft Corporation” “c:\program files\microsoft office\office15\addins\colleagueimport.dll” “15/8/2013 4:14 AM” “”
“OcForms Class” “Skype for Business” “Microsoft Corporation” “c:\program files\microsoft office\office15\ocoffice.dll” “12/7/2016 5:17 PM” “”
“HKLM\Software\Microsoft\Office\Excel\Addins” “” “” “” “09/9/2015 11:58 AM” “”
“ExcelAddin Class” “PDFillPDFButton Module for Excel” “PlotSoft LLC” “c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_ex cel.dll” “12/9/2010 1:06 AM” “”
“NativeShim.InquireConnector Class” “” “” “c:\program files\microsoft office\office15\dcf\nativeshim.dll” “07/11/2012 2:39 PM” “”
“HKCU\Software\Microsoft\Office\Excel\Addins” “” “” “” “09/9/2015 12:46 PM” “”
“Ad Hoc Reporting Excel Client Add-In” “Power View for Excel module” “Microsoft Corporation” “c:\program files\microsoft office\office15\addins\power view excel add-in\adhocreportingexcelclient.dll” “26/3/2015 3:55 AM” “”
“ExcelAddin Class” “PDFillPDFButton Module for Excel” “PlotSoft LLC” “c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_ex cel.dll” “12/9/2010 1:06 AM” “”
“NativeEntry Class” “Power Pivot for Excel” “Microsoft Corporation” “c:\program files\microsoft office\office15\addins\powerpivot excel add-in\powerpivotexcelclientaddin.dll” “16/10/2014 4:12 AM” “”
“HKLM\Software\Microsoft\Office\PowerPoint\Addins” “” “” “” “14/11/2014 6:19 PM” “”
“PowerpointAddin Class” “PDFillPDFButton Module for PowerPoint” “PlotSoft LLC” “c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_po werpoint.dll” “12/9/2010 1:03 AM” “”
“HKCU\Software\Microsoft\Office\PowerPoint\Addins” “” “” “” “14/11/2014 6:19 PM” “”
X “OneNote PowerPoint Add-In Take Notes Content Service Class” “Microsoft OneNote PowerPoint Add-in” “Microsoft Corporation” “c:\program files\microsoft office\office15\onpptaddin.dll” “01/11/2016 11:07 AM” “”
“PowerpointAddin Class” “PDFillPDFButton Module for PowerPoint” “PlotSoft LLC” “c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_po werpoint.dll” “12/9/2010 1:03 AM” “”
“HKLM\Software\Microsoft\Office\Word\Addins” “” “” “” “14/11/2014 6:19 PM” “”
“WordAddin Class” “PDFillPDFButton Module for Word” “PlotSoft LLC” “c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_wo rd.dll” “12/9/2010 12:56 AM” “”
“HKCU\Software\Microsoft\Office\Word\Addins” “” “” “” “14/11/2014 6:19 PM” “”
X “OneNote Word Add-In Take Notes Content Service Class” “Microsoft OneNote Word Add-in” “Microsoft Corporation” “c:\program files\microsoft office\office15\onwordaddin.dll” “01/11/2016 11:24 AM” “”
“WordAddin Class” “PDFillPDFButton Module for Word” “PlotSoft LLC” “c:\program files\plotsoft\pdfill\pdfwriter\pdfillpdfbutton_wo rd.dll” “12/9/2010 12:56 AM” “”

**Malnutrition** · 03-12-2017, 01:46 AM

Right Click on the FRST program that you have on your desktop.
Type rundll32.exe into the search field.
[ATTACH]1826[/ATTACH]
Click on search files.
A report will appear on your desktop.
Copy and paste that in your next reply.

**toreee** · 03-12-2017, 04:00 AM

I’m still running the repairs in safe mode..will run the frst once finished

**toreee** · 03-12-2017, 06:41 AM

Its already took 5 hours to repair but still did not complete..should i continue

**toreee** · 03-12-2017, 07:56 AM

Farbar Recovery Scan Tool (x86) Version: 29-01-2017
Ran by MSI CR-460 (12-03-2017 10:45:44)
Running from C:\Users\MSI CR-460\Desktop
Boot Mode: Normal

================== Search Files: “rundll32.exe” =============

C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\rundll32.exe
[2016-10-30 04:23][2016-03-10 14:07] 0960480 ____A (MalwareBytes) F86A4139730504047F52CCFB8C47E9F5 [File is digitally signed]

====== End of Search ======

**Malnutrition** · 03-14-2017, 04:07 AM

Download the rundll32.zip attached to this post.
Unzip it to your desktop. /SIZE](‘http://www.7-zip.org/’)
Open the C:\Windows\System32 folder.
You can do this by pressing the windows key and r at the same time.
Then copy C:\Windows\System32 paste it into the Run box hit OK.
Drag and Drop the rundll32.exe file into C:\Windows\System32 folder.
Make sure and not drop it into a folder within the folder.
Now reboot your machine and tell me if the issue occurs again.
If it does, then rerun FRST with the file search as you did last, so I can verify it is in the correct spot.

**toreee** · 03-16-2017, 01:33 PM

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-03-2017
Ran by MSI CR-460 (16-03-2017 21:30:39)
Running from C:\Users\MSI CR-460\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) (2012-04-12 20:06:10)
Boot Mode: Normal
================================================== ========

==================== Accounts: =============================

Administrator (S-1-5-21-590680974-46065942-2644484873-500 - Administrator - Disabled)
Guest (S-1-5-21-590680974-46065942-2644484873-501 - Limited - Disabled)
MSI CR-460 (S-1-5-21-590680974-46065942-2644484873-1000 - Administrator - Enabled) => C:\Users\MSI CR-460

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 22 NPAPI (HKLM...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM...{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (Version: 1.2.42.68439 - Alcor Micro Corp.) Hidden
Atheros Client Installation Program (HKLM...{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Client Installation Program (HKLM...{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM...{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
AVG PC TuneUp 2015 (en-US) (Version: 15.0.1001.604 - AVG Technologies) Hidden
Broadcom 802.11 Network Adapter (HKLM...\Broadcom 802.11 Network Adapter) (Version: 5.100.82.63 - Broadcom Corporation)
Canon IJ Network Scanner Selector EX (HKLM...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MX420 series MP Drivers (HKLM...{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}Canon_MX420_series) (Version: - Canon Inc.)
CCleaner (HKLM...\CCleaner) (Version: 5.27 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04066 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04066 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CyberLink YouCam (HKLM...\InstallShield{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.0820 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Family Tree Maker 2012 (HKLM...\Family Tree Maker 2012) (Version: 21.0.388 - Ancestry.com, Inc.)
Family Tree Maker 2012 (Version: 21.0.388 - Ancestry.com, Inc.) Hidden
FileHippo App Manager (HKLM...\FileHippo.com) (Version: - FileHippo.com)
FlashGet3.7 (HKLM...\FlashGet3.7) (Version: 3.7.0.1195 - hxxp://www.FlashGet.com)
FormatFactory 2.20 (HKLM...\FormatFactory) (Version: 2.20 - Free Time)
GOM Player (HKLM...\GOM Player) (Version: 2.3.6.5260 - Gretech Corporation)
Google Chrome (HKLM...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-590680974-46065942-2644484873-1000...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM...{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
HTC Driver Installer (HKLM...{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM...{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.46.0 - HTC)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM...{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM...{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
IPTInstaller (HKLM...{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 121 (HKLM...{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.3.2 (Full) (HKLM...\KLiteCodecPack_is1) (Version: 8.3.2 - )
Lenovo_Wireless_Driver (HKLM...{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 3.1.14.0 - Lenovo)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Master PDF Editor 2.1.65 (HKLM...\Master PDF Editor 2.1.65_is1) (Version: - Code Industry Ltd.)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM...{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM...{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM...{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM...{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM...{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Photo Creations (Photobookmart Edition) (HKLM...{111FC0F4-F93D-4FB1-A91D-B0258A8A1BA5}) (Version: 8.7.8288 - Digilabs)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Password Remover (HKLM...\PDF Password Remover) (Version: - Tenorshare, Inc.)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM...{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 11.0 - PlotSoft LLC)
Photobook Designer (HKU\S-1-5-21-590680974-46065942-2644484873-1000...\Photobook Designer) (Version: Photobook Designer 4.1.0 - Photobook Malaysia)
Pismo File Mount Audit Package (HKLM...\PismoFileMountAuditPackage) (Version: - )
PIXAJOY Editor (HKU\S-1-5-21-590680974-46065942-2644484873-1000...\PIXAJOY Editor) (Version: PIXAJOY Editor 3.5.0 - Pixajoy )
Realtek Ethernet Controller Driver (HKLM...{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek USB 2.0 Reader Driver (HKLM...{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM...{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0178 - REALTEK Semiconductor Corp.)
Riverbed Steelhead Mobile (HKLM...{09D86FD5-EA7E-4072-997F-4E88AE25ACA2}) (Version: 49.10.4101.10 - Riverbed Technology, Inc.)
RogueKiller version 12.9.8.0 (HKLM...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.8.0 - Adlice Software)
S-Bar (HKLM...{4E18A842-A084-46E0-81BA-31C7EB96B26C}) (Version: 21.011.10272 - MSI)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM...{90150000-0011-0000-0000-0000000FF1CE}Office15.PROPLUS{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM...{90150000-0051-0000-0000-0000000FF1CE}Office15.VISPRO{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM...{91140000-0011-0000-0000-0000000FF1CE}Office14.PROPLUSR{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
TeamViewer 10 (HKLM...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Telegram Desktop version 0.10.19 (HKU\S-1-5-21-590680974-46065942-2644484873-1000...{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.10.19 - Telegram Messenger LLP)
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.340 - TuneUp Software) Hidden
Tweaking.com - Windows Repair (HKLM...\Tweaking.com - Windows Repair) (Version: 3.9.26 - Tweaking.com)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM...{90150000-012B-0409-0000-0000000FF1CE}Office15.PROPLUS{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3161988) 32-Bit Edition (HKLM...{90150000-0011-0000-0000-0000000FF1CE}Office15.PROPLUS{245EB15F-A90C-422B-9D3F-3AEEDF028CCC}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3161988) 32-Bit Edition (HKLM...{90150000-012B-0409-0000-0000000FF1CE}Office15.PROPLUS{245EB15F-A90C-422B-9D3F-3AEEDF028CCC}) (Version: - Microsoft)
Uplayer (HKLM...{246F5A8A-ADB1-4ED9-BE01-C4118E7DB3A5}) (Version: 1.0.0.33 - D-LINK CORPORATION)
Visual Studio 2012 x86 Redistributables (HKLM...{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VNC Enterprise Edition E4.5.1 (HKLM...\RealVNC_is1) (Version: E4.5.1 - RealVNC Ltd.)
VNC Mirror Driver 1.8.0 (HKLM...\VNCMirror_is1) (Version: 1.8.0 - RealVNC Ltd.)
VNC Printer Driver 1.6.0 (HKLM...\VNCPrinter_is1) (Version: 1.6.0 - RealVNC Ltd.)
WD Drive Utilities (HKLM...{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Security (HKLM...{429a42d7-4c55-44d4-b38a-5872a0d70495}) (Version: 1.3.0.18 - Western Digital Technologies, Inc.)
WD Security (Version: 1.3.0.18 - Western Digital Technologies, Inc.) Hidden
WD SES Driver Setup (Version: 1.1.0.51 - Western Digital) Hidden
WD SmartWare (HKLM...{6EE644CD-FC7F-424C-83EA-9C0285C4FB7F}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
Win7codecs (HKLM...{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.4.7 - Shark007)
Windows 7 USB/DVD Download Tool (HKLM...{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - ENE (EUCR) USB (12/04/2009 5.89.0.64) (HKLM...\7F523D4F8E191139525DC0260B06BF68E4E581EE) (Version: 12/04/2009 5.89.0.64 - ENE)
Windows Driver Package - Intel (NETw5s32) net (03/18/2010 13.2.0.30) (HKLM...\5B1D8E9CE6F89F5466353F3E5A7084A126505FEA) (Version: 03/18/2010 13.2.0.30 - Intel)
Windows Driver Package - Intel (NETw5s32) net (09/15/2009 13.0.0.107) (HKLM...\261F972493946CC8B32688E5247ADD2EE612DEB9) (Version: 09/15/2009 13.0.0.107 - Intel)
Windows Driver Package - Intel (NETw5v32) net (03/18/2010 13.2.0.30) (HKLM...\DA556C9045FE4065F487AF1C9B3992A6AD4C8A66) (Version: 03/18/2010 13.2.0.30 - Intel)
Windows Driver Package - Intel (NETw5v32) net (09/15/2009 13.0.0.107) (HKLM...\FB8C5A1BB9B0EB1DBE21E5BBBF6942439C4FB2F9) (Version: 09/15/2009 13.0.0.107 - Intel)
Windows Driver Package - Ralink (netr28u) Net (11/13/2009 3.00.09.0000) (HKLM...\AB8CA567F16EA6E1DF917E5D13C2A15AD9BB4B14) (Version: 11/13/2009 3.00.09.0000 - Ralink)
Windows Driver Package - Ralink Technology, Corp. (netr28) Net (02/09/2010 3.00.17.0000) (HKLM...\DA9E83E3434B0A377F6C3573D30A3E6E692E31F2) (Version: 02/09/2010 3.00.17.0000 - Ralink Technology, Corp.)
Windows Live Essentials (HKLM...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM...{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM...\Windows Media Encoder 9) (Version: - )
WinRAR archiver (HKLM...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WinZip 15.0 (HKLM...{CD95F661-A5C4-44F5-A6AA-ECDD91C240BE}) (Version: 15.0.9302 - WinZip Computing, S.L. )
ZHPFix 2015 (HKLM...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 → C:\Users\MSI CR-460\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID{202B524F-841E-5A9D-8D3F-1010FA1A469E}\InprocServer32 → C:\Users\MSI CR-460\AppData\Roaming\dlink\Uplayer\1.0.0.33\npUplay er.dll (D-LINK CORPORATION)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 → C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\GoogleUpd ateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 → C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\GoogleUpd ateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 → C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\GoogleUpd ateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 → C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\psuser.dl l (Google Inc.)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 → C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\npGoogleU pdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 → C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\npGoogleU pdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 → C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\GoogleUpd ateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-590680974-46065942-2644484873-1000_Classes\CLSID{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 → C:\Users\MSI CR-460\AppData\Local\Google\Update\1.3.22.3\psuser.dl l (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {263B3821-B41B-463B-9133-B29AB4A227DC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {50FE601E-95B7-48F4-B38A-7CF148B16D0A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2016-11-15] (Microsoft Corporation)
Task: {5BB67B3B-E846-4BBB-9DCD-56EB60ECCEB9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {D17E1CAE-E13D-4BF7-894B-7D1A5A1D4F90} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {F7FAC57A-51A1-4FB7-BF19-D51B743EF666} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Tweaking.com - Windows Repair Tray Icon.job => C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe C:\Program Files\Tweaking.com\Windows Repair (All in One) Tweaking.com - Windows Repair )Created By Tweaking.com

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-06-14 17:38 - 2016-06-14 17:38 - 08909504 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-06-22 19:04 - 2009-07-25 00:21 - 00026624 _____ () C:\windows\System32\VNCpm.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\AppXSvc => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\BFE => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\BITS => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\ClipSvc => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MpsSvc => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\msiserver => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\SharedAccess => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\TweakingRemoveSafeBoot => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\vss => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\WSService => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\AppXSvc => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\BITS => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\ClipSvc => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\msiserver => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\SamSs => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\srv => “”=“Driver”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\srv2 => “”=“Driver”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\srvnet => “”=“Driver”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\TweakingRemoveSafeBoot => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\vss => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\WSService => “”=“Service”

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\petronas.com.my → hxxps://eva.petronas.com.my
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\008i.com → 008i.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\008k.com → 008k.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\00hq.com → 00hq.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\0190-dialers.com → 0190-dialers.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\01i.info → 01i.info
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\02pmnzy5eo29bfk4.com → 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\05p.com → 05p.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\07ic5do2myz3vzpk.com → 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\08nigbmwk43i01y6.com → 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\093qpeuqpmz6ebfa.com → 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\0calories.net → 0calories.net
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\0cj.net → 0cj.net
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\0scan.com → 0scan.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\1-britney-spears-nude.com → 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\1-domains-registrations.com → 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\1-se.com → 1-se.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\1001movie.com → 1001movie.com
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\1001night.biz → 1001night.biz
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\100gal.net → 100gal.net
IE restricted site: HKU\S-1-5-21-590680974-46065942-2644484873-1000...\100sexlinks.com → 100sexlinks.com

There are 4608 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:04 - 2017-02-05 16:41 - 00000035 ____A C:\windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-590680974-46065942-2644484873-1000\Control Panel\Desktop\Wallpaper →
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: MSC => “c:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1872A0EA-7570-4967-8363-13C0C6D39C55}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{AB8F892C-D59A-4BE3-B13F-DF4B352A6FF2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{529DF42A-CC4A-4747-96E2-FB4943BD714D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{707948CC-2B0C-440F-B7DC-4FBB9C131367}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3

==================== Restore Points =========================

05-02-2017 16:02:37 Windows Update
05-02-2017 16:40:42 Restore Point Created by FRST
25-02-2017 15:43:33 Windows Update
26-02-2017 14:31:33 Windows Update
26-02-2017 21:38:05 Windows Update
02-03-2017 10:15:18 Windows Update
11-03-2017 09:43:33 Windows Update
11-03-2017 14:28:35 ZHPFix Restore System Point
16-03-2017 11:40:35 Windows Update

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (03/16/2017 09:30:32 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhost (1644) An attempt to open the file “C:\Users\MSI CR-460\AppData\Local\Microsoft\Windows\WebCache\WebCa cheV01.dat” for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (03/16/2017 09:26:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query “SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99” could not be reactivated in namespace “//./root/CIMV2” because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/16/2017 11:34:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query “SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99” could not be reactivated in namespace “//./root/CIMV2” because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/16/2017 11:32:46 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1652) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\MSI CR-460\AppData\Local\Microsoft\Windows\WebCache\V0100 014.log.

Error: (03/12/2017 03:55:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (3172) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\MSI CR-460\AppData\Local\Microsoft\Windows\WebCache\V01.l og.

Error: (03/12/2017 03:55:12 PM) (Source: ESENT) (EventID: 489) (User: )
Description: DllHost (3172) WebCacheLocal: An attempt to open the file “C:\Users\MSI CR-460\AppData\Local\Microsoft\Windows\WebCache\V01.l og” for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (03/12/2017 03:55:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query “SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99” could not be reactivated in namespace “//./root/CIMV2” because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/12/2017 03:55:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (3172) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\MSI CR-460\AppData\Local\Microsoft\Windows\WebCache\V01.l og.

Error: (03/12/2017 03:55:02 PM) (Source: ESENT) (EventID: 489) (User: )
Description: DllHost (3172) WebCacheLocal: An attempt to open the file “C:\Users\MSI CR-460\AppData\Local\Microsoft\Windows\WebCache\V01.l og” for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (03/12/2017 02:55:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query “SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99” could not be reactivated in namespace “//./root/CIMV2” because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
[HEADING=1]System errors:[/HEADING]
Error: (03/16/2017 09:28:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/16/2017 09:25:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/16/2017 12:25:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.237.1302.0).

Error: (03/16/2017 12:17:48 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.237.1302.0

Update Source: Microsoft Update Server

Update Stage: Install

Source Path: http://www.microsoft.com

Signature Type: AntiVirus

Update Type: Full

User: NT AUTHORITY\SYSTEM

Current Engine Version:

Previous Engine Version: 1.1.13504.0

Error code: 0x80070643

Error description: Fatal error during installation.

Error: (03/16/2017 11:35:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/16/2017 11:32:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/12/2017 03:56:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/12/2017 03:53:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (03/12/2017 03:06:26 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.237.1006.0

Update Source: Microsoft Update Server

Update Stage: Search

Source Path: http://www.microsoft.com

Signature Type: AntiVirus

Update Type: Full

User: NT AUTHORITY\SYSTEM

Current Engine Version:

Previous Engine Version: 1.1.13504.0

Error code: 0x8024402c

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Error: (03/12/2017 02:56:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2015-10-22 02:16:57.424
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-15 20:21:07.044
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-15 20:21:07.014
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-15 20:21:06.994
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-14 23:24:58.626
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-14 23:24:58.606
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-14 23:24:58.596
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-08 02:19:00.786
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-08 02:19:00.746
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-09-12 14:16:29.553
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B940 @ 2.00GHz
Percentage of memory in use: 35%
Total physical RAM: 2048 MB
Available physical RAM: 1311.4 MB
Total Virtual: 4096 MB
Available Virtual: 3356 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:298.09 GB) (Free:47.07 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D21CB07A)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

**toreee** · 03-16-2017, 01:35 PM

yes..i can change the setting now. so what is actually the issue is and what antivirus need to be installed in my pc. what should I do with all application that I have install and uninstall

**Malnutrition** · 03-16-2017, 02:20 PM

Glad to have helped!! Please tell a friend … or two about us. https://forum.windowsinstructed.com/...cons/smile.png

Optimize your internet connection.

Click here for instructions.

suggest the following in place of adblock.
Alternate DNS Server. Ad Blocking DNS.
Ublock Origin.
Anti Ad Block Killer.

Also, keep your browsing private with these tools:

Self Destructing Cookies.
Self Destructing Cookies Chrome.

Some items to keep you safe on the internet.

VooDoo Shield. control of what is running on your machine
Qualys BrowserCheck To update plugins.
Web Of Trust To Avoid Shady Websites.
Unchecky To Avoid Bundled Software.
Privazer To Clean up your mahcine.

Now Lets Clean up the tools we used and remove old restore points.

Downloads - DelFix - Download Now - ToolsLib’]

Download DelFix by “Xplode” to your Desktop.[/URL]
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:

Remove disinfection tools
Create registry backup
Purge System Restore

Now click on “Run” button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt

**Malnutrition** · 03-16-2017, 02:21 PM

As far as antivirus…

Here are couple of free antivirus that are really good. In order of my personal preference…

SecureAplus – Free for a year.
Panda Cloud Free.
Sophos Home – Good but a little heavy on resources.
360 Total Security

**Malnutrition** · 03-16-2017, 03:09 PM

Originally posted by toreee

so what is actually the issue

AVG PC TuneUp

How to remove rundll32.exe virus.

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment