Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I need help


  • This topic is locked This topic is locked
26 replies to this topic

#1 kingterp

kingterp

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 23 November 2014 - 08:01 PM

My pc runs slow advertisements for virus pop up all the time I cant get on some websites. And websites I have passwords for wont let me use them. Some of my apps wont work right I really need some help.

                                                       



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 28 November 2014 - 08:05 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/557434 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 kingterp

kingterp
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 03 December 2014 - 05:32 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 11.0.9600.17420  BrowserJavaVersion: 10.51.2
Run by lhsrry at 17:21:48 on 2014-12-03
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5610.4843 [GMT -5:00]
.
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://astromenda.com/?f=1&a=ast_cmi_14_34_ff&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0D0F0CzytC0FtA0E0EtCyCtN0D0Tzu0SzyyCyEtN1L2XzutAtFtDtFtCtDtFtAtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzzyC0E0B0DtByDtGzytC0BzytGtDyEyD0CtG0C0F0FyDtGtA0AtC0D0E0C0D0B0AyBtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0F0E0A0A0ByDtAtGtD0C0B0DtGyEyDzytDtG0AyDtBtAtGtBzy0B0B0F0F0D0FyEyEtD0B2Q&cr=1514814697&ir=
uSearch Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fPoqp1Gorcadxji5Xg8zpYroXl7Mk2kAH2NgwEP0fCYcRZCsREwJEFBn80dGNFa4yCPmPmCGzZwQWy9OPVD_DVGlbe38oNmU1i_JZhcUqbGq8LjdFqfflWn0_8bnD2Umf1xA05NF5zFpAw,,&q={searchTerms}
uSearch Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fPoqp1Gorcadxji5Xg8zpYroXl7Mk2kAH2NgwEP0fCYcRZCsREwJEFBn80dGNFa4yCPmPmCGzZwQWy9OPVD_DVGlbe38oNmU1i_JZhcUqbGq8LjdFqfflWn0_8bnD2Umf1xA05NF5zFpAw,,&q={searchTerms}
mStart Page = hxxp://www.yahoo.com/?fr=befhp&type=iehp-3.2-1307
uProxyServer = hxxp=127.0.0.1:49239;https=127.0.0.1:49239
uProxyOverride = <-loopback>
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fPoqp1Gorcadxji5Xg8zpYroXl7Mk2kAH2NgwEP0fCYcRZCsREwJEFBn80dGNFa4yCPmPmCGzZwQWy9OPVD_DVGlbe38oNmU1i_JZhcUqbGq8LjdFqfflWn0_8bnD2Umf1xA05NF5zFpAw,,&q={searchTerms}
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: BeFrugalIEHelper: {2335A057-CBA6-40F6-A712-C6A7C98F7813} - C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll
BHO: Shopop WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
BHO: SmartOnes: {43aca2a0-f467-4353-bf5d-36358552a4c9} - C:\Program Files (x86)\SmartOnes\cXMVGsnnFea9IQ.dll
BHO: Ask Toolbar: {4F524A2D-5637-4300-76A7-7A786E7484D7} -
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: SearchSnacks: {7D1B27B2-3DE0-4F26-94A0-E14FDB06D292} - C:\Program Files (x86)\SearchSnacks\IE\SearchSnacksClientIE.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll
BHO: focusbase: {8fda85d4-b14a-49f5-9de6-f91c4ec5aaf4} - C:\Program Files (x86)\focusbase\focusbasebho.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Search Assistant BHO: {9359da42-06fb-46f2-9e4a-05c05b98a5ef} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll
BHO: RegularDeals: {a37478b4-e279-46e5-be9f-a02bea35ddfd} - C:\ProgramData\RegularDeals\0cMlGoPZcm4YMg.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
BHO: BlockAndSurf: {D42FC174-E80F-470C-8CF5-5E538924B568} - C:\Program Files (x86)\ver8BlockAndSurf\177.dll
BHO: Toolbar BHO: {d5a1d22b-9e17-454f-8ecd-83c578fb3983} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: 50Coupons: {f995fddf-bd0c-4d1b-a91e-30fa788de357} - C:\ProgramData\50Coupons\vAU3KXK7HTl2wF.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
TB: Ask Toolbar: {4F524A2D-5637-4300-76A7-7A786E7484D7} -
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: BeFrugal.com Toolbar: {5BA2C4EE-42EF-4E2D-88BE-7271AE4E35B7} - C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll
TB: InboxAce: {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
TB: Ask Toolbar: {4F524A2D-5637-4300-76A7-7A786E7484D7} -
TB: Shopop Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Browser Infrastructure Helper] C:\Users\lhsrry\AppData\Local\Smartbar\Application\Shopop.exe startup
uRun: [BRS] C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe -runBRS
uRun: [SlimCleaner Plus] "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Super Optimizer] C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [InboxAce EPM Support] "C:\PROGRA~2\INBOXA~2\bar\1.bin\1gmedint.exe" T8EPMSUP.DLL,S
mRun: [InboxAce Search Scope Monitor] "C:\PROGRA~2\INBOXA~2\bar\1.bin\1gsrchmn.exe" /m=2 /w /h
mRun: [InboxAce_1g Browser Plugin Loader] C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe
mRun: [InboxAce_1g Browser Plugin Loader 64] C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon64.exe
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [BrowserSafeguard] "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"
mRun: [ospd_us_55] "C:\Program Files (x86)\ospd_us_55\ospd_us_55.exe"
mRun: [BlockAndSurf] C:\Program Files (x86)\ver8BlockAndSurf\BlockAndSurf.exe
mRun: [AnyProtect Scanner] "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
mRunOnce: [upospd_us_55.exe] C:\Users\lhsrry\AppData\Local\ospd_us_55\upospd_us_55.exe -runonce
StartupFolder: C:\Users\lhsrry\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DESKTO~1.LNK - C:\Users\lhsrry\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe
StartupFolder: C:\Users\lhsrry\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MYPCBA~1.LNK - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
StartupFolder: C:\Users\lhsrry\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\WEATHE~1.LNK - C:\Users\lhsrry\AppData\Local\WeatherAlerts\WeatherAlerts.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3A4CD144-6849-4120-BA72-6A7633C58724} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3A4CD144-6849-4120-BA72-6A7633C58724}\34F4D434143545 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6CA76250-C25D-4B37-A1E3-CEA64945FCA2} : DHCPNameServer = 172.168.21.22
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: Shopop WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
x64-BHO: SmartOnes: {43aca2a0-f467-4353-bf5d-36358552a4c9} - C:\Program Files (x86)\SmartOnes\cXMVGsnnFea9IQ.x64.dll
x64-BHO: Ask Toolbar: {4F524A2D-5637-4300-76A7-7A786E7484D7} -
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
x64-BHO: SearchSnacks: {7D1B27B2-3DE0-4F26-94A0-E14FDB06D292} - C:\Program Files\SearchSnacks\IE\SearchSnacksClientIE.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: RegularDeals: {a37478b4-e279-46e5-be9f-a02bea35ddfd} - C:\ProgramData\RegularDeals\0cMlGoPZcm4YMg.x64.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
x64-BHO: BlockAndSurf: {D42FC174-E80F-470C-8CF5-5E538924B568} - C:\Program Files (x86)\ver8BlockAndSurf\177_x64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-BHO: 50Coupons: {f995fddf-bd0c-4d1b-a91e-30fa788de357} - C:\ProgramData\50Coupons\vAU3KXK7HTl2wF.x64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-TB: Ask Toolbar: {4F524A2D-5637-4300-76A7-7A786E7484D7} -
x64-TB: Shopop Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [InboxAce Home Page Guard 64 bit] "C:\PROGRA~2\INBOXA~2\bar\1.bin\AppIntegrator64.exe"
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\5m89yk0b.default\
FF - prefs.js: browser.startup.homepage - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fPoqp1Gorcadxji5Xg8zpYroXl7Mk2kAH2NgwEP0fCYcRZCsREwJEFBn80dGNFa4yCPmPmCGzZwQWy9CYPdxXhLbLWo0I-i9kn3kThBSgrjwH07Wme8s8wnWhOJ4mJ5gQunlHftRWecXig,,
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: keyword.URL - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fPoqp1Gorcadxji5Xg8zpYroXl7Mk2kAH2NgwEP0fCYcRZCsREwJEFBn80dGNFa4yCPmPmCGzZwQWy9OPVD_DVGlbe38oNmU1i_JZhcUqbGq8LjdFqfflWn0_8bnD2Umf1xA05NF5zFpAw,,&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064]
R1 {2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64;{2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64;C:\Windows\System32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64.sys [2014-8-21 61120]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2014-7-13 50976]
R1 ssnfd;ssnfd;C:\Windows\System32\drivers\ssnfd.sys [2014-7-28 58248]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-7-16 96896]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-12-22 46136]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-7-16 214144]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-22 428136]
S2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-9-30 89600]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-28 204288]
S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-28 361984]
S2 be0fb33b;Supporter;C:\Windows\System32\rundll32.exe [2009-7-13 45568]
S2 BeFrugal.com Service;BeFrugal.com Service;C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe [2013-7-26 346960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-8-26 260424]
S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
S2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-5-13 270624]
S2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520]
S2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]
S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-22 2413056]
S2 LPTSystemUpdater;LPT System Updater Service;C:\Program Files (x86)\LPT\srpts.exe [2014-7-21 32776]
S2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-2-5 138272]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 SlimService;SlimWare Utility Service Launcher;C:\Program Files\SlimService\SlimServiceFactory.exe [2014-9-10 244544]
S2 sssvc;Search Snacks Client Service;C:\Program Files (x86)\SearchSnacks\Service\sssvc.exe [2014-7-28 356448]
S2 Update focusbase;Update focusbase;C:\Program Files (x86)\focusbase\updatefocusbase.exe [2014-8-21 323360]
S2 Util focusbase;Util focusbase;C:\Program Files (x86)\focusbase\bin\utilfocusbase.exe [2014-8-21 323360]
S2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-8-12 1820184]
S2 webinstr;webinstr;C:\Windows\System32\drivers\webinstr.sys [2014-8-22 57528]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2011-12-22 133672]
S3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120905.001\BHDrvx64.sys [2012-8-31 1385120]
S3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2011-12-22 620584]
S3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2011-12-22 89640]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-12-22 39976]
S3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-2-5 167072]
S3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-16 138912]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120907.001\IDSviA64.sys [2012-9-7 513184]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-11 114688]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-12-22 338536]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2014-9-18 16152]
S3 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-2-5 451192]
S3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-2-5 1129120]
S3 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-2-5 190072]
S3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-2-5 405624]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-18 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-12-02 19:44:55    --------    d-----w-    C:\ProgramData\Supreme AdBlocker
2014-12-02 16:34:36    11632448    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F606E66E-701A-48DE-B83F-6ACFF97880D5}\mpengine.dll
2014-12-02 16:32:08    --------    d-----w-    C:\ProgramData\RegularDeals
2014-12-02 00:16:23    22528    ----a-w-    C:\Users\lhsrry\AppData\Local\dsisetup1571242532.exe
2014-11-28 16:02:17    --------    d-----w-    C:\ProgramData\50Coupons
2014-11-19 16:32:02    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-11-19 16:32:02    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-11-19 16:32:02    241152    ----a-w-    C:\Windows\System32\pku2u.dll
2014-11-19 16:32:02    186880    ----a-w-    C:\Windows\SysWow64\pku2u.dll
2014-11-18 03:50:13    --------    d-----w-    C:\Program Files (x86)\Supporter
2014-11-18 03:50:00    --------    d-----w-    C:\ProgramData\SmartOnes
2014-11-18 03:50:00    --------    d-----w-    C:\ProgramData\f172c0cf1166a42f
2014-11-18 03:49:55    --------    d-----w-    C:\Users\lhsrry\AppData\Local\Chromatic Browser
2014-11-18 03:49:55    --------    d-----w-    C:\Program Files (x86)\SmartOnes
2014-11-18 03:49:54    --------    d-----w-    C:\Users\lhsrry\AppData\Local\Torch
2014-11-18 03:49:54    --------    d-----w-    C:\Users\lhsrry\AppData\Local\Comodo
2014-11-12 02:50:59    968704    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-12 02:49:09    1882624    ----a-w-    C:\Windows\System32\msxml3.dll
2014-11-12 02:48:35    342016    ----a-w-    C:\Windows\System32\schannel.dll
2014-11-12 02:48:35    309760    ----a-w-    C:\Windows\System32\ncrypt.dll
2014-11-12 02:48:35    248832    ----a-w-    C:\Windows\SysWow64\schannel.dll
2014-11-12 02:48:34    221184    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2014-11-12 02:48:27    86528    ----a-w-    C:\Windows\System32\TSpkg.dll
2014-11-12 02:48:27    65536    ----a-w-    C:\Windows\SysWow64\TSpkg.dll
2014-11-12 02:48:27    314880    ----a-w-    C:\Windows\System32\msv1_0.dll
2014-11-12 02:48:27    259584    ----a-w-    C:\Windows\SysWow64\msv1_0.dll
2014-11-12 02:48:27    22016    ----a-w-    C:\Windows\System32\credssp.dll
2014-11-12 02:48:27    210944    ----a-w-    C:\Windows\System32\wdigest.dll
2014-11-12 02:48:27    17408    ----a-w-    C:\Windows\SysWow64\credssp.dll
2014-11-12 02:48:27    172032    ----a-w-    C:\Windows\SysWow64\wdigest.dll
2014-11-12 02:47:07    77824    ----a-w-    C:\Windows\System32\packager.dll
2014-11-12 02:46:53    67584    ----a-w-    C:\Windows\SysWow64\packager.dll
2014-11-12 02:45:49    3198976    ----a-w-    C:\Windows\System32\win32k.sys
2014-11-12 02:45:45    3241984    ----a-w-    C:\Windows\System32\msi.dll
2014-11-12 02:45:44    2363904    ----a-w-    C:\Windows\SysWow64\msi.dll
2014-11-12 02:45:34    861696    ----a-w-    C:\Windows\System32\oleaut32.dll
2014-11-12 02:45:34    571904    ----a-w-    C:\Windows\SysWow64\oleaut32.dll
.
==================== Find3M  ====================
.
2014-12-03 21:56:41    310    ----a-w-    C:\Windows\SysWow64\ff.bin
2014-12-03 21:51:03    552    ----a-w-    C:\Windows\SysWow64\schtasks.bin
2014-11-26 04:33:20    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-26 04:33:20    701104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-06 04:04:03    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03    66560    ----a-w-    C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12    580096    ----a-w-    C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28    88064    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22    144384    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08    114688    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18    814080    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57    6040064    ----a-w-    C:\Windows\System32\jscript9.dll
2014-11-06 03:13:43    501248    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36    62464    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44    47616    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58    64000    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29    77824    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36    115712    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38    620032    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39    1359360    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25    2124288    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49    4298240    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25    2051072    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37    1155072    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24    2365440    ----a-w-    C:\Windows\System32\wininet.dll
2014-11-06 01:52:35    1892864    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-11-05 17:56:54    304640    ----a-w-    C:\Windows\System32\generaltel.dll
2014-11-05 17:56:36    228864    ----a-w-    C:\Windows\System32\aepdu.dll
2014-11-05 17:52:22    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-11-04 19:30:58    275080    ------w-    C:\Windows\System32\MpSigStub.exe
2014-10-31 02:53:24    16152    ----a-w-    C:\Windows\System32\drivers\SWDUMon.sys
2014-10-14 02:16:37    155064    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06    683520    ----a-w-    C:\Windows\System32\termsrv.dll
2014-10-14 02:12:57    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31    146432    ----a-w-    C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31    681984    ----a-w-    C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-10-14 01:49:38    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30    146432    ----a-w-    C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02    681984    ----a-w-    C:\Windows\SysWow64\adtschema.dll
2014-10-03 02:12:00    500224    ----a-w-    C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54    284672    ----a-w-    C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51    680960    ----a-w-    C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51    440832    ----a-w-    C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51    296448    ----a-w-    C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42    442880    ----a-w-    C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26    374784    ----a-w-    C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26    195584    ----a-w-    C:\Windows\SysWow64\AudioSes.dll
2014-09-25 02:08:38    371712    ----a-w-    C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50    519680    ----a-w-    C:\Windows\SysWow64\qdvd.dll
2014-09-09 22:11:04    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-09-09 21:47:10    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 17:24:56.34 ===============



#4 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:02:59 PM

Posted 03 December 2014 - 07:28 PM

:welcome:

 

Sorry for the delay but we get pretty busy around here

 

Do you still need help or have you resolved this problem ??


mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#5 kingterp

kingterp
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 03 December 2014 - 07:30 PM

Yes i still need help



#6 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:02:59 PM

Posted 03 December 2014 - 07:38 PM

You have quite a bit going on, run these programs in order and post the logs for each one

 

 
-AdwCleaner-by Xplode
 
Click on this link to download : ADWCleaner
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
 
Do not click on any links in the top Advertisment.
 
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  •  
     
    ===============================================================================
     
     
    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    ===============================================================================
     
    Download Malwarebytes' Anti-Malware  to your desktop. 
     
  • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  •  
    MBAM203_zps0a230260.jpg
     
  • On the Dashboard click on Update Now
  • Go to the Setting Tab
  • Under Setting go to Detection and Protection
  • Under PUP and PUM make sure both are set to show Treat Detections as Malware
  • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
  • Then on the Dashboard click on Scan
  • Make sure to select THREAT SCAN
  • Then click on Scan
  • When the scan is finished click on VIEW DETAILED LOG
  • When it opens click on COPY TO CLIPBOARD
  • Then paste the log back into this thread for review
  • Exit Malwarebytes

  • mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #7 kingterp

    kingterp
    • Topic Starter

    • Members
    • 31 posts
    • OFFLINE
    •  
    • Local time:01:59 PM

    Posted 03 December 2014 - 08:35 PM

    # AdwCleaner v3.000 - Report created 03/12/2014 at 19:46:03
    # Updated 20/08/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : lhsrry - LHSRRY-HP
    # Running from : H:\adwcleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\APN
    Folder Deleted : C:\ProgramData\AVG Secure Search
    Folder Deleted : C:\ProgramData\Systweak
    Folder Deleted : C:\ProgramData\50Coupons
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
    Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
    Folder Deleted : C:\Program Files (x86)\MyPC Backup
    Folder Deleted : C:\Program Files (x86)\Wajam
    Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
    Folder Deleted : C:\Users\lhsrry\AppData\Local\AskPartnerNetwork
    Folder Deleted : C:\Users\lhsrry\AppData\Local\iac
    Folder Deleted : C:\Users\lhsrry\AppData\Local\SearchProtect
    Folder Deleted : C:\Users\lhsrry\AppData\Local\Smartbar
    Folder Deleted : C:\Users\lhsrry\AppData\Local\Temp\APN
    Folder Deleted : C:\Users\lhsrry\AppData\Local\Temp\Smartbar
    Folder Deleted : C:\Users\lhsrry\AppData\LocalLow\iac
    Folder Deleted : C:\Users\lhsrry\AppData\LocalLow\Smartbar
    Folder Deleted : C:\Users\lhsrry\AppData\Roaming\Systweak
    Folder Deleted : C:\Users\lhsrry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
    File Deleted : C:\Users\Public\Desktop\eBay.lnk
    File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
    File Deleted : C:\Windows\System32\roboot64.exe
    File Deleted : C:\Users\lhsrry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
    File Deleted : C:\Users\lhsrry\Desktop\MyPC Backup.lnk
    File Deleted : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\5m89yk0b.default\searchplugins\Web Search.xml
    File Deleted : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\user.js
    File Deleted : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\components\user.js
    File Deleted : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\defaults\user.js
    File Deleted : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\locale\user.js
    File Deleted : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\META-INF\user.js
    File Deleted : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\skin\user.js

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BHO
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
    Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
    Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
    Key Deleted : HKLM\SOFTWARE\Classes\S
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [InboxAce Search Scope Monitor]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [InboxAce_1g Browser Plugin Loader]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [InboxAce_1g Browser Plugin Loader 64]
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\AskPartnerNetwork
    Key Deleted : HKCU\Software\InstallCore
    Key Deleted : HKCU\Software\SmartBar
    Key Deleted : HKCU\Software\SmartbarBackup
    Key Deleted : HKCU\Software\SmartbarLog
    Key Deleted : HKCU\Software\systweak
    Key Deleted : HKCU\Software\Tutorials
    Key Deleted : HKCU\Software\TutoTag
    Key Deleted : HKCU\Software\Wajam
    Key Deleted : HKLM\Software\AVG Security Toolbar
    Key Deleted : HKLM\Software\InstallCore
    Key Deleted : HKLM\Software\SearchProtect
    Key Deleted : HKLM\Software\systweak
    Key Deleted : HKLM\Software\Tutorials
    Key Deleted : HKLM\Software\Wajam
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
    Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17420

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

    -\\ Mozilla Firefox v31.0 (x86 en-US)

    [ File : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\5m89yk0b.default\prefs.js ]

    Line Deleted : user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fPoqp1Gorcadxji5Xg8zpYroXl7Mk2kAH2NgwEP0fCYcRZCsREwJEFBn80dGNFa4yCPmPmCGzZwQWy9C[...]
    Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
    Line Deleted : user_pref("keyword.URL", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fPoqp1Gorcadxji5Xg8zpYroXl7Mk2kAH2NgwEP0fCYcRZCsREwJEFBn80dGNFa4yCPmPmCGzZwQWy9OPVD_DVGlbe38o[...]
    Line Deleted : user_pref("browser.newtab.url", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2e111hOmaVHQAxQHSlVfcqvikmWF5fPoqp1Gorcadxji5Xg8zpYroXl7Mk2kAH2NgwEP0fCYcRZCsREwJEFBn80dGNFa4yCPmPmCGzZwQWy9ECESYI4[...]

    [ File : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\prefs.js ]


    [ File : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\components\prefs.js ]


    [ File : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\defaults\prefs.js ]


    [ File : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\locale\prefs.js ]


    [ File : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\META-INF\prefs.js ]


    [ File : C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\skin\prefs.js ]


    -\\ Google Chrome v38.0.2125.111

    [ File : C:\Users\lhsrry\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [15438 octets] - [03/12/2014 19:45:11]
    AdwCleaner[S0].txt - [13454 octets] - [03/12/2014 19:46:03]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13515 octets] ##########

     

     

     

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.0 (11.29.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by lhsrry on Wed 12/03/2014 at 19:56:52.28
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services

    Successfully stopped: [Service] be0fb33b
    Successfully deleted: [Service] be0fb33b
    Successfully stopped: [Service] lptsystemupdater
    Successfully deleted: [Service] lptsystemupdater
    Failed to stop: [Service] ssnfd
    Successfully stopped: [Service] sssvc
    Successfully deleted: [Service] sssvc
    Successfully stopped: [Service] util focusbase
    Successfully deleted: [Service] util focusbase



    ~~~ Registry Values

    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\browsersafeguard
    Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\brs
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1534693805-1363340325-1431764050-1002\Software\Microsoft\Internet Explorer\Main\\Start Page



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util focusbase
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.FeedManager
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.FeedManager.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.HTMLMenu
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.HTMLMenu.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.HTMLPanel
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.HTMLPanel.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.MultipleButton
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.MultipleButton.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.PseudoTransparentPlugin
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.PseudoTransparentPlugin.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.Radio
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.Radio.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.RadioSettings
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.RadioSettings.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.ScriptButton
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.ScriptButton.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.SettingsPlugin
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.SettingsPlugin.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.ThirdPartyInstaller
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.ThirdPartyInstaller.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.ToolbarProtector
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\InboxAce_1g.ToolbarProtector.1
    Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{44cbc005-6243-4502-8a02-3a096a282664}"
    Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{80703783-e415-4ee3-ab60-d36981c5a6f1}"
    Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{d8278076-bc68-4484-9233-6e7f1628b56c}"
    Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{f297534d-7b06-459d-bc19-2dd8ef69297b}"
    Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{9945959c-aad8-4312-8b57-2de11927e770}"
    Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{6978f29a-3493-40b2-8cdc-9c13a02f85a4}"
    Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{d7949a66-d936-4028-9552-14f7dc50f38d}"
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F26A67BF-B88A-4A66-9E18-1A4BE00F643F}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9359da42-06fb-46f2-9e4a-05c05b98a5ef}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9359da42-06fb-46f2-9e4a-05c05b98a5ef}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a37478b4-e279-46e5-be9f-a02bea35ddfd}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{a37478b4-e279-46e5-be9f-a02bea35ddfd}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a37478b4-e279-46e5-be9f-a02bea35ddfd}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5a1d22b-9e17-454f-8ecd-83c578fb3983}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{d5a1d22b-9e17-454f-8ecd-83c578fb3983}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f995fddf-bd0c-4d1b-a91e-30fa788de357}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{f995fddf-bd0c-4d1b-a91e-30fa788de357}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f995fddf-bd0c-4d1b-a91e-30fa788de357}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9359da42-06fb-46f2-9e4a-05c05b98a5ef}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{9359da42-06fb-46f2-9e4a-05c05b98a5ef}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a37478b4-e279-46e5-be9f-a02bea35ddfd}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{a37478b4-e279-46e5-be9f-a02bea35ddfd}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5a1d22b-9e17-454f-8ecd-83c578fb3983}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{d5a1d22b-9e17-454f-8ecd-83c578fb3983}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f995fddf-bd0c-4d1b-a91e-30fa788de357}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{f995fddf-bd0c-4d1b-a91e-30fa788de357}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9359da42-06fb-46f2-9e4a-05c05b98a5ef}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{9359da42-06fb-46f2-9e4a-05c05b98a5ef}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a37478b4-e279-46e5-be9f-a02bea35ddfd}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{a37478b4-e279-46e5-be9f-a02bea35ddfd}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5a1d22b-9e17-454f-8ecd-83c578fb3983}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{d5a1d22b-9e17-454f-8ecd-83c578fb3983}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f995fddf-bd0c-4d1b-a91e-30fa788de357}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{f995fddf-bd0c-4d1b-a91e-30fa788de357}



    ~~~ Files

    Successfully deleted: [File] C:\Windows\Tasks\APSnotifierPP1.job
    Successfully deleted: [File] C:\Windows\Tasks\APSnotifierPP2.job
    Successfully deleted: [File] C:\Windows\Tasks\APSnotifierPP3.job
    Successfully deleted: [File] C:\Windows\Tasks\DriverUpdate Scan.job
    Successfully deleted: [File] "C:\Users\lhsrry\appdata\local\google\chrome\user data\default\local storage\http_static.boostsaves.com_0.localstorage"
    Successfully deleted: [File] "C:\Users\lhsrry\appdata\local\google\chrome\user data\default\local storage\http_static.boostsaves.com_0.localstorage-journal"
    Successfully deleted: [File] "C:\Users\lhsrry\appdata\local\google\chrome\user data\default\local storage\http_www.ask.com_0.localstorage"
    Successfully deleted: [File] "C:\Users\lhsrry\appdata\local\google\chrome\user data\default\local storage\http_www.ask.com_0.localstorage-journal"
    Successfully deleted: [File] "C:\Users\lhsrry\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
    Successfully deleted: [File] "C:\Users\lhsrry\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"
    Successfully deleted: [File] "C:\Users\lhsrry\appdata\local\google\chrome\user data\default\local storage\https_static.boostsaves.com_0.localstorage"
    Successfully deleted: [File] "C:\Users\lhsrry\appdata\local\google\chrome\user data\default\local storage\https_static.boostsaves.com_0.localstorage-journal"
    Successfully deleted: [File] "C:\Users\lhsrry\desktop\pc speed maximizer.lnk"
    Successfully deleted: [File] "C:\Windows\wininit.ini"
    Successfully deleted: [File] C:\Users\lhsrry\AppData\Roaming\GroovorioUpdater\UpdateProc\UpdateTask.exe
    Successfully deleted: [File] C:\Users\lhsrry\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe



    ~~~ Folders

    Successfully deleted: [Folder] C:\ProgramData\RegularDeals
    Successfully deleted: [Folder] C:\Users\lhsrry\AppData\Roaming\GroovorioUpdater
    Successfully deleted: [Folder] C:\Users\lhsrry\AppData\Roaming\WSE_Astromenda
    Successfully deleted: [Folder] "C:\Users\lhsrry\AppData\Roaming\ap_logs"
    Successfully deleted: [Folder] "C:\Users\lhsrry\AppData\Roaming\astromenda"
    Successfully deleted: [Folder] "C:\Users\lhsrry\AppData\Roaming\pc speed maximizer"
    Successfully deleted: [Folder] "C:\Users\lhsrry\appdata\local\astromenda"
    Successfully deleted: [Folder] "C:\Users\lhsrry\appdata\local\chromatic browser"
    Successfully deleted: [Folder] "C:\Users\lhsrry\appdata\local\inboxace_1g"
    Successfully deleted: [Folder] "C:\Users\lhsrry\appdata\local\local_weather_llc"
    Successfully deleted: [Folder] "C:\Users\lhsrry\appdata\local\lpt"
    Successfully deleted: [Folder] "C:\Users\lhsrry\appdata\local\torch"
    Successfully deleted: [Folder] "C:\Users\lhsrry\appdata\local\weatheralerts"
    Successfully deleted: [Folder] "C:\Users\lhsrry\appdata\locallow\inboxace_1g"
    Successfully deleted: [Folder] "C:\Program Files (x86)\anyprotectex"
    Successfully deleted: [Folder] "C:\Program Files (x86)\asp"
    Successfully deleted: [Folder] "C:\Program Files (x86)\browsersafeguard"
    Successfully deleted: [Folder] "C:\Program Files (x86)\inboxace_1g"
    Successfully deleted: [Folder] "C:\Program Files (x86)\lpt"
    Successfully deleted: [Folder] "C:\Program Files (x86)\pc speed maximizer"
    Successfully deleted: [Folder] "C:\Program Files (x86)\rcp"
    Successfully deleted: [Folder] "C:\Program Files (x86)\searchsnacks"
    Successfully deleted: [Folder] "C:\Program Files (x86)\supporter"
    Successfully deleted: [Folder] "C:\Program Files (x86)\system optimizer pro"
    Successfully deleted: [Folder] "C:\Program Files (x86)\wse_astromenda"
    Successfully deleted: [Folder] "C:\Users\lhsrry\AppData\Roaming\microsoft\windows\start menu\programs\anyprotect pc backup"
    Successfully deleted: [Folder] "C:\Users\lhsrry\AppData\Roaming\microsoft\windows\start menu\programs\weather alerts"
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{02BA97FC-541D-483F-97A8-1BE37F41C3F3}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{0C3A86F9-50C7-46A8-8C7C-4AA71335D209}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{1815C810-0D7C-4F11-949D-53EC08999F58}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{1A7F6F68-8553-4AEA-8977-DFA893CED1E0}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{23EC9358-E223-4B12-8D5C-8847C3BFCF09}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{2642EE40-22B6-418A-9475-BA609752AEDE}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{35CA1DB3-0179-4289-974E-349631F7E716}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{36CBDA87-FB86-4D8F-AF82-1B6FB8206561}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{37618FC8-833D-4913-9D3F-A22C22B5DD5E}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{3B3E35EC-FB5E-40A3-B872-D839D08C65D3}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{3BE46D32-1C3C-490A-AE04-D9D646B337FF}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{3FC8DDAB-23FB-4EDC-AE3A-7B0CFFD83C01}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{432B99E6-CF22-454C-B4F2-E796233B98ED}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{43B6904A-4058-47DC-A865-E732CBAD33C5}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{453ACD89-1551-47C7-B355-9C3A915179C8}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{46D62EF8-DB35-4B03-AB5C-0CAEE4CAB031}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{4E5422CB-DD10-491D-80D9-F50E51AA324E}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{5017B2B4-7E98-4649-B168-5B2261E344A5}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{547AD74B-949B-4CF5-B37B-A77D314C18E3}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{555D1F04-99E9-4028-AEDE-3FF16DE126BD}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{5A5B91B1-3D4A-4648-B8D8-058F4652BEB6}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{642ECE70-2B5D-4CE3-95BE-2FA3107F40F1}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{7BC42EF6-D4CB-49E0-A8DB-6E08CC102407}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{816A20BE-40B8-4E6B-A22B-6C866B5B8208}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{860FBABA-1FA7-4931-A141-1D2075DD394E}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{8E2A7C8D-34A6-4942-8A7B-56C1C5DC4DD1}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{958513F7-8844-4C2E-BF54-147BEDD4313C}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{9E8AD711-4A26-4285-9ACA-AEBCD7782F24}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{A174DA73-CAB2-4F74-86BB-07AB6C0CC172}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{A5C74247-BEE5-4FFA-95D6-F2F6BA3A59ED}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{A8BE93B1-F2E0-4F21-A77D-B7CF5F20D889}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{B3B2DA00-4C3B-442C-B9A2-B438AF3EA63E}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{B77B4A15-7D1F-4BE1-8B1B-87DB3F16D97F}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{BC5D17EB-2666-41A5-B046-913E11FB5AFB}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{C10ADB2C-FEB9-42A0-89CD-6532C034102A}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{CE6C27C0-0996-4865-8876-9EC7E87EF516}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{D97F9D88-A76D-43D2-A05D-34C2CC331D42}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{DF525910-EECB-47FC-81B8-A00E25816C89}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{E19B70F8-ABDA-4E00-8D1E-EE85215D6CFC}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{E53767DA-17F1-4532-B86E-5BEB33102AE8}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{F42ABC68-820D-46E9-A738-55983C224C99}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{F61F1106-58F2-41DD-944A-311B32858D94}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{F678AF49-EA16-4871-A9FC-35932D103844}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{FDF9AE3D-41BE-4033-A6CE-330DAC3775D9}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{FEB7DE2C-6F08-4521-BA24-47C96A58B8DF}
    Successfully deleted: [Empty Folder] C:\Users\lhsrry\appdata\local\{FF892C07-016F-4A2A-8A61-F83581BF2188}



    ~~~ FireFox

    Successfully deleted: [File] C:\Users\lhsrry\AppData\Roaming\mozilla\firefox\profiles\5m89yk0b.default\searchplugins\astromenda.xml
    Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\search-snacks@search-snacks.com"
    Successfully deleted: [Folder] C:\Users\lhsrry\AppData\Roaming\mozilla\firefox\profiles\5m89yk0b.default\extensions\staged
    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\search-snacks@search-snacks.com
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@inboxace_1g.com/plugin



    ~~~ Chrome

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Wed 12/03/2014 at 20:01:08.51
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     

     

     

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 12/3/2014
    Scan Time: 8:07:10 PM
    Logfile: tim.txt
    Administrator: Yes

    Version: 2.00.4.1028
    Malware Database: v2014.12.03.13
    Rootkit Database: v2014.12.03.01
    License: Trial
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: lhsrry

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 386345
    Time Elapsed: 21 min, 0 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 93
    PUP.Optional.SearchSnacks.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ssnfd, , [1c5dec72483465d16d2f07e7de23f808],
    PUP.Optional.FocusBase.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update focusbase, , [295072ec4735aa8c5ebd2e79dd24c040],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{43aca2a0-f467-4353-bf5d-36358552a4c9}, , [37423d213a4259ddaf03d0f1bc451ee2],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{43ACA2A0-F467-4353-BF5D-36358552A4C9}, , [37423d213a4259ddaf03d0f1bc451ee2],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{43ACA2A0-F467-4353-BF5D-36358552A4C9}, , [37423d213a4259ddaf03d0f1bc451ee2],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{43ACA2A0-F467-4353-BF5D-36358552A4C9}, , [37423d213a4259ddaf03d0f1bc451ee2],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{43ACA2A0-F467-4353-BF5D-36358552A4C9}, , [37423d213a4259ddaf03d0f1bc451ee2],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{43ACA2A0-F467-4353-BF5D-36358552A4C9}, , [37423d213a4259ddaf03d0f1bc451ee2],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{43ACA2A0-F467-4353-BF5D-36358552A4C9}\INPROCSERVER32, , [37423d213a4259ddaf03d0f1bc451ee2],
    PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [e792520c98e4d85e9d19d629788a7987],
    PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [e792520c98e4d85e9d19d629788a7987],
    PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\CLASSES\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, , [d0a9e87616662511310bb41343bf7a86],
    PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\CLASSES\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}\INPROCSERVER32, , [d0a9e87616662511310bb41343bf7a86],
    PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{F32C616B-19B1-4978-919B-ACB52B51CAA5}, , [d0a9e87616662511310bb41343bf7a86],
    PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{CCE39B30-B61A-4569-9411-43747C6C481F}, , [d0a9e87616662511310bb41343bf7a86],
    PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{CCE39B30-B61A-4569-9411-43747C6C481F}, , [d0a9e87616662511310bb41343bf7a86],
    PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{F32C616B-19B1-4978-919B-ACB52B51CAA5}, , [d0a9e87616662511310bb41343bf7a86],
    PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, , [d0a9e87616662511310bb41343bf7a86],
    PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, , [d0a9e87616662511310bb41343bf7a86],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3775afd7-5921-4571-968f-85a631203d1c}, , [7009afaf522ae74f218fa82051b1d030],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3775AFD7-5921-4571-968F-85A631203D1C}, , [7009afaf522ae74f218fa82051b1d030],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3775AFD7-5921-4571-968F-85A631203D1C}, , [7009afaf522ae74f218fa82051b1d030],
    PUP.Optional.Outbrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}, , [0079332b5c2078beb45e22e1e22130d0],
    PUP.Optional.Outbrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{03771AEF-400D-4A13-B712-25878EC4A3F5}, , [0079332b5c2078beb45e22e1e22130d0],
    PUP.Optional.Outbrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [0079332b5c2078beb45e22e1e22130d0],
    PUP.Optional.Outbrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [0079332b5c2078beb45e22e1e22130d0],
    PUP.Optional.Outbrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{03771AEF-400D-4A13-B712-25878EC4A3F5}, , [0079332b5c2078beb45e22e1e22130d0],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8fda85d4-b14a-49f5-9de6-f91c4ec5aaf4}, , [a8d1bf9f0478be78a06a4182b949bf41],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{95A526CE-38F4-4B1C-927D-A695EDA1BBBA}, , [a8d1bf9f0478be78a06a4182b949bf41],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E1416C97-45B6-42FE-8C0C-87623037ADD2}, , [a8d1bf9f0478be78a06a4182b949bf41],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E1416C97-45B6-42FE-8C0C-87623037ADD2}, , [a8d1bf9f0478be78a06a4182b949bf41],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{95A526CE-38F4-4B1C-927D-A695EDA1BBBA}, , [a8d1bf9f0478be78a06a4182b949bf41],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8FDA85D4-B14A-49F5-9DE6-F91C4EC5AAF4}, , [a8d1bf9f0478be78a06a4182b949bf41],
    PUP.Optional.FocusBase.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8FDA85D4-B14A-49F5-9DE6-F91C4EC5AAF4}, , [a8d1bf9f0478be78a06a4182b949bf41],
    PUP.Optional.FocusBase.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8FDA85D4-B14A-49F5-9DE6-F91C4EC5AAF4}, , [a8d1bf9f0478be78a06a4182b949bf41],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9359DA42-06FB-46F2-9E4A-05C05B98A5EF}, , [bcbd74ea2e4ef6401b98e5e314ee9e62],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9359DA42-06FB-46F2-9E4A-05C05B98A5EF}, , [bcbd74ea2e4ef6401b98e5e314ee9e62],
    PUP.Optional.BrowseFox, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\focusbase, , [d4a5eb739ae2c5719fafa81ba25f30d0],
    PUP.Optional.AdLyrics, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\8C6B2099-070F-7ACB-53BC-8B004C13A309, , [ff7abca2522aba7c24b7a8166b9644bc],
    PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64, , [b6c308562e4e2016ea56362526dd0bf5],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.Groovorio.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\blmchfpimpbbdmgpcieclabeafkljbhm, , [31484d11215b22143304322a996ad52b],
    PUP.Optional.Astromenda.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pfkfdlcdbajamklbneflfbcmfgddmpae, , [1861ea74d3a95cda8d858e322bd9e719],
    PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, , [512805596814bc7aa62cdae437cda858],
    PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, , [fa7f0f4f097377bfa130922cae5612ee],
    PUP.Optional.AppBud.A, HKLM\SOFTWARE\WOW6432NODE\App Bud, , [71081b436e0e91a5d793392062a1a65a],
    PUP.Optional.FocusBase.A, HKLM\SOFTWARE\WOW6432NODE\focusbase, , [2752dd817507d56106af21988084ae52],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\InboxAce_1g, , [6a0f87d7106c2b0b5245c8edd62ec43c],
    PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\ONESOFTPERDAY, , [bdbc4a143745ff3776d0341dd33056aa],
    PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\SearchSnacks, , [e4955a043a42270fe3b371daa75cfa06],
    PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD, , [d5a481dd9be147ef7c410b950df7d927],
    PUP.Optional.Groovorio.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Groovorio, , [abce134b93e9b77f84ad322a956e728e],
    PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ospd_us_55_is1, , [d6a3f26c1468c670c97ca7aa32d1c13f],
    PUP.Optional.ShopOp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{0B8CE7E6-5A75-4DA6-B413-F0E169935001}, , [68118cd2b9c34ee82d6662f461a28e72],
    PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b}, , [aacf90ce324a64d2cdd0065abd46ac54],
    PUP.Optional.Linkury.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}, , [8decc5994537fb3bbb00b7b4966dfa06],
    PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGE, , [2e4b6df11e5e9c9a5a8b85d73fc4a55b],
    PUP.Optional.AddLyrics, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WEBINSTR, , [0871540a6a12989e644c5ef342c1ce32],
    PUP.Optional.AppBud.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\App Bud, , [cfaa95c9354790a6f873acadb54e5fa1],
    PUP.Optional.BrowserSafeGuard.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BrowsersafeguardInstalled, , [6d0c3628fd7f70c6dcc20f52887ba55b],
    PUP.Optional.FocusBase.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\focusbase, , [6613b1ad116b2d09981e8831af5517e9],
    PUP.Optional.Groovorio.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\groovorio, , [2257f26c324a1026a78bd08c08fb6e92],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\InboxAce_1g, , [7108312d116ba98d2f691a9b887c42be],
    PUP.Optional.WeDownLoadManager.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WeDlMngr, , [0871e17db1cb072f11193822b15242be],
    PUP.Optional.Astromenda.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WSE_Astromenda, , [0673144aee8ee353210e0d48e51eb24e],
    PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, , [b7c2d48a6319181e600b5cfe27dc7789],
    PUP.Optional.MindSpark.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\InboxAce_1g, , [5a1ffe602e4ed56190536dfc3dc66d93],
    PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D42FC174-E80F-470C-8CF5-5E538924B568}, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{455888B9-5AF5-1913-6DEC-DAB34F367D95}, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{02971AFB-5D73-34F0-6B31-F1997D9949BA}, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{02971AFB-5D73-34F0-6B31-F1997D9949BA}, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{455888B9-5AF5-1913-6DEC-DAB34F367D95}, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D42FC174-E80F-470C-8CF5-5E538924B568}, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D42FC174-E80F-470C-8CF5-5E538924B568}, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\CLSID\{D42FC174-E80F-470C-8CF5-5E538924B568}, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\CLSID\{D42FC174-E80F-470C-8CF5-5E538924B568}\INPROCSERVER32, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D42FC174-E80F-470C-8CF5-5E538924B568}, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D42FC174-E80F-470C-8CF5-5E538924B568}, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.SupremeAdblocker.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{37476589-E48E-439E-A706-56189E2ED4C4}_is1, , [a4d53a245527bd79ad3e7ebfe81b5fa1],
    PUP.Optional.IdleCrawler, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\I.d.l.e  C.r.a.w.l.e.r, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.RegularDeals.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{a37478b4-e279-46e5-be9f-a02bea35ddfd}, , [6811c9956616a492cf5bda8cf80d4eb2],
    PUP.Optional.RegularDeals.A, HKLM\SOFTWARE\CLASSES\CLSID\{A37478B4-E279-46E5-BE9F-A02BEA35DDFD}, , [6811c9956616a492cf5bda8cf80d4eb2],
    PUP.Optional.RegularDeals.A, HKLM\SOFTWARE\CLASSES\., , [6811c9956616a492cf5bda8cf80d4eb2],
    PUP.Optional.RegularDeals.A, HKLM\SOFTWARE\CLASSES\..9, , [6811c9956616a492cf5bda8cf80d4eb2],
    PUP.Optional.RegularDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\., , [6811c9956616a492cf5bda8cf80d4eb2],
    PUP.Optional.RegularDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\..9, , [6811c9956616a492cf5bda8cf80d4eb2],
    PUP.Optional.RegularDeals.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A37478B4-E279-46E5-BE9F-A02BEA35DDFD}, , [6811c9956616a492cf5bda8cf80d4eb2],

    Registry Values: 11
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{3775AFD7-5921-4571-968F-85A631203D1C}, , [7009afaf522ae74f218fa82051b1d030],
    PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{3775afd7-5921-4571-968f-85a631203d1c}, , [89f094ca89f31b1b624e28a0966c3ec2],
    PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|InboxAce Home Page Guard 64 bit, "C:\PROGRA~2\INBOXA~2\bar\1.bin\AppIntegrator64.exe", , [e495bf9fea92b18599e7f5b22dd77888]
    PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD|sourceid, EAAAAAsYecKfpuR9CIbH/0PcMBfwuRnbA1V1EEdZBTDXj7pVwawTcvTCYdd6NusVoIrNtxGH6YOOfTBWpv61YGLWsCU=, , [d5a481dd9be147ef7c410b950df7d927]
    PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|InboxAce EPM Support, "C:\PROGRA~2\INBOXA~2\bar\1.bin\1gmedint.exe" T8EPMSUP.DLL,S, , [d6a3c09ec3b96cca6342de6bd72c2cd4]
    PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ospd_us_55, "C:\Program Files (x86)\ospd_us_55\ospd_us_55.exe", , [2356f06e9be10333de6a1e3353b0d32d]
    PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGE|UninstallString, "C:\Users\lhsrry\AppData\Roaming\VOPackage\uninstall.exe", , [2e4b6df11e5e9c9a5a8b85d73fc4a55b]
    PUP.Optional.AddLyrics, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WEBINSTR|DisplayName, webinstr, , [0871540a6a12989e644c5ef342c1ce32]
    PUM.Bad.Proxy, HKU\S-1-5-21-1534693805-1363340325-1431764050-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:49239;https=127.0.0.1:49239, , [84f5c49a403c8ea8a4d32c2e0cf7837d]
    PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BlockAndSurf, C:\Program Files (x86)\ver8BlockAndSurf\BlockAndSurf.exe, , [0673ec72f18b50e666f46cc755ae3fc1]
    PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|upospd_us_55.exe, C:\Users\lhsrry\AppData\Local\ospd_us_55\upospd_us_55.exe -runonce, , [1a5feb73e597171fa77283b70102ed13]

    Registry Data: 0
    (No malicious items detected)

    Folders: 39
    PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector, , [db9e7de18bf1ed49d30f8cc9729131cf],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\plugins, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\TEMP, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\extensions\1gffxtbr@InboxAce_1g.com, , [7108441a87f568ce53d93ae2fb088080],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\extensions\1gffxtbr@InboxAce_1g.com\chrome, , [7108441a87f568ce53d93ae2fb088080],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\components\extensions\1gffxtbr@InboxAce_1g.com, , [03765a045b2145f148e49d7f966d3bc5],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\components\extensions\1gffxtbr@InboxAce_1g.com\chrome, , [03765a045b2145f148e49d7f966d3bc5],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\defaults\extensions\1gffxtbr@InboxAce_1g.com, , [bebb3e202c508da90a2275a7739014ec],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\defaults\extensions\1gffxtbr@InboxAce_1g.com\chrome, , [bebb3e202c508da90a2275a7739014ec],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\locale\extensions\1gffxtbr@InboxAce_1g.com, , [1960134bfa827abc74b8dd3f13f08a76],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\locale\extensions\1gffxtbr@InboxAce_1g.com\chrome, , [1960134bfa827abc74b8dd3f13f08a76],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\META-INF\extensions\1gffxtbr@InboxAce_1g.com, , [2455114d413bcd6932fadb41b05323dd],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\META-INF\extensions\1gffxtbr@InboxAce_1g.com\chrome, , [2455114d413bcd6932fadb41b05323dd],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\skin\extensions\1gffxtbr@InboxAce_1g.com, , [da9f3c228bf1b08680acd04c6a998977],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\skin\extensions\1gffxtbr@InboxAce_1g.com\chrome, , [da9f3c228bf1b08680acd04c6a998977],
    PUP.Optional.Extutil.A, C:\Users\lhsrry\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, , [3b3eed714a32a78fc4569c8ff211718f],
    PUP.Optional.Managera.A, C:\Users\lhsrry\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, , [c1b88dd17dff16209f7c3ceff1126b95],
    PUP.Optional.Groovorio.A, C:\Program Files (x86)\Groovorio, , [24550d51b1cbea4c3555a18d44bfa858],
    PUP.Optional.Groovorio.A, C:\Program Files (x86)\Groovorio\bh, , [24550d51b1cbea4c3555a18d44bfa858],
    PUP.Optional.FocusBase.A, C:\Users\lhsrry\AppData\Local\Temp\focusbase, , [344587d7a7d5f343270359d92dd6e11f],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\x64, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\x86, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.OneSoftPerDay.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONESOFTPERDAY, , [b9c0d589c7b52214a77117238182bb45],
    PUP.Optional.OneSoftPerDay.A, C:\Users\lhsrry\AppData\Local\ospd_us_55, , [1a5feb73e597171fa77283b70102ed13],
    PUP.Optional.OneSoftPerDay.A, C:\Users\lhsrry\AppData\Local\ospd_us_55\Download, , [1a5feb73e597171fa77283b70102ed13],
    PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_55, , [35449fbf2c50b0868397bd7d976c6f91],
    PUP.Optional.SupremeAdblocker.A, C:\ProgramData\Supreme AdBlocker, , [a4d53a245527bd79ad3e7ebfe81b5fa1],
    PUP.Optional.SearchSnacks.A, C:\Program Files\SearchSnacks, , [fa7f9bc304782511e3e080be33d03ec2],
    PUP.Optional.SearchSnacks.A, C:\Program Files\SearchSnacks\IE, , [fa7f9bc304782511e3e080be33d03ec2],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\extensions, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\PepperFlash, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Data, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules, , [b8c15b03c6b66acc6c8e043bb74ce719],

    Files: 339
    PUP.Optional.SearchSnacks.A, C:\Windows\System32\drivers\ssnfd.sys, , [1c5dec72483465d16d2f07e7de23f808],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\updatefocusbase.exe, , [295072ec4735aa8c5ebd2e79dd24c040],
    PUP.Optional.MultiPlug, C:\Program Files (x86)\SmartOnes\cXMVGsnnFea9IQ.x64.dll, , [37423d213a4259ddaf03d0f1bc451ee2],
    PUP.Optional.MultiPlug, C:\Program Files (x86)\SmartOnes\cXMVGsnnFea9IQ.dll, , [37423d213a4259ddaf03d0f1bc451ee2],
    PUP.Optional.SearchSnacks.A, C:\Program Files\SearchSnacks\IE\SearchSnacksClientIE.dll, , [d0a9e87616662511310bb41343bf7a86],
    PUP.Optional.Outbrowse, C:\Users\lhsrry\AppData\Local\Temp\wiz.exe, , [0079332b5c2078beb45e22e1e22130d0],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\focusbaseBHO.dll, , [a8d1bf9f0478be78a06a4182b949bf41],
    PUP.Optional.AppBud.A, C:\Program Files (x86)\App Bud\AppBudBHO.dll, , [ff7a7be3205c6fc7f6aaa4113bc621df],
    Adware.EoRezo, C:\Program Files (x86)\ospd_us_55\predm.exe, , [fd7cc59980fc0a2ccb6016bc39cb60a0],
    PUP.Optional.BrowseFox, C:\Program Files (x86)\focusbase\focusbaseUninstall.exe, , [d4a5eb739ae2c5719fafa81ba25f30d0],
    PUP.Optional.AdLyrics, C:\Program Files (x86)\ver8BlockAndSurf\H6BlockAndSurfe75.exe, , [4138a1bd8bf1999d7ee3dc7749b7d42c],
    PUP.Optional.AdLyrics, C:\Program Files (x86)\ver8BlockAndSurf\Uninstall.exe, , [ff7abca2522aba7c24b7a8166b9644bc],
    PUP.Optional.AdvancedSystemProtector, C:\Windows\System32\sasnative64.exe, , [57226fefc5b78ea8330bd2e79c655aa6],
    PUP.Optional.WeatherAlerts.A, C:\Users\lhsrry\AppData\Local\Temp\setup_279.exe, , [02773a247408ed494ea181099174f20e],
    PUP.Optional.Wajam.A, C:\Users\lhsrry\AppData\Local\Temp\1397543112_wajam_download.exe, , [22573f1f7ffde94dbf7f093e7b859769],
    PUP.Optional.MyPCBackup.A, C:\Users\lhsrry\AppData\Local\Temp\BackupSetup.exe, , [5f1a6df1483410263fcb528f38c904fc],
    PUP.Optional.SearchProtect.A, C:\Users\lhsrry\AppData\Local\Temp\nsc1A21.tmp, , [a5d42638304ca88e4c79b2f6f40d25db],
    PUP.Optional.Conduit.A, C:\Users\lhsrry\AppData\Local\Temp\nsh902B.exe, , [5a1f7ae49ddf3501b3f5d1cd3fc2b54b],
    PUP.Optional.Conduit.A, C:\Users\lhsrry\AppData\Local\Temp\nsh96E0.exe, , [5821332bdca0072fccdc990506fb4ab6],
    PUP.Optional.Conduit.A, C:\Users\lhsrry\AppData\Local\Temp\nshDC0D.exe, , [b6c363fbf18b0f273177d4cae71a14ec],
    PUP.Optional.Conduit.A, C:\Users\lhsrry\AppData\Local\Temp\nsnE68A.exe, , [8fea0d51bbc1e6502682920c6e93c838],
    PUP.Optional.Conduit.A, C:\Users\lhsrry\AppData\Local\Temp\SearchProtectINT.exe, , [4633cf8fbbc13204b8daf93fba47ed13],
    Trojan.SProtector, C:\Users\lhsrry\AppData\Local\Temp\18be6784_.exe, , [2d4c144a4636f541b27cb3b9709155ab],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_browsesafe_installer_multilang.exe, , [32474e10e19bc76fd74bdd0ff908669a],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_shoppinghelper_installer_multilang.exe, , [017898c69ae2c96d9a88a8448b76cc34],
    PUP.Optional.InstallMonetizer, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\InstallManager.exe, , [e6931846a7d5b38378194a770df51ae6],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_smartones_installer_multilang.exe, , [95e4f668e498bf77a082c329fa0737c9],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_spsloc_installer_multilang.exe, , [d9a0a9b5eb918fa7879b42aa857c8f71],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_spyware_installer_multilang.exe, , [4435e37b45378aac849ea04c6a97ee12],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_stormpariente_installer_multilang.exe, , [2158b3ab502c90a63de5e00c778adb25],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_storm_installer_multilang.exe, , [f0890856eb911e18be64e40816ebde22],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_superpc_installer_multilang.exe, , [2f4ae8769ce03cfa938f57959d6413ed],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\xml_package_groovorio_installer_multilang.exe, , [78013b23116b0a2cf72b608cdb269b65],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_commonshare_installer_multilang.exe, , [9bde80ded0acc6708c96cf1d78897b85],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_groovorioKey_installer_multilang.exe, , [82f75a0487f5261057cbdb1113ee02fe],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_idlecrawler_pariente_installer_multilang.exe, , [b6c3e7771f5d96a0dd45a84415ec24dc],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_keep_installer_multilang.exe, , [c1b8fe609edede58ce5443a9fa0706fa],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_optimizerpro_installer_multilang.exe, , [93e6bf9f720ad95d49d933b9b44d59a7],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_plushd_installer_multilang.exe, , [48317ee05329f145958d36b6ab560df3],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_priceless_installer_multilang.exe, , [e7921d41e4986bcb0d155f8d27da916f],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_regclean_installer_multilang.exe, , [9ddc8ad486f60531849e2dbfe41d55ab],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_savepass_installer_multilang.exe, , [1564322c5527f93dfb274e9e00017e82],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_searchsnacks_installer_multilang.exe, , [a0d907576814f343948e1dcf8978e719],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-79NHB.tmp\package_secureprotect_installer_multilang.exe, , [f8817fdf394361d5041e717be41df709],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-K9ST7.tmp\xml_package_groovorio_installer_multilang.exe, , [a2d769f5ccb059dd79a91ece758cd12f],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-PA7Q9.tmp\package_smartones_installer_multilang.exe, , [4d2c510d1e5e94a2ac7622ca778a1de3],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\package_spsloc_installer_multilang.exe, , [09708fcf126ae551b2707478ba477789],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\package_browsesafe_installer_multilang.exe, , [9ddc144ae894cd6930f21bd1cb368b75],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\package_commonshare_installer_multilang.exe, , [06732836b9c3d561bd6543a9b0518977],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\package_idlecrawler_pariente_installer_multilang.exe, , [32470e50621ae353b66cc22a15ecd32d],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\package_plushd_installer_multilang.exe, , [45344d11b5c7dc5a7ba7c5273ac736ca],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\package_regclean_installer_multilang.exe, , [d0a9b7a713692610ef33faf2b948ad53],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\package_savepass_installer_multilang.exe, , [5f1a9ec03448c4724cd68e5e2ad707f9],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\package_searchsnacks_installer_multilang.exe, , [92e72d31fe7e01356bb7c32907faf30d],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\package_secureprotect_installer_multilang.exe, , [e7920559e7957eb8f1316e7e30d1a25e],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\package_shoppinghelper_installer_multilang.exe, , [86f3134b601c56e034ee7478ca37f60a],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\package_stormpariente_installer_multilang.exe, , [6514312d4e2e52e449d9925a827ffc04],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\package_storm_installer_multilang.exe, , [8feaa1bdbebea393849e0fdd936eba46],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\package_superpc_installer_multilang.exe, , [b3c6d28c82fa4aecbf63ae3e9b661ee2],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-RUP47.tmp\xml_package_groovorio_installer_multilang.exe, , [bebb38264933a294da48c329d32ef40c],
    PUP.Optional.BPlug, C:\Users\lhsrry\AppData\Local\Temp\is45637729\82979125_stp\AppBudSetup138.exe, , [81f83826b9c32f07d58e7e486d9402fe],
    PUP.Optional.InstallMonetizer, C:\Users\lhsrry\AppData\Local\Temp\nso7ED.tmp\nsManeshWeb.dll, , [babfc19d44383204e6ab17aade2421df],
    PUP.Optional.Wajam, C:\Users\lhsrry\AppData\Local\Temp\nso7ED.tmp\OurChecker.exe, , [661315493d3f7abc3429684e709212ee],
    PUP.Optional.OutBrowse, C:\Users\lhsrry\AppData\Local\Temp\nsrF216.tmp\getf.dll, , [c8b1560875073cfac7ab399556ab01ff],
    PUP.Optional.InstallMonetizer, C:\Users\lhsrry\AppData\Local\Temp\nssD1F.tmp\nsManeshWeb.dll, , [9fda8ad4146876c0e9a8922f719128d8],
    PUP.Optional.Wajam, C:\Users\lhsrry\AppData\Local\Temp\nssD1F.tmp\OurChecker.exe, , [cfaa72ec3844e84e45184571f80abe42],
    PUP.Optional.InstallMonetizer, C:\Users\lhsrry\AppData\Local\Temp\nsu3D7D.tmp\nsManeshWeb.dll, , [5920411df48881b5642d6160f90951af],
    PUP.Optional.Installcore, C:\Users\lhsrry\AppData\Local\Temp\nsu3D7D.tmp\nsvmd.dll, , [da9f78e6582463d34cdae01c4ab7c63a],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_secureprotect_installer_multilang.exe, , [43361846c1bb94a29d852fbdd42da15f],
    PUP.Optional.InstallMonetizer, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\InstallManager.exe, , [88f1560897e554e2fe9308b96c96dd23],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_smartones_installer_multilang.exe, , [6d0cf5693d3f3600ef337d6f5fa2d729],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_speeditup_installer_multilang.exe, , [d5a448164e2e4beb6ab8d11b8180c33d],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_spsloc_installer_multilang.exe, , [5c1d5a043d3fe056879b6785d62b2cd4],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_stormpariente_installer_multilang.exe, , [5326fd61eb91ee485cc65e8e42bf5fa1],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_storm_installer_multilang.exe, , [7603c49ab7c5ee48e63cd616e61bc838],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_superpc_installer_multilang.exe, , [4e2bef6f6b119b9bea38ec00d8291de3],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_wordproser_installer_multilang.exe, , [e39678e63c40d36382a044a8d928ce32],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_zombie_installer_multilang.exe, , [f98072ec225ad06655cdfdef59a8f60a],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\xml_package_groovorio_installer_multilang.exe, , [b6c34d11017bf73fbb676e7e837e867a],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_browsesafe_installer_multilang.exe, , [8dec5fff8bf1d165fe24cd1f0ff2f010],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_commonshare_installer_multilang.exe, , [88f164fae498e84e62c0b3399e63a55b],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_gosave_installer_multilang.exe, , [2158c89603799a9c81a1ce1e32cfd52b],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_idlecrawler_installer_multilang.exe, , [56238fcf09738bab48da44a8996826da],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_idlecrawler_pariente_installer_multilang.exe, , [fa7fd6889be142f4dd45ba322dd404fc],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_linkey_installer_multilang.exe, , [0b6ece90a5d7d3630d15ea02b8491be5],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_optimizerpro_installer_multilang.exe, , [7cfd64faa2da1224ac76c52726dbbe42],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_plumoweb_installer_multilang.exe, , [90e94717443802342df5e5071ce538c8],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_plushd_installer_multilang.exe, , [e198342a89f338fe79a9aa4255ac7c84],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-05K14.tmp\package_priceless_installer_multilang.exe, , [7cfd4519c7b5ae889c8653996899ee12],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_secureprotect_installer_multilang.exe, , [4039c19d6418b97dd44eca22926f05fb],
    PUP.Optional.InstallMonetizer, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\InstallManager.exe, , [b0c97be3e399dd594e432a97a9592dd3],
    PUP.Optional.InstallMonetizer, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\InstallManagerNS.exe, , [3f3a62fc374573c39bf6a91843bf6898],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_browsesafe_installer_multilang.exe, , [4c2d4816f587221468baa943867b57a9],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_commonshare_installer_multilang.exe, , [abce6df1ef8de94d160ce10b758cd828],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_gosave_installer_multilang.exe, , [83f6e47a98e4ba7c11110be157aa9e62],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_idlecrawler_installer_multilang.exe, , [dc9de6787dff1b1b9a88529a49b89a66],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_idlecrawler_pariente_installer_multilang.exe, , [7ffa60fee993a5912af814d8cf32a45c],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_linkey_installer_multilang.exe, , [f881cf8f176545f12200feeee61b7c84],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_plumoweb_installer_multilang.exe, , [5128d18db9c37fb772b042aa9a676d93],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_plushd_installer_multilang.exe, , [5722b6a835476accad75c923ca373ac6],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_speeditup_installer_multilang.exe, , [5b1e520cb4c88aac061c995324ddad53],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_stormpariente_installer_multilang.exe, , [ef8ab3abc6b639fdd64c7775f11007f9],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_storm_installer_multilang.exe, , [11689dc16f0dc07675ad75771ee325db],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_superpc_installer_multilang.exe, , [f485d08e225ada5c5fc3edff9c6531cf],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\package_wordproser_installer_multilang.exe, , [0d6c16481e5e13234fd33fad5aa723dd],
    PUP.Optional.Tuto4PC.A, C:\Users\lhsrry\AppData\Local\Temp\is-3IIL8.tmp\xml_package_groovorio_installer_multilang.exe, , [bdbcb0ae1a622214f13141ab6e9309f7],
    PUP.Optional.Solimba, C:\Users\lhsrry\Downloads\Setup (1).exe, , [4f2a7be3146875c1c9d8e53c6e93758b],
    PUP.Optional.Solimba, C:\Users\lhsrry\Downloads\Setup (2).exe, , [9edbbda15c2037ff841d2ff2c43da060],
    PUP.Optional.Solimba, C:\Users\lhsrry\Downloads\Setup (3).exe, , [5b1eb3ab6517ce684160fc25b34e4ab6],
    PUP.Optional.Solimba, C:\Users\lhsrry\Downloads\Setup (4).exe, , [5f1aa6b8403c290d158c9a87d42dc040],
    PUP.Optional.Solimba, C:\Users\lhsrry\Downloads\Setup (5).exe, , [03764f0fd4a8e056f6ab869b4ab7659b],
    PUP.Optional.Solimba, C:\Users\lhsrry\Downloads\Setup.exe, , [c1b887d73a42da5c4160aa77827f7c84],
    PUP.Optional.AirAdInstaller, C:\Users\lhsrry\Downloads\SoftwareUpdate.exe, , [9edb3a243e3e85b1b9a179c19070b947],
    PUP.Optional.IBryte, C:\Users\lhsrry\Downloads\drv_setup.exe, , [aecb85d92a520f271c89eaf9639e44bc],
    PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\SPVCLdr64.dll, , [4e2bc797ef8df0469d28a70148b9b64a],
    PUP.Optional.SnapDo.A, C:\Windows\Installer\4e91afe.msi, , [4a2f27370874d4625cb6e0c021e0ff01],
    PUP.Optional.VeriStaff, C:\Windows\Installer\4e91b05.msi, , [0e6bfb6395e7ab8b46250b52ad53eb15],
    PUP.Optional.FocusBase.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\5m89yk0b.default\extensions\{2b929fe1-284b-4766-afb9-19b0915b99b0}.xpi, , [3b3ee37b89f3a29409813212c340af51],
    PUP.Optional.Vitruvian.A, C:\Program Files (x86)\Mozilla Firefox\browser\defaults\preferences\!vitruvian-csp.js, , [08714b1304786ccab8f12c19d92a49b7],
    PUP.Optional.Vitruvian.A, C:\Program Files (x86)\Mozilla Firefox\defaults\preferences\!vitruvian-csp.js, , [1663a8b60676181e4c5ebb8a08fb49b7],
    PUP.Optional.Astromenda.A, C:\Windows\Tasks\WSE_Astromenda.job, , [f38676e8b4c8dc5adde266e1d92aa65a],
    PUP.Optional.Astromenda.A, C:\Windows\System32\Tasks\WSE_Astromenda, , [3e3b84da0577fc3a6d53212641c2d62a],
    PUP.Optional.IdleCrawler.A, C:\Windows\System32\Tasks\IC Runner Procedure, , [6316a6b84735ea4c54aabe8b2cd7fb05],
    PUP.Optional.IdleCrawler.A, C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure, , [98e1a5b93646c67012f06be28b788080],
    PUP.Optional.AdvancedSystemProtector, C:\Windows\System32\Tasks\Advanced-System Protector_startup, , [c5b42b33bfbd989e86d7c293d42fe21e],
    PUP.Optional.Astromenda, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\searchplugins\Astromenda.xml, , [24555b03611b51e5726f78dd2bd857a9],
    PUP.Optional.Astromenda, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\components\searchplugins\Astromenda.xml, , [c3b6a7b71c60a690954ce96c3ec5c63a],
    PUP.Optional.Astromenda, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\defaults\searchplugins\Astromenda.xml, , [7009f7670577f244528fe96cf310c33d],
    PUP.Optional.Astromenda, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\locale\searchplugins\Astromenda.xml, , [aacfd38bfe7ed95d1bc681d47a89728e],
    PUP.Optional.Astromenda, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\META-INF\searchplugins\Astromenda.xml, , [8fea8ed0681444f21ac7eb6a857ea25e],
    PUP.Optional.Astromenda, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\skin\searchplugins\Astromenda.xml, , [e0994a14bac20e28dd04dd78679cfd03],
    PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector\Uninstall Advanced-System Protector.lnk, , [db9e7de18bf1ed49d30f8cc9729131cf],
    PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector\Advanced-System Protector Trouble Shooter.lnk, , [db9e7de18bf1ed49d30f8cc9729131cf],
    PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector\Advanced-System Protector.lnk, , [db9e7de18bf1ed49d30f8cc9729131cf],
    PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector\Register Advanced-System Protector.lnk, , [db9e7de18bf1ed49d30f8cc9729131cf],
    PUP.Optional.AdvancedSystemProtector, C:\Users\Public\Desktop\Advanced-System Protector.lnk, , [5d1c035bec901f17875ca8ad9172fd03],
    PUP.Optional.VOPackage, C:\Users\lhsrry\Desktop\Configure VO Package.lnk, , [78018cd257256cca32a686d04eb5cf31],
    PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64.sys, , [b6c308562e4e2016ea56362526dd0bf5],
    PUP.Optional.Groovorio.A, C:\Windows\Tasks\Groovorio Updater.job, , [740575e9c8b41e1849f385d7c63dbb45],
    PUP.Optional.Groovorio.A, C:\Windows\System32\Tasks\Groovorio Updater, , [6217025c067642f4d36ae3791ee5bb45],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_citygrid.dl.tb.ask.com_0.localstorage, , [255407575f1dbc7a66a9bcb40af9ba46],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_citygrid.dl.tb.ask.com_0.localstorage-journal, , [9edb5c024438b3836ea1cfa17192f10f],
    PUP.Optional.WeatherAlerts, C:\Users\lhsrry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk, , [70093a2492ea7fb749127d062cd7b54b],
    PUP.Optional.WeatherAlerts, C:\Users\lhsrry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Weather Alerts.lnk, , [e4958bd3e19b43f3ca92c5bedb2804fc],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\focusbase.ico, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\0, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\7za.exe, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\updatefocusbase.InstallState, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\2b929fe1284b4766afb9.dll, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\7za.exe, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\BrowserAdapterS.7z, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\focusbase.BrowserAdapter.exe, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\focusbase.PurBrowse64.exe, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\focusbase.PurBrowseG.zip, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\sqlite3.dll, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\utilfocusbase.exe, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\utilfocusbase.InstallState, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\{2b929fe1-284b-4766-afb9-19b0915b99b0}.dll, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\plugins\focusbase.Bromon.dll, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\plugins\focusbase.BroStats.dll, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\plugins\focusbase.BrowserAdapterS.dll, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\plugins\focusbase.CompatibilityChecker.dll, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\plugins\focusbase.FFUpdate.dll, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\plugins\focusbase.IEUpdate.dll, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.FocusBase.A, C:\Program Files (x86)\focusbase\bin\plugins\focusbase.PurBrowseG.dll, , [f386411dafcd7bbbf5bf7a3f46be639d],
    PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, , [3f3a74ea08742313983dbb0301037e82],
    PUP.Optional.Vitruvian.A, C:\Users\lhsrry\AppData\Local\Temp\vitruvian-installer-install-v0001, , [ec8d75e9c2ba2a0c9081764e00040af6],
    PUP.Optional.Vitruvian.A, C:\Users\lhsrry\AppData\Local\Temp\vitruvian-installer-processes-v0001, , [fd7c8dd13646df57967bfaca6b9933cd],
    PUP.Optional.Vitruvian.A, C:\Users\lhsrry\AppData\Local\Temp\vitruvian-installer-softwareregkeys-v0001, , [e3969bc3611b49ed3ed373519f652dd3],
    PUP.Optional.AddLyrics, C:\Windows\System32\drivers\webinstr.sys, , [0871540a6a12989e644c5ef342c1ce32],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\extensions\1gffxtbr@InboxAce_1g.com\bootstrap.js, , [7108441a87f568ce53d93ae2fb088080],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\extensions\1gffxtbr@InboxAce_1g.com\chrome.manifest, , [7108441a87f568ce53d93ae2fb088080],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\extensions\1gffxtbr@InboxAce_1g.com\install.rdf, , [7108441a87f568ce53d93ae2fb088080],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\extensions\1gffxtbr@InboxAce_1g.com\installKeys.js, , [7108441a87f568ce53d93ae2fb088080],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\extensions\1gffxtbr@InboxAce_1g.com\chrome\1gffxtbr.jar, , [7108441a87f568ce53d93ae2fb088080],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\components\extensions\1gffxtbr@InboxAce_1g.com\bootstrap.js, , [03765a045b2145f148e49d7f966d3bc5],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\components\extensions\1gffxtbr@InboxAce_1g.com\chrome.manifest, , [03765a045b2145f148e49d7f966d3bc5],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\components\extensions\1gffxtbr@InboxAce_1g.com\install.rdf, , [03765a045b2145f148e49d7f966d3bc5],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\components\extensions\1gffxtbr@InboxAce_1g.com\installKeys.js, , [03765a045b2145f148e49d7f966d3bc5],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\components\extensions\1gffxtbr@InboxAce_1g.com\chrome\1gffxtbr.jar, , [03765a045b2145f148e49d7f966d3bc5],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\defaults\extensions\1gffxtbr@InboxAce_1g.com\bootstrap.js, , [bebb3e202c508da90a2275a7739014ec],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\defaults\extensions\1gffxtbr@InboxAce_1g.com\chrome.manifest, , [bebb3e202c508da90a2275a7739014ec],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\defaults\extensions\1gffxtbr@InboxAce_1g.com\install.rdf, , [bebb3e202c508da90a2275a7739014ec],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\defaults\extensions\1gffxtbr@InboxAce_1g.com\installKeys.js, , [bebb3e202c508da90a2275a7739014ec],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\defaults\extensions\1gffxtbr@InboxAce_1g.com\chrome\1gffxtbr.jar, , [bebb3e202c508da90a2275a7739014ec],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\locale\extensions\1gffxtbr@InboxAce_1g.com\bootstrap.js, , [1960134bfa827abc74b8dd3f13f08a76],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\locale\extensions\1gffxtbr@InboxAce_1g.com\chrome.manifest, , [1960134bfa827abc74b8dd3f13f08a76],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\locale\extensions\1gffxtbr@InboxAce_1g.com\install.rdf, , [1960134bfa827abc74b8dd3f13f08a76],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\locale\extensions\1gffxtbr@InboxAce_1g.com\installKeys.js, , [1960134bfa827abc74b8dd3f13f08a76],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\locale\extensions\1gffxtbr@InboxAce_1g.com\chrome\1gffxtbr.jar, , [1960134bfa827abc74b8dd3f13f08a76],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\META-INF\extensions\1gffxtbr@InboxAce_1g.com\bootstrap.js, , [2455114d413bcd6932fadb41b05323dd],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\META-INF\extensions\1gffxtbr@InboxAce_1g.com\chrome.manifest, , [2455114d413bcd6932fadb41b05323dd],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\META-INF\extensions\1gffxtbr@InboxAce_1g.com\install.rdf, , [2455114d413bcd6932fadb41b05323dd],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\META-INF\extensions\1gffxtbr@InboxAce_1g.com\installKeys.js, , [2455114d413bcd6932fadb41b05323dd],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\META-INF\extensions\1gffxtbr@InboxAce_1g.com\chrome\1gffxtbr.jar, , [2455114d413bcd6932fadb41b05323dd],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\skin\extensions\1gffxtbr@InboxAce_1g.com\bootstrap.js, , [da9f3c228bf1b08680acd04c6a998977],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\skin\extensions\1gffxtbr@InboxAce_1g.com\chrome.manifest, , [da9f3c228bf1b08680acd04c6a998977],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\skin\extensions\1gffxtbr@InboxAce_1g.com\install.rdf, , [da9f3c228bf1b08680acd04c6a998977],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\skin\extensions\1gffxtbr@InboxAce_1g.com\installKeys.js, , [da9f3c228bf1b08680acd04c6a998977],
    PUP.Optional.MindSpark.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\skin\extensions\1gffxtbr@InboxAce_1g.com\chrome\1gffxtbr.jar, , [da9f3c228bf1b08680acd04c6a998977],
    PUP.Optional.Extutil.A, C:\Users\lhsrry\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, , [3b3eed714a32a78fc4569c8ff211718f],
    PUP.Optional.Extutil.A, C:\Users\lhsrry\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, , [3b3eed714a32a78fc4569c8ff211718f],
    PUP.Optional.Extutil.A, C:\Users\lhsrry\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, , [3b3eed714a32a78fc4569c8ff211718f],
    PUP.Optional.Managera.A, C:\Users\lhsrry\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, , [c1b88dd17dff16209f7c3ceff1126b95],
    PUP.Optional.Managera.A, C:\Users\lhsrry\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, , [c1b88dd17dff16209f7c3ceff1126b95],
    PUP.Optional.Groovorio.A, C:\Program Files (x86)\Groovorio\FavIcon.ico, , [24550d51b1cbea4c3555a18d44bfa858],
    PUP.Optional.Groovorio.A, C:\Program Files (x86)\Groovorio\Sqlite3.dll, , [24550d51b1cbea4c3555a18d44bfa858],
    PUP.Optional.Groovorio.A, C:\Program Files (x86)\Groovorio\uninst.dat, , [24550d51b1cbea4c3555a18d44bfa858],
    PUP.Optional.Groovorio.A, C:\Program Files (x86)\Groovorio\uninstall.exe, , [24550d51b1cbea4c3555a18d44bfa858],
    PUP.Optional.FocusBase.A, C:\Users\lhsrry\AppData\Local\Temp\focusbase\7za.exe, , [344587d7a7d5f343270359d92dd6e11f],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\177.crx, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\177.dat, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\177.dll, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\177_x64.dll, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\177.xpi, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\a.db, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\a1BlockAndSurfCW177.bin, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\a1BlockAndSurfCW177.dll, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\a1BlockAndSurfCW177.exe, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\b.db, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\BlockAndSurf.exe, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\F3BlockAndSurft.exe, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\H6BlockAndSurfe75.dll, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\Sqlite3.dll, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\x64\TandemRunner.exe, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\x64\WdfCoInstaller01009.dll, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\x64\webinstr.inf, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\x64\webinstr.sys, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\x86\TandemRunner.exe, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\x86\WdfCoInstaller01009.dll, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\x86\webinstr.inf, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver8BlockAndSurf\x86\webinstr.sys, , [0673ec72f18b50e666f46cc755ae3fc1],
    PUP.Optional.OneSoftPerDay.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONESOFTPERDAY\Onesoftperday.lnk, , [b9c0d589c7b52214a77117238182bb45],
    PUP.Optional.OneSoftPerDay.A, C:\Users\lhsrry\AppData\Local\ospd_us_55\upospd_us_55.cyl, , [1a5feb73e597171fa77283b70102ed13],
    PUP.Optional.OneSoftPerDay.A, C:\Users\lhsrry\AppData\Local\ospd_us_55\upospd_us_55.exe, , [1a5feb73e597171fa77283b70102ed13],
    PUP.Optional.OneSoftPerDay.A, C:\Users\lhsrry\AppData\Local\ospd_us_55\user_profil.cyp, , [1a5feb73e597171fa77283b70102ed13],
    PUP.Optional.OneSoftPerDay.A, C:\Users\lhsrry\AppData\Local\ospd_us_55\Download\majmp_gentleeeuu.exe, , [1a5feb73e597171fa77283b70102ed13],
    PUP.Optional.OneSoftPerDay.A, C:\Users\lhsrry\AppData\Local\ospd_us_55\Download\majospd_gentleus.exe, , [1a5feb73e597171fa77283b70102ed13],
    PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_55\mybestofferstoday_widget.exe, , [35449fbf2c50b0868397bd7d976c6f91],
    PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_55\predm.exe, , [35449fbf2c50b0868397bd7d976c6f91],
    PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_55\unins000.dat, , [35449fbf2c50b0868397bd7d976c6f91],
    PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_55\unins000.exe, , [35449fbf2c50b0868397bd7d976c6f91],
    PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_55\unins000.msg, , [35449fbf2c50b0868397bd7d976c6f91],
    PUP.Optional.SupremeAdblocker.A, C:\ProgramData\Supreme AdBlocker\Supreme AdBlocker.exe, , [a4d53a245527bd79ad3e7ebfe81b5fa1],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\msvcp110.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\msvcr110.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\uninstall.exe, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome.exe, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome_100_percent.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\chrome_child.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\content_resources.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\d3dcompiler_46.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\debug.log, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\ffmpegsumo.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\First Run, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\icudt.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\libEGL.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\libGLESv2.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\metro_driver.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\nacl64.exe, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\nacl_irt_x86_32.nexe, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\nacl_irt_x86_64.nexe, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\ppGoogleNaClPluginChrome.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\resources.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\hi.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\am.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ar.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\bg.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\bn.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ca.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\cs.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\da.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\de.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\el.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\en-GB.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\en-US.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\es-419.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\es.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\et.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\fa.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\fi.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\fil.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\fr.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\gu.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\he.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\hr.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\hu.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\id.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\it.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ja.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\kn.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ko.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\lt.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\lv.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ml.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\mr.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ms.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\nb.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\nl.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\pl.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\pt-BR.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\pt-PT.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ro.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ru.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\sk.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\sl.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\sr.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\sv.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\sw.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\ta.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\te.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\th.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\tr.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\uk.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\vi.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\zh-CN.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\locales\zh-TW.pak, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\PepperFlash\manifest.json, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Chrome-bin\PepperFlash\pepflashplayer.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Data\ResPack2.bin, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\7z.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmdProc.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmlProc.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\CmnUtls.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\InSes.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\ManXec.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\NavSupp.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\PrfIns.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WblSupp.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WbSes.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.IdleCrawler, C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r\Modules\WdcMan.dll, , [b8c15b03c6b66acc6c8e043bb74ce719],
    PUP.Optional.Astromenda.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://astromenda.com/?f=1&a=ast_cmi_14_34_ff&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0D0F0CzytC0FtA0E0EtCyCtN0D0Tzu0SzyyCyEtN1L2XzutAtFtDtFtCtDtFtAtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzzyC0E0B0DtByDtGzytC0BzytGtDyEyD0CtG0C0F0FyDtGtA0AtC0D0E0C0D0B0AyBtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0F0E0A0A0ByDtAtGtD0C0B0DtGyEyDzytDtG0AyDtBtAtGtBzy0B0B0F0F0D0FyEyEtD0B2Q&cr=1514814697&ir=");), ,[05742b33601cd264452d2a6c16ef0bf5]
    PUP.Optional.Astromenda.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\components\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://astromenda.com/?f=1&a=ast_cmi_14_34_ff&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0D0F0CzytC0FtA0E0EtCyCtN0D0Tzu0SzyyCyEtN1L2XzutAtFtDtFtCtDtFtAtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzzyC0E0B0DtByDtGzytC0BzytGtDyEyD0CtG0C0F0FyDtGtA0AtC0D0E0C0D0B0AyBtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0F0E0A0A0ByDtAtGtD0C0B0DtGyEyDzytDtG0AyDtBtAtGtBzy0B0B0F0F0D0FyEyEtD0B2Q&cr=1514814697&ir=");), ,[87f26af4542895a1314199fd15f06c94]
    PUP.Optional.Astromenda.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\defaults\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://astromenda.com/?f=1&a=ast_cmi_14_34_ff&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0D0F0CzytC0FtA0E0EtCyCtN0D0Tzu0SzyyCyEtN1L2XzutAtFtDtFtCtDtFtAtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzzyC0E0B0DtByDtGzytC0BzytGtDyEyD0CtG0C0F0FyDtGtA0AtC0D0E0C0D0B0AyBtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0F0E0A0A0ByDtAtGtD0C0B0DtGyEyDzytDtG0AyDtBtAtGtBzy0B0B0F0F0D0FyEyEtD0B2Q&cr=1514814697&ir=");), ,[caaf441a5a22e551bfb36b2b40c558a8]
    PUP.Optional.Astromenda.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\locale\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://astromenda.com/?f=1&a=ast_cmi_14_34_ff&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0D0F0CzytC0FtA0E0EtCyCtN0D0Tzu0SzyyCyEtN1L2XzutAtFtDtFtCtDtFtAtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzzyC0E0B0DtByDtGzytC0BzytGtDyEyD0CtG0C0F0FyDtGtA0AtC0D0E0C0D0B0AyBtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0F0E0A0A0ByDtAtGtD0C0B0DtGyEyDzytDtG0AyDtBtAtGtBzy0B0B0F0F0D0FyEyEtD0B2Q&cr=1514814697&ir=");), ,[8dec8dd1007c2313135f2a6c18eda25e]
    PUP.Optional.Astromenda.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\META-INF\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://astromenda.com/?f=1&a=ast_cmi_14_34_ff&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0D0F0CzytC0FtA0E0EtCyCtN0D0Tzu0SzyyCyEtN1L2XzutAtFtDtFtCtDtFtAtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzzyC0E0B0DtByDtGzytC0BzytGtDyEyD0CtG0C0F0FyDtGtA0AtC0D0E0C0D0B0AyBtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0F0E0A0A0ByDtAtGtD0C0B0DtGyEyDzytDtG0AyDtBtAtGtBzy0B0B0F0F0D0FyEyEtD0B2Q&cr=1514814697&ir=");), ,[5524b5a95923320492e0f89e48bd6b95]
    PUP.Optional.Astromenda.A, C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\skin\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://astromenda.com/?f=1&a=ast_cmi_14_34_ff&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0D0F0CzytC0FtA0E0EtCyCtN0D0Tzu0SzyyCyEtN1L2XzutAtFtDtFtCtDtFtAtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzzyC0E0B0DtByDtGzytC0BzytGtDyEyD0CtG0C0F0FyDtGtA0AtC0D0E0C0D0B0AyBtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0F0E0A0A0ByDtAtGtD0C0B0DtGyEyDzytDtG0AyDtBtAtGtBzy0B0B0F0F0D0FyEyEtD0B2Q&cr=1514814697&ir=");), ,[3d3cde808fed6fc774fea4f271946799]

    Physical Sectors: 0
    (No malicious items detected)


    (end)



    #8 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:02:59 PM

    Posted 03 December 2014 - 08:47 PM

    WOW, lots of stuff removed, lets run a different program, it will show more than DDS will, it will create two logs, the FRST log and one called Additions, post them both please

     

     
    Please download Farbar Recovery Scan Tool and save it to your DESKTOP
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
     
    How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
    A simple way to check your system: Start --> Computer (right click) --> Properties
     
    FRST_zps5d956a1a.jpg
     
     
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Please make sure All Users is checked
  • Just keep the defaults as in the picture checkmarked
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #9 kingterp

    kingterp
    • Topic Starter

    • Members
    • 31 posts
    • OFFLINE
    •  
    • Local time:01:59 PM

    Posted 03 December 2014 - 09:11 PM

    can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
    Ran by lhsrry (administrator) on LHSRRY-HP on 03-12-2014 21:04:24
    Running from H:\
    Loaded Profile: lhsrry (Available profiles: lhsrry)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Safe Mode (with Networking)
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
    HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-30] (IDT, Inc.)
    HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => "C:\PROGRA~2\INBOXA~2\bar\1.bin\AppIntegrator64.exe"
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-28] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-07] (Hewlett-Packard Company)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM-x32\...\Run: [InboxAce EPM Support] => "C:\PROGRA~2\INBOXA~2\bar\1.bin\1gmedint.exe" T8EPMSUP.DLL,S
    HKLM-x32\...\Run: [ospd_us_55] => "C:\Program Files (x86)\ospd_us_55\ospd_us_55.exe"
    HKLM-x32\...\Run: [BlockAndSurf] => C:\Program Files (x86)\ver8BlockAndSurf\BlockAndSurf.exe [121856 2014-08-22] ()
    HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
    HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
    HKLM-x32\...\RunOnce: [upospd_us_55.exe] => C:\Users\lhsrry\AppData\Local\ospd_us_55\upospd_us_55.exe [3338232 2014-08-21] ()
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Run: [SlimCleaner Plus] => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [26165056 2014-09-10] (SlimWare Utilities, Inc.)
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-07-12] (Google Inc.)
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [676968 2014-10-20] (SUPER PC TOOLS LIMITED)
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S0].txt
    AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
    AppInit_DLLs:  C:\PROGRA~2\SUPPOR~1\SUPPOR~2.DLL => C:\PROGRA~2\SUPPOR~1\SUPPOR~2.DLL File Not Found
    Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
    ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\Users\lhsrry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk
    ShortcutTarget: DesktopWeatherAlerts.lnk -> C:\Users\lhsrry\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe (No File)
    Startup: C:\Users\lhsrry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Weather Alerts.lnk
    ShortcutTarget: Weather Alerts.lnk -> C:\Users\lhsrry\AppData\Local\WeatherAlerts\WeatherAlerts.exe (No File)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
    ProxyServer: [.DEFAULT] => http=127.0.0.1:49541;https=127.0.0.1:49541
    ProxyEnable: [S-1-5-21-1534693805-1363340325-1431764050-1002] => Internet Explorer proxy is enabled.
    ProxyServer: [S-1-5-21-1534693805-1363340325-1431764050-1002] => http=127.0.0.1:49239;https=127.0.0.1:49239
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=befhp&type=iehp-3.2-1307
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
    SearchScopes: HKLM -> {798F9BAF-3F65-4146-9236-FF3555F7A087} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL =
    SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope value is missing.
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {798F9BAF-3F65-4146-9236-FF3555F7A087} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
    SearchScopes: HKU\S-1-5-21-1534693805-1363340325-1431764050-1002 -> {798F9BAF-3F65-4146-9236-FF3555F7A087} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-1534693805-1363340325-1431764050-1002 -> {C94FF106-A271-46AA-918C-30E0756C0DF7} URL = http://search.yahoo.com/search?ei=utf-8&fr=befds&p={searchTerms}&type=ieds-3.2-1307
    SearchScopes: HKU\S-1-5-21-1534693805-1363340325-1431764050-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
    BHO: SmartOnes -> {43aca2a0-f467-4353-bf5d-36358552a4c9} -> C:\Program Files (x86)\SmartOnes\cXMVGsnnFea9IQ.x64.dll ()
    BHO: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll" No File
    BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
    BHO: SearchSnacks -> {7D1B27B2-3DE0-4F26-94A0-E14FDB06D292} -> C:\Program Files\SearchSnacks\IE\SearchSnacksClientIE.dll (Search Snacks)
    BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: RegularDeals -> {a37478b4-e279-46e5-be9f-a02bea35ddfd} -> C:\ProgramData\RegularDeals\0cMlGoPZcm4YMg.x64.dll No File
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
    BHO: BlockAndSurf -> {D42FC174-E80F-470C-8CF5-5E538924B568} -> C:\Program Files (x86)\ver8BlockAndSurf\177_x64.dll ()
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO: 50Coupons -> {f995fddf-bd0c-4d1b-a91e-30fa788de357} -> C:\ProgramData\50Coupons\vAU3KXK7HTl2wF.x64.dll No File
    BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: BeFrugalIEHelper -> {2335A057-CBA6-40F6-A712-C6A7C98F7813} -> C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll (Capital Intellect, Inc.)
    BHO-x32: SmartOnes -> {43aca2a0-f467-4353-bf5d-36358552a4c9} -> C:\Program Files (x86)\SmartOnes\cXMVGsnnFea9IQ.dll ()
    BHO-x32: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll" No File
    BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
    BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
    BHO-x32: focusbase -> {8fda85d4-b14a-49f5-9de6-f91c4ec5aaf4} -> C:\Program Files (x86)\focusbase\focusbasebho.dll (focusbase)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    BHO-x32: BlockAndSurf -> {D42FC174-E80F-470C-8CF5-5E538924B568} -> C:\Program Files (x86)\ver8BlockAndSurf\177.dll ()
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll" No File
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM-x32 - BeFrugal.com Toolbar - {5BA2C4EE-42EF-4E2D-88BE-7271AE4E35B7} - C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll (Capital Intellect, Inc.)
    Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll No File
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKLM-x32 - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll" No File
    Toolbar: HKU\S-1-5-21-1534693805-1363340325-1431764050-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    Toolbar: HKU\S-1-5-21-1534693805-1363340325-1431764050-1002 -> Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll" No File
    DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\5m89yk0b.default
    FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
    FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
    FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Extension: focusbase - C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\5m89yk0b.default\Extensions\{2b929fe1-284b-4766-afb9-19b0915b99b0}.xpi [2014-08-22]
    FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-10-28]
    FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn
    FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn [2012-07-15]
    FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn
    FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn [2014-12-03]
    FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-09-17]
    FF HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Firefox\Extensions: [{41BA2735-CDB2-7E82-8CA5-1E9998562EAA}] - C:\Program Files (x86)\ver8BlockAndSurf\177.xpi
    FF Extension: BlockAndSurf - C:\Program Files (x86)\ver8BlockAndSurf\177.xpi [2014-08-22]
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\search-snacks@search-snacks.com [Not Found]

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Users\lhsrry\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Website Logon) - C:\Users\lhsrry\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2014-11-22]
    CHR Extension: (Norton Identity Protection) - C:\Users\lhsrry\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-08-24]
    CHR HKLM\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path
    CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
    CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx [2013-02-05]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [File not signed]
    S2 BeFrugal.com Service; C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe [346960 2013-06-18] (Capital Intellect, Inc.)
    S2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
    S2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
    S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    S2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
    S2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-28] (Realsil Microelectronics Inc.) [File not signed]
    S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-15] (Symantec Corporation)
    S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    S2 SlimService; C:\Program Files\SlimService\SlimServiceFactory.exe [244544 2014-09-10] (SlimWare Utilities, Inc.)
    S2 Update focusbase; C:\Program Files (x86)\focusbase\updatefocusbase.exe [323360 2014-08-21] ()
    S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
    S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
    S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
    S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-09-20] (Broadcom Corporation.)
    S3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120905.001\BHDrvx64.sys [1385120 2012-08-31] (Symantec Corporation)
    S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-20] (Broadcom Corporation.)
    S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)
    S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-08] (Symantec Corporation)
    S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-16] (Symantec Corporation)
    S3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120907.001\IDSvia64.sys [513184 2012-08-31] (Symantec Corporation)
    S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-03] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120907.020\ENG64.SYS [125600 2012-09-07] (Symantec Corporation)
    S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120907.020\EX64.SYS [2084000 2012-09-07] (Symantec Corporation)
    S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)
    S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)
    R1 ssnfd; C:\Windows\System32\drivers\ssnfd.sys [58248 2014-07-28] (Search Snacks)
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-10-30] ()
    S3 SymDS; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
    S3 SymEFA; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
    S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-07-17] (Symantec Corporation)
    S3 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation)
    S3 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation)
    S2 webinstr; C:\Windows\system32\Drivers\webinstr.sys [57528 2014-07-16] (Corsica)
    R1 {2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64; C:\Windows\System32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64.sys [61120 2014-08-21] (StdLib)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-03 21:02 - 2014-12-03 21:04 - 00000000 ____D () C:\FRST
    2014-12-03 20:03 - 2014-12-03 20:03 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-12-03 20:03 - 2014-12-03 20:03 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-12-03 20:03 - 2014-12-03 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-12-03 20:03 - 2014-12-03 20:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-12-03 20:03 - 2014-12-03 20:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-12-03 20:03 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-12-03 20:03 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-12-03 20:03 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-12-03 20:01 - 2014-12-03 20:01 - 00020473 _____ () C:\Users\lhsrry\Desktop\JRT1.txt
    2014-12-03 19:56 - 2014-12-03 19:56 - 00000000 ____D () C:\Windows\ERUNT
    2014-12-03 19:56 - 2014-11-29 05:17 - 01707646 _____ (Thisisu) C:\Users\lhsrry\Desktop\JRT_NEW.exe
    2014-12-03 19:46 - 2014-12-03 19:46 - 00013652 _____ () C:\Users\lhsrry\Desktop\AdwCleaner[S1].txt
    2014-12-03 19:45 - 2014-12-03 19:45 - 00015438 _____ () C:\Users\lhsrry\Desktop\AdwCleaner[R0].txt
    2014-12-03 17:25 - 2014-12-03 17:25 - 00014763 _____ () C:\Users\lhsrry\Desktop\attach.txt
    2014-12-03 17:25 - 2014-12-03 17:24 - 00031358 _____ () C:\Users\lhsrry\Desktop\dds.txt
    2014-12-03 17:17 - 2014-12-03 17:17 - 00000861 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
    2014-12-02 15:38 - 2014-12-02 15:38 - 01115104 _____ () C:\Users\lhsrry\Downloads\Setup (6).exe
    2014-12-02 15:12 - 2014-12-03 16:49 - 00002826 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
    2014-12-02 15:12 - 2014-12-03 16:49 - 00002824 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
    2014-12-02 15:12 - 2014-12-03 16:49 - 00002824 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
    2014-12-02 14:44 - 2014-12-02 14:44 - 00000000 ____D () C:\ProgramData\Supreme AdBlocker
    2014-12-01 19:16 - 2014-12-01 19:16 - 00022528 _____ () C:\Users\lhsrry\AppData\Local\dsisetup1571242532.exe
    2014-12-01 13:31 - 2014-12-01 13:31 - 00000412 _____ () C:\Users\lhsrry\Downloads\Attachment (7)
    2014-12-01 13:31 - 2014-12-01 13:31 - 00000412 _____ () C:\Users\lhsrry\Downloads\Attachment (6)
    2014-11-24 20:51 - 2014-12-03 16:57 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForlhsrry
    2014-11-24 20:51 - 2014-12-03 16:57 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForlhsrry.job
    2014-11-22 21:27 - 2014-11-22 21:27 - 00854344 _____ (Google Inc.) C:\Users\lhsrry\Downloads\Unconfirmed 729982.crdownload
    2014-11-19 11:32 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-11-19 11:32 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2014-11-19 11:32 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-11-19 11:32 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2014-11-17 22:50 - 2014-12-02 11:33 - 00000000 ____D () C:\ProgramData\f172c0cf1166a42f
    2014-11-17 22:50 - 2014-11-17 22:50 - 00000000 ____D () C:\ProgramData\SmartOnes
    2014-11-17 22:49 - 2014-11-19 11:39 - 00000000 ____D () C:\Users\HomeGroupUser$
    2014-11-17 22:49 - 2014-11-19 11:39 - 00000000 ____D () C:\Users\Guest
    2014-11-17 22:49 - 2014-11-19 11:39 - 00000000 ____D () C:\Users\Administrator
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\lhsrry\AppData\Local\Comodo
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Program Files (x86)\SmartOnes
    2014-11-11 21:51 - 2014-11-07 14:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-11-11 21:51 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-11-11 21:51 - 2014-11-05 23:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-11-11 21:51 - 2014-11-05 23:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-11-11 21:51 - 2014-11-05 22:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-11-11 21:51 - 2014-11-05 22:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-11-11 21:51 - 2014-11-05 22:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-11-11 21:51 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-11-11 21:51 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-11-11 21:51 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-11-11 21:51 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-11-11 21:51 - 2014-11-05 22:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-11-11 21:51 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-11-11 21:51 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-11-11 21:51 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-11-11 21:51 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-11-11 21:51 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-11-11 21:51 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-11-11 21:51 - 2014-11-05 21:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-11-11 21:51 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-11-11 21:51 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-11-11 21:51 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-11-11 21:51 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-11-11 21:51 - 2014-11-05 21:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-11-11 21:51 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-11-11 21:51 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-11-11 21:51 - 2014-11-05 12:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2014-11-11 21:51 - 2014-11-05 12:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-11-11 21:51 - 2014-11-05 12:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-11-11 21:51 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2014-11-11 21:51 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2014-11-11 21:51 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-11-11 21:51 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2014-11-11 21:51 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2014-11-11 21:51 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2014-11-11 21:51 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2014-11-11 21:51 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2014-11-11 21:51 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2014-11-11 21:50 - 2014-11-05 23:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-11-11 21:50 - 2014-11-05 22:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-11-11 21:50 - 2014-11-05 22:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-11-11 21:50 - 2014-11-05 22:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-11-11 21:50 - 2014-11-05 22:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-11-11 21:50 - 2014-11-05 22:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-11-11 21:50 - 2014-11-05 22:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-11-11 21:50 - 2014-11-05 22:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-11-11 21:50 - 2014-11-05 22:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-11-11 21:50 - 2014-11-05 22:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-11-11 21:50 - 2014-11-05 22:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-11-11 21:50 - 2014-11-05 22:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-11-11 21:50 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-11-11 21:50 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-11-11 21:50 - 2014-11-05 22:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-11-11 21:50 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-11-11 21:50 - 2014-11-05 22:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-11-11 21:50 - 2014-11-05 21:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-11-11 21:50 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-11-11 21:50 - 2014-11-05 21:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-11-11 21:50 - 2014-11-05 21:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-11-11 21:50 - 2014-11-05 21:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-11-11 21:50 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-11-11 21:50 - 2014-11-05 21:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-11-11 21:50 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-11-11 21:50 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-11-11 21:50 - 2014-11-05 21:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-11-11 21:50 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-11-11 21:50 - 2014-11-05 20:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-11-11 21:50 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-11-11 21:49 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2014-11-11 21:49 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2014-11-11 21:49 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2014-11-11 21:49 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2014-11-11 21:49 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2014-11-11 21:49 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2014-11-11 21:49 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2014-11-11 21:49 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2014-11-11 21:49 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2014-11-11 21:49 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2014-11-11 21:49 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2014-11-11 21:49 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
    2014-11-11 21:49 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
    2014-11-11 21:49 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
    2014-11-11 21:48 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2014-11-11 21:48 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2014-11-11 21:48 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2014-11-11 21:48 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2014-11-11 21:48 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2014-11-11 21:48 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2014-11-11 21:48 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2014-11-11 21:48 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2014-11-11 21:48 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2014-11-11 21:48 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2014-11-11 21:48 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2014-11-11 21:48 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2014-11-11 21:47 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2014-11-11 21:46 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2014-11-11 21:45 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2014-11-11 21:45 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2014-11-11 21:45 - 2014-10-13 21:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-11-11 21:45 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2014-11-11 21:45 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-03 19:55 - 2014-07-23 12:12 - 00000000 ____D () C:\AdwCleaner
    2014-12-03 17:23 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-12-03 17:09 - 2013-07-26 20:35 - 00000430 _____ () C:\Windows\Tasks\BeFrugal.com Toolbar.job
    2014-12-03 17:09 - 2011-12-22 21:43 - 01647941 _____ () C:\Windows\WindowsUpdate.log
    2014-12-03 17:00 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-03 17:00 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-03 16:57 - 2014-08-21 20:46 - 00000162 _____ () C:\Users\lhsrry\AppData\Roaming\WB.CFG
    2014-12-03 16:57 - 2014-08-21 18:57 - 00000296 _____ () C:\Windows\Tasks\WSE_Astromenda.job
    2014-12-03 16:57 - 2012-07-15 22:45 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8D535016-AD38-4B64-BF5D-6A2104F34EA9}
    2014-12-03 16:56 - 2014-08-22 17:00 - 00000310 _____ () C:\Windows\SysWOW64\ff.bin
    2014-12-03 16:54 - 2014-10-28 18:06 - 00003254 _____ () C:\Windows\System32\Tasks\Super Optimizer Schedule
    2014-12-03 16:51 - 2014-08-22 16:55 - 00000552 _____ () C:\Windows\SysWOW64\schtasks.bin
    2014-12-03 16:51 - 2014-08-22 15:52 - 00003322 _____ () C:\Windows\System32\Tasks\SuperFastPC_AutorunOnStartup
    2014-12-03 16:50 - 2014-10-30 21:54 - 00003076 _____ () C:\Windows\System32\Tasks\Advanced-System Protector_startup
    2014-12-03 16:50 - 2014-08-21 18:40 - 00000000 ____D () C:\Users\lhsrry\AppData\Local\ospd_us_55
    2014-12-03 16:49 - 2014-09-19 18:20 - 00003032 _____ () C:\Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - lhsrry)
    2014-12-03 16:49 - 2014-09-19 18:20 - 00000368 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - lhsrry).job
    2014-12-03 16:48 - 2014-08-21 18:46 - 00000296 _____ () C:\Windows\Tasks\Groovorio Updater.job
    2014-12-03 16:45 - 2013-07-12 11:33 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-03 16:45 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-12-03 16:44 - 2009-07-13 23:51 - 00084270 _____ () C:\Windows\setupact.log
    2014-12-02 22:33 - 2012-10-04 09:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-12-02 21:36 - 2012-07-25 00:34 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2014-12-02 21:36 - 2012-07-17 20:21 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2014-12-01 19:18 - 2012-07-16 22:10 - 00000000 ____D () C:\Users\lhsrry\AppData\Local\CrashDumps
    2014-12-01 19:16 - 2014-10-23 15:57 - 00000010 _____ () C:\Users\lhsrry\AppData\Local\DSI.DAT
    2014-11-25 23:33 - 2012-10-04 09:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-11-25 23:33 - 2012-10-04 09:12 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-11-25 23:33 - 2011-11-09 13:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-11-25 21:36 - 2012-07-15 23:36 - 00000000 ____D () C:\Users\lhsrry
    2014-11-19 12:09 - 2013-07-12 11:33 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-11-19 11:17 - 2010-11-20 22:47 - 00164024 _____ () C:\Windows\PFRO.log
    2014-11-17 22:49 - 2014-08-22 15:53 - 00000258 __RSH () C:\ProgramData\ntuser.pol
    2014-11-17 22:49 - 2013-07-12 11:33 - 00000000 ____D () C:\Users\lhsrry\AppData\Local\Google
    2014-11-12 15:53 - 2013-07-12 11:33 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-11-12 15:53 - 2013-07-12 11:33 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-11-12 15:53 - 2013-07-12 11:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-11-12 15:09 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
    2014-11-12 10:49 - 2009-07-13 23:45 - 00307376 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-11-12 10:46 - 2014-05-07 07:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-11-12 10:29 - 2012-07-16 17:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-11-07 13:17 - 2014-10-02 15:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
    2014-11-07 13:17 - 2014-10-02 15:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-11-07 13:17 - 2011-12-22 22:03 - 00000000 ____D () C:\ProgramData\Norton
    2014-11-07 13:17 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
    2014-11-07 13:17 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
    2014-11-04 14:30 - 2010-11-20 22:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-11-03 12:48 - 2014-10-28 18:00 - 00000000 ____D () C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r

    Some content of TEMP:
    ====================
    C:\Users\lhsrry\AppData\Local\Temp\1397543112_wajam_download.exe
    C:\Users\lhsrry\AppData\Local\Temp\1398328268_PCSpeedMaximizer_1.exe
    C:\Users\lhsrry\AppData\Local\Temp\18be6784_.exe
    C:\Users\lhsrry\AppData\Local\Temp\294823_.exe
    C:\Users\lhsrry\AppData\Local\Temp\7od5ss2d.dll
    C:\Users\lhsrry\AppData\Local\Temp\9n639y4s.dll
    C:\Users\lhsrry\AppData\Local\Temp\APNSetup.exe
    C:\Users\lhsrry\AppData\Local\Temp\BackupSetup.exe
    C:\Users\lhsrry\AppData\Local\Temp\bpobr1mf.dll
    C:\Users\lhsrry\AppData\Local\Temp\cfe4mjev.dll
    C:\Users\lhsrry\AppData\Local\Temp\Extract.exe
    C:\Users\lhsrry\AppData\Local\Temp\fbvynndy.dll
    C:\Users\lhsrry\AppData\Local\Temp\HPHelpUpdater.exe
    C:\Users\lhsrry\AppData\Local\Temp\ie9rzmp3.dll
    C:\Users\lhsrry\AppData\Local\Temp\lfnsi1oj.dll
    C:\Users\lhsrry\AppData\Local\Temp\loghogha.dll
    C:\Users\lhsrry\AppData\Local\Temp\MyPCBackupRevshare.exe
    C:\Users\lhsrry\AppData\Local\Temp\nsh902B.exe
    C:\Users\lhsrry\AppData\Local\Temp\nsh96E0.exe
    C:\Users\lhsrry\AppData\Local\Temp\nshDC0D.exe
    C:\Users\lhsrry\AppData\Local\Temp\nsnE68A.exe
    C:\Users\lhsrry\AppData\Local\Temp\o3cbx5yr.dll
    C:\Users\lhsrry\AppData\Local\Temp\oi_{923D193D-BA4C-4B72-8EFA-2E6007610448}.exe
    C:\Users\lhsrry\AppData\Local\Temp\p1zfoles.dll
    C:\Users\lhsrry\AppData\Local\Temp\post1.exe
    C:\Users\lhsrry\AppData\Local\Temp\post2.dll
    C:\Users\lhsrry\AppData\Local\Temp\post2.exe
    C:\Users\lhsrry\AppData\Local\Temp\Quarantine.exe
    C:\Users\lhsrry\AppData\Local\Temp\Resource.exe
    C:\Users\lhsrry\AppData\Local\Temp\safeguard.exe
    C:\Users\lhsrry\AppData\Local\Temp\scpE1CC.tmp.exe
    C:\Users\lhsrry\AppData\Local\Temp\SearchProtectINT.exe
    C:\Users\lhsrry\AppData\Local\Temp\setup_279.exe
    C:\Users\lhsrry\AppData\Local\Temp\SfpcHelper_installFinish.exe
    C:\Users\lhsrry\AppData\Local\Temp\SfpcHelper_installStart.exe
    C:\Users\lhsrry\AppData\Local\Temp\SP56221.exe
    C:\Users\lhsrry\AppData\Local\Temp\SP56485.exe
    C:\Users\lhsrry\AppData\Local\Temp\SP57232.exe
    C:\Users\lhsrry\AppData\Local\Temp\SP57398.exe
    C:\Users\lhsrry\AppData\Local\Temp\SP57698.exe
    C:\Users\lhsrry\AppData\Local\Temp\SP57965.exe
    C:\Users\lhsrry\AppData\Local\Temp\SP58131.exe
    C:\Users\lhsrry\AppData\Local\Temp\sp58915.exe
    C:\Users\lhsrry\AppData\Local\Temp\SP58986.exe
    C:\Users\lhsrry\AppData\Local\Temp\SP60051.exe
    C:\Users\lhsrry\AppData\Local\Temp\sp64126.exe
    C:\Users\lhsrry\AppData\Local\Temp\System.Data.SQLite.dll
    C:\Users\lhsrry\AppData\Local\Temp\System.Data.SQLite49386.dll
    C:\Users\lhsrry\AppData\Local\Temp\syyoykpw.dll
    C:\Users\lhsrry\AppData\Local\Temp\tcopldjy.dll
    C:\Users\lhsrry\AppData\Local\Temp\UninstallHPSA.exe
    C:\Users\lhsrry\AppData\Local\Temp\w4ae3v1k.dll
    C:\Users\lhsrry\AppData\Local\Temp\wiz.exe
    C:\Users\lhsrry\AppData\Local\Temp\xh_ibqjn.dll
    C:\Users\lhsrry\AppData\Local\Temp\y1u5xtjl.dll
    C:\Users\lhsrry\AppData\Local\Temp\z4cssqz-.dll
    C:\Users\lhsrry\AppData\Local\Temp\~83C9D924862443D4AED8CD310A0ED1D3.exe
    C:\Users\lhsrry\AppData\Local\Temp\~DE5221FA062F464799372A93D163AC11.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-11-26 13:03

    ==================== End Of Log ============================

     

     

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014
    Ran by lhsrry at 2014-12-03 21:06:06
    Running from H:\
    Boot Mode: Safe Mode (with Networking)
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
    4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
    4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
    50Coupons (HKLM-x32\...\{CF987D06-1DCF-7B36-5B43-13BC8699C44C}) (Version:  - "") <==== ATTENTION
    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
    Advanced-System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~4A5BE654_is1) (Version: 2.1.1000.13727 - Systweak Software) <==== ATTENTION
    AMD Catalyst Install Manager (HKLM\...\{ACD449FA-9DF3-779D-DA68-11D486963225}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
    AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)
    AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.1 - CMI Limited) <==== ATTENTION
    Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0F05}) (Version: 12.15.5.7 - APN, LLC) <==== ATTENTION
    AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
    AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.786 - AVG Technologies)
    BeFrugal.com Toolbar (HKLM-x32\...\BeFrugal.com Toolbar_is1) (Version: 2013.3.2.1 - BeFrugal.com)
    Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
    Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
    BlockAndSurf (HKLM-x32\...\8C6B2099-070F-7ACB-53BC-8B004C13A309) (Version:  - BlockAndSurf-software) <==== ATTENTION
    Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.140 - Broadcom Corporation)
    Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.2300 - Broadcom Corporation)
    Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.5.2300 - Broadcom Corporation)
    BrowserSafeguard with Rockettab (HKLM-x32\...\BrowserSafeguard) (Version:  - BrowserSafeguard with Rockettab) <==== ATTENTION
    BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DesktopWeatherAlerts (HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\DesktopWeatherAlerts) (Version: 1.0.29.0 - Local Weather LLC) <==== ATTENTION
    Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
    DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    DriverUpdate (HKLM-x32\...\{CF516344-84E1-4420-BDAD-52E13F32D07E}) (Version: 2.2.41149 - SlimWare Utilities, Inc.)
    ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
    Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
    Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
    FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
    Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
    focusbase (HKLM\...\focusbase) (Version: 2014.08.21.192936 - focusbase)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Groovorio (HKLM-x32\...\Groovorio) (Version:  - Groovorio) <==== ATTENTION
    Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
    HP 3D DriveGuard (HKLM\...\{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}) (Version: 4.1.16.1 - Hewlett-Packard Company)
    HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)
    HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
    HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
    HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
    HP Documentation (HKLM-x32\...\{9BCA64E3-D180-4F13-8014-5E62947150C1}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
    HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
    HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
    HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
    HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
    HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
    HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
    HP Security Assistant (HKLM\...\{0576788F-2993-455F-80CD-980114095103}) (Version: 1.0.11 - Hewlett-Packard)
    HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
    HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
    HP SimplePass 2012 (HKLM-x32\...\{423FBEB8-21C6-4720-A8DA-B19B06FDB607}) (Version: 5.3.1.7 - Hewlett-Packard)
    HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
    HP Software Framework (HKLM-x32\...\{1DFA0C99-6E2E-46F4-B242-51C7CF41DDE5}) (Version: 4.5.12.1 - Hewlett-Packard Company)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
    HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
    HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
    HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    I.d.l.e  C.r.a.w.l.e.r (HKLM-x32\...\I.d.l.e  C.r.a.w.l.e.r) (Version: 100.0.0.447 - MILE 27 LTD)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
    InboxAce Internet Explorer Toolbar (HKLM-x32\...\InboxAce_1gbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
    Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
    Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
    Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
    John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Juniper_Setup_Client) (Version: 7.1.9.20595 - Juniper Networks, Inc.)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
    Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
    Mozilla Firefox 32.0.3 (x86 en-US) (HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
    Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
    Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation)
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    OneSoftPerDay 025.55 (HKLM-x32\...\ospd_us_55_is1) (Version:  - ONESOFTPERDAY)
    opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
    PC Speed Maximizer v3.2 (HKLM-x32\...\PC Speed Maximizer_is1) (Version: 3.2 - SoftCity)
    Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
    PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
    Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
    RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
    RegularDeals (HKLM-x32\...\{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4}) (Version:  - "")
    RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Search Snacks (HKLM-x32\...\SearchSnacks) (Version: 1.9.0.7 - Search Snacks)
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
    Shopop (HKLM-x32\...\{0B8CE7E6-5A75-4DA6-B413-F0E169935001}) (Version: 11.90.68.18557 - My Pop Shop Ltd.) <==== ATTENTION
    Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    SlimCleaner Plus (HKLM\...\{1A82D6CA-3F95-45E0-8700-D18640CEC16E}) (Version: 1.0.23608 - SlimWare Utilities, Inc.)
    SmartOnes (HKLM-x32\...\{D0DBE908-5DE8-3DF3-83C9-01620C65816F}) (Version: 4.3.0.1958 - )
    SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Super Optimizer v3.2 (HKLM-x32\...\Super Optimizer_is1) (Version: 3.2.0.1 - Super PC Tools ltd)
    Supporter 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b}) (Version:  - SmartOnes) <==== ATTENTION
    Supreme AdBlocker (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - Supreme AdBlocker) <==== ATTENTION
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
    System Optimizer Pro (HKLM\...\System Optimizer Pro) (Version: 1.0 - 383 Media, Inc.) <==== ATTENTION
    The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
    Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
    TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
    Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
    Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
    VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
    WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
    WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    WSE_Astromenda (HKLM-x32\...\WSE_Astromenda) (Version:  - WSE_Astromenda) <==== ATTENTION
    Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
    Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


    ==================== Restore Points  =========================

    01-11-2014 01:12:43 Windows Update
    04-11-2014 17:43:43 Windows Update
    07-11-2014 15:36:17 Windows Update
    12-11-2014 02:45:21 Windows Update
    12-11-2014 15:22:53 Windows Update
    19-11-2014 16:31:52 Windows Update
    19-11-2014 16:36:30 Windows Update
    23-11-2014 02:21:01 Windows Update
    26-11-2014 15:50:15 Windows Update
    02-12-2014 16:33:08 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0642FBB5-F61E-4F2E-B5F1-4A19D3DE6B12} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [2014-10-20] (SUPER PC TOOLS LIMITED)
    Task: {09376D32-FBA1-4573-90F9-835F9C356F29} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
    Task: {0B4DAC11-E65C-49D6-8165-0CB2A32497AE} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-01] (Symantec Corporation)
    Task: {16C8297B-5F10-4463-85D2-22AE563056CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {238EE9AC-2E4D-4369-B762-2E1F5EB368E5} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: {29BC9DED-75E8-4666-9746-FDB5D21C5764} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {322D1574-E5C0-4ACA-A43A-61B6362898B8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {38E60163-58D0-4EF6-BDB2-36174D6BE0A7} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-03] (Symantec Corporation)
    Task: {3C0A3C07-1863-464F-ABB8-0E5F2EFAA33A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: {49C0EFE4-AA8D-4D91-90A1-BCA46DF8F329} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-03] (Symantec Corporation)
    Task: {51989597-DA9D-4F08-9386-99A9C50CE2C5} - System32\Tasks\IC Runner Procedure => %LOCALAPPDATA%\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
    Task: {56E39532-760E-4F79-A102-E8BF01032AAE} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
    Task: {57A4F0AE-6978-4961-9A05-202F67B50A45} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN46AFV2KM => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
    Task: {5FB4A4E1-5A3E-4E71-8A7B-52E3CA2DEF29} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: {630E3E5D-610B-44DB-87F4-BE462F90A5CB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: {6D5440CF-B0C5-46E7-896C-A18AF39E6BA9} - System32\Tasks\SuperFastPC_AutorunOnStartup => C:\Program Files (x86)\System Optimizer Pro\SystemOptimizerPro.exe <==== ATTENTION
    Task: {723BFC0E-50A3-46DE-91F4-133282B29C5E} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - lhsrry) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [2014-09-10] (SlimWare Utilities, Inc.)
    Task: {73679772-738D-4C04-A170-C21D14CEFEDB} - System32\Tasks\BeFrugal.com Toolbar => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe [2012-09-11] (Capital Intellect, Inc.)
    Task: {7D386A5C-F28F-40D2-831F-3735EF5A3AB7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated)
    Task: {7FBFB52C-F0C3-49CF-8296-B9790BE26835} - System32\Tasks\WSE_Astromenda => C:\Users\lhsrry\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: {878A6F72-E751-4777-8635-FD1E7B86725D} - System32\Tasks\DriverUpdate Scan => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2014-09-11] (SlimWare Utilities, Inc.)
    Task: {8B701915-FB8F-48D1-96F7-DCF6B84E6DA6} - System32\Tasks\HPCeeScheduleForlhsrry => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
    Task: {9F7306DA-1CAA-4DD5-84D5-89DE68284106} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: {AA4B9171-2190-4F1C-A8D2-586F3CEEBAB6} - System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure => %LOCALAPPDATA%\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
    Task: {B79A7CC8-8E87-4F37-842E-1B003EE65DAC} - System32\Tasks\Groovorio Updater => C:\Users\lhsrry\AppData\Roaming\GROOVO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: {C49A6826-E9C1-4091-B39C-CF48DB44A4D2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: {EEFD104F-EDD2-4B29-A957-6EE83BF80D03} - System32\Tasks\Advanced-System Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe <==== ATTENTION
    Task: {F05CEC3D-B800-4B42-AE1E-E2B8188DBDE6} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-28] (CyberLink)
    Task: {F8E23A84-ABE3-4891-9ABA-C16CF7F4BF4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\BeFrugal.com Toolbar.job => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\Groovorio Updater.job => C:\Users\lhsrry\AppData\Roaming\GROOVO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: C:\Windows\Tasks\HPCeeScheduleForlhsrry.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - lhsrry).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: C:\Windows\Tasks\WSE_Astromenda.job => C:\Users\lhsrry\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

    ==================== Loaded Modules (whitelisted) =============


    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)


    ========================= Accounts: ==========================

    Administrator (S-1-5-21-1534693805-1363340325-1431764050-500 - Administrator - Disabled)
    Guest (S-1-5-21-1534693805-1363340325-1431764050-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1534693805-1363340325-1431764050-1003 - Limited - Enabled)
    lhsrry (S-1-5-21-1534693805-1363340325-1431764050-1002 - Administrator - Enabled) => C:\Users\lhsrry

    ==================== Faulty Device Manager Devices =============

    Name: Officejet 4500 G510g-m
    Description: Officejet 4500 G510g-m
    Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Manufacturer: HP
    Service: StillCam
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Officejet 4500 G510g-m
    Description: Officejet 4500 G510g-m
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Officejet Pro 8100
    Description: Officejet Pro 8100
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Security Processor Loader Driver
    Description: Security Processor Loader Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: spldr
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: Consumer IR Devices
    Description: Consumer IR Devices
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: circlass
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================

    System errors:
    =============
    Error: (12/03/2014 09:02:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (12/03/2014 09:02:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (12/03/2014 09:02:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (12/03/2014 09:00:43 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR2.

    Error: (12/03/2014 09:00:43 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR2.

    Error: (12/03/2014 09:00:42 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR2.

    Error: (12/03/2014 09:00:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (12/03/2014 09:00:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (12/03/2014 09:00:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (12/03/2014 08:55:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068


    Microsoft Office Sessions:
    =========================

    ==================== Memory info ===========================

    Processor: AMD A6-3420M APU with Radeon™ HD Graphics
    Percentage of memory in use: 15%
    Total physical RAM: 5609.91 MB
    Available physical RAM: 4718.93 MB
    Total Pagefile: 11217.99 MB
    Available Pagefile: 10388.41 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.81 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:571.33 GB) (Free:501.98 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (Recovery) (Fixed) (Total:20.67 GB) (Free:2.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32
    Drive h: () (Removable) (Total:3.74 GB) (Free:1.17 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: E871E610)
    Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=571.3 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=20.7 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

    ========================================================
    Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)

    Partition: GPT Partition Type.

    ==================== End Of Log ============================



    #10 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:02:59 PM

    Posted 03 December 2014 - 09:58 PM

    Why did you run the scans in Safemode ??   Let me explain this to you, been at this since windows 95 and I dont believe I have seen so much garbage downloaded and installed on one computer, you or someone you authorize to use this computer is downloading every piece of junk they can find, I currently am running windows 7 from my laptop and windows 8 from my desktop, I have one antivirus, one anti malware program installed, you dont need all these cleaners and optimizers, most of this garbage brings other garbage with it, its a wonder that this computer even starts up at all. Windows has a lot of tools that you can use to cleanup your system without downloading all this other garbage.  Most free programs like BlocknSurf bring other garbage with it

    Go to your control panel and uninstall these if you can

     
    SlimCleaner Plus
    PC Speed Maximizer
    Search Snacks
     
     
    I am attaching Fixlist.txt, you need to download it to the same location as you have FRST64 or the fix wont work, after you download it, open up FRST64 and click on FIX, it may take some time as there is a lot to remove and it will also reboot your system, when its done it will create a log named FIXLOG in the same location as FRST64, post it back here for me to see and then run another scan with FRST64, besure to checkmark Additions and post both new logs 

    Attached Files


    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #11 kingterp

    kingterp
    • Topic Starter

    • Members
    • 31 posts
    • OFFLINE
    •  
    • Local time:01:59 PM

    Posted 03 December 2014 - 10:45 PM

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2014
    Ran by lhsrry at 2014-12-03 22:17:57 Run:1
    Running from H:\
    Loaded Profile: lhsrry (Available profiles: lhsrry)
    Boot Mode: Safe Mode (with Networking)
    ==============================================

    Content of fixlist:
    *****************
    Start
    CloseProcesses:
    HKLM\...\Run: [InboxAce Home Page Guard 64 bit] => "C:\PROGRA~2\INBOXA~2\bar\1.bin\AppIntegrator64.exe"
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [InboxAce EPM Support] => "C:\PROGRA~2\INBOXA~2\bar\1.bin\1gmedint.exe" T8EPMSUP.DLL,S
    HKLM-x32\...\Run: [ospd_us_55] => "C:\Program Files (x86)\ospd_us_55\ospd_us_55.exe"
    HKLM-x32\...\Run: [BlockAndSurf] => C:\Program Files (x86)\ver8BlockAndSurf\BlockAndSurf.exe [121856 2014-08-22] ()
    HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
    HKLM-x32\...\RunOnce: [upospd_us_55.exe] => C:\Users\lhsrry\AppData\Local\ospd_us_55\upospd_us_55.exe [3338232 2014-08-21] ()
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [676968 2014-10-20] (SUPER PC TOOLS LIMITED)
    AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
    Startup: C:\Users\lhsrry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk
    ShortcutTarget: DesktopWeatherAlerts.lnk -> C:\Users\lhsrry\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe (No File)
    Startup: C:\Users\lhsrry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Weather Alerts.lnk
    ShortcutTarget: Weather Alerts.lnk -> C:\Users\lhsrry\AppData\Local\WeatherAlerts\WeatherAlerts.exe (No File)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
    ProxyServer: [.DEFAULT] => http=127.0.0.1:49541;https=127.0.0.1:49541
    ProxyEnable: [S-1-5-21-1534693805-1363340325-1431764050-1002] => Internet Explorer proxy is enabled.
    ProxyServer: [S-1-5-21-1534693805-1363340325-1431764050-1002] => http=127.0.0.1:49239;https=127.0.0.1:49239
    BHO: SmartOnes -> {43aca2a0-f467-4353-bf5d-36358552a4c9} -> C:\Program Files (x86)\SmartOnes\cXMVGsnnFea9IQ.x64.dll ()
    BHO: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll" No File
    BHO: SearchSnacks -> {7D1B27B2-3DE0-4F26-94A0-E14FDB06D292} -> C:\Program Files\SearchSnacks\IE\SearchSnacksClientIE.dll (Search Snacks)
    BHO: RegularDeals -> {a37478b4-e279-46e5-be9f-a02bea35ddfd} -> C:\ProgramData\RegularDeals\0cMlGoPZcm4YMg.x64.dll No File
    BHO: BlockAndSurf -> {D42FC174-E80F-470C-8CF5-5E538924B568} -> C:\Program Files (x86)\ver8BlockAndSurf\177_x64.dll ()
    BHO: 50Coupons -> {f995fddf-bd0c-4d1b-a91e-30fa788de357} -> C:\ProgramData\50Coupons\vAU3KXK7HTl2wF.x64.dll No File
    BHO-x32: SmartOnes -> {43aca2a0-f467-4353-bf5d-36358552a4c9} -> C:\Program Files (x86)\SmartOnes\cXMVGsnnFea9IQ.dll ()
    BHO-x32: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll" No File
    BHO-x32: focusbase -> {8fda85d4-b14a-49f5-9de6-f91c4ec5aaf4} -> C:\Program Files (x86)\focusbase\focusbasebho.dll (focusbase)
    BHO-x32: BlockAndSurf -> {D42FC174-E80F-470C-8CF5-5E538924B568} -> C:\Program Files (x86)\ver8BlockAndSurf\177.dll ()
    Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll" No File
    Toolbar: HKLM-x32 - BeFrugal.com Toolbar - {5BA2C4EE-42EF-4E2D-88BE-7271AE4E35B7} - C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll (Capital Intellect, Inc.)
    Toolbar: HKLM-x32 - InboxAce - {3775afd7-5921-4571-968f-85a631203d1c} - C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll No File
    Toolbar: HKLM-x32 - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll" No File
    Toolbar: HKU\S-1-5-21-1534693805-1363340325-1431764050-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    Toolbar: HKU\S-1-5-21-1534693805-1363340325-1431764050-1002 -> Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll" No File
    FF HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Firefox\Extensions: [{41BA2735-CDB2-7E82-8CA5-1E9998562EAA}] - C:\Program Files (x86)\ver8BlockAndSurf\177.xpi
    FF Extension: BlockAndSurf - C:\Program Files (x86)\ver8BlockAndSurf\177.xpi [2014-08-22]
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\search-snacks@search-snacks.com [Not Found]
    S2 BeFrugal.com Service; C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe [346960 2013-06-18] (Capital Intellect, Inc.)
    R1 {2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64; C:\Windows\System32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64.sys [61120 2014-08-21] (StdLib)
    2014-11-17 22:50 - 2014-11-17 22:50 - 00000000 ____D () C:\ProgramData\SmartOnes
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Program Files (x86)\SmartOnes
    2014-12-03 17:09 - 2013-07-26 20:35 - 00000430 _____ () C:\Windows\Tasks\BeFrugal.com Toolbar.job
    2014-12-03 16:57 - 2014-08-21 18:57 - 00000296 _____ () C:\Windows\Tasks\WSE_Astromenda.job
    2014-12-03 16:54 - 2014-10-28 18:06 - 00003254 _____ () C:\Windows\System32\Tasks\Super Optimizer Schedule
    2014-12-03 16:51 - 2014-08-22 15:52 - 00003322 _____ () C:\Windows\System32\Tasks\SuperFastPC_AutorunOnStartup
    2014-12-03 16:50 - 2014-10-30 21:54 - 00003076 _____ () C:\Windows\System32\Tasks\Advanced-System Protector_startup
    2014-12-03 16:50 - 2014-08-21 18:40 - 00000000 ____D () C:\Users\lhsrry\AppData\Local\ospd_us_55
    2014-12-03 16:48 - 2014-08-21 18:46 - 00000296 _____ () C:\Windows\Tasks\Groovorio Updater.job
    Shopop (HKLM-x32\...\{0B8CE7E6-5A75-4DA6-B413-F0E169935001}) (Version: 11.90.68.18557 - My Pop Shop Ltd.) <==== ATTENTION
    SmartOnes (HKLM-x32\...\{D0DBE908-5DE8-3DF3-83C9-01620C65816F}) (Version: 4.3.0.1958 - )
    Task: {0642FBB5-F61E-4F2E-B5F1-4A19D3DE6B12} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [2014-10-20] (SUPER PC TOOLS LIMITED)
    Task: {238EE9AC-2E4D-4369-B762-2E1F5EB368E5} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: {51989597-DA9D-4F08-9386-99A9C50CE2C5} - System32\Tasks\IC Runner Procedure => %LOCALAPPDATA%\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
    Task: {56E39532-760E-4F79-A102-E8BF01032AAE} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
    Task: {5FB4A4E1-5A3E-4E71-8A7B-52E3CA2DEF29} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: {630E3E5D-610B-44DB-87F4-BE462F90A5CB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: {6D5440CF-B0C5-46E7-896C-A18AF39E6BA9} - System32\Tasks\SuperFastPC_AutorunOnStartup => C:\Program Files (x86)\System Optimizer Pro\SystemOptimizerPro.exe <==== ATTENTION
    Task: {73679772-738D-4C04-A170-C21D14CEFEDB} - System32\Tasks\BeFrugal.com Toolbar => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe [2012-09-11] (Capital Intellect, Inc.)
    Task: {7FBFB52C-F0C3-49CF-8296-B9790BE26835} - System32\Tasks\WSE_Astromenda => C:\Users\lhsrry\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: {AA4B9171-2190-4F1C-A8D2-586F3CEEBAB6} - System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure => %LOCALAPPDATA%\I.d.l.e  C.r.a.w.l.e.r\I._C._Runner.exe
    Task: {B79A7CC8-8E87-4F37-842E-1B003EE65DAC} - System32\Tasks\Groovorio Updater => C:\Users\lhsrry\AppData\Roaming\GROOVO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: {EEFD104F-EDD2-4B29-A957-6EE83BF80D03} - System32\Tasks\Advanced-System Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe <==== ATTENTION
    Task: C:\Windows\Tasks\Groovorio Updater.job => C:\Users\lhsrry\AppData\Roaming\GROOVO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: C:\Windows\Tasks\WSE_Astromenda.job => C:\Users\lhsrry\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    CMD: ipconfig /flushdns
    Hosts:
    EmptyTemp:
    End


    *****************

    Processes closed successfully.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\InboxAce Home Page Guard 64 bit => value deleted successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\InboxAce EPM Support => value deleted successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ospd_us_55 => value deleted successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BlockAndSurf => value deleted successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AnyProtect Scanner => value deleted successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\upospd_us_55.exe => value deleted successfully.
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Super Optimizer => value deleted successfully.
    "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value Data removed successfully.
    C:\Users\lhsrry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk => Moved successfully.
    C:\Users\lhsrry\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe not found.
    C:\Users\lhsrry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Weather Alerts.lnk => Moved successfully.
    C:\Users\lhsrry\AppData\Local\WeatherAlerts\WeatherAlerts.exe not found.
    C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
    C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
    "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
    "HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43aca2a0-f467-4353-bf5d-36358552a4c9}" => Key deleted successfully.
    "HKCR\CLSID\{43aca2a0-f467-4353-bf5d-36358552a4c9}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}" => Key deleted successfully.
    "HKCR\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}" => Key deleted successfully.
    "HKCR\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a37478b4-e279-46e5-be9f-a02bea35ddfd}" => Key deleted successfully.
    "HKCR\CLSID\{a37478b4-e279-46e5-be9f-a02bea35ddfd}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D42FC174-E80F-470C-8CF5-5E538924B568}" => Key deleted successfully.
    "HKCR\CLSID\{D42FC174-E80F-470C-8CF5-5E538924B568}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f995fddf-bd0c-4d1b-a91e-30fa788de357}" => Key deleted successfully.
    "HKCR\CLSID\{f995fddf-bd0c-4d1b-a91e-30fa788de357}" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43aca2a0-f467-4353-bf5d-36358552a4c9}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{43aca2a0-f467-4353-bf5d-36358552a4c9}" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7}" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8fda85d4-b14a-49f5-9de6-f91c4ec5aaf4}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{8fda85d4-b14a-49f5-9de6-f91c4ec5aaf4}" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D42FC174-E80F-470C-8CF5-5E538924B568}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{D42FC174-E80F-470C-8CF5-5E538924B568}" => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{4F524A2D-5637-4300-76A7-7A786E7484D7} => value deleted successfully.
    "HKCR\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7}" => Key not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{5BA2C4EE-42EF-4E2D-88BE-7271AE4E35B7} => value deleted successfully.
    "HKCR\Wow6432Node\CLSID\{5BA2C4EE-42EF-4E2D-88BE-7271AE4E35B7}" => Key deleted successfully.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{3775afd7-5921-4571-968f-85a631203d1c} => value deleted successfully.
    "HKCR\Wow6432Node\CLSID\{3775afd7-5921-4571-968f-85a631203d1c}" => Key deleted successfully.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{4F524A2D-5637-4300-76A7-7A786E7484D7} => value deleted successfully.
    "HKCR\Wow6432Node\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7}" => Key not found.
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
    "HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4F524A2D-5637-4300-76A7-7A786E7484D7} => value deleted successfully.
    "HKCR\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7}" => Key not found.
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\Software\Mozilla\Firefox\Extensions\\{41BA2735-CDB2-7E82-8CA5-1E9998562EAA} => value deleted successfully.
    C:\Program Files (x86)\ver8BlockAndSurf\177.xpi => Moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\search-snacks@search-snacks.com not found.
    BeFrugal.com Service => Service deleted successfully.
    {2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64 => Service stopped successfully.
    {2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64 => Service deleted successfully.
    C:\ProgramData\SmartOnes => Moved successfully.
    C:\Users\Administrator\AppData\Local\Chromatic Browser => Moved successfully.
    C:\Program Files (x86)\SmartOnes => Moved successfully.
    C:\Windows\Tasks\BeFrugal.com Toolbar.job => Moved successfully.
    C:\Windows\Tasks\WSE_Astromenda.job => Moved successfully.
    C:\Windows\System32\Tasks\Super Optimizer Schedule => Moved successfully.
    C:\Windows\System32\Tasks\SuperFastPC_AutorunOnStartup => Moved successfully.
    C:\Windows\System32\Tasks\Advanced-System Protector_startup => Moved successfully.
    C:\Users\lhsrry\AppData\Local\ospd_us_55 => Moved successfully.
    C:\Windows\Tasks\Groovorio Updater.job => Moved successfully.
    Shopop (HKLM-x32\...\{0B8CE7E6-5A75-4DA6-B413-F0E169935001}) (Version: 11.90.68.18557 - My Pop Shop Ltd.) <==== ATTENTION => Error: No automatic fix found for this entry.
    SmartOnes (HKLM-x32\...\{D0DBE908-5DE8-3DF3-83C9-01620C65816F}) (Version: 4.3.0.1958 - ) => Error: No automatic fix found for this entry.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0642FBB5-F61E-4F2E-B5F1-4A19D3DE6B12}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0642FBB5-F61E-4F2E-B5F1-4A19D3DE6B12}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Super Optimizer Schedule not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Super Optimizer Schedule" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{238EE9AC-2E4D-4369-B762-2E1F5EB368E5}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{238EE9AC-2E4D-4369-B762-2E1F5EB368E5}" => Key deleted successfully.
    C:\Windows\System32\Tasks\APSnotifierPP3 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{51989597-DA9D-4F08-9386-99A9C50CE2C5}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51989597-DA9D-4F08-9386-99A9C50CE2C5}" => Key deleted successfully.
    C:\Windows\System32\Tasks\IC Runner Procedure => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IC Runner Procedure" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56E39532-760E-4F79-A102-E8BF01032AAE}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56E39532-760E-4F79-A102-E8BF01032AAE}" => Key deleted successfully.
    C:\Windows\System32\Tasks\LaunchSignup => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FB4A4E1-5A3E-4E71-8A7B-52E3CA2DEF29}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FB4A4E1-5A3E-4E71-8A7B-52E3CA2DEF29}" => Key deleted successfully.
    C:\Windows\System32\Tasks\APSnotifierPP2 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{630E3E5D-610B-44DB-87F4-BE462F90A5CB}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{630E3E5D-610B-44DB-87F4-BE462F90A5CB}" => Key deleted successfully.
    C:\Windows\System32\Tasks\APSnotifierPP1 => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6D5440CF-B0C5-46E7-896C-A18AF39E6BA9}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D5440CF-B0C5-46E7-896C-A18AF39E6BA9}" => Key deleted successfully.
    C:\Windows\System32\Tasks\SuperFastPC_AutorunOnStartup not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SuperFastPC_AutorunOnStartup" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{73679772-738D-4C04-A170-C21D14CEFEDB}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73679772-738D-4C04-A170-C21D14CEFEDB}" => Key deleted successfully.
    C:\Windows\System32\Tasks\BeFrugal.com Toolbar => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BeFrugal.com Toolbar" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FBFB52C-F0C3-49CF-8296-B9790BE26835}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FBFB52C-F0C3-49CF-8296-B9790BE26835}" => Key deleted successfully.
    C:\Windows\System32\Tasks\WSE_Astromenda => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WSE_Astromenda" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA4B9171-2190-4F1C-A8D2-586F3CEEBAB6}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA4B9171-2190-4F1C-A8D2-586F3CEEBAB6}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\IC Update Procedure => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\IC Update Procedure" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B79A7CC8-8E87-4F37-842E-1B003EE65DAC}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B79A7CC8-8E87-4F37-842E-1B003EE65DAC}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Groovorio Updater => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Groovorio Updater" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EEFD104F-EDD2-4B29-A957-6EE83BF80D03}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEFD104F-EDD2-4B29-A957-6EE83BF80D03}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Advanced-System Protector_startup not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced-System Protector_startup" => Key deleted successfully.
    C:\Windows\Tasks\Groovorio Updater.job not found.
    C:\Windows\Tasks\WSE_Astromenda.job not found.

    =========  ipconfig /flushdns =========


    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========= End of CMD: =========

    C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
    Hosts was reset successfully.
    EmptyTemp: => Removed 3.3 GB temporary data.


    The system needed a reboot.

    ==== End of Fixlog ====

     

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
    Ran by lhsrry (administrator) on LHSRRY-HP on 03-12-2014 22:40:20
    Running from H:\
    Loaded Profile: lhsrry (Available profiles: lhsrry)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
    (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimServiceFactory.exe
    (HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (SlimWare Utilities, Inc.) C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    (Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
    (SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimService.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
    HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-30] (IDT, Inc.)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-28] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-07] (Hewlett-Packard Company)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Run: [SlimCleaner Plus] => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [26165056 2014-09-10] (SlimWare Utilities, Inc.)
    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-07-12] (Google Inc.)
    AppInit_DLLs: C:\PROGRA~2\SUPPOR~1\SUPPOR~2.DLL => C:\PROGRA~2\SUPPOR~1\SUPPOR~2.DLL File Not Found
    Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
    ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=befhp&type=iehp-3.2-1307
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
    SearchScopes: HKLM -> {798F9BAF-3F65-4146-9236-FF3555F7A087} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL =
    SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope value is missing.
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {798F9BAF-3F65-4146-9236-FF3555F7A087} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
    SearchScopes: HKU\S-1-5-21-1534693805-1363340325-1431764050-1002 -> {798F9BAF-3F65-4146-9236-FF3555F7A087} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-1534693805-1363340325-1431764050-1002 -> {C94FF106-A271-46AA-918C-30E0756C0DF7} URL = http://search.yahoo.com/search?ei=utf-8&fr=befds&p={searchTerms}&type=ieds-3.2-1307
    SearchScopes: HKU\S-1-5-21-1534693805-1363340325-1431764050-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
    BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
    BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: BeFrugalIEHelper -> {2335A057-CBA6-40F6-A712-C6A7C98F7813} -> C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll (Capital Intellect, Inc.)
    BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
    BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\5m89yk0b.default
    FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
    FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
    FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Extension: focusbase - C:\Users\lhsrry\AppData\Roaming\Mozilla\Firefox\Profiles\5m89yk0b.default\Extensions\{2b929fe1-284b-4766-afb9-19b0915b99b0}.xpi [2014-08-22]
    FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-10-28]
    FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn
    FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn [2012-07-15]
    FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn
    FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn [2014-12-03]
    FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-09-17]
    FF HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: No Name - C:\Program Files (x86)\ver8BlockAndSurf\177.xpi [Not Found]
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\search-snacks@search-snacks.com [Not Found]

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Users\lhsrry\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Website Logon) - C:\Users\lhsrry\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2014-11-22]
    CHR Extension: (Norton Identity Protection) - C:\Users\lhsrry\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-08-24]
    CHR HKLM\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - No Path
    CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
    CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx [2013-02-05]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.) [File not signed]
    R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
    R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
    R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-06-28] (Realsil Microelectronics Inc.) [File not signed]
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-15] (Symantec Corporation)
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 SlimService; C:\Program Files\SlimService\SlimServiceFactory.exe [244544 2014-09-10] (SlimWare Utilities, Inc.)
    S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
    S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
    S2 Update focusbase; "C:\Program Files (x86)\focusbase\updatefocusbase.exe" [X]
    S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
    R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-09-20] (Broadcom Corporation.)
    R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120905.001\BHDrvx64.sys [1385120 2012-08-31] (Symantec Corporation)
    R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-20] (Broadcom Corporation.)
    R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)
    R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-08] (Symantec Corporation)
    R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-16] (Symantec Corporation)
    R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120907.001\IDSvia64.sys [513184 2012-08-31] (Symantec Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-03] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120907.020\ENG64.SYS [125600 2012-09-07] (Symantec Corporation)
    S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120907.020\EX64.SYS [2084000 2012-09-07] (Symantec Corporation)
    S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
    S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)
    R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)
    R1 ssnfd; C:\Windows\System32\drivers\ssnfd.sys [58248 2014-07-28] (Search Snacks)
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-10-30] ()
    R3 SymDS; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
    R3 SymEFA; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
    R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-07-17] (Symantec Corporation)
    R3 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation)
    R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation)
    R2 webinstr; C:\Windows\system32\Drivers\webinstr.sys [57528 2014-07-16] (Corsica)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-03 21:02 - 2014-12-03 22:40 - 00000000 ____D () C:\FRST
    2014-12-03 20:03 - 2014-12-03 22:29 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-12-03 20:03 - 2014-12-03 20:03 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-12-03 20:03 - 2014-12-03 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-12-03 20:03 - 2014-12-03 20:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-12-03 20:03 - 2014-12-03 20:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-12-03 20:03 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-12-03 20:03 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-12-03 20:03 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-12-03 20:01 - 2014-12-03 20:01 - 00020473 _____ () C:\Users\lhsrry\Desktop\JRT1.txt
    2014-12-03 19:56 - 2014-12-03 19:56 - 00000000 ____D () C:\Windows\ERUNT
    2014-12-03 19:56 - 2014-11-29 05:17 - 01707646 _____ (Thisisu) C:\Users\lhsrry\Desktop\JRT_NEW.exe
    2014-12-03 19:46 - 2014-12-03 19:46 - 00013652 _____ () C:\Users\lhsrry\Desktop\AdwCleaner[S1].txt
    2014-12-03 19:45 - 2014-12-03 19:45 - 00015438 _____ () C:\Users\lhsrry\Desktop\AdwCleaner[R0].txt
    2014-12-03 17:25 - 2014-12-03 17:25 - 00014763 _____ () C:\Users\lhsrry\Desktop\attach.txt
    2014-12-03 17:25 - 2014-12-03 17:24 - 00031358 _____ () C:\Users\lhsrry\Desktop\dds.txt
    2014-12-03 17:17 - 2014-12-03 17:17 - 00000861 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
    2014-12-02 15:38 - 2014-12-02 15:38 - 01115104 _____ () C:\Users\lhsrry\Downloads\Setup (6).exe
    2014-12-02 14:44 - 2014-12-02 14:44 - 00000000 ____D () C:\ProgramData\Supreme AdBlocker
    2014-12-01 19:16 - 2014-12-01 19:16 - 00022528 _____ () C:\Users\lhsrry\AppData\Local\dsisetup1571242532.exe
    2014-12-01 13:31 - 2014-12-01 13:31 - 00000412 _____ () C:\Users\lhsrry\Downloads\Attachment (7)
    2014-12-01 13:31 - 2014-12-01 13:31 - 00000412 _____ () C:\Users\lhsrry\Downloads\Attachment (6)
    2014-11-24 20:51 - 2014-12-03 22:35 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForlhsrry
    2014-11-24 20:51 - 2014-12-03 22:35 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForlhsrry.job
    2014-11-22 21:27 - 2014-11-22 21:27 - 00854344 _____ (Google Inc.) C:\Users\lhsrry\Downloads\Unconfirmed 729982.crdownload
    2014-11-19 11:32 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-11-19 11:32 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2014-11-19 11:32 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-11-19 11:32 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2014-11-17 22:50 - 2014-12-02 11:33 - 00000000 ____D () C:\ProgramData\f172c0cf1166a42f
    2014-11-17 22:49 - 2014-11-19 11:39 - 00000000 ____D () C:\Users\HomeGroupUser$
    2014-11-17 22:49 - 2014-11-19 11:39 - 00000000 ____D () C:\Users\Guest
    2014-11-17 22:49 - 2014-11-19 11:39 - 00000000 ____D () C:\Users\Administrator
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\lhsrry\AppData\Local\Comodo
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
    2014-11-17 22:49 - 2014-11-17 22:49 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
    2014-11-11 21:51 - 2014-11-07 14:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-11-11 21:51 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-11-11 21:51 - 2014-11-05 23:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-11-11 21:51 - 2014-11-05 23:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-11-11 21:51 - 2014-11-05 22:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-11-11 21:51 - 2014-11-05 22:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-11-11 21:51 - 2014-11-05 22:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-11-11 21:51 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-11-11 21:51 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-11-11 21:51 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-11-11 21:51 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-11-11 21:51 - 2014-11-05 22:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-11-11 21:51 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-11-11 21:51 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-11-11 21:51 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-11-11 21:51 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-11-11 21:51 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-11-11 21:51 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-11-11 21:51 - 2014-11-05 21:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-11-11 21:51 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-11-11 21:51 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-11-11 21:51 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-11-11 21:51 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-11-11 21:51 - 2014-11-05 21:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-11-11 21:51 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-11-11 21:51 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-11-11 21:51 - 2014-11-05 12:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2014-11-11 21:51 - 2014-11-05 12:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-11-11 21:51 - 2014-11-05 12:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-11-11 21:51 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2014-11-11 21:51 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2014-11-11 21:51 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-11-11 21:51 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2014-11-11 21:51 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2014-11-11 21:51 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2014-11-11 21:51 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2014-11-11 21:51 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2014-11-11 21:51 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2014-11-11 21:50 - 2014-11-05 23:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-11-11 21:50 - 2014-11-05 22:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-11-11 21:50 - 2014-11-05 22:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-11-11 21:50 - 2014-11-05 22:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-11-11 21:50 - 2014-11-05 22:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-11-11 21:50 - 2014-11-05 22:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-11-11 21:50 - 2014-11-05 22:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-11-11 21:50 - 2014-11-05 22:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-11-11 21:50 - 2014-11-05 22:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-11-11 21:50 - 2014-11-05 22:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-11-11 21:50 - 2014-11-05 22:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-11-11 21:50 - 2014-11-05 22:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-11-11 21:50 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-11-11 21:50 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-11-11 21:50 - 2014-11-05 22:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-11-11 21:50 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-11-11 21:50 - 2014-11-05 22:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-11-11 21:50 - 2014-11-05 21:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-11-11 21:50 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-11-11 21:50 - 2014-11-05 21:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-11-11 21:50 - 2014-11-05 21:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-11-11 21:50 - 2014-11-05 21:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-11-11 21:50 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-11-11 21:50 - 2014-11-05 21:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-11-11 21:50 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-11-11 21:50 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-11-11 21:50 - 2014-11-05 21:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-11-11 21:50 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-11-11 21:50 - 2014-11-05 20:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-11-11 21:50 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-11-11 21:49 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2014-11-11 21:49 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2014-11-11 21:49 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2014-11-11 21:49 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2014-11-11 21:49 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2014-11-11 21:49 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2014-11-11 21:49 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2014-11-11 21:49 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2014-11-11 21:49 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2014-11-11 21:49 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2014-11-11 21:49 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2014-11-11 21:49 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
    2014-11-11 21:49 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
    2014-11-11 21:49 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
    2014-11-11 21:48 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2014-11-11 21:48 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2014-11-11 21:48 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2014-11-11 21:48 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2014-11-11 21:48 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2014-11-11 21:48 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2014-11-11 21:48 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2014-11-11 21:48 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2014-11-11 21:48 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2014-11-11 21:48 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2014-11-11 21:48 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2014-11-11 21:48 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2014-11-11 21:47 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2014-11-11 21:46 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2014-11-11 21:45 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2014-11-11 21:45 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2014-11-11 21:45 - 2014-10-13 21:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-11-11 21:45 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2014-11-11 21:45 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-03 22:37 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-03 22:37 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-03 22:36 - 2012-07-15 22:45 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8D535016-AD38-4B64-BF5D-6A2104F34EA9}
    2014-12-03 22:35 - 2014-10-28 18:00 - 00000000 ____D () C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r
    2014-12-03 22:35 - 2014-08-21 18:38 - 00000000 ____D () C:\Program Files (x86)\focusbase
    2014-12-03 22:33 - 2012-10-04 09:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-12-03 22:33 - 2011-12-22 21:43 - 01663204 _____ () C:\Windows\WindowsUpdate.log
    2014-12-03 22:30 - 2014-09-19 18:20 - 00003032 _____ () C:\Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - lhsrry)
    2014-12-03 22:30 - 2014-09-19 18:20 - 00000368 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - lhsrry).job
    2014-12-03 22:30 - 2014-08-22 15:53 - 00000000 ____D () C:\Program Files (x86)\ver8BlockAndSurf
    2014-12-03 22:29 - 2014-08-22 15:53 - 00000008 __RSH () C:\ProgramData\ntuser.pol
    2014-12-03 22:29 - 2013-07-12 11:33 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-03 22:28 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-12-03 22:28 - 2009-07-13 23:51 - 00084326 _____ () C:\Windows\setupact.log
    2014-12-03 22:27 - 2010-11-20 22:47 - 00164396 _____ () C:\Windows\PFRO.log
    2014-12-03 22:17 - 2009-07-13 22:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
    2014-12-03 19:55 - 2014-07-23 12:12 - 00000000 ____D () C:\AdwCleaner
    2014-12-03 17:23 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-12-03 16:57 - 2014-08-21 20:46 - 00000162 _____ () C:\Users\lhsrry\AppData\Roaming\WB.CFG
    2014-12-03 16:56 - 2014-08-22 17:00 - 00000310 _____ () C:\Windows\SysWOW64\ff.bin
    2014-12-03 16:51 - 2014-08-22 16:55 - 00000552 _____ () C:\Windows\SysWOW64\schtasks.bin
    2014-12-02 21:36 - 2012-07-25 00:34 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2014-12-02 21:36 - 2012-07-17 20:21 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2014-12-01 19:18 - 2012-07-16 22:10 - 00000000 ____D () C:\Users\lhsrry\AppData\Local\CrashDumps
    2014-12-01 19:16 - 2014-10-23 15:57 - 00000010 _____ () C:\Users\lhsrry\AppData\Local\DSI.DAT
    2014-11-25 23:33 - 2012-10-04 09:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-11-25 23:33 - 2012-10-04 09:12 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-11-25 23:33 - 2011-11-09 13:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-11-25 21:36 - 2012-07-15 23:36 - 00000000 ____D () C:\Users\lhsrry
    2014-11-19 12:09 - 2013-07-12 11:33 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-11-17 22:49 - 2013-07-12 11:33 - 00000000 ____D () C:\Users\lhsrry\AppData\Local\Google
    2014-11-12 15:53 - 2013-07-12 11:33 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-11-12 15:53 - 2013-07-12 11:33 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-11-12 15:53 - 2013-07-12 11:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-11-12 15:09 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
    2014-11-12 10:49 - 2009-07-13 23:45 - 00307376 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-11-12 10:46 - 2014-05-07 07:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-11-12 10:29 - 2012-07-16 17:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-11-07 13:17 - 2014-10-02 15:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
    2014-11-07 13:17 - 2014-10-02 15:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-11-07 13:17 - 2011-12-22 22:03 - 00000000 ____D () C:\ProgramData\Norton
    2014-11-07 13:17 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
    2014-11-07 13:17 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
    2014-11-04 14:30 - 2010-11-20 22:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-11-26 13:03

    ==================== End Of Log ============================

     

     

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014
    Ran by lhsrry at 2014-12-03 22:40:55
    Running from H:\
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
    4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
    4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
    50Coupons (HKLM-x32\...\{CF987D06-1DCF-7B36-5B43-13BC8699C44C}) (Version:  - "") <==== ATTENTION
    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
    Advanced-System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~4A5BE654_is1) (Version: 2.1.1000.13727 - Systweak Software) <==== ATTENTION
    AMD Catalyst Install Manager (HKLM\...\{ACD449FA-9DF3-779D-DA68-11D486963225}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
    AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)
    AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.1 - CMI Limited) <==== ATTENTION
    Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0F05}) (Version: 12.15.5.7 - APN, LLC) <==== ATTENTION
    AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
    AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.786 - AVG Technologies)
    BeFrugal.com Toolbar (HKLM-x32\...\BeFrugal.com Toolbar_is1) (Version: 2013.3.2.1 - BeFrugal.com)
    Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
    Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
    BlockAndSurf (HKLM-x32\...\8C6B2099-070F-7ACB-53BC-8B004C13A309) (Version:  - BlockAndSurf-software) <==== ATTENTION
    Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.140 - Broadcom Corporation)
    Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.2300 - Broadcom Corporation)
    Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.5.2300 - Broadcom Corporation)
    BrowserSafeguard with Rockettab (HKLM-x32\...\BrowserSafeguard) (Version:  - BrowserSafeguard with Rockettab) <==== ATTENTION
    BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DesktopWeatherAlerts (HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\DesktopWeatherAlerts) (Version: 1.0.29.0 - Local Weather LLC) <==== ATTENTION
    Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
    DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    DriverUpdate (HKLM-x32\...\{CF516344-84E1-4420-BDAD-52E13F32D07E}) (Version: 2.2.41149 - SlimWare Utilities, Inc.)
    ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
    Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
    Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
    FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
    Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
    focusbase (HKLM\...\focusbase) (Version: 2014.08.21.192936 - focusbase)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Groovorio (HKLM-x32\...\Groovorio) (Version:  - Groovorio) <==== ATTENTION
    Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
    HP 3D DriveGuard (HKLM\...\{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}) (Version: 4.1.16.1 - Hewlett-Packard Company)
    HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)
    HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
    HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
    HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
    HP Documentation (HKLM-x32\...\{9BCA64E3-D180-4F13-8014-5E62947150C1}) (Version: 1.1.0.0 - Hewlett-Packard)
    HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
    HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
    HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
    HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
    HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
    HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
    HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
    HP Security Assistant (HKLM\...\{0576788F-2993-455F-80CD-980114095103}) (Version: 1.0.11 - Hewlett-Packard)
    HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
    HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
    HP SimplePass 2012 (HKLM-x32\...\{423FBEB8-21C6-4720-A8DA-B19B06FDB607}) (Version: 5.3.1.7 - Hewlett-Packard)
    HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
    HP Software Framework (HKLM-x32\...\{1DFA0C99-6E2E-46F4-B242-51C7CF41DDE5}) (Version: 4.5.12.1 - Hewlett-Packard Company)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
    HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
    HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
    HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    I.d.l.e  C.r.a.w.l.e.r (HKLM-x32\...\I.d.l.e  C.r.a.w.l.e.r) (Version: 100.0.0.447 - MILE 27 LTD)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
    InboxAce Internet Explorer Toolbar (HKLM-x32\...\InboxAce_1gbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
    Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
    Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
    Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
    John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Juniper_Setup_Client) (Version: 7.1.9.20595 - Juniper Networks, Inc.)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
    Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
    Mozilla Firefox 32.0.3 (x86 en-US) (HKU\S-1-5-21-1534693805-1363340325-1431764050-1002\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
    Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
    Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation)
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    OneSoftPerDay 025.55 (HKLM-x32\...\ospd_us_55_is1) (Version:  - ONESOFTPERDAY)
    opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
    Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
    PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
    Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
    RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
    RegularDeals (HKLM-x32\...\{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4}) (Version:  - "")
    RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
    Shopop (HKLM-x32\...\{0B8CE7E6-5A75-4DA6-B413-F0E169935001}) (Version: 11.90.68.18557 - My Pop Shop Ltd.) <==== ATTENTION
    Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    SlimCleaner Plus (HKLM\...\{1A82D6CA-3F95-45E0-8700-D18640CEC16E}) (Version: 1.0.23608 - SlimWare Utilities, Inc.)
    SmartOnes (HKLM-x32\...\{D0DBE908-5DE8-3DF3-83C9-01620C65816F}) (Version: 4.3.0.1958 - )
    SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Super Optimizer v3.2 (HKLM-x32\...\Super Optimizer_is1) (Version: 3.2.0.1 - Super PC Tools ltd)
    Supporter 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b}) (Version:  - SmartOnes) <==== ATTENTION
    Supreme AdBlocker (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - Supreme AdBlocker) <==== ATTENTION
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
    System Optimizer Pro (HKLM\...\System Optimizer Pro) (Version: 1.0 - 383 Media, Inc.) <==== ATTENTION
    The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
    Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
    TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
    Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
    Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
    VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
    WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
    WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    WSE_Astromenda (HKLM-x32\...\WSE_Astromenda) (Version:  - WSE_Astromenda) <==== ATTENTION
    Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
    Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


    ==================== Restore Points  =========================

    01-11-2014 01:12:43 Windows Update
    04-11-2014 17:43:43 Windows Update
    07-11-2014 15:36:17 Windows Update
    12-11-2014 02:45:21 Windows Update
    12-11-2014 15:22:53 Windows Update
    19-11-2014 16:31:52 Windows Update
    19-11-2014 16:36:30 Windows Update
    23-11-2014 02:21:01 Windows Update
    26-11-2014 15:50:15 Windows Update
    02-12-2014 16:33:08 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:34 - 2014-12-03 22:18 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {09376D32-FBA1-4573-90F9-835F9C356F29} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
    Task: {0B4DAC11-E65C-49D6-8165-0CB2A32497AE} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-01] (Symantec Corporation)
    Task: {16C8297B-5F10-4463-85D2-22AE563056CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {29BC9DED-75E8-4666-9746-FDB5D21C5764} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {322D1574-E5C0-4ACA-A43A-61B6362898B8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {38E60163-58D0-4EF6-BDB2-36174D6BE0A7} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-03] (Symantec Corporation)
    Task: {3C0A3C07-1863-464F-ABB8-0E5F2EFAA33A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: {49C0EFE4-AA8D-4D91-90A1-BCA46DF8F329} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-03] (Symantec Corporation)
    Task: {57A4F0AE-6978-4961-9A05-202F67B50A45} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN46AFV2KM => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
    Task: {723BFC0E-50A3-46DE-91F4-133282B29C5E} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - lhsrry) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [2014-09-10] (SlimWare Utilities, Inc.)
    Task: {7D386A5C-F28F-40D2-831F-3735EF5A3AB7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated)
    Task: {878A6F72-E751-4777-8635-FD1E7B86725D} - System32\Tasks\DriverUpdate Scan => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2014-09-11] (SlimWare Utilities, Inc.)
    Task: {9F7306DA-1CAA-4DD5-84D5-89DE68284106} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: {F05CEC3D-B800-4B42-AE1E-E2B8188DBDE6} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-28] (CyberLink)
    Task: {F8E23A84-ABE3-4891-9ABA-C16CF7F4BF4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: {F8E30BC4-906D-45D6-B166-CA3AEB40C091} - System32\Tasks\HPCeeScheduleForlhsrry => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForlhsrry.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - lhsrry).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

    ==================== Loaded Modules (whitelisted) =============

    2011-09-28 09:19 - 2011-09-28 09:19 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
    2011-09-30 13:40 - 2011-09-30 13:40 - 00107320 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
    2014-09-10 10:45 - 2014-09-10 10:45 - 00756032 _____ () C:\Program Files\SlimService\MyDefragDll.dll
    2011-09-28 09:19 - 2011-09-28 09:19 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
    2011-09-28 09:06 - 2011-09-28 09:06 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
    2011-06-17 16:42 - 2011-06-17 16:42 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)


    ========================= Accounts: ==========================

    Administrator (S-1-5-21-1534693805-1363340325-1431764050-500 - Administrator - Disabled)
    Guest (S-1-5-21-1534693805-1363340325-1431764050-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1534693805-1363340325-1431764050-1003 - Limited - Enabled)
    lhsrry (S-1-5-21-1534693805-1363340325-1431764050-1002 - Administrator - Enabled) => C:\Users\lhsrry

    ==================== Faulty Device Manager Devices =============

    Name: Officejet 4500 G510g-m
    Description: Officejet 4500 G510g-m
    Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Manufacturer: HP
    Service: StillCam
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Officejet 4500 G510g-m
    Description: Officejet 4500 G510g-m
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Officejet Pro 8100
    Description: Officejet Pro 8100
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/03/2014 10:29:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    System errors:
    =============
    Error: (12/03/2014 10:34:15 PM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

    Error: (12/03/2014 10:34:15 PM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

    Error: (12/03/2014 10:34:15 PM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

    Error: (12/03/2014 10:31:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Google Update Service (gupdate) service failed to start due to the following error:
    %%2

    Error: (12/03/2014 10:29:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The vToolbarUpdater18.1.9 service failed to start due to the following error:
    %%2

    Error: (12/03/2014 10:29:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Update focusbase service failed to start due to the following error:
    %%1053

    Error: (12/03/2014 10:29:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Update focusbase service to connect.

    Error: (12/03/2014 10:25:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (12/03/2014 10:25:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (12/03/2014 10:25:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068


    Microsoft Office Sessions:
    =========================

    ==================== Memory info ===========================

    Processor: AMD A6-3420M APU with Radeon™ HD Graphics
    Percentage of memory in use: 35%
    Total physical RAM: 5609.91 MB
    Available physical RAM: 3619.49 MB
    Total Pagefile: 11217.99 MB
    Available Pagefile: 8935.48 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.83 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:571.33 GB) (Free:505.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (Recovery) (Fixed) (Total:20.67 GB) (Free:2.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32
    Drive h: () (Removable) (Total:3.74 GB) (Free:1.17 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: E871E610)
    Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=571.3 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=20.7 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

    ========================================================
    Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)

    Partition: GPT Partition Type.

    ==================== End Of Log ============================



    #12 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:02:59 PM

    Posted 04 December 2014 - 07:46 AM

    One more quick fix, remember to download it to the same directory as FRST64, then open FRST64 and click on Fix.  Post the Fixlog and let me know how your system is running now

    Attached Files


    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #13 kingterp

    kingterp
    • Topic Starter

    • Members
    • 31 posts
    • OFFLINE
    •  
    • Local time:01:59 PM

    Posted 04 December 2014 - 10:36 AM

    The computer is running faster but when I go to websites I get a Warning that says I need to call some number and it wont let me do any more on that web page

     

     

     

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2014
    Ran by lhsrry at 2014-12-04 10:01:06 Run:2
    Running from H:\
    Loaded Profiles: lhsrry &  (Available profiles: lhsrry)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    Start
    CloseProcesses:
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\search-snacks@search-snacks.com [Not Found]
    S2 Update focusbase; "C:\Program Files (x86)\focusbase\updatefocusbase.exe" [X]
    C:\Program Files (x86)\focusbase
    C:\Program Files (x86)\ver8BlockAndSurf
    R1 ssnfd; C:\Windows\System32\drivers\ssnfd.sys [58248 2014-07-28] (Search Snacks)
    C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
    C:\Users\Guest\AppData\Local\Chromatic Browser
    C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r
    50Coupons (HKLM-x32\...\{CF987D06-1DCF-7B36-5B43-13BC8699C44C}) (Version:  - "") <==== ATTENTION
    EmptyTemp:
    End


    *****************

    Processes closed successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\search-snacks@search-snacks.com not found.
    Update focusbase => Service deleted successfully.
    C:\Program Files (x86)\focusbase => Moved successfully.
    C:\Program Files (x86)\ver8BlockAndSurf => Moved successfully.
    ssnfd => Unable to stop service
    ssnfd => Service deleted successfully.
    C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser => Moved successfully.
    C:\Users\Guest\AppData\Local\Chromatic Browser => Moved successfully.
    C:\Users\lhsrry\AppData\Local\I.d.l.e  C.r.a.w.l.e.r => Moved successfully.
    50Coupons (HKLM-x32\...\{CF987D06-1DCF-7B36-5B43-13BC8699C44C}) (Version:  - "") <==== ATTENTION => Error: No automatic fix found for this entry.
    EmptyTemp: => Removed 244 KB temporary data.


    The system needed a reboot.

    ==== End of Fixlog ====



    #14 ken545

    ken545

      Malware Response Team


    • Malware Response Team
    • 1,685 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:The Space Coast of Florida
    • Local time:02:59 PM

    Posted 04 December 2014 - 12:29 PM

    Lets try setting all your browsers back to defaults

     

    •  
    • Open IE
    • Go to Tools> Internet Options > Advanced Tab
    • Reset Internet Explorer Setting
    • Reset
    • This will take a few seconds
    • Close IE and then reopen it and see if it helped
     
     
     
     
     
    •  
    • Open Firefox
    • Click on Help > Troubleshooting Information > Reset Firefox to its default state
     
     
     
     
     
     
     
    •  
    • Click the Chrome menu Clipboard01_zps2e55f676.jpgon the browser toolbar.
    • Select Settings.
    • Scroll down to Show advanced settings...
    • Down on the bottom you will see an option for RESET BROWSER SETTINGS
    • Click on it and it will set Chome back to defaults
     

    mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



    donate.gif Please consider a donation to help me keep up my fight against malware.

     

    Just a reminder that threads will be closed if no response in 3 days


    #15 kingterp

    kingterp
    • Topic Starter

    • Members
    • 31 posts
    • OFFLINE
    •  
    • Local time:01:59 PM

    Posted 04 December 2014 - 12:56 PM

    I did what you said its working good now






    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users