Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log: Please help Diagnose


  • This topic is locked This topic is locked
10 replies to this topic

#1 audstune

audstune

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 27 July 2013 - 08:04 AM

Hi,
 
Suddenly, I'm getting ads all over my browsers :( ...did a scan for malware/spyware but the scan showed nothing. I downloaded HijackThis and did a scan. Below is the log results, but I don't know what it means. Can someone help with this problem? Thanks!! :)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:23:08 PM, on 7/26/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Users\HPENVY-DV7-7243\AppData\Local\Akamai\netsession_win.exe
C:\Users\HPENVY-DV7-7243\AppData\Local\Akamai\netsession_win.exe
D:\Program\Rainlendar2\Rainlendar2.exe
D:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
C:\Users\HPENVY-DV7-7243\AppData\Roaming\WebCake\WebCakeDesktop.exe
C:\Users\HPENVY-DV7-7243\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\WhiteCanyon\MySecurityVault\MySecurityVault_TrayIcon.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\JGsoft\EditPadLite\EditPadLite7.exe
C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
C:\Program Files (x86)\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
D:\My Downloads\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ediblog.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=fbpage&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - (no file)
O2 - BHO: InfoAtoms - {103089DA-0F31-4A8B-843F-7D24A7FE8345} - C:\Program Files (x86)\InfoAtoms\IE32\InfoAtomsClientIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebCake Layers - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: FCTBPos00Pos - {9EBF8AAF-0A31-4786-909A-97A0EF101743} - C:\Program Files (x86)\AddThis Toolbar\Toolbar.dll
O2 - BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files (x86)\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll
O2 - BHO: Updater By SweetPacks Helper - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll
O2 - BHO: You Lyrics - {C8946697-7275-4E53-B85A-3BB9D4C30FE4} - C:\Program Files (x86)\uLyrics\125.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coIEPlg.dll
O3 - Toolbar: AddThis Toolbar - {B43176CC-4D9E-493B-A636-D9CBFE39C6DA} - C:\Program Files (x86)\AddThis Toolbar\Toolbar.dll
O3 - Toolbar: MySecurityVault Toolbar - {D3117279-E115-4C9B-A8FE-D2983653EC51} - C:\Program Files (x86)\WhiteCanyon\MySecurityVault\WCVaultToolbar.dll
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [CorelCreatorClient] C:\Program Files (x86)\Corel\Corel PDF Fusion\CorelCreatorClient.exe
O4 - HKLM\..\Run: [MySecurityVault Tray] C:\Program Files (x86)\WhiteCanyon\MySecurityVault\MySecurityVault_TrayIcon.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MOD] C:\Program Files (x86)\Microangelo\muamgr.exe
O4 - HKLM\..\Run: [Fitbit Connect] "D:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\HPENVY-DV7-7243\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Rainlendar2] D:\Program\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Fitbit Connect] "D:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
O4 - HKCU\..\Run: [replay_telecorder_skype] D:\Program Files (x86)\Replay Telecorder for Skype\replay_telecorder_skype.exe /start_context sys_auto
O4 - HKCU\..\Run: [WebCake Desktop] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\WebCake\WebCakeDesktop.exe"
O4 - HKCU\..\Run: [Amazon Cloud Player] C:\Users\HPENVY-DV7-7243\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll ,C:\PROGRA~2\COMMON~1\JAKSTA~1\AUDIOC~1\jaudcap.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\explorerframe.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BlackBerry Device Manager (Blackberry Device Manager) - Research In Motion Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Product - 2013/03/15 12:12:30 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: CorelCreatorMessages - Global Graphics Software Ltd - C:\Windows\SysWOW64\CorelCreatorMessages.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Eyeline Video System (EyelineService) - Unknown owner - C:\Program Files (x86)\NCH Software\Eyeline\eyeline.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Fitbit Connect Service (Fitbit Connect) - Fitbit, Inc. - D:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem4.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: McAfee Online Backup Service (MOBK755backup) - McAfee, Inc. - C:\Program Files (x86)\McAfee Online Backup\MOBK755backup.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Unknown owner - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TrueAPI Service component (TrueService) - AuthenTec, Inc. - C:\Program Files\Common Files\AuthenTec\TrueService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Updater By SweetPacks - Unknown owner - C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WebCake Desktop Updater - WebCake LLC - C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - D:\Program Files\Xobni\XobniService.exe
 
--
End of file - 22054 bytes
 
 

 



BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,458 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:05:03 AM

Posted 27 July 2013 - 06:51 PM

Hello,

Please run the following:

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif
Microsoft MVP - 2010, 2011, 2012, 2013

#3 audstune

audstune
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 28 July 2013 - 04:28 PM

I'm sorry, where is it attached? Don't see it? Thx :)


Edited by audstune, 28 July 2013 - 04:29 PM.


#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,458 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:05:03 AM

Posted 28 July 2013 - 06:31 PM

Hello,

my apologies, please disregard my previous post(had two tabs open)

we need the scan first

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif
Microsoft MVP - 2010, 2011, 2012, 2013

#5 audstune

audstune
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 28 July 2013 - 06:51 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-07-2013
Ran by HPENVY-DV7-7243 (administrator) on 28-07-2013 19:45:43
Running from D:\My Downloads
Windows 8 Pro with Media Center (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(NCH Software) C:\Program Files (x86)\NCH Software\Eyeline\eyeline.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Fitbit, Inc.) D:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\SysWOW64\PSIService.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
() C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
() C:\Windows\system32\valWBFPolicyService.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(WebCake LLC) C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
(Xobni Corporation) D:\Program Files\Xobni\XobniService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Akamai Technologies, Inc.) C:\Users\HPENVY-DV7-7243\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\HPENVY-DV7-7243\AppData\Local\Akamai\netsession_win.exe
() D:\Program\Rainlendar2\Rainlendar2.exe
(Fitbit, Inc.) D:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(WebCake LLC) C:\Users\HPENVY-DV7-7243\AppData\Roaming\WebCake\WebCakeDesktop.exe
() C:\Users\HPENVY-DV7-7243\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(WhiteCanyon, Inc.) C:\Program Files (x86)\WhiteCanyon\MySecurityVault\MySecurityVault_TrayIcon.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBK755backup.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBK755backup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Just Great Software) C:\Program Files (x86)\JGsoft\EditPadLite\EditPadLite7.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
(Jaksta Technologies Pty Ltd) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jrmcp.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
(Crawler.com) C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe
(PCRx.com, LLC) C:\Program Files (x86)\24x7Help\App24x7Svc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Innovative Apps) C:\program files (x86)\solid savings\solid savings-bg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe [51712 2012-07-25] (Microsoft Corporation)
HKCU\...\Run: [AdobeBridge] -  [x]
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\HPENVY-DV7-7243\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Rainlendar2] - D:\Program\Rainlendar2\Rainlendar2.exe [2598496 2013-03-10] ()
HKCU\...\Run: [Fitbit Connect] - D:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)
HKCU\...\Run: [replay_telecorder_skype] - D:\Program Files (x86)\Replay Telecorder for Skype\replay_telecorder_skype.exe [2087936 2013-03-27] (Applian Technologies Inc.)
HKCU\...\Run: [WebCake Desktop] - C:\Users\HPENVY-DV7-7243\AppData\Roaming\WebCake\WebCakeDesktop.exe [47896 2013-05-31] (WebCake LLC)
HKCU\...\Run: [Amazon Cloud Player] - C:\Users\HPENVY-DV7-7243\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3108864 2013-06-21] ()
MountPoints2: {20d41069-8d97-11e2-be6c-84a6c8ec6d81} - "H:\vs_ultimate.exe" 
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-28] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [38984 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840768 2013-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-09-18] (cyberlink)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-03-23] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Corel File Shell Monitor] - C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16200 2007-10-30] ()
HKLM-x32\...\Run: [CorelCreatorClient] - C:\Program Files (x86)\Corel\Corel PDF Fusion\CorelCreatorClient.exe [667648 2011-08-24] (Global Graphics Software Ltd.)
HKLM-x32\...\Run: [MySecurityVault Tray] - C:\Program Files (x86)\WhiteCanyon\MySecurityVault\MySecurityVault_TrayIcon.exe [1447632 2009-02-18] (WhiteCanyon, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [MOD] - C:\Program Files (x86)\Microangelo\muamgr.exe [73728 2003-06-02] ()
HKLM-x32\...\Run: [Fitbit Connect] - D:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [PCFixSpeed] - C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe [373336 2013-04-22] (Crawler.com)
HKLM-x32\...\Run: [24x7HELP] - C:\Program Files (x86)\24x7Help\App24x7Help.exe [1774160 2013-04-22] (Crawler, LLC)
AppInit_DLLs: C:\PROGRA~1\COMMON~1\JAKSTA~1\AUDIOC~1\JAUDCA~1.DLL [295712 2013-07-08] (Jaksta Technologies Pty Ltd)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll ,C:\PROGRA~2\COMMON~1\JAKSTA~1\AUDIOC~1\jaudcap.dll [295712 2013-07-08] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ediblog.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=119556&tt=190313_wo1&babsrc=HP_ss&mntrId=008584A6C8EC6D7E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={A37C4A65-9BC3-11E2-BE78-84A6C8EC6D81}
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&barid={A37C4A65-9BC3-11E2-BE78-84A6C8EC6D81}
SearchScopes: HKLM-x32 - {2CAF5A27-2539-4D9A-BB65-E52A7B8E5E0C} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvnb
SearchScopes: HKLM-x32 - {DA4E5C8E-548F-47C1-9862-C912C3089FF4} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - DefaultScope {E1D21B74-F9EE-4163-8B23-73C2C03377DC} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {E1D21B74-F9EE-4163-8B23-73C2C03377DC} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Updater By SweetPacks - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension64.dll ()
BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll (Simple Adblock)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} -  No File
BHO-x32: InfoAtoms - {103089DA-0F31-4A8B-843F-7D24A7FE8345} - C:\Program Files (x86)\InfoAtoms\IE32\InfoAtomsClientIE.dll (InfoAtoms Inc.)
BHO-x32: Solid Savings - {11111111-1111-1111-1111-110211621178} - C:\Program Files (x86)\Solid Savings\Solid Savings-bho.dll (Innovative Apps)
BHO-x32: WebCake - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll (WebCake LLC)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: AddThis Toolbar BHO - {9EBF8AAF-0A31-4786-909A-97A0EF101743} - C:\Program Files (x86)\AddThis Toolbar\Toolbar.dll ()
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files (x86)\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll (RapidSolution Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
BHO-x32: Updater By SweetPacks - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
BHO-x32: You Lyrics - {C8946697-7275-4E53-B85A-3BB9D4C30FE4} - C:\Program Files (x86)\uLyrics\125.dll (nanDi Software)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - AddThis Toolbar - {B43176CC-4D9E-493B-A636-D9CBFE39C6DA} - C:\Program Files (x86)\AddThis Toolbar\Toolbar.dll ()
Toolbar: HKLM-x32 - MySecurityVault Toolbar - {D3117279-E115-4C9B-A8FE-D2983653EC51} - C:\Program Files (x86)\WhiteCanyon\MySecurityVault\WCVaultToolbar.dll ()
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: ipp - No CLSID Value - 
Handler: msdaipp - No CLSID Value - 
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: ipp - No CLSID Value - 
Handler-x32: msdaipp - No CLSID Value - 
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Hosts: 127.0.0.1 lm.licenses.adobe.com
 
FireFox:
========
FF ProfilePath: C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default
FF user.js: detected! => C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\user.js
FF NewTab: hxxp://start.sweetpacks.com/?src=97&barid={A37C4A65-9BC3-11E2-BE78-84A6C8EC6D81}&crg=3.5000006.10042
FF SelectedSearchEngine: Delta Search
FF Homepage: hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={A37C4A65-9BC3-11E2-BE78-84A6C8EC6D81}
FF Keyword.URL: hxxp://start.sweetpacks.com/?src=2&st=12&barid={A37C4A65-9BC3-11E2-BE78-84A6C8EC6D81}&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer - C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @mywebsearch.com/Plugin - C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll No File
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - C:\Program Files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=16.0.1.18 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - C:\Program Files (x86)\real\realplayer\Netscape6\nprjplug.dll No File
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - C:\Program Files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.1.18 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @Sibelius.com/Scorch Plugin - C:\Program Files (x86)\Musicnotes\npsibelius.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @viewpoint.com/VMP - C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll No File
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF SearchPlugin: C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
FF Extension: You Lyrics - C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\Extensions\116
FF Extension: No Name - C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\Extensions\[email protected]b8838882.com
FF Extension: Delta Toolbar - C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\Extensions\[email protected]
FF Extension: WebCake - C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\Extensions\[email protected]
FF Extension: No Name - C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
FF Extension: Facemoods - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
FF Extension: InfoAtoms - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] C:\Program Files\Updater By SweetPacks\Firefox
FF Extension: Updater By SweetPacks - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] C:\Program Files\Updater By SweetPacks\Firefox
FF Extension: Updater By SweetPacks - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{DAC3F861-B30D-40dd-9166-F4E75327FAC7}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] C:\Program Files (x86)\RapidSolution\Tunebite\plugins\GeckoBased\[email protected]\
FF Extension: Tunebite Firefox Surf and Catch Plugin - C:\Program Files (x86)\RapidSolution\Tunebite\plugins\GeckoBased\[email protected]\
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
FF Extension: InfoAtoms - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] C:\Program Files\Updater By SweetPacks\Firefox
FF Extension: Updater By SweetPacks - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] C:\Program Files\Updater By SweetPacks\Firefox
FF Extension: Updater By SweetPacks - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [[email protected]] C:\Program Files (x86)\uLyrics\125.xpi
FF Extension: No Name - C:\Program Files (x86)\uLyrics\125.xpi
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF Extension: No Name - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
 
Chrome: 
=======
CHR HomePage: hxxp://www.ediblog.com/
CHR RestoreOnStartup: "hxxp://www.ediblog.com/"
CHR DefaultSuggestURL: (Dogpile) -       "suggest_url": "",
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\google\chrome\application\22.0.1229.95\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\HPENVY-DV7-7243\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Simple Pass) - C:\Users\HPENVY-DV7-7243\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaaieiajnhcnimjgfmjpccjmmfkploci\6.0.100_0\npgcwloplugin.dll (HP)
CHR Plugin: (Simple Pass) - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Extension: (VLC for YouTube™) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablmclcliiiegfmpbkfhnhipoejclmel\1.1_0
CHR Extension: (Phota.me Image and Screenshot Uploader) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajklemmjnghlmnampceoohoepdlkpemo\1.1_0
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.4.4_0
CHR Extension: (You Lyrics) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkjllalecbfjgljbohjbjbcnimkeehdd\1.125_0
CHR Extension: (YouTube) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.2_0
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde\3.0.0_0
CHR Extension: (Solid Savings) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cijeeimilokkhlfjombmalgpabbonmah\1.23.15_0
CHR Extension: (Google Search) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Updater By SweetPacks) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.609_0
CHR Extension: (XV — XML Viewer) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeocglpgjdpaefaedpblffpeebgmgddk\1.0.13_0
CHR Extension: (SiteAdvisor) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0
CHR Extension: (WebCake) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0
CHR Extension: (AdBlock) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.3_1
CHR Extension: (InfoAtoms) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk\1.5.0.0_0
CHR Extension: (Feedly - Your News, RSS, Google Reader) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\16.0.544_0
CHR Extension: (Share through AddThis) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipddggflcfmojcegmgdcolgoheelefp\1.0.1_0
CHR Extension: (Simple Highlighter) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljnlfolmbmibdjaikiaepgepgnldclj\2.1.7.2_0
CHR Extension: (Dictionary Instant) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hngaklbjlbjhmoilkegninbmpfigheol\2.0.0_0
CHR Extension: (bitly | ♥  your bitmarks) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\2.0.89_0
CHR Extension: (RealDownloader) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0
CHR Extension: (Website Logon) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaaieiajnhcnimjgfmjpccjmmfkploci\6.0.100_0
CHR Extension: (Wajam) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0
CHR Extension: (StumbleUpon) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg\5.7.11.1_0
CHR Extension: (View Background Image) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\knnjokagadbonknppgkjgjpiolcijbmg\0.3_0
CHR Extension: (Skype Click to Call) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.10.0.13089_0
CHR Extension: (Norton Identity Protection) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.2.10_0
CHR Extension: (FastestChrome - Browse Faster) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\7.2.2_0
CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.2_0
CHR Extension: (Buffer) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\noojglkidnpfjbincgijbaiedldjfbhh\2.3.22_0
CHR Extension: (Gmail) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR Extension: (RSS Feed Reader) - C:\Users\HPENVY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp\5.2.0_0
CHR HKLM-x32\...\Chrome\Extension: [bkjllalecbfjgljbohjbjbcnimkeehdd] - C:\Program Files (x86)\uLyrics\125.crx
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\HPENVY-DV7-7243\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\WebCake\WebCakeLayers.crx
CHR HKLM-x32\...\Chrome\Extension: [gfhdkohbepelnfckgjinfddmecpngnpb] - C:\Program Files (x86)\LyricStar\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hhbgpoakplhahbklhkcfbpicgjcaoglk] - C:\Program Files (x86)\InfoAtoms\Chrome\InfoAtoms.crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files (x86)\facemoods.com\facemoods\1.3.61.0\facemoods.crx
CHR HKLM-x32\...\Chrome\Extension: [jaaieiajnhcnimjgfmjpccjmmfkploci] - C:\Program Files (x86)\HP SimplePass\tschrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\HPENVY-DV7-7243\AppData\Local\Wajam\Chrome\wajam.crx
CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx
CHR HKLM-x32\...\Chrome\Extension: [legfpnnmhhnhjgekmmbkilmijnjoehne] - C:\Users\HPENVY-DV7-7243\AppData\Roaming\FireShot\fireshot.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\Exts\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\14.2.0.1\avg.crx
 
==================== Services (Whitelisted) =================
 
R2 24x7HelpSvc; C:\Program Files (x86)\24x7Help\App24x7Svc.exe [342608 2013-04-22] (PCRx.com, LLC)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2009-05-15] (Adobe Systems)
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244752 2012-09-18] (CyberLink)
S3 CorelCreatorMessages; C:\Windows\SysWOW64\CorelCreatorMessages.exe [73728 2011-08-24] (Global Graphics Software Ltd)
R2 EyelineService; C:\Program Files (x86)\NCH Software\Eyeline\eyeline.exe [1385520 2013-04-09] (NCH Software)
R2 Fitbit Connect; D:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1239584 2013-02-25] (Fitbit, Inc.)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-10-15] (HP)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [384048 2013-02-26] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 MOBK755backup; C:\Program Files (x86)\McAfee Online Backup\MOBK755backup.exe [207672 2010-09-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe [144520 2012-12-23] (Symantec Corporation)
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [75584 2013-04-25] (IObit)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 Updater By SweetPacks; C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe [188760 2013-07-01] ()
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] ()
R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-04-22] (Wajam)
R2 WebCake Desktop Updater; C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [23552 2013-05-31] (WebCake LLC)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-28] (Microsoft Corporation)
R2 XobniService; D:\Program Files\Xobni\XobniService.exe [62184 2012-04-09] (Xobni Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S3 appliand; C:\Windows\system32\DRIVERS\appliand.sys [33888 2011-06-25] (Applian Technologies Inc.)
R3 appliandMP; C:\Windows\system32\DRIVERS\appliand.sys [33888 2011-06-25] (Applian Technologies Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
R1 MOBK755Filter; C:\Windows\System32\DRIVERS\MOBK755.sys [66040 2010-09-20] (Mozy, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4309032 2012-10-19] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 pfc; C:\Windows\SysWow64\drivers\pfc.sys [10368 2005-11-02] (Padus, Inc.)
S0 PxHelp20; C:\Windows\SysWow64\Drivers\PxHelp20.sys [20640 2007-01-16] (Sonic Solutions)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2012-08-08] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-14] (Synaptics Incorporated)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
U3 mfeavfk01; No ImagePath
S3 pfc; system32\drivers\pfc.sys [x]
S0 PxHelp20; System32\Drivers\PxHelp20.sys [x]
S3 SymELAM; \SystemRoot\system32\drivers\NISx64\1403000.024\SymELAM.sys [x]
S3 SymNetS; \SystemRoot\system32\drivers\NISx64\1403000.024\SYMNETS.SYS [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-07-28 19:45 - 2013-07-28 19:45 - 00000000 ____D C:\FRST
2013-07-28 19:37 - 2013-07-28 19:42 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\PCFixSpeed
2013-07-28 19:37 - 2013-07-28 19:38 - 00000000 ____D C:\ProgramData\PCFixSpeed
2013-07-28 19:37 - 2013-07-28 19:37 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\24x7 Help
2013-07-28 19:37 - 2013-07-28 19:37 - 00000000 ____D C:\Program Files (x86)\PCFixSpeed
2013-07-28 19:37 - 2013-07-28 19:37 - 00000000 ____D C:\Program Files (x86)\24x7Help
2013-07-28 19:36 - 2013-07-28 19:37 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-07-28 19:36 - 2013-07-28 19:36 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-07-28 19:36 - 2013-07-28 19:36 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\Wajam
2013-07-28 19:35 - 2013-07-28 19:35 - 00003814 _____ C:\Windows\System32\Tasks\Updater26278.exe
2013-07-28 19:35 - 2013-07-28 19:35 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\Updater26278
2013-07-28 19:35 - 2013-07-28 19:35 - 00000000 ____D C:\Program Files (x86)\Solid Savings
2013-07-28 13:52 - 2013-07-28 13:52 - 00000000 ____D C:\Users\HPENVY-DV7-7243\Magazine_Covers
2013-07-26 14:42 - 2013-07-26 14:42 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-07-25 15:33 - 2013-07-25 15:33 - 00001864 _____ C:\Users\HPENVY-DV7-7243\Desktop\FreeConverter.exe - Shortcut.lnk
2013-07-23 12:39 - 2013-07-23 12:39 - 00000000 ____D C:\Program Files (x86)\uLyrics
2013-07-19 07:57 - 2013-07-19 07:57 - 05572208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-18 10:31 - 2013-07-18 10:31 - 00001869 _____ C:\Users\HPENVY-DV7-7243\Desktop\jrmcp.exe - Shortcut.lnk
2013-07-18 10:27 - 2013-07-18 10:27 - 00000000 ____D C:\Users\HPENVY-DV7-7243\Documents\Applian
2013-07-18 10:27 - 2013-07-18 10:27 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\Replay Media Catcher 5
2013-07-18 10:27 - 2013-07-18 10:27 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\Replay Media Catcher 5
2013-07-18 10:26 - 2013-07-18 10:26 - 00000000 ____D C:\Program Files\Common Files\Jaksta Technologies
2013-07-18 10:25 - 2013-07-18 10:25 - 00000000 ____D C:\Windows\Applian Director
2013-07-18 10:25 - 2013-07-18 10:25 - 00000000 ____D C:\Program Files (x86)\Applian Director
2013-07-16 16:39 - 2013-06-01 07:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-16 16:39 - 2013-06-01 07:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-16 16:39 - 2013-06-01 07:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-16 16:39 - 2013-06-01 07:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-16 16:39 - 2013-06-01 06:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-16 16:39 - 2013-06-01 05:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-16 16:39 - 2013-06-01 05:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-16 16:39 - 2013-06-01 05:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-16 16:39 - 2013-06-01 05:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-16 16:39 - 2013-06-01 05:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-16 16:39 - 2013-05-24 18:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-16 16:39 - 2013-05-19 20:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-16 16:38 - 2013-06-01 05:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-16 16:38 - 2013-05-24 18:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-16 16:38 - 2013-05-24 18:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-16 16:37 - 2013-06-16 18:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-16 16:37 - 2013-06-01 07:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-16 16:37 - 2013-06-01 07:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-16 16:37 - 2013-06-01 07:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-16 16:37 - 2013-06-01 07:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-16 16:37 - 2013-06-01 05:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-16 16:37 - 2013-06-01 05:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-16 16:37 - 2013-06-01 05:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-16 16:37 - 2013-06-01 05:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-16 16:37 - 2013-06-01 05:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-16 16:37 - 2013-06-01 05:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-16 16:37 - 2013-06-01 05:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-16 16:37 - 2013-06-01 05:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-16 16:37 - 2013-06-01 05:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-16 16:37 - 2013-06-01 05:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-16 16:37 - 2013-06-01 05:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-16 16:37 - 2013-06-01 05:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-16 16:37 - 2013-06-01 05:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-16 16:37 - 2013-05-31 23:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-07-16 16:37 - 2013-05-24 18:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-16 12:52 - 2013-07-16 12:52 - 00000000 ____D C:\Users\HPENVY-DV7-7243\DC Talk
2013-07-13 09:25 - 2013-07-13 09:37 - 00000000 ____D C:\Windows\system32\MRT
2013-07-11 14:55 - 2013-07-11 14:55 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2013-07-11 14:53 - 2013-07-11 14:56 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\Amazon Cloud Player
2013-07-09 18:19 - 2013-04-11 18:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-09 18:19 - 2013-04-11 18:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-09 18:18 - 2013-06-01 05:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-09 18:18 - 2013-06-01 05:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-09 18:17 - 2013-05-30 19:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-09 18:16 - 2013-06-11 19:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-09 18:16 - 2013-06-11 19:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-09 18:16 - 2013-06-11 19:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-09 18:16 - 2013-06-11 19:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-09 18:16 - 2013-06-11 19:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-09 18:16 - 2013-06-11 19:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-09 18:16 - 2013-06-11 19:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-09 18:16 - 2013-06-11 19:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-09 18:16 - 2013-06-11 19:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-09 18:16 - 2013-06-11 19:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-09 18:16 - 2013-06-11 19:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-09 18:16 - 2013-06-11 19:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-09 18:16 - 2013-06-11 19:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-09 18:16 - 2013-06-11 19:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-09 18:16 - 2013-06-11 19:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-09 18:16 - 2013-06-11 19:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-09 18:16 - 2013-06-11 19:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-09 18:16 - 2013-05-04 02:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-09 18:16 - 2013-05-04 00:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-02 08:38 - 2013-07-28 12:38 - 00000412 _____ C:\Windows\Tasks\You Lyrics Update.job
2013-07-02 08:38 - 2013-07-02 08:38 - 00003072 _____ C:\Windows\System32\Tasks\You Lyrics Update
 
==================== One Month Modified Files and Folders =======
 
2013-07-28 19:45 - 2013-07-28 19:45 - 00000000 ____D C:\FRST
2013-07-28 19:42 - 2013-07-28 19:37 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\PCFixSpeed
2013-07-28 19:38 - 2013-07-28 19:37 - 00000000 ____D C:\ProgramData\PCFixSpeed
2013-07-28 19:37 - 2013-07-28 19:37 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\24x7 Help
2013-07-28 19:37 - 2013-07-28 19:37 - 00000000 ____D C:\Program Files (x86)\PCFixSpeed
2013-07-28 19:37 - 2013-07-28 19:37 - 00000000 ____D C:\Program Files (x86)\24x7Help
2013-07-28 19:37 - 2013-07-28 19:36 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-07-28 19:36 - 2013-07-28 19:36 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-07-28 19:36 - 2013-07-28 19:36 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\Wajam
2013-07-28 19:35 - 2013-07-28 19:35 - 00003814 _____ C:\Windows\System32\Tasks\Updater26278.exe
2013-07-28 19:35 - 2013-07-28 19:35 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\Updater26278
2013-07-28 19:35 - 2013-07-28 19:35 - 00000000 ____D C:\Program Files (x86)\Solid Savings
2013-07-28 19:32 - 2013-03-23 15:07 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-28 19:07 - 2013-03-15 05:48 - 01935347 _____ C:\Windows\WindowsUpdate.log
2013-07-28 19:02 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-28 18:49 - 2013-03-23 15:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-28 18:32 - 2013-03-24 00:36 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-28 18:00 - 2013-04-22 04:02 - 00000532 _____ C:\Windows\Tasks\SpeedyPC Registration3.job
2013-07-28 14:31 - 2013-06-05 10:34 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\WebCake
2013-07-28 13:52 - 2013-07-28 13:52 - 00000000 ____D C:\Users\HPENVY-DV7-7243\Magazine_Covers
2013-07-28 13:52 - 2013-03-15 05:48 - 00000000 ____D C:\Users\HPENVY-DV7-7243
2013-07-28 12:38 - 2013-07-02 08:38 - 00000412 _____ C:\Windows\Tasks\You Lyrics Update.job
2013-07-28 09:37 - 2013-04-03 09:11 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\Windows Live
2013-07-28 08:02 - 2013-03-15 14:40 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\Adobe
2013-07-27 22:38 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-27 21:51 - 2013-03-15 16:11 - 00000258 _____ C:\Windows\Tasks\AutoKMSDaily.job
2013-07-27 21:09 - 2013-03-26 05:53 - 00000000 ____D C:\Users\HPENVY-DV7-7243\Documents\My Kindle Content
2013-07-27 19:57 - 2012-07-26 03:28 - 00900104 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-27 11:42 - 2013-03-15 05:53 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1381800913-1119286949-2785834242-1001
2013-07-27 11:34 - 2012-07-26 01:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-07-27 11:30 - 2013-04-10 08:28 - 00000000 ____D C:\Users\HPENVY-DV7-7243\.rainlendar2
2013-07-27 11:30 - 2013-04-04 00:31 - 00000556 _____ C:\Windows\Tasks\SpeedyPC Update Version3 Startup Task.job
2013-07-27 11:30 - 2013-03-23 15:09 - 00003362 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1381800913-1119286949-2785834242-1001
2013-07-27 11:30 - 2013-03-23 15:09 - 00003248 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1381800913-1119286949-2785834242-1001
2013-07-27 11:30 - 2013-03-23 15:07 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-27 11:30 - 2013-03-15 16:11 - 00000268 _____ C:\Windows\Tasks\AutoKMS.job
2013-07-27 11:30 - 2013-03-15 05:41 - 00028342 _____ C:\Windows\PFRO.log
2013-07-27 11:30 - 2012-07-26 03:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-27 11:30 - 2012-07-26 01:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-27 10:25 - 2013-04-19 14:33 - 00002035 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2013-07-26 14:42 - 2013-07-26 14:42 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-07-26 14:42 - 2013-03-15 14:42 - 00000000 ____D C:\ProgramData\Adobe
2013-07-26 14:42 - 2013-03-15 05:48 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\Adobe
2013-07-25 23:05 - 2013-03-26 22:04 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\BurnCD
2013-07-25 21:37 - 2013-03-26 06:16 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\CrashDumps
2013-07-25 15:33 - 2013-07-25 15:33 - 00001864 _____ C:\Users\HPENVY-DV7-7243\Desktop\FreeConverter.exe - Shortcut.lnk
2013-07-25 09:18 - 2013-03-15 15:40 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-07-24 13:02 - 2013-04-02 17:15 - 00000000 ____D C:\Users\HPENVY-DV7-7243\Documents\Outlook Files
2013-07-24 09:39 - 2013-03-23 19:12 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-24 08:51 - 2012-07-26 03:21 - 00022020 _____ C:\Windows\setupact.log
2013-07-23 12:39 - 2013-07-23 12:39 - 00000000 ____D C:\Program Files (x86)\uLyrics
2013-07-22 23:24 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-22 10:15 - 2013-03-15 14:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-07-22 09:46 - 2013-03-15 14:44 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-07-19 07:58 - 2013-03-23 19:07 - 00677376 ___SH C:\Users\HPENVY-DV7-7243\Desktop\Thumbs.db
2013-07-19 07:57 - 2013-07-19 07:57 - 05572208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-18 10:31 - 2013-07-18 10:31 - 00001869 _____ C:\Users\HPENVY-DV7-7243\Desktop\jrmcp.exe - Shortcut.lnk
2013-07-18 10:28 - 2013-03-26 22:34 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applian Technologies
2013-07-18 10:28 - 2013-03-25 22:25 - 00000000 ____D C:\Windows\Replay Video Capture 6
2013-07-18 10:27 - 2013-07-18 10:27 - 00000000 ____D C:\Users\HPENVY-DV7-7243\Documents\Applian
2013-07-18 10:27 - 2013-07-18 10:27 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\Replay Media Catcher 5
2013-07-18 10:27 - 2013-07-18 10:27 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\Replay Media Catcher 5
2013-07-18 10:27 - 2013-03-26 06:20 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\Jaksta_Technologies_Pty_L
2013-07-18 10:27 - 2013-03-26 06:07 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\Applian
2013-07-18 10:26 - 2013-07-18 10:26 - 00000000 ____D C:\Program Files\Common Files\Jaksta Technologies
2013-07-18 10:26 - 2013-03-26 00:06 - 00000000 ____D C:\Program Files (x86)\Applian Technologies
2013-07-18 10:25 - 2013-07-18 10:25 - 00000000 ____D C:\Windows\Applian Director
2013-07-18 10:25 - 2013-07-18 10:25 - 00000000 ____D C:\Program Files (x86)\Applian Director
2013-07-17 16:16 - 2013-03-23 19:12 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\Skype
2013-07-17 13:29 - 2013-03-15 13:43 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\vlc
2013-07-16 12:52 - 2013-07-16 12:52 - 00000000 ____D C:\Users\HPENVY-DV7-7243\DC Talk
2013-07-14 20:32 - 2012-07-26 01:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-13 09:37 - 2013-07-13 09:25 - 00000000 ____D C:\Windows\system32\MRT
2013-07-12 22:33 - 2013-03-23 15:07 - 00002192 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-12 07:27 - 2013-03-23 15:07 - 00003920 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-12 07:27 - 2013-03-23 15:07 - 00003684 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-11 14:56 - 2013-07-11 14:53 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\Amazon Cloud Player
2013-07-11 14:55 - 2013-07-11 14:55 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2013-07-10 14:33 - 2013-04-02 14:33 - 00000000 ____D C:\Program Files\Updater By SweetPacks
2013-07-10 12:48 - 2013-03-15 16:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-10 12:48 - 2013-03-15 16:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-10 12:38 - 2012-07-26 03:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-09 18:35 - 2013-03-15 14:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-03 23:10 - 2013-03-26 22:04 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\Audacity
2013-07-02 12:50 - 2013-03-26 01:41 - 00000000 ____D C:\Program Files (x86)\GetSmile
2013-07-02 08:38 - 2013-07-02 08:38 - 00003072 _____ C:\Windows\System32\Tasks\You Lyrics Update
2013-07-02 08:38 - 2013-04-24 17:15 - 00000000 ____D C:\Program Files (x86)\LyricStar
2013-07-01 04:47 - 2013-04-04 00:31 - 00000460 _____ C:\Windows\Tasks\SpeedyPC Pro.job
2013-07-01 01:32 - 2013-03-26 22:07 - 00000000 ____D C:\Users\HPENVY-DV7-7243\AppData\Roaming\Replay Media Catcher 4
2013-06-29 21:14 - 2013-03-27 17:25 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2013-06-28 12:57 - 2013-04-05 00:26 - 00000000 ____D C:\Users\HPENVY~1\AppData\Local\Akamai
 
Files to move or delete:
====================
C:\Users\HPENVY-DV7-7243\GoToAssistDownloadHelper.exe
C:\Users\HPENVY-DV7-7243\XobniSetup64.exe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-07-21 09:03
 
==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-07-2013
Ran by HPENVY-DV7-7243 at 2013-07-28 19:47:36
Running from D:\My Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
   
 Tools for .Net 3.5 (x32 Version: 3.11.50727)
24x7 Help (x32 Version: 2.1.0.34)
Add or Remove Adobe Creative Suite 3 Master Collection (x32 Version: 1.0)
Adobe Acrobat 8 Professional (x32 Version: 8.3.1)
Adobe Acrobat 8.3.1 - CPSID_83708 (x32)
Adobe Acrobat 8.3.1 Professional (x32 Version: 8.3.1)
Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.7)
Adobe After Effects CS3 (x32 Version: 8)
Adobe After Effects CS3 Presets (x32 Version: 8)
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Anchor Service CS3 (x32 Version: 1.0)
Adobe Asset Services CS3 (x32 Version: 3)
Adobe Audition 2.0 (x32 Version: 2.0)
Adobe Audition 2.0 Loopology Content (x32 Version: 2.0.0)
Adobe Audition CS5.5 (x32 Version: 4.0)
Adobe Bridge 1.0 (x32 Version: 1.0.1.1)
Adobe Bridge CS3 (x32 Version: 2)
Adobe Bridge Start Meeting (x32 Version: 1.0)
Adobe BridgeTalk Plugin CS3 (x32 Version: 1.0)
Adobe Camera Raw 4.0 (x32 Version: 4.0)
Adobe CMaps (x32 Version: 1.0)
Adobe Color - Photoshop Specific (x32 Version: 1.0)
Adobe Color Common Settings (x32 Version: 1.0.1)
Adobe Color EU Extra Settings (x32 Version: 1.0)
Adobe Color JA Extra Settings (x32 Version: 1.0)
Adobe Color NA Recommended Settings (x32 Version: 1.0)
Adobe Common File Installer (x32 Version: 1.00.002)
Adobe Connect 9 Add-in (HKCU Version: 11,2,261,0)
Adobe Contribute CS3 (x32 Version: 4.1)
Adobe Creative Suite 6 Master Collection (x32 Version: 6)
Adobe Default Language CS3 (x32 Version: 1.0)
Adobe Device Central CS3 (x32 Version: 1.0)
Adobe Dreamweaver CS3 (x32 Version: 9)
Adobe Encore CS3 (x32 Version: 3)
Adobe Encore CS3 Codecs (x32 Version: 3)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0.2)
Adobe Extension Manager CS3 (x32 Version: 1.8)
Adobe Fireworks CS3 (x32 Version: 9.0)
Adobe Flash CS3 (x32 Version: 9.0)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Flash Video Encoder (x32 Version: 2.0)
Adobe Fonts All (x32 Version: 1.0)
Adobe Help Center 2.0 (x32 Version: 2.0.0)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Help Viewer CS3 (x32 Version: 1)
Adobe Illustrator CS3 (x32 Version: 13.0)
Adobe InDesign CS3 Icon Handler (x32 Version: 5.0)
Adobe Linguistics CS3 (x32 Version: 3.0.0)
Adobe MotionPicture Color Files (x32 Version: 1.0)
Adobe PDF Library Files (x32 Version: 8.0)
Adobe Photoshop CS3 (x32 Version: 10)
Adobe Premiere Pro CS3 (x32 Version: 3)
Adobe Premiere Pro CS3 Functional Content (x32 Version: 8)
Adobe Premiere Pro CS3 Third Party Content (x32 Version: 3)
Adobe Reader XI (11.0.02) (x32 Version: 11.0.02)
Adobe Setup (x32 Version: 1.0)
Adobe SING CS3 (x32 Version: 0.1)
Adobe Soundbooth CS3 (x32 Version: 1)
Adobe Soundbooth CS3 Codecs (x32 Version: 3)
Adobe Stock Photos CS3 (x32 Version: 1.5)
Adobe SVG Viewer 3.0 (x32 Version:  3.0)
Adobe Type Support (x32 Version: 1.0)
Adobe Update Manager CS3 (x32 Version: 5.1.0)
Adobe Version Cue CS3 Client (x32 Version: 3)
Adobe Version Cue CS3 Server {ko_KR}  (x32 Version: 3.0.0.0 {ko_KR} )
Adobe Video Profiles (x32 Version: 1.0)
Adobe WAS CS3 (x32 Version: 1.0)
Adobe Widget Browser (x32 Version: 2.0 Build 348)
Adobe Widget Browser (x32 Version: 2.0.348)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0)
Adobe XMP DVA Panels CS3 (x32 Version: 1.0)
Adobe XMP Panels CS3 (x32 Version: 1.0)
Adobe® Content Viewer (x32 Version: 3.2.0)
Advanced WMA Workshop version 2.7.4 (x32 Version: 2.7.4)
AHV content for Acrobat and Flash (x32 Version: 1)
Akamai NetSession Interface (HKCU)
Alien Skin Exposure (x32)
Alien Skin Eye Candy 5 Impact (x32)
Alien Skin Eye Candy 5 Nature (x32)
Alien Skin Eye Candy 5 Textures (x32)
Alien Skin Image Doctor 1.0 (x32)
Alien Skin Snap Art (x32)
Alien Skin Xenofex 2.0 (x32)
Amara - Menu Builder (x32)
Amara - News Ticker (x32)
Amara - Slide Show Builder (x32)
Amazon Cloud Player (HKCU Version: 1.1.0.332)
Amazon Kindle (x32)
Antares Autotune VST RTAS TDM v5.08 (x32)
AoA Audio Extractor 1.0 (x32)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
Applian Director (x32 Version: 2.12)
ASIO4ALL (x32 Version: 2.10)
Ask Toolbar (x32 Version: 1.7.0.0)
Audacity 2.0 (x32)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.86)
AviSynth 2.5 (x32)
bl (x32 Version: 1.0.0)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0)
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0)
BrowserProtect (x32)
Cassette2CD Wizard 2.0 (x32)
CoffeeCup Flash FireStarter (x32)
CoffeeCup Flash Menu Builder (x32)
CoffeeCup Image Mapper (x32)
CoffeeCup Live Chat (x32)
CoffeeCup Password Wizard (x32)
CoffeeCup Shopping Cart Creator (x32 Version: 3.5.2338)
CoffeeCup Shopping Cart Creator (x32 Version: 3.9.4296)
CoffeeCup Web JukeBox - Registered (x32)
CoffeeCup Web JukeBox (x32)
Color Schemer Studio (x32 Version: Studio v1.51)
Color Schemer v3 (x32 Version: 3.0)
Corel KPT Collection (x32 Version: 1.00.0000)
Corel KPT Collection (x32)
Corel KPT Collection for PSPX4 (x32)
Corel Paint Shop Pro Photo X2 (x32 Version: 12.010.0000)
Corel Painter Essentials 4 (x32 Version: 4.2)
Corel Painter Essentials 4 (x32)
Corel Painter Photo Essentials 4 (x32 Version: 4.1)
Corel Painter Photo Essentials 4 (x32)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000)
Corel PaintShop Photo Pro X3 (x32 Version: 1.6.1.148)
Corel PaintShop Pro X4 (x32 Version: 14.2.0.1)
Corel PaintShop Pro X4 (x32 Version: 14.3.0.3)
Corel PaintShop Pro X5 (x32 Version: 15.2.0.12)
Corel PDF Fusion (x32 Version: 1.00.0000)
Corel VideoStudio Pro X4 (x32 Version: 14.2.0.23)
CrazyTalk v6.21 PRO (x32 Version: 6.21.1921.1)
cu3ox (x32)
CyberLink LabelPrint (x32 Version: 2.5.2.5712)
CyberLink PowerDVD (x32 Version: 10.0.7.4702)
CyberLink YouCam (x32 Version: 3.5.5.5811)
D3DX10 (x32 Version: 15.4.2368.0902)
Debut Video Capture Software (x32 Version: 1.82)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Delta Chrome Toolbar (x32)
Delta toolbar   (x32 Version: 1.8.10.0)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298)
DVD Shrink 3.2 (x32)
DVD-CLONER V5.10 Build 967 (x32 Version: 5.10.0.967)
eaner (Version: 4.00)
Entity Framework Designer for Visual Studio 2012 - enu (x32 Version: 11.1.20702.00)
Express Burn (x32)
Eyeline Video System (x32)
FaceFilter Studio 2 (x32 Version: 2.0)
FaceFilter v3.02 PRO (x32 Version: 3.02.1506.1)
FeedForAll v2.0 (x32 Version: v2.0)
Fitbit Connect (x32 Version: 1.0.0.2578)
FlamingText Gimp 2.0 (x32)
Flash Banner Creator 2.10 (x32 Version: 2.10)
Flash Menu Factory (x32 Version: 1.0 DEMO Version)
Flashation Menu Builder (x32)
Free Mp3 Wma Converter V 2.2 (x32 Version: 2.2.0.0)
Free SWF to AVI Converter (x32)
Free WMA to MP3 Converter 1.16 (x32)
GetSmile v1.952 (x32 Version: 1.952)
GIMP 2.8.4 (Version: 2.8.4)
Glitterizer 1.0 (x32)
GlitterText Maker 1.0 (x32)
Google Chrome (x32 Version: 28.0.1500.72)
Google Earth (x32 Version: 7.0.3.8542)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0)
HP CoolSense (x32 Version: 2.10.51)
HP SimplePass (x32 Version: 6.0.100.257)
HP Wireless Button Driver (x32 Version: 1.0.5.1)
ICA (x32 Version: 1.6.1.148)
ICA (x32 Version: 14.1.0.150)
ICA (x32 Version: 14.2.0.1)
ICA (x32 Version: 15.2.0.12)
Iconoid version 3.8.6 (x32 Version: 3.8.6)
IDT Audio (x32 Version: 1.0.6425.0)
IIS 8.0 Express (Version: 8.0.1557)
IIS Express Application Compatibility Database for x64
IIS Express Application Compatibility Database for x86
InfoAtoms [Uninstall] (x32 Version: 1.5.0.0)
Intel® Management Engine Components (x32 Version: 8.1.0.1252)
Intel® Processor Graphics (x32 Version: 9.17.10.2857)
Intel® Rapid Storage Technology (x32 Version: 11.5.9.1002)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Internet Explorer Toolbar 4.7 by SweetPacks (x32 Version: 4.7.0008)
IPM_PSP_COM (x32 Version: 15.2.0.12)
Ipswitch WS_FTP 12 (x32 Version: 12.3)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
LAME v3.98.3 for Audacity (x32)
LameACM (x32)
Let's DRAW v1.1 (x32)
LocalESPC (x32 Version: 8.59.25584)
LocalESPCui for en-us (x32 Version: 8.59.25584)
Mavis Beacon Teaches Typing 18 (x32 Version: 18.00.0000)
McAfee Internet Security (x32 Version: 11.6.511)
McAfee Online Backup (Version: 1.16.6.1)
McAfee Online Backup (x32)
Microangelo 5.5 (x32)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0)
Microsoft ASP.NET MVC 3 (x32 Version: 3.0.20105.0)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (x32 Version: 4.0.20710.0)
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0)
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0)
Microsoft ASP.NET Web Pages (x32 Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (x32 Version: 2.0.20710.0)
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20710.0)
Microsoft FrontPage 2000 SR-1 (x32 Version: 9.00.3821)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727)
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727)
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (x32 Version: 11.0.50727)
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Hotmail Connector 64-bit (Version: 14.0.5118.5000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (Version: 14.0.5120.5000)
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929)
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929)
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42)
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Silverlight 4 SDK (x32 Version: 4.0.60310.0)
Microsoft Silverlight 5 SDK (x32 Version: 5.0.61118.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2012 Command Line Utilities  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.0.2316.0)
Microsoft SQL Server 2012 Data-Tier App Framework  (x32 Version: 11.0.2316.0)
Microsoft SQL Server 2012 Express LocalDB  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects  (x32 Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects  (x64) (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Native Client  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 T-SQL Language Service  (x32 Version: 11.0.2100.60)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (Version: 4.0.8876.1)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (x32 Version: 11.1.20627.00)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (x32 Version: 11.1.20627.00)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1600.1)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1600.1)
Microsoft System CLR Types for SQL Server 2012 (x32 Version: 11.0.2100.60)
Microsoft System CLR Types for SQL Server 2012 (x64) (Version: 11.0.2100.60)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Core amd64 (Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Core x86 (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Front End x86 (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727)
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727)
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 SharePoint Developer Tools (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1)
Microsoft Visual Studio Premium 2012 - ENU (x32 Version: 11.0.50727)
Microsoft Visual Studio Premium 2012 (x32 Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 - ENU (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727.1)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727)
Microsoft Web Deploy 3.0 (Version: 3.1236.1631)
Microsoft Web Deploy dbSqlPackage Provider - enu (x32 Version: 10.3.20225.0)
Microsoft Web Developer Tools - Visual Studio 2012 (x32 Version: 1.0.30710.0)
Microsoft Web Platform Installer 4.0 (Version: 4.0.1622)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x64 (Version: 1.0.0)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Morpheus Photo Morpher v3.16 (x32 Version: 3.16)
Mosaic Creator 3.1 (x32)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 19.0.2 (x86 en-US) (x32 Version: 19.0.2)
Mozilla Maintenance Service (x32 Version: 19.0.2)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Musicnotes Software Suite 1.5.5 (x32 Version: 1.5.5)
MyPasswordGenerator (x32 Version: 3.0)
MySecurityVault (x32 Version: (Build 08.10.23))
Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10600.6.0)
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10600.6.0)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Burning ROM 10 (x32 Version: 10.0.11100.10.100)
Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10700)
Nero BurnRights 10 (x32 Version: 4.0.11000.12.100)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10600)
Nero Control Center 10 (x32 Version: 10.0.12000.1.4)
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Core Components 10 (x32 Version: 2.0.13700.0.1)
Nero CoverDesigner 10 (x32 Version: 5.0.10900.11.100)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10600)
Nero DiscSpeed 10 (x32 Version: 6.0.10800.7.100)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10600)
Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10)
Nero Express 10 (x32 Version: 10.0.11000.10.100)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10700)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10600)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Multimedia Suite 10 (x32 Version: 10.0.13100)
Nero Recode 10 (x32 Version: 4.6.10900.4.100)
Nero Recode 10 Help (CHM) (x32 Version: 1.0.10600)
Nero RescueAgent 10 (x32 Version: 3.0.10900.9.100)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10700)
Nero SoundTrax 10 (x32 Version: 4.6.10600.2.100)
Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10600)
Nero StartSmart 10 (x32 Version: 10.0.11200.12.100)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Vision 10 Help (CHM) (x32 Version: 1.0.10600)
Nero WaveEditor 10 (x32 Version: 5.6.10600.2.100)
Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10600)
Norton Internet Security (x32 Version: 20.3.0.36)
Optimum (HKCU)
Optimum App for Laptop 1.62 (Version: 1.62)
Paint Shop Pro 7 (x32 Version: 7.0.0.0000)
Pam Call Recorder 4.8 (x32 Version: 4.8)
Pamela Pro 4.8 (x32 Version: 4.8)
PC Fix Speed 1.2.0.24 (x32 Version: 1.2.0.24)
PCmover (x32 Version: 8.00.632.0)
PDF Settings (x32 Version: 1.0)
PDF Settings CS6 (x32 Version: 11.0)
ph (x32 Version: 1.0.0)
Photo Gallery (x32 Version: 16.4.3505.0912)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1)
Prerequisites for SSDT  (x32 Version: 11.0.2100.60)
Prism Video File Converter (x32)
PSPPContent (x32 Version: 15.2.0.12)
PSPPHelp (x32 Version: 15.2.0.12)
PSPPro64 (Version: 15.2.0.12)
QuickTime (x32 Version: 7.73.80.64)
Rainlendar2 (remove only) (x32)
RealDownloader (x32 Version: 1.3.1)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)
RealPlayer (x32 Version: 16.0.0)
Realtek PCIE Card Reader (x32 Version: 6.2.8400.29034)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Replay AV 8 (x32 Version: 8.81)
Replay Converter 4 (x32 Version: 4.0)
Replay Media Catcher 4 (4.4.5) (x32 Version: 4.4.5)
Replay Media Catcher 5 (5.0.1.0) (x32 Version: 5.0.1.0)
Replay Media Splitter 2.0.1204 (x32 Version: 2.0.1204)
Replay Music 5 (x32 Version: 5.05)
Replay Telecorder for Skype 1.3.0.18 (x32 Version: 1.3.0.18)
Replay Video Capture 5 (x32 Version: 5.4.2)
Replay Video Capture 6 (x32 Version: 6.0.3)
Replay Video Capture 6 (x32 Version: 6.0.6.1)
ResumeMaker Deluxe (x32 Version: 10.0)
Rhymesaurus FREE Edition (2.0.0.0) (x32)
Ringtone Media Studio (x32 Version: 3.00)
Safari (x32 Version: 5.34.57.2)
Serif MoviePlus 5 Resources (x32 Version: 5.1.2.009)
Serif MoviePlus X5 (x32 Version: 7.0.2.018)
Serif PagePlus X6 (x32 Version: 16.0.0.19)
Serif WebPlus X5 (x32 Version: 13.0.3.029)
Setup (x32 Version: 15.2.0.12)
ShakespeareReaderInstaller (x32 Version: 1.0.0)
Shared C Run-time for x64 (Version: 10.0.0)
Simple Adblock (x32 Version: 1.1.5)
Skype Click to Call (x32 Version: 6.10.13089)
Skype™ 6.5 (x32 Version: 6.5.158)
Solero Music Viewer 8.0.32.2 (x32 Version: 8.0.32.2)
Solid Savings (x32 Version: 1.27.153.8)
Sothink SWF Catcher for Internet Explorer (x32 Version: 3.3)
Sothink SWF Decompiler (x32 Version: 6.5)
Sound Effects (x32 Version: 2.0)
SpeedyPC Pro (x32 Version: 3.1.10.0)
Start Menu 8 (x32 Version: 1.1.0.0)
SWiSH Jukebox (x32)
SWiSH Max3 (x32 Version: 09.06.02.000)
SWiSH Max4 (x32 Version: 10.10.29.100)
SWiSH v2.01 (x32)
SWiSH Video3 (x32)
SWiSHmax (x32)
Synaptics Pointing Device Driver (Version: 16.2.15.0)
The Holy Bible KJV Ver.7.3 (x32)
The Logo Creator v5 (x32)
The Logo Creator v5.2 (x32)
The Logo Creator v6 6.0 (x32 Version: 6.0)
The Logo Creator v6.6 (x32 Version: v6.6)
Toonworks Deluxe 1.0 (x32 Version: 1.0)
Toonworks v1.31 (x32)
Tunebite (x32 Version: 6.0.31728.2500)
TuneUpMedic (x32)
Tweak Manager 2.1 (x32 Version: 2.1)
Unlocker 1.9.1 (x32 Version: 1.9.1)
Update for  (KB2504637) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Update for Microsoft Visual Studio 2012 (KB2781514) (x32 Version: 11.0.51219)
Updater By SweetPacks 2.0.0.609 (Version: 2.0.0.609)
Validity WBF DDK (Version: 4.4.234.0)
Video to GIF Converter 12 (x32)
VideoPad Video Editor (x32)
Virtual Plastic Surgery Software - VPSS v1.0 (x32 Version: 1.0.0.1667)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727)
Visual Studio 2012 Prerequisites (Version: 11.0.50727)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0)
VLC media player 2.0.7 (x32 Version: 2.0.7)
vReveal 3 (x32)
Wajam (x32 Version: 1.80)
WavePad Sound Editor (x32)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0)
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0)
WCF RIA Services V1.0 SP2 (x32 Version: 4.1.61829.0)
WebCake 3.00 (Version: 3.00)
Windows App Certification Kit Native Components (Version: 8.59.25584)
Windows App Certification Kit x64 (x32 Version: 8.59.25584)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584)
Windows Software Development Kit (x32 Version: 8.59.25584)
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
WinZip 15.5 (x32 Version: 15.5.9579)
WM Capture (x32 Version: 4.1)
WM Recorder (x32 Version: 14.10.1)
WM Recorder (x32)
Xara Dreamweaver Extension 1.03 (x32 Version: 1.03)
Xara FrontPage Add-in 1.01 (x32 Version: 1.01)
Xara Menu Maker 1.1 (x32 Version: 1.1)
Xara Web Designer 7 Premium (x32 Version: 7.0.2.16324)
Xara X1 (x32 Version: 1.00.0000)
Xara3D6 (x32 Version: 1.00.0000)
Xobni (Version: 2.0.4.13741)
Xobni Core (x32 Version: 1.0.0)
Yahoo! Messenger (x32)
You Lyrics (x32)
 
==================== Restore Points  =========================
 
18-07-2013 13:06:29 Scheduled Checkpoint
27-07-2013 12:36:28 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
2012-07-26 01:26 - 2013-03-15 14:32 - 00000857 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lm.licenses.adobe.com
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0CBEB302-0D49-44A7-B5D2-A1433834DEE2} - System32\Tasks\NCH Software\DebutReminder => C:\Program Files (x86)\NCH Software\Debut\Debut.exe [2013-06-04] (NCH Software)
Task: {0FD5C588-75EF-4C84-9074-234525629F32} - System32\Tasks\Updater26278.exe => C:\Users\HPENVY-DV7-7243\AppData\Local\Updater26278\Updater26278.exe No File
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-25] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {1E9CB77D-0198-4B7D-B3A2-A3738015C8EB} - System32\Tasks\SpeedyPC Pro => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2013-04-18] (SpeedyPC Software, Inc.)
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {217C25AD-8400-40FE-A4BF-9B110A3019E4} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1381800913-1119286949-2785834242-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {241CE6F5-F3AA-46E8-8101-698C3783DF65} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1381800913-1119286949-2785834242-1001
Task: {2796A0DA-C8EA-43E3-813A-6BFCD036FACA} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {36E771B8-7A98-4B4F-A2DD-BFF4DB1FC193} - System32\Tasks\AdobeAAMUpdater-1.0-ENVYDV7-7243-PC-HPENVY-DV7-7243 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {39773FA9-A593-4F79-885B-F1E4789F07E8} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe No File
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {412661C9-B14A-4C34-94D0-CA9255DE57AA} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2010-02-08] ()
Task: {41C60B20-36B0-4B8E-B6A3-567752CDE423} - System32\Tasks\SpeedyPC Update Version3 Startup Task => C:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2013-03-28] (SpeedyPC Software)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5209D77A-F163-4ACE-894D-A99444B52AAE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {5E729419-40EC-400E-909D-8F624F4AA2F0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\WSCStub.exe [2013-02-14] (Symantec Corporation)
Task: {60218DB1-C39C-4CA9-BDF7-5E518D7ADF31} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-23] (Google Inc.)
Task: {611DD4C7-9F9F-4AAF-8FF1-E99DC3F9FBDE} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-25] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {700D7B74-E676-4D63-B5BC-EE2D9B8363E9} - System32\Tasks\You Lyrics Update => C:\Program Files (x86)\uLyrics\ulUpdater.exe [2013-07-23] (nanDi Software)
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {7F73DAE5-1DED-491B-A287-C742171C42FA} - System32\Tasks\SpeedyPC Update Version3 => C:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2013-03-28] (SpeedyPC Software)
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8A56100A-0DD1-4E8E-BA4E-DC07A737B23A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {92AFAAFE-1D51-40D2-843A-B859B7C5E002} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-12] (CyberLink)
Task: {94048F76-0C92-4136-BD2D-FC73ABD6A766} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {984B1076-85B9-43C9-B9FC-4D89BFDCED8A} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1381800913-1119286949-2785834242-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {9B66A649-57A7-44C6-872B-344A9005F225} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-23] (Google Inc.)
Task: {9B914240-9B44-4683-BA8C-63A010A7BD8E} - System32\Tasks\BrowserProtect => C:\Windows\system32\sc.exe [2012-07-25] (Microsoft Corporation)
Task: {9C988101-F7AB-4597-B8CA-2E8FF38DC432} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe No File
Task: {9F2EEAB8-E600-4D57-9387-89E1C4226F87} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {AF9E800D-5F13-4035-87B8-64C80D584DF5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {B5188BCA-E587-4982-8690-627A180ADD1F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-25] (Microsoft Corporation)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D4737F13-9AC0-499E-ACF8-1A4FCF7BB6B0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {D51553D6-BD5D-49BE-A08C-26A0AA7967B8} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {D747A684-FFBB-46C3-807F-EFE2EACE58EE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe No File
Task: {D81B2626-A7B5-4946-A948-E2DA33F1FE7A} - System32\Tasks\SpeedyPC Registration3 => C:\Windows\system32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {D879907C-49DF-4358-BD5A-C557B4240A37} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E1BFC91E-3670-4AF2-96ED-12AE8870181A} - System32\Tasks\EPUpdater => C:\Users\HPENVY~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {F669F62E-AFB1-4C6F-8AAB-7965B598D23A} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2013-01-25] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SpeedyPC Pro.job => C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe
Task: C:\Windows\Tasks\SpeedyPC Registration3.job => C:\Windows\system32\rundll32.exe
Task: C:\Windows\Tasks\SpeedyPC Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe
Task: C:\Windows\Tasks\SpeedyPC Update Version3.job => C:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe
Task: C:\Windows\Tasks\You Lyrics Update.job => C:\Program Files (x86)\uLyrics\ulUpdater.exe
 
==================== Faulty Device Manager Devices =============
 
Name: MyBookLive
Description: My Book Live Network Storage
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: Western Digital Corporation
Service: UmPass
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/28/2013 06:49:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerUpdateService.exe, version: 11.6.602.180, time stamp: 0x51a4ab8c
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000005
Fault offset: 0x0002fa8b
Faulting process id: 0x1414
Faulting application start time: 0xFlashPlayerUpdateService.exe0
Faulting application path: FlashPlayerUpdateService.exe1
Faulting module path: FlashPlayerUpdateService.exe2
Report Id: FlashPlayerUpdateService.exe3
Faulting package full name: FlashPlayerUpdateService.exe4
Faulting package-relative application ID: FlashPlayerUpdateService.exe5
 
Error: (07/28/2013 05:49:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerUpdateService.exe, version: 11.6.602.180, time stamp: 0x51a4ab8c
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000005
Fault offset: 0x0002fa8b
Faulting process id: 0x27f0
Faulting application start time: 0xFlashPlayerUpdateService.exe0
Faulting application path: FlashPlayerUpdateService.exe1
Faulting module path: FlashPlayerUpdateService.exe2
Report Id: FlashPlayerUpdateService.exe3
Faulting package full name: FlashPlayerUpdateService.exe4
Faulting package-relative application ID: FlashPlayerUpdateService.exe5
 
Error: (07/28/2013 04:49:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerUpdateService.exe, version: 11.6.602.180, time stamp: 0x51a4ab8c
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000005
Fault offset: 0x0002fa8b
Faulting process id: 0x1fd4
Faulting application start time: 0xFlashPlayerUpdateService.exe0
Faulting application path: FlashPlayerUpdateService.exe1
Faulting module path: FlashPlayerUpdateService.exe2
Report Id: FlashPlayerUpdateService.exe3
Faulting package full name: FlashPlayerUpdateService.exe4
Faulting package-relative application ID: FlashPlayerUpdateService.exe5
 
Error: (07/28/2013 03:49:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerUpdateService.exe, version: 11.6.602.180, time stamp: 0x51a4ab8c
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000005
Fault offset: 0x0002fa8b
Faulting process id: 0x1cf8
Faulting application start time: 0xFlashPlayerUpdateService.exe0
Faulting application path: FlashPlayerUpdateService.exe1
Faulting module path: FlashPlayerUpdateService.exe2
Report Id: FlashPlayerUpdateService.exe3
Faulting package full name: FlashPlayerUpdateService.exe4
Faulting package-relative application ID: FlashPlayerUpdateService.exe5
 
Error: (07/28/2013 02:49:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerUpdateService.exe, version: 11.6.602.180, time stamp: 0x51a4ab8c
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000005
Fault offset: 0x0002fa8b
Faulting process id: 0x174c
Faulting application start time: 0xFlashPlayerUpdateService.exe0
Faulting application path: FlashPlayerUpdateService.exe1
Faulting module path: FlashPlayerUpdateService.exe2
Report Id: FlashPlayerUpdateService.exe3
Faulting package full name: FlashPlayerUpdateService.exe4
Faulting package-relative application ID: FlashPlayerUpdateService.exe5
 
Error: (07/28/2013 01:49:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerUpdateService.exe, version: 11.6.602.180, time stamp: 0x51a4ab8c
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000005
Fault offset: 0x0002fa8b
Faulting process id: 0x2bc0
Faulting application start time: 0xFlashPlayerUpdateService.exe0
Faulting application path: FlashPlayerUpdateService.exe1
Faulting module path: FlashPlayerUpdateService.exe2
Report Id: FlashPlayerUpdateService.exe3
Faulting package full name: FlashPlayerUpdateService.exe4
Faulting package-relative application ID: FlashPlayerUpdateService.exe5
 
Error: (07/28/2013 00:49:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerUpdateService.exe, version: 11.6.602.180, time stamp: 0x51a4ab8c
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000005
Fault offset: 0x0002fa8b
Faulting process id: 0x27e0
Faulting application start time: 0xFlashPlayerUpdateService.exe0
Faulting application path: FlashPlayerUpdateService.exe1
Faulting module path: FlashPlayerUpdateService.exe2
Report Id: FlashPlayerUpdateService.exe3
Faulting package full name: FlashPlayerUpdateService.exe4
Faulting package-relative application ID: FlashPlayerUpdateService.exe5
 
Error: (07/28/2013 11:49:00 AM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerUpdateService.exe, version: 11.6.602.180, time stamp: 0x51a4ab8c
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000005
Fault offset: 0x0002fa8b
Faulting process id: 0x2840
Faulting application start time: 0xFlashPlayerUpdateService.exe0
Faulting application path: FlashPlayerUpdateService.exe1
Faulting module path: FlashPlayerUpdateService.exe2
Report Id: FlashPlayerUpdateService.exe3
Faulting package full name: FlashPlayerUpdateService.exe4
Faulting package-relative application ID: FlashPlayerUpdateService.exe5
 
Error: (07/28/2013 10:49:00 AM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerUpdateService.exe, version: 11.6.602.180, time stamp: 0x51a4ab8c
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000005
Fault offset: 0x0002fa8b
Faulting process id: 0x2770
Faulting application start time: 0xFlashPlayerUpdateService.exe0
Faulting application path: FlashPlayerUpdateService.exe1
Faulting module path: FlashPlayerUpdateService.exe2
Report Id: FlashPlayerUpdateService.exe3
Faulting package full name: FlashPlayerUpdateService.exe4
Faulting package-relative application ID: FlashPlayerUpdateService.exe5
 
Error: (07/28/2013 09:49:00 AM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerUpdateService.exe, version: 11.6.602.180, time stamp: 0x51a4ab8c
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000005
Fault offset: 0x0002fa8b
Faulting process id: 0x2dc0
Faulting application start time: 0xFlashPlayerUpdateService.exe0
Faulting application path: FlashPlayerUpdateService.exe1
Faulting module path: FlashPlayerUpdateService.exe2
Report Id: FlashPlayerUpdateService.exe3
Faulting package full name: FlashPlayerUpdateService.exe4
Faulting package-relative application ID: FlashPlayerUpdateService.exe5
 
 
System errors:
=============
Error: (07/27/2013 11:30:30 AM) (Source: hpdskflt) (User: )
Description: 
 
Error: (07/27/2013 11:30:25 AM) (Source: BTHUSB) (User: )
Description: The local adapter does not support an important Low Energy controller state.  The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff.  Low Energy functionality will be disabled.
 
Error: (07/25/2013 05:54:02 PM) (Source: DCOM) (User: HISWORLD3)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}HISWORLD3HPENVY-DV7-7243S-1-5-21-1381800913-1119286949-2785834242-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/25/2013 05:54:02 PM) (Source: DCOM) (User: HISWORLD3)
Description: application-specificLocalActivation{A188DB29-2ABC-46CB-9A38-40B82CF5D051}{EA022610-0748-4C24-B229-6C507EBDFDBB}HISWORLD3HPENVY-DV7-7243S-1-5-21-1381800913-1119286949-2785834242-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/25/2013 05:53:10 PM) (Source: DCOM) (User: HISWORLD3)
Description: application-specificLocalActivation{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}HISWORLD3HPENVY-DV7-7243S-1-5-21-1381800913-1119286949-2785834242-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/25/2013 05:53:10 PM) (Source: DCOM) (User: HISWORLD3)
Description: application-specificLocalActivation{145B4335-FE2A-4927-A040-7C35AD3180EF}{145B4335-FE2A-4927-A040-7C35AD3180EF}HISWORLD3HPENVY-DV7-7243S-1-5-21-1381800913-1119286949-2785834242-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/25/2013 05:53:10 PM) (Source: DCOM) (User: HISWORLD3)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}HISWORLD3HPENVY-DV7-7243S-1-5-21-1381800913-1119286949-2785834242-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/25/2013 05:53:10 PM) (Source: DCOM) (User: HISWORLD3)
Description: application-specificLocalActivation{A188DB29-2ABC-46CB-9A38-40B82CF5D051}{EA022610-0748-4C24-B229-6C507EBDFDBB}HISWORLD3HPENVY-DV7-7243S-1-5-21-1381800913-1119286949-2785834242-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/25/2013 00:35:27 PM) (Source: DCOM) (User: HISWORLD3)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}HISWORLD3HPENVY-DV7-7243S-1-5-21-1381800913-1119286949-2785834242-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/25/2013 00:35:27 PM) (Source: DCOM) (User: HISWORLD3)
Description: application-specificLocalActivation{A188DB29-2ABC-46CB-9A38-40B82CF5D051}{EA022610-0748-4C24-B229-6C507EBDFDBB}HISWORLD3HPENVY-DV7-7243S-1-5-21-1381800913-1119286949-2785834242-1001LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (07/28/2013 06:49:00 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.2.9200.16578515fac6ec00000050002fa8b141401ce8be4a65d4b0eC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dlle41f6e13-f7d7-11e2-be9d-84a6c8ec6d81
 
Error: (07/28/2013 05:49:00 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.2.9200.16578515fac6ec00000050002fa8b27f001ce8bdc449671adC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dll8254e9f4-f7cf-11e2-be9d-84a6c8ec6d81
 
Error: (07/28/2013 04:49:00 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.2.9200.16578515fac6ec00000050002fa8b1fd401ce8bd3e2d36ea2C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dll2097d260-f7c7-11e2-be9d-84a6c8ec6d81
 
Error: (07/28/2013 03:49:00 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.2.9200.16578515fac6ec00000050002fa8b1cf801ce8bcb810ed5b9C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dllbed3397b-f7be-11e2-be9d-84a6c8ec6d81
 
Error: (07/28/2013 02:49:00 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.2.9200.16578515fac6ec00000050002fa8b174c01ce8bc31f495e90C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dll5d081bbf-f7b6-11e2-be9d-84a6c8ec6d81
 
Error: (07/28/2013 01:49:00 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.2.9200.16578515fac6ec00000050002fa8b2bc001ce8bbabd84bcc4C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dllfb484306-f7ad-11e2-be9d-84a6c8ec6d81
 
Error: (07/28/2013 00:49:00 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.2.9200.16578515fac6ec00000050002fa8b27e001ce8bb25bc1a25fC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dll9983a395-f7a5-11e2-be9d-84a6c8ec6d81
 
Error: (07/28/2013 11:49:00 AM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.2.9200.16578515fac6ec00000050002fa8b284001ce8ba9f9fe8441C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dll37c54a4f-f79d-11e2-be9d-84a6c8ec6d81
 
Error: (07/28/2013 10:49:00 AM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.2.9200.16578515fac6ec00000050002fa8b277001ce8ba1983673abC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dlld5f87503-f794-11e2-be9d-84a6c8ec6d81
 
Error: (07/28/2013 09:49:00 AM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.2.9200.16578515fac6ec00000050002fa8b2dc001ce8b99367447d8C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dll743b0dfc-f78c-11e2-be9d-84a6c8ec6d81
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-03-27 09:34:31.178
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-27 09:34:31.168
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-27 09:26:14.472
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-27 09:26:14.461
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 14%
Total physical RAM: 16272.96 MB
Available physical RAM: 13848.31 MB
Total Pagefile: 18577.27 MB
Available Pagefile: 15696.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
 
==================== Drives ================================
 
Drive c: (HisWorld3) (Fixed) (Total:237.96 GB) (Free:45.7 GB) NTFS (Disk=1 Partition=4)
Drive d: (Archives) (Fixed) (Total:1863.02 GB) (Free:1676.05 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]
Drive f: (New Volume) (Fixed) (Total:931.51 GB) (Free:355.52 GB) NTFS (Disk=2 Partition=1)
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 8282816B)
Partition 1: (Not Active) - (Size=-198622314496) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 238 GB) (Disk ID: 075B0EEB)
 
Partition: GPT Partition Type
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 8DF746CE)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


Thank you! :)



#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,458 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:05:03 AM

Posted 28 July 2013 - 08:25 PM

Hello

You machine is full of adware,

please run the following two programs, then run a fresh scan witrh FRST then I can script out anything that remains

Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right-mouse click JRT.exe and select Run as administrator
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

NEXT


Download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Delete
  • Once done it will ask to reboot, allow the reboot
  • On reboot a log will be produced, please attach the content of the log to your next reply

The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif
Microsoft MVP - 2010, 2011, 2012, 2013

#7 audstune

audstune
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 28 July 2013 - 10:47 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.6 (07.28.2013:1)
OS: Windows 8 Pro with Media Center x64
Ran by HPENVY-DV7-7243 on Sun 07/28/2013 at 23:41:51.44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully stopped: [Service] 24x7helpsvc 
Successfully deleted: [Service] 24x7helpsvc 
Successfully stopped: [Service] updater by sweetpacks 
Successfully deleted: [Service] updater by sweetpacks 
Successfully stopped: [Service] wajamupdater 
Successfully deleted: [Service] wajamupdater 
Successfully stopped: [Service] webcake desktop updater 
Successfully deleted: [Service] webcake desktop updater 
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\24x7help
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\pcfixspeed
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\webcake desktop
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\priam_bho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\webcakeieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{09c554c3-109b-483c-a06b-f14172f1a947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{39cb8175-e224-4446-8746-00566302df8d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4e1e9d45-8bf9-4139-915c-9f83cc3d5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{7169bbb3-3289-4696-b35d-4a88bcf6fb12}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{b12e99ed-69bd-437c-86be-c862b9e5444d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{261dd098-8a3e-43d4-87aa-63324fa897d8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{2a5a2a90-3b30-4e6e-a955-2f232c6ef517}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{4fcb4630-2a1c-4aa1-b422-345e8dc8a6de}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{86838207-681d-469d-9511-d0dcc6f19f9b}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{a0b10ebe-4e51-4cae-949b-e6b9e7d68cea}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{af6b0594-6008-4327-93e5-608ad710a6fa}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{bb975e58-e769-4e5a-ba12-b765bc559ff3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{c1af5fa5-852c-4c90-812e-a7f75e011d87}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{df84e609-c3a4-49cb-a160-61767daf8899}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{e97a663b-81a6-49c5-a6d3-bcb05ba1de26}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{f511afdb-726e-4458-90e7-1ecb97406544}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\delta.deltadskBnd.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\delta.deltadskBnd
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{0afd55c8-adf8-4a33-a6e1-dedb7a36aeb4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{df84e609-c3a4-49cb-a160-61767daf8899}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{39cb8175-e224-4446-8746-00566302df8d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{4e1e9d45-8bf9-4139-915c-9f83cc3d5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{efdf368c-8dd9-4e05-87cd-16aa5cb03cb8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\24x7help
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\24x7help
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\cr_installer
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\default tab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\delta
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta ltd
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\fixcleaner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\mywebsearch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\solid savings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{c1af5fa5-852c-4c90-812e-a7f75e011d87}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltahlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltahlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.deltaesrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.deltaesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{03f998b2-0e00-11d3-a498-00104b6eb52e}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{1b00725b-c455-4de6-bfb6-ad540ad427cd}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{07b18eab-a523-4961-b6bb-170de4475cca}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{25560540-9571-4d7b-9389-0f166788785a}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{3e720452-b472-4954-b7aa-33069eb53906}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{9ff05104-b030-46fc-94b8-81276e4e27df}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{c6fdd0c3-266a-4dc3-b459-28c697c44cdc}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{f25af245-4a81-40dc-92f9-e9021f207706}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0026278.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0026278.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0026278.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0026278.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000061107.FCTB000061107Pos
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000061107.FCTB000061107Pos.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000061107.IEToolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000061107.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000061107.IEToolbar.3
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000061107.JSOptionsImpl
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\FCTB000061107.JSOptionsImpl.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110211621178}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220222622278}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550255625578}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660266626678}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110211621178}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220222622278}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550255625578}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660266626678}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0026278.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0026278.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0026278.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0026278.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000061107.FCTB000061107Pos
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000061107.FCTB000061107Pos.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000061107.IEToolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000061107.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000061107.IEToolbar.3
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000061107.JSOptionsImpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\FCTB000061107.JSOptionsImpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255625578}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266626678}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550255625578}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660266626678}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211621178}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{DA4E5C8E-548F-47C1-9862-C912C3089FF4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{103089DA-0F31-4A8B-843F-7D24A7FE8345}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C8946697-7275-4E53-B85A-3BB9D4C30FE4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\asktoolbarinfo"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\interface\{ac71b60e-94c9-4ede-ba46-e146747bb67e}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{2996f0e7-292b-4cae-893f-47b8b1c05b56}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\tasks\You Lyrics Update.job
Successfully deleted: [File] C:\Windows\prefetch\LYRICSTARUPDATER.EXE-6CDF4A83.pf
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Users\HPENVY-DV7-7243\AppData\LocalLow\FCTB000061107
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\browserprotect"
Successfully deleted: [Folder] "C:\ProgramData\pcfixspeed"
Successfully deleted: [Folder] "C:\ProgramData\speedypc software"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\24x7 help"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\delta"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\fixcleaner"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\pcfixspeed"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\speedypc software"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\webcake"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\appdata\local\stronghold_llc"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\appdata\local\wajam"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\appdata\locallow\facemoods.com"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\appdata\locallow\funwebproducts"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\appdata\locallow\mywebsearch"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\appdata\locallow\viewpoint"
Successfully deleted: [Folder] "C:\Program Files (x86)\24x7help"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\delta"
Successfully deleted: [Folder] "C:\Program Files (x86)\fixcleaner"
Successfully deleted: [Folder] "C:\Program Files (x86)\free offers from freeze.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\funwebproducts"
Successfully deleted: [Folder] "C:\Program Files (x86)\happylyrics"
Successfully deleted: [Folder] "C:\Program Files (x86)\infoatoms"
Successfully deleted: [Folder] "C:\Program Files (x86)\lyricstar"
Successfully deleted: [Folder] "C:\Program Files (x86)\mywebsearch"
Successfully deleted: [Folder] "C:\Program Files (x86)\pcfixspeed"
Successfully deleted: [Folder] "C:\Program Files (x86)\speedypc software"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\ulyrics"
Successfully deleted: [Folder] "C:\Program Files (x86)\viewpoint"
Successfully deleted: [Folder] "C:\Program Files (x86)\wajam"
Successfully deleted: [Folder] "C:\Program Files (x86)\webcake"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\speedypc software"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 help"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc fix speed"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\microsoft\windows\start menu\programs\speedypc software"
Successfully deleted: [Folder] "C:\Users\HPENVY-DV7-7243\AppData\Roaming\microsoft\windows\start menu\programs\wajam"
Successfully deleted: [Empty Folder] C:\Users\HPENVY-DV7-7243\appdata\local\{28B975CA-D52F-4C6D-B7C4-7234DD55A38E}
Successfully deleted: [Folder] "C:\Program Files (x86)\ask.com"
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"
 
 
 
~~~ FireFox
 
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdsrch.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdsrch.xml"
Successfully deleted: [File] C:\Users\HPENVY-DV7-7243\AppData\Roaming\mozilla\firefox\profiles\l27h9p5t.default\user.js
Successfully deleted: [File] C:\Users\HPENVY-DV7-7243\AppData\Roaming\mozilla\firefox\profiles\l27h9p5t.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\HPENVY-DV7-7243\AppData\Roaming\mozilla\firefox\profiles\l27h9p5t.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\HPENVY-DV7-7243\AppData\Roaming\mozilla\firefox\profiles\l27h9p5t.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}.xpi
Successfully deleted: [File] C:\Users\HPENVY-DV7-7243\AppData\Roaming\mozilla\firefox\profiles\l27h9p5t.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\HPENVY-DV7-7243\AppData\Roaming\mozilla\firefox\profiles\l27h9p5t.default\searchplugins\browserprotect.xml
Successfully deleted: [File] C:\Users\HPENVY-DV7-7243\AppData\Roaming\mozilla\firefox\profiles\l27h9p5t.default\searchplugins\delta.xml
Successfully deleted: [File] C:\Users\HPENVY-DV7-7243\AppData\Roaming\mozilla\firefox\profiles\l27h9p5t.default\searchplugins\sweetim.xml
Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]"
Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]"
Successfully deleted: [Folder] C:\Users\HPENVY-DV7-7243\AppData\Roaming\mozilla\firefox\profiles\l27h9p5t.default\extensions\[email protected]
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\[email protected]
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{c4cfc0de-134f-4466-b2a2-ff7c59a8bfad}
Successfully deleted the following from C:\Users\HPENVY-DV7-7243\AppData\Roaming\mozilla\firefox\profiles\l27h9p5t.default\prefs.js
 
user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119556&tt=190313_wo1&babsrc=HP_ss&mntrId=008584A6C8EC6D7E");
user_pref("avg.install.userSPSettings", "Delta Search");
user_pref("browser.newtab.url", "hxxp://start.sweetpacks.com/?src=97&barid={A37C4A65-9BC3-11E2-BE78-84A6C8EC6D81}&crg=3.5000006.10042");
user_pref("browser.search.selectedEngine", "Delta Search");
user_pref("browser.startup.homepage", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={A37C4A65-9BC3-11E2-BE78-84A6C8EC6D81}");
user_pref("extensions.delta.bbDpng", "16");
user_pref("extensions.delta.cntry", "US");
user_pref("extensions.delta.hdrMd5", "");
user_pref("extensions.delta.lastVrsnTs", "");
user_pref("extensions.delta.sg", "er");
user_pref("extensions.delta.smplGrp", "er");
user_pref("keyword.URL", "hxxp://start.sweetpacks.com/?src=2&st=12&barid={A37C4A65-9BC3-11E2-BE78-84A6C8EC6D81}&q=");
user_pref("sweetim.toolbar.RevertDialog.enable", "false");
user_pref("sweetim.toolbar.SearchBoxLogo", "bing.png");
user_pref("sweetim.toolbar.SearchBoxText", "Search with Bing");
user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
user_pref("sweetim.toolbar.Visibility.enable", "true");
user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
user_pref("sweetim.toolbar.cargo", "3.5000006.10042");
user_pref("sweetim.toolbar.cda.DisableOveride.enable", "false");
user_pref("sweetim.toolbar.cda.HideOveride.enable", "false");
user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "false");
user_pref("sweetim.toolbar.defaultProvider", "bng");
user_pref("sweetim.toolbar.dialogs.0.enable", "true");
user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
user_pref("sweetim.toolbar.dialogs.0.height", "335");
user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=$cargo;");
user_pref("sweetim.toolbar.dialogs.0.width", "761");
user_pref("sweetim.toolbar.dialogs.1.enable", "true");
user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
user_pref("sweetim.toolbar.dialogs.1.height", "300");
user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
user_pref("sweetim.toolbar.dialogs.1.width", "500");
user_pref("sweetim.toolbar.dialogs.2.enable", "true");
user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
user_pref("sweetim.toolbar.dialogs.2.height", "150");
user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
user_pref("sweetim.toolbar.dialogs.2.width", "530");
user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.newtab.created", "true");
user_pref("sweetim.toolbar.newtab.enable", "true");
user_pref("sweetim.toolbar.newtab.url", "hxxp://start.sweetpacks.com/?src=97&barid=$toolbar_id;&crg=$cargo;");
user_pref("sweetim.toolbar.previous.browser.newtab.url", "hxxp://www.delta-search.com/?affID=119556&tt=190313_wo1&babsrc=NT_ss&mntrId=008584A6C8EC6D7E");
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;&flavour=$flavr;");
user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.0.enable", "false");
user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.1.enable", "false");
user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
user_pref("sweetim.toolbar.scripts.2.callback", "");
user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
user_pref("sweetim.toolbar.scripts.2.enable", "false");
user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://sear
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.searchguard.enable", "false");
user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
user_pref("sweetim.toolbar.simapp_id", "{A37C4A65-9BC3-11E2-BE78-84A6C8EC6D81}");
user_pref("sweetim.toolbar.urls.afteruninstall", "hxxp://toolbar.sweetpacks.com/uninstallbar.asp?barid=$toolbar_id;&flavour=$flavr;");
user_pref("sweetim.toolbar.urls.contactus", "hxxp://www.perion.com/contact-us");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={A37C4A65-9BC3-11E2-BE78-84A6C8EC6D81}");
user_pref("sweetim.toolbar.urls.privacy", "hxxp://www.perion.com/privacy-policy");
user_pref("sweetim.toolbar.urls.searchpage", "hxxp://start.sweetpacks.com/?barid=$toolbar_id;");
user_pref("sweetim.toolbar.urls.uninstall", "hxxp://toolbar.sweetpacks.com/uninstall");
user_pref("sweetim.toolbar.version", "1.12.0.0");
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocatio
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.
user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_product_name", "Updater By SweetPacks");
Emptied folder: C:\Users\HPENVY-DV7-7243\AppData\Roaming\mozilla\firefox\profiles\l27h9p5t.default\minidumps [1 files]
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\HPENVY-DV7-7243\appdata\local\Google\Chrome\User Data\Default\Extensions\cijeeimilokkhlfjombmalgpabbonmah
Successfully deleted: [Folder] C:\Users\HPENVY-DV7-7243\appdata\local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Folder] C:\Users\HPENVY-DV7-7243\appdata\local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Successfully deleted: [Folder] C:\Users\HPENVY-DV7-7243\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 07/28/2013 at 23:46:50.52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#8 audstune

audstune
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 28 July 2013 - 10:57 PM

# AdwCleaner v2.306 - Logfile created 07/28/2013 at 23:54:45
# Updated 19/07/2013 by Xplode
# Operating system : Windows 8 Pro with Media Center  (64 bits)
# User : HPENVY-DV7-7243 - HISWORLD3
# Boot Mode : Normal
# Running from : D:\My Downloads\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\HPENVY-DV7-7243\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\HPENVY-DV7-7243\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Folder Deleted : C:\Program Files\Updater By SweetPacks
Folder Deleted : C:\Users\HPENVY-DV7-7243\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
Folder Deleted : C:\Users\HPENVY-DV7-7243\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\HPENVY-DV7-7243\AppData\LocalLow\StumbleUpon
Folder Deleted : C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\extensions\116
Folder Deleted : C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\extensions\[email protected]
Folder Deleted : C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\SweetPacksToolbarData
Folder Deleted : C:\Windows\SysWOW64\WNLT
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{103089DA-0F31-4A8B-843F-7D24A7FE8345}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{103089DA-0F31-4A8B-843F-7D24A7FE8345}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\5b6d6dcb538be46
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\FocusInteractive
Key Deleted : HKLM\Software\Fun Web Products
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Wow6432Node\5b6d6dcb538be46
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{103089DA-0F31-4A8B-843F-7D24A7FE8345}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\FCTB000061107
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A957F04C-49F4-4375-8C8A-D04B769EFE47}_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InfoAtoms
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=fbpage&s={searchTerms}&f=4 --> hxxp://www.google.com
 
-\\ Mozilla Firefox v19.0.2 (en-US)
 
File : C:\Users\HPENVY-DV7-7243\AppData\Roaming\Mozilla\Firefox\Profiles\l27h9p5t.default\prefs.js
 
Deleted : user_pref("extensions.enabledAddons", "ffxtlbr%40delta.com:1.5.0,%7BEEE6C361-6118-11DC-9C72-001320C7[...]
Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]
 
-\\ Google Chrome v28.0.1500.72
 
File : C:\Users\HPENVY-DV7-7243\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [17393 octets] - [28/07/2013 23:54:45]
 
########## EOF - C:\AdwCleaner[S1].txt - [17454 octets] ##########


#9 audstune

audstune
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 28 July 2013 - 11:28 PM

Amazing...it's ALL gone from ALL the browsers!! You ROCK!! Thanks sooo much!  :thumbsup:



#10 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,458 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:05:03 AM

Posted 29 July 2013 - 07:53 AM

Please re-run FRST and post the fresh log,

I want to make sure there are no leftovers

thanks

~CB
The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif
Microsoft MVP - 2010, 2011, 2012, 2013

#11 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,458 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:05:03 AM

Posted 11 August 2013 - 06:23 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif
Microsoft MVP - 2010, 2011, 2012, 2013




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users