Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Too much Adware on Browser [Solved]

Started by altwiz , Aug 19 2014 07:44 AM
adware chrome browser removal

  • This topic is locked This topic is locked

#1
altwiz
Posted 19 August 2014 - 07:44 AM

altwiz

    Member

  • Member
  • PipPip
  • 14 posts

Hi, for a while I haven't updated my antivirus software (I know, my mistake), and a lot of adware has built up on my chrome browser, I tried to uninstall them but they keep reinstalling within the hour. Any help is appreciated. Here is a log of the farbar recovery scan tool I ran, if it helps at all.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Mehtab (administrator) on MEHTAB-HP on 19-08-2014 09:38:26
Running from C:\Users\Mehtab\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Google Inc.) C:\Users\Mehtab\AppData\Local\Google\Update\GoogleUpdate.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
() C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccsvchst.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccsvchst.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Paessler AG) C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_clipbook.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Standard Mouse Driver] => C:\Program Files (x86)\Standard Mouse Driver\Monitor.exe [147456 2013-01-04] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [Google Update] => C:\Users\Mehtab\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-01] (Google Inc.)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [BIBLauncher] => C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe [915248 2012-05-16] ()
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [Facebook Update] => C:\Users\Mehtab\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-26] (Facebook Inc.)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-11-23] (AMD)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [361072 2013-12-17] (CyberGhost S.R.L.)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21415040 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe [538288 2014-07-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\MountPoints2: F - F:\RunGame.exe
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\MountPoints2: L - L:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\MountPoints2: {6ed170dc-7ddd-11e2-8038-78acc095d5df} - L:\SETUP.EXE
AppInit_DLLs: C:\PROGRA~2\ASSIST~2.DLL => C:\Program Files (x86)\Assistant_x64.dll [4210176 2014-05-20] ()
AppInit_DLLs-x32: c:\progra~2\assist~1.dll => c:\Program Files (x86)\Assistant.dll [4296192 2014-05-20] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk
ShortcutTarget: PrivateTunnel.lnk -> C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe ()
Startup: C:\Users\Mehtab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\Mehtab\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\Mehtab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\6.4.1.14\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\6.4.1.14\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\6.4.1.14\buShell.dll (Symantec Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: http=127.0.0.1:13986
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2419} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPDTDF
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2419} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://ca.search.yah...psg&type=HPDTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
BHO: BitSaver -> {05925749-8476-F44D-4572-0A532582A688} -> C:\ProgramData\BitSaver\b6.x64.dll ()
BHO: JouniCouPoon -> {0FC2F741-B3A5-0AB4-D311-05482777AF31} -> C:\ProgramData\JouniCouPoon\bv.x64.dll ()
BHO: RanndomPrice -> {4C36EDF2-7844-40C3-8698-606E6275E9C8} -> C:\ProgramData\RanndomPrice\mN.x64.dll ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: SAVeMAss -> {AB07AE92-B266-A52D-DAD1-D15507FF8FEB} -> C:\ProgramData\SAVeMAss\ZW3lP7m.x64.dll ()
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: DeailEoXXpReSs -> {BE6DE552-172D-892D-3738-64F1FDBE4B27} -> C:\ProgramData\DeailEoXXpReSs\C.x64.dll ()
BHO: DiogiSaveR -> {D1C67105-24B7-8279-538E-7248349A3574} -> C:\ProgramData\DiogiSaveR\UIINKfgfO.x64.dll ()
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: BitSaver -> {05925749-8476-F44D-4572-0A532582A688} -> C:\ProgramData\BitSaver\b6.dll ()
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: JouniCouPoon -> {0FC2F741-B3A5-0AB4-D311-05482777AF31} -> C:\ProgramData\JouniCouPoon\bv.dll ()
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {2EECD738-5844-4a99-B4B6-146BF802613B} ->  No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: RanndomPrice -> {4C36EDF2-7844-40C3-8698-606E6275E9C8} -> C:\ProgramData\RanndomPrice\mN.dll ()
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: SAVeMAss -> {AB07AE92-B266-A52D-DAD1-D15507FF8FEB} -> C:\ProgramData\SAVeMAss\ZW3lP7m.dll ()
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: DeailEoXXpReSs -> {BE6DE552-172D-892D-3738-64F1FDBE4B27} -> C:\ProgramData\DeailEoXXpReSs\C.dll ()
BHO-x32: DiogiSaveR -> {D1C67105-24B7-8279-538E-7248349A3574} -> C:\ProgramData\DiogiSaveR\UIINKfgfO.dll ()
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {F2C43291-151E-499C-98A7-923C120B88FA} -  No File
DPF: HKLM {AEA3991E-3109-4C98-989E-33994FEB1A91} http://content.syste...64_4.4.21.0.cab
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{2A0820D6-59B2-4F38-92EC-ED0FF11CC60A}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{30BF91DC-964F-4C55-BD08-788118581410}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{4A6AB73F-5367-43FC-8710-68A140069E99}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{5EFBDFFD-F8FD-41D5-A2C5-E247258C9BCC}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{67A42F23-A3CD-488D-8B22-128935A7B8C2}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{84B93D0E-690C-46DC-BE91-8A0E131D153B}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{A74B671D-2860-42B9-A88D-B6089CE9C8A8}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{ABB8DF49-AC4C-4098-9B1F-1363C2ED3CEB}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{BE71214A-7E9C-428F-AE3C-6A57A5553B75}: [NameServer]208.69.150.252,208.69.150.250
 
FireFox:
========
FF ProfilePath: C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default
FF DefaultSearchEngine: Search the web (Babylon)
FF SearchEngineOrder.1: Search the web (Babylon)
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://search.easylifeapp.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.37\Bin\npSSOAxCtrlForPTLogin.dll ()
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Mehtab\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/Acrobat,version=5.1 -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @doubletwist.com/NPPodcast -> C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll No File
FF Plugin HKCU: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File
FF Plugin HKCU: @powerchallenge.com/PowerLoader -> C:\Users\Mehtab\AppData\LocalLow\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Mehtab\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Mehtab\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Mehtab\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin -> C:\Users\Mehtab\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Mehtab\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Mehtab\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mehtab\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: electronicarts.com/GameFacePlugin -> C:\Users\Mehtab\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mehtab\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Mehtab\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Mehtab\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: No Name - C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\staged [2014-01-12]
FF Extension: Shopping Helper Smartbar - C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\{1e36242d-8532-6718-b654-f7c2a9d1999d} [2014-04-26]
FF Extension: Searchqu Toolbar - C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2012-02-02]
FF Extension: ReloadEvery - C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2011-07-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-05-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-27]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-06-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\CodecCheck\firefox
FF Extension: Premiumplay Codec-C - C:\ProgramData\CodecCheck\firefox [2011-09-08]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\IPSFFPlgn [2014-04-28]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\coFFPlgn [2014-08-07]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{00894511-B737-5398-6E7A-13EBFFF11FE9}] - C:\Program Files (x86)\Re-markit\161.xpi
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://searchy.easylifeapp.com/", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZcPmSeeX2prPxWbmUqaThTGEzCpizpraA3UBAzOJQ2RZiY45mKonr-UXSgb1DF8bCpzkSa15o9JdsPmRwF7kK_Hl67wO1n8fKmTk1YJuljQOGnHcAFlgvfbveweSqauM4saeqxqZuTaFg,,", "hxxp://search.easylifeapp.com/"
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Bejeweled) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2014-01-12]
CHR Extension: (Angry Birds) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-12]
CHR Extension: (Google Drive) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-12]
CHR Extension: (Adblock Plus) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-12]
CHR Extension: (Striker Manager) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmachfiimeggafocgeldapnchdnoiib [2014-01-12]
CHR Extension: (Monster Dash) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog [2014-01-12]
CHR Extension: (multiNotifier for multiple Gmail accounts) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcdpjakjgmgklajndnlekpojkelnibfp [2014-07-18]
CHR Extension: (Play Line Rider) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhlcfgkjnpcklhdepkakebikblhcbkmg [2014-01-12]
CHR Extension: (Football Champions) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehpibjfkijipalplliffcgkhhmecjgi [2014-01-12]
CHR Extension: (SnapPea Photos) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\epindigjbiphgfhnmlpcocaiafjgbabe [2014-01-12]
CHR Extension: (Wunderlist - To-do and Task list) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc [2014-01-12]
CHR Extension: (AdBlock) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-12]
CHR Extension: (Snakes) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\jacpoliedopniegkhphlcjhkomkohdmm [2014-01-12]
CHR Extension: (Codec-V) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho [2014-04-26]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-01-12]
CHR Extension: (TuabeItAdBlocikkFr) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\kolmfjajnoihmfnibfahjlbgniaknjad [2014-04-26]
CHR Extension: (Infusionsoft Sync for Gmail) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbeelghpamdhlofdajkleehokdodedeb [2014-08-17]
CHR Extension: (Steambirds: Survival) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn [2014-01-12]
CHR Extension: (Webcam Toy) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-01-12]
CHR Extension: (Skype Click to Call) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-26]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-01-12]
CHR Extension: (Norton Identity Protection) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-04-29]
CHR Extension: (Plants vs Zombies) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2014-01-12]
CHR Extension: (Google Wallet) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (365Scores - Live Scores,Sports News & Alerts) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpppefjehmjbiplimkfjeamnohldmko [2014-01-12]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-04-26]
CHR Extension: (Microformats for Google Chrome) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalbifknmclbnmjlljdemhjjlkmppjjl [2014-07-03]
CHR Extension: (SavEMauss) - C:\ProgramData\mfmlbokloflnfihflclokeiodijfpljb\ [2014-07-03]
CHR HKLM-x32\...\Chrome\Extension: [jpnbdefcbnoefmmcpelplabbkfmfhlho] - C:\ProgramData\CodecCheck\chrome\codec_check.crx [2011-09-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\Exts\Chrome.crx [2014-04-30]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 1a34a8e0; c:\Program Files (x86)\AssistantSvc.dll [174928 2014-05-20] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63600 2013-12-17] (CyberGhost S.R.L)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mi-raysat_3dsmax2013_64; C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [86016 2011-09-14] () [File not signed]
R2 N360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-15] (Symantec Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 OpenVPNAccessClient; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe [24064 2012-10-12] () [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 PRTGCoreService; C:\Program Files (x86)\PRTG Network Monitor\PRTG Server.exe [7560416 2014-02-04] (Paessler AG)
R2 PRTGProbeService; C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe [9372896 2014-02-04] (Paessler AG)
S2 699fd52f; "C:\Windows\system32\rundll32.exe" "c:\progra~3\assist~1\AssistantSvc.dll",service
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-12-07] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-12-07] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-12-07] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2010-12-07] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2011-09-06] (LG Electronics Inc.)
S3 AndNetGps; C:\Windows\System32\DRIVERS\lgandnetgps64.sys [28160 2011-09-06] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [35840 2011-09-06] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2011-09-16] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20111201.001\BHDrvx64.sys [1157240 2011-11-29] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-24] (DT Soft Ltd)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20111130.012\IDSVia64.sys [488568 2011-11-23] (Symantec Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-11] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.004\ENG64.SYS [117880 2012-02-17] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.004\EX64.SYS [2048632 2012-02-17] (Symantec Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2014-04-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation)
R3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [159160 2013-06-17] (TENCENT) [File not signed]
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [35344 2014-07-30] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 iPodDrv; \??\C:\Windows\system32\drivers\iPodDrv.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-19 09:38 - 2014-08-19 09:40 - 00045743 _____ () C:\Users\Mehtab\Desktop\FRST.txt
2014-08-19 09:38 - 2014-08-19 09:38 - 00000000 ____D () C:\FRST
2014-08-19 09:37 - 2014-08-19 09:37 - 02101760 _____ (Farbar) C:\Users\Mehtab\Desktop\FRST64.exe
2014-08-17 20:35 - 2014-08-17 20:35 - 00000000 ____D () C:\ProgramData\DeailEoXXpReSs
2014-08-17 19:35 - 2014-08-19 08:03 - 00027836 _____ () C:\Users\Mehtab\Documents\parking tickets.xlsx
2014-08-14 14:05 - 2014-08-14 14:06 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\PAYDAY 2
2014-08-14 14:00 - 2014-08-14 14:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-14 14:00 - 2014-08-14 14:00 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-07 15:25 - 2014-08-07 15:25 - 00000000 ____D () C:\ProgramData\Extreme Blocker
2014-08-07 07:04 - 2014-08-07 07:04 - 00001198 _____ () C:\Windows\PFRO.log
2014-08-06 11:10 - 2014-08-06 15:07 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\RIFT
2014-08-06 11:10 - 2014-08-06 11:10 - 00000000 ____D () C:\Users\Mehtab\Documents\RIFT
2014-08-03 16:31 - 2014-08-03 16:31 - 00000000 ____D () C:\ProgramData\mfmlbokloflnfihflclokeiodijfpljb
2014-08-03 16:30 - 2014-08-03 16:31 - 00000000 ____D () C:\ProgramData\SAVeMAss
2014-08-02 20:45 - 2014-08-02 20:45 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\Oracle
2014-08-02 20:44 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-02 20:44 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-02 20:44 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-02 20:44 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-02 20:43 - 2014-08-02 20:44 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-02 20:40 - 2014-08-02 20:40 - 00918952 _____ (Oracle Corporation) C:\Users\Mehtab\Desktop\chromeinstall-7u65.exe
2014-07-30 08:11 - 2014-07-30 08:11 - 00035344 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-07-22 22:15 - 2014-07-22 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-22 22:15 - 2014-07-22 22:15 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-19 09:40 - 2014-08-19 09:38 - 00045743 _____ () C:\Users\Mehtab\Desktop\FRST.txt
2014-08-19 09:40 - 2013-02-09 14:16 - 11223686 _____ () C:\Users\Mehtab\ovpntray.log
2014-08-19 09:39 - 2011-05-25 14:56 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\Skype
2014-08-19 09:38 - 2014-08-19 09:38 - 00000000 ____D () C:\FRST
2014-08-19 09:37 - 2014-08-19 09:37 - 02101760 _____ (Farbar) C:\Users\Mehtab\Desktop\FRST64.exe
2014-08-19 09:36 - 2012-10-21 11:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-19 09:31 - 2011-07-31 13:17 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-19 09:16 - 2014-07-03 17:44 - 00014496 _____ () C:\Windows\setupact.log
2014-08-19 08:57 - 2011-08-09 09:45 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001UA.job
2014-08-19 08:49 - 2012-12-26 12:44 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001UA.job
2014-08-19 08:03 - 2014-08-17 19:35 - 00027836 _____ () C:\Users\Mehtab\Documents\parking tickets.xlsx
2014-08-18 19:31 - 2011-07-31 13:17 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-18 18:57 - 2011-08-09 09:45 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001Core.job
2014-08-18 14:45 - 2011-03-15 17:29 - 01152639 _____ () C:\Windows\WindowsUpdate.log
2014-08-18 12:50 - 2013-07-08 15:42 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\PMB Files
2014-08-18 12:50 - 2013-07-08 15:42 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-18 12:50 - 2011-11-21 16:30 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-18 11:49 - 2012-12-26 12:44 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001Core.job
2014-08-18 08:11 - 2012-07-29 20:44 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\.minecraft
2014-08-17 20:36 - 2014-01-12 12:55 - 00000000 ____D () C:\ProgramData\fd6b50f17e064d9d
2014-08-17 20:35 - 2014-08-17 20:35 - 00000000 ____D () C:\ProgramData\DeailEoXXpReSs
2014-08-16 11:38 - 2013-10-19 17:32 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-08-16 09:36 - 2013-08-16 15:53 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMehtab
2014-08-16 09:36 - 2013-08-16 15:53 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForMehtab.job
2014-08-14 14:06 - 2014-08-14 14:05 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\PAYDAY 2
2014-08-14 14:00 - 2014-08-14 14:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-14 14:00 - 2014-08-14 14:00 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-14 13:42 - 2011-06-15 15:00 - 00003220 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMEHTAB-HP$
2014-08-14 13:42 - 2011-06-15 15:00 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForMEHTAB-HP$.job
2014-08-13 21:26 - 2009-07-14 00:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-13 21:26 - 2009-07-14 00:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-13 18:39 - 2011-05-21 11:27 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\CrashDumps
2014-08-10 07:05 - 2014-05-20 10:14 - 00000446 ____H () C:\Windows\Tasks\Upd Inst-S-938006130.job
2014-08-08 08:16 - 2014-02-08 10:06 - 00000000 ____D () C:\Program Files (x86)\PRTG Network Monitor
2014-08-07 15:25 - 2014-08-07 15:25 - 00000000 ____D () C:\ProgramData\Extreme Blocker
2014-08-07 07:09 - 2011-05-27 15:01 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\LogMeIn Hamachi
2014-08-07 07:06 - 2011-05-15 16:03 - 00000000 ____D () C:\Users\Mehtab
2014-08-07 07:04 - 2014-08-07 07:04 - 00001198 _____ () C:\Windows\PFRO.log
2014-08-07 07:04 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-06 20:11 - 2011-03-15 17:36 - 00000000 ____D () C:\ProgramData\Temp
2014-08-06 15:07 - 2014-08-06 11:10 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\RIFT
2014-08-06 11:10 - 2014-08-06 11:10 - 00000000 ____D () C:\Users\Mehtab\Documents\RIFT
2014-08-03 16:31 - 2014-08-03 16:31 - 00000000 ____D () C:\ProgramData\mfmlbokloflnfihflclokeiodijfpljb
2014-08-03 16:31 - 2014-08-03 16:30 - 00000000 ____D () C:\ProgramData\SAVeMAss
2014-08-02 20:45 - 2014-08-02 20:45 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\Oracle
2014-08-02 20:44 - 2014-08-02 20:43 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-02 20:44 - 2014-04-09 11:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-02 20:44 - 2011-05-15 19:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-02 20:40 - 2014-08-02 20:40 - 00918952 _____ (Oracle Corporation) C:\Users\Mehtab\Desktop\chromeinstall-7u65.exe
2014-08-02 09:21 - 2012-03-07 21:26 - 00465408 ___SH () C:\Users\Mehtab\Documents\Thumbs.db
2014-07-30 08:11 - 2014-07-30 08:11 - 00035344 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-07-22 22:15 - 2014-07-22 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-22 22:15 - 2014-07-22 22:15 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-22 22:15 - 2013-05-22 16:29 - 00000963 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
 
Files to move or delete:
====================
C:\Users\Mehtab\cache.dat
C:\Users\Mehtab\crossfire_setup_v1066.exe
C:\Users\Mehtab\jagex_cl_runescape_LIVE.dat
C:\Users\Mehtab\jagex_cl_runescape_LIVE1.dat
C:\Users\Mehtab\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\Mehtab\jagex_cl_runescape_LIVE_BETA1.dat
C:\Users\Mehtab\jagex_runescape_preferences.dat
C:\Users\Mehtab\jagex_runescape_preferences2.dat
C:\Users\Mehtab\random.dat
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-17 00:43
 
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by Mehtab at 2014-08-19 09:41:35
Running from C:\Users\Mehtab\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton 360 (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
4K YouTube to MP3 2.2 (HKLM-x32\...\4K YouTube to MP3_is1) (Version: 2.2.4.550 - Open Media LLC)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.1 - Adobe Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aimersoft DVD Creator(Build 2.6.0) (HKLM-x32\...\Aimersoft DVD Creator_is1) (Version:  - Wondershare)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Any Video Converter 3.5.6 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assistant (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{699fd52f}) (Version:  - Verified Publisher) <==== ATTENTION
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 8.0 - Atheros)
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Autodesk 3ds Max 2013 64-bit (HKLM\...\Autodesk 3ds Max 2013 64-bit) (Version: 15.0.0.347 - Autodesk)
Autodesk 3ds Max 2013 64-bit (Version: 15.0.0.347 - Autodesk) Hidden
Autodesk Backburner 2013.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2013.0.0 - Autodesk, Inc.)
Autodesk DirectConnect 2013 64-bit (HKLM\...\Autodesk DirectConnect 2013 64-bit) (Version: 7.0.28.0 - Autodesk)
Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0 - Autodesk) Hidden
Autodesk Essential Skills Movies for 3ds Max 2013 64-bit (HKLM\...\{7EDE5B68-1FB0-405D-88F0-A34236002DA8}) (Version: 1.0.0.1 - Autodesk)
Autodesk FBX Plug-in 2013.1 - 3ds Max 2013 64-bit (HKLM\...\Autodesk FBX Plug-in 2013.1 - 3ds Max 2013 64-bit) (Version:  - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2013 64-bit (HKLM\...\{696BB53C-28E6-1664-974E-D42FFF5B8E04}) (Version: 15.0 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2013 (HKLM-x32\...\{58760EEC-8B6A-43F4-81AA-696E381DFADD}) (Version: 3.0.13 - Autodesk)
Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 64-bit (HKLM\...\{06E18300-BB64-1664-8E6A-2593FC67BB74}) (Version: 1.0.0.1 - Autodesk)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Backyard Basketball 2004 (HKLM-x32\...\InstallShield_{B2AB8AF6-AE06-438F-A3D5-C9FBFBDB0AC0}) (Version: 1.00.0000 - Atari)
Backyard Basketball 2004 (x32 Version: 1.00.0000 - Atari) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BitSaver (HKLM-x32\...\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}) (Version:  - BitSaver) <==== ATTENTION
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brother Driver Deployment Wizard (HKLM-x32\...\{0ED38503-B69A-44B4-98BE-21BFF284A9B6}) (Version: 1.09.000 - Brother)
Brother MFL-Pro Suite DCP-7060D (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Business-in-a-Box (HKLM-x32\...\Business-in-a-Box) (Version: 5.0.4 - Biztree Inc.)
C3100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c3100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty® 4 - Modern Warfare™ (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty® 4 - Modern Warfare™ (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CamStudio OSS Desktop Recorder (HKLM-x32\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.18 - Piriform)
Cheetah Sync (HKLM-x32\...\{0600EEDA-11EA-4588-81F3-8F1D89FC83DE}) (Version: 1.5.1 - JRT Studio)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Composite 2013 64-bit (HKLM\...\{2F808931-D235-4FC7-90CD-F8A890C97B2F}) (Version: 8.0.0 - Autodesk)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Daniusoft DVD Creator(Build 1.5.0.20) (HKLM-x32\...\Daniusoft DVD Creator_is1) (Version:  - Daniusoft Software)
DeailEoXXpReSs (HKLM-x32\...\{25F259ED-12F6-429F-5783-527C3E2F8586}) (Version:  - DeaolExxpuressi)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{55E9C715-B715-4BB2-98E0-A367675660CC}) (Version:  - Microsoft)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DiogiSaveR (HKLM-x32\...\{7223EDAC-E091-B3C1-BD91-B66CE557800F}) (Version:  - DigiSaver)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.0.34 - DivX, LLC)
DjVuLibre DjView  3.5.25.4+4.9.2 (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.25.4+4.9.2 - DjVuZone)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve )
Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version:  - )
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - )
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.1.0.4 - Electronic Arts, Inc.)
EA SPORTS Gameface Browser Plugin 1.3.1.0 (HKCU\...\EA SPORTS Gameface Browser Plugin) (Version: 1.3.1.0 - Electronic Arts)
Elsword version v4.0416.7.1 (HKLM-x32\...\{E655DDFC-24DB-4FC3-8474-271E911309B4}_is1) (Version: v4.0416.7.1 - Kill3rCombo)
Extreme Blocker (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - Extreme Blocker)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
FIFA 11 (HKLM-x32\...\{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}) (Version: 1.0.0.0 - Electronic Arts)
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GameRanger (HKCU\...\GameRanger) (Version:  - GameRanger Technologies)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
Google Drive (HKLM-x32\...\{56D4499E-AC3E-4B8D-91C9-C700C148C44B}) (Version: 1.13.5782.599 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{2A83AD05-56E6-3FBD-8752-B4143162EF59}) (Version: 4.9.1.16010 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
GunZ 2: The Second Duel (HKLM-x32\...\Steam App 242720) (Version:  - MAIET Entertainment)
GunZ2 (HKLM-x32\...\GunZ2) (Version:  - )
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Halo Combat Evolved (HKLM-x32\...\Halo Combat Evolved) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4725 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.2.4725 - Hewlett-Packard) Hidden
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.2.4517 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.2.4513 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.2.4522 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.180.0 - ATI Technologies Inc.) Hidden
IIS Smooth Streaming Format SDK (HKLM-x32\...\{07B04E72-54DB-4D2B-A897-7166B0B47BB8}) (Version: 1.0.0837.44 - Microsoft Corporation)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
inSSIDer (HKLM-x32\...\{65A5E87D-7A3F-4819-807D-B86990D5F369}) (Version: 2.1.6 - MetaGeek)
Install Supporter 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}) (Version:  - Certified Publisher) <==== ATTENTION
IP Camera Tool (HKLM-x32\...\{0C141E39-BFED-40B3-ADA2-C58A6DC055E5}) (Version: 1.00.0000 - IP Camera Tool)
IPcamera (HKLM-x32\...\{6A84101B-9D87-4A77-9332-0297C1E58D39}) (Version: 1.4.0 - Foscam)
iSpy (64 bit) (HKLM\...\{03595951-D52C-4AC6-BBBC-4E1D5E16A170}) (Version: 5.9.5 - iSpy)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Java™ 6 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416025FF}) (Version: 6.0.250 - Oracle)
Java™ 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417000F0}) (Version: 7.0.0 - Oracle)
Java™ SE Development Kit 6 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160250}) (Version: 1.6.0.250 - Oracle)
Java™ SE Development Kit 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JouniCouPoon (HKLM-x32\...\{51417852-174C-88D4-34A0-D0FE7858BE47}) (Version:  - JoinuiCoupOn) <==== ATTENTION
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.98.2 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.6.0.0 - LG Electronics)
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.2.2 - www.leaguereplays.com)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Madden NFL 06 (HKLM-x32\...\{767ECF6F-2344-4103-0091-44584B70D7CA}) (Version:  - )
Magic 2014  (HKLM-x32\...\Steam App 213850) (Version:  - Stainless Games)
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MapleStory (HKLM-x32\...\MapleStory) (Version:  - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MCCI®Firmware Update Driver for MTK (HKLM-x32\...\{13E92303-C1AC-4012-9E22-54EACBF54888}) (Version: 1.00.0000 - MCCI)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Moviestorm Early Access (HKLM-x32\...\3032-5837-0324-8793) (Version: Release - Short Fuze)
Mozilla Firefox 12.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 12.0 (x86 en-US)) (Version: 12.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Norton 360 (HKLM-x32\...\N360) (Version: 6.4.1.14 - Symantec Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version:  - )
Power Challenge Game Plugin (HKCU\...\Power Loader) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975E}) (Version: 5.10.1102.0 -  NewspaperDirect Inc.)
PrivateTunnel (HKLM-x32\...\{DC38FE17-7627-40B8-8206-7C31043022A1}) (Version: 2.0.0.0 - OpenVPN Technologies)
PRTG Network Monitor (HKLM-x32\...\{5EC294B8-98F8-4C20-BE73-F11A04295CA5}_is1) (Version: 9 - Paessler AG)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12786.82 - raidcall.com)
RanndomPrice (HKLM-x32\...\{8E8C2E2D-7F21-2CF5-0ADB-64935121ECF0}) (Version:  - RandomPricee) <==== ATTENTION
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.16.6 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
RebirthRO (HKLM-x32\...\RebirthRO_is1) (Version: 20101008 - RebirthRO)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Runes of Magic (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 4.0.8.2506 - Frogster America Inc.)
RuneScape Launcher 1.2 (HKLM-x32\...\{5D87C09F-512F-474A-A306-0FE3B89C396F}) (Version: 1.2.0 - Jagex Ltd)
SAVeMAss (HKLM-x32\...\{A695893E-A5C7-2E5C-6953-52B0E61E4C1A}) (Version:  - SiAAveMaass)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scansoft PDF Professional (x32 Version:  - ) Hidden
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shopping Helper Smartbar (HKLM-x32\...\{AC6E9B2A-A7E6-4B17-8A6C-29D519673E12}) (Version: 10.215.63.15249 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKCU\...\{07023010-d002-4679-b4db-04c9bb87d463}) (Version: 10.215.63.15249 - ReSoft Ltd.) <==== ATTENTION
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sighthound Video 2.2 (HKLM-x32\...\Sighthound Video_is1) (Version:  - Sighthound, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}) (Version:  - )
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13348 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SnapPea (HKLM-x32\...\Wandoujia2) (Version:  - Wandou Labs)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SquadCreator Application (HKCU\...\394128954.www.ultimatedb.nl) (Version:  - www.ultimatedb.nl)
Standard Mouse Driver (HKLM-x32\...\{6C4453CD-123A-40FB-8227-E23AF8748C5A}) (Version:  - )
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StepMania v5.0 beta 1a (remove only) (HKLM-x32\...\StepMania 5) (Version:  - StepMania Team)
Sumotori Full Version (HKLM-x32\...\Sumotori Full Version) (Version:  - )
SwiftKit (HKCU\...\SwiftKit) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)
System Requirements Lab CYRI (64-bit) (HKLM\...\{6A558FB1-20A4-41BD-98A3-AA3533B7126C}) (Version: 4.4.21.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TaxTron 2009 (HKLM-x32\...\TaxTron 2009) (Version: 1.0.2009.14 - TaxTron)
TaxTron 2009 (x32 Version: 1.0.2009.14 - TaxTron) Hidden
TaxTron 2012 Pro (HKLM-x32\...\TaxTron 2012 Pro) (Version: 1.0.2012.5 - TaxTron)
TaxTron 2012 Pro (x32 Version: 1.0.2012.5 - TaxTron) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Tiny and Big: Grandpa's Leftovers (HKLM-x32\...\Steam App 205910) (Version:  - Black Pants Game Studio)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Turbo Dismount (HKLM-x32\...\Steam App 263760) (Version:  - Secret Exit Ltd.)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Universe Gamers Gunz (HKLM-x32\...\Universe Gamers Gunz) (Version:  - )
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Upd Inst (HKLM-x32\...\S-938006130) (Version: 2.1.0.1559 - PremiumSoft) <==== ATTENTION
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft Excel 2010 (KB2553439) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{903E6940-3F4B-4126-ACB2-5929F79561D5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{57CEB66B-DD29-4883-92A2-671331657B52}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{4EB7D2FF-CC3E-4FC1-B4DB-CE3DCCCC8559}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{DC366AAD-10AA-4FB2-9D17-5DA0A4E76477}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{CC54F5F1-51C0-4038-B3B0-42F1DCA806C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{16E045BF-8CE5-4F20-A0DA-F7F495D239D0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{16E045BF-8CE5-4F20-A0DA-F7F495D239D0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D9CF6D64-9342-4C83-A9C1-F45DE139F2A7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553385) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AD9A591-B1A3-4B57-91A8-8E0CEDE538C1}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597091) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{BC9AC000-70B4-4941-AE86-AF12D036E076}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597091) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{BC9AC000-70B4-4941-AE86-AF12D036E076}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{9D6E552E-F044-4B59-BCE1-B729801D855F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{9D6E552E-F044-4B59-BCE1-B729801D855F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition (HKLM\...\{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUS_{8D07F876-D93A-4CF7-B801-1D41AB2BF60B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2553323) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{9CD98D42-A6D5-4D87-8B5C-5259AF05CFED}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector (KB2583935) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1FD215F3-AB16-4BC8-89A7-32457D45DE6D}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector (KB2583935) (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{3EAE7A3B-C7BD-45DA-A5DC-83AA7EF4146C}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 11.0 (HKLM-x32\...\{EDCC73CF-03A2-11E1-A9E0-F04DA23A5C58}) (Version: 11.0.424 - Sony)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Vitamin D Video r5150 (HKLM-x32\...\Vitamin D Video_is1) (Version:  - Vitamin D, Inc.)
VLC media player 1.1.7 (HKLM-x32\...\VLC media player) (Version: 1.1.7 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinX DVD Author 5.9 (HKLM-x32\...\WinX DVD Author_is1) (Version:  - DigiartySoft, Inc.)
World Cup Cricket 20-20 (x32 Version: 2.2.0.95 - WildTangent) Hidden
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version:  - Wargaming.net)
Xilisoft Audio Converter 6 (HKLM-x32\...\Xilisoft Audio Converter 6) (Version: 6.2.0.0331 - Xilisoft)
Xilisoft HD Video Converter (HKLM-x32\...\Xilisoft HD Video Converter) (Version: 7.0.1.1219 - Xilisoft)
Xvid MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version:  - Xvid Development Team)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
15-08-2014 04:00:03 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {233A16CA-3D1E-49F3-B34C-A9AAE70959EB} - System32\Tasks\HPCeeScheduleForMEHTAB-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {25646C45-0813-4A07-8164-A19D99C1503A} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
Task: {3705EC5D-79BC-4E8A-A88F-A47AE506CA2F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001UA => C:\Users\Mehtab\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-01] (Google Inc.)
Task: {3D8DBC6B-64BD-4041-B1CA-B605C2F20930} - System32\Tasks\HPCeeScheduleForMehtab => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {4AF95B97-EAA6-434D-A85B-A232D6CF58C5} - System32\Tasks\Upd Inst-S-938006130 => c:\programdata\excellent4app\upd inst\Upd Inst.exe [2014-05-20] ()
Task: {4C9AF67F-58E7-4A7E-BE26-6CD828CA6575} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\SymErr.exe [2012-02-03] (Symantec Corporation)
Task: {50A7D27E-26A3-4CE2-AF0E-578420D58467} - System32\Tasks\{B9C36D48-4FD5-4A5B-BB55-E9D497FE6D01} => Iexplore.exe http://ui.skype.com/...all?page=tsMain
Task: {5EEC4E64-265C-4E2F-8A2E-C1363D4D1CEE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001UA => C:\Users\Mehtab\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-26] (Facebook Inc.)
Task: {5F90590B-9EE1-4E62-976A-1B0D388BFBBB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {5FDD37A0-CE92-4146-91A7-40B62A4E9221} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {635AF49B-52A9-4D54-88E0-9F220C622E25} - System32\Tasks\{CBD578F9-56BD-49BB-A624-546931E49905} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {6834A0B2-0D68-48A0-A868-4E4E119F6564} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001Core => C:\Users\Mehtab\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-01] (Google Inc.)
Task: {6F7770AE-7C79-4CBE-8C09-3C50217DBB0A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2012-07-10] (Hewlett-Packard)
Task: {73FB2B3E-8B63-4E43-A5BA-8406AEF6D719} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {77AB85C8-E887-4357-A065-1EBF276CF040} - System32\Tasks\{191BD6E2-D247-46D1-83CF-DF2946B8BA28} => Iexplore.exe http://ui.skype.com/...all?page=tsMain
Task: {7C6ED5FB-3E2D-4C4E-8E7D-92FACEA866AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-31] (Google Inc.)
Task: {7FB20A21-5868-4F83-B263-71C1678A21AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {A6CD3FD8-FD6A-436E-B52B-16B4387BF9AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {AAA5FADF-6A56-489C-9AEE-2E459F98BA13} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {AC3BF74C-4B80-4179-BE68-B21E0F2E43AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-12-15] (Hewlett-Packard)
Task: {AFD52256-E765-4635-9532-072B449C6A07} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2012-07-10] (Hewlett-Packard)
Task: {B1BA7909-089B-4DC7-A331-05BF0A64F807} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001Core => C:\Users\Mehtab\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-26] (Facebook Inc.)
Task: {C9E4288C-C17B-403D-8D02-83D275218AF0} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {D915F5A6-66F5-4E6A-A48D-D64B21DE10C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {E6A4DD3B-BC1D-4526-8160-42F180055901} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\SymErr.exe [2012-02-03] (Symantec Corporation)
Task: {E90A6FA1-F9AF-4B5C-9F49-02718DB5FDCC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-31] (Google Inc.)
Task: {ED9B99CD-2325-41DA-A663-438E9A7B6984} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {F20168CA-3FE9-4A77-B3AE-CE8F5C3B2ACE} - System32\Tasks\{C13CB8F8-F6D0-4F99-AF4B-55D83014E081} => Chrome.exe http://ui.skype.com/...e=tsProgressBar
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001Core.job => C:\Users\Mehtab\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001UA.job => C:\Users\Mehtab\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001Core.job => C:\Users\Mehtab\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001UA.job => C:\Users\Mehtab\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMEHTAB-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMehtab.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Upd Inst-S-938006130.job => c:\programdata\excellent4app\upd inst\Upd Inst.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-05-20 10:14 - 2014-05-20 10:14 - 04210176 _____ () C:\Program Files (x86)\Assistant_x64.dll
2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-05-15 18:58 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2012-10-01 12:30 - 2012-05-16 16:31 - 00915248 _____ () C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe
2012-12-19 16:32 - 2012-12-19 16:32 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-10-12 09:25 - 2012-10-12 09:25 - 00068096 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe
2013-06-26 18:39 - 2013-01-04 17:04 - 00147456 _____ () C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE
2011-09-14 18:19 - 2011-09-14 18:19 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe
2012-12-19 16:32 - 2012-12-19 16:32 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-05-20 10:14 - 2014-05-20 10:14 - 04296192 _____ () c:\Program Files (x86)\Assistant.dll
2014-05-20 10:14 - 2014-05-20 10:14 - 00174928 _____ () c:\Program Files (x86)\AssistantSvc.dll
2011-03-17 01:11 - 2011-03-17 01:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-08-24 19:48 - 2010-08-24 19:48 - 00153088 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\pyexpat.pyd
2012-02-07 12:11 - 2012-02-07 12:11 - 00098816 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32api.pyd
2012-02-07 12:09 - 2012-02-07 12:09 - 00110080 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\pywintypes26.dll
2012-02-07 12:13 - 2012-02-07 12:13 - 00358912 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\pythoncom26.dll
2012-02-07 12:16 - 2012-02-07 12:16 - 00266240 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32com.shell.shell.pyd
2010-08-24 19:47 - 2010-08-24 19:47 - 00040448 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\_socket.pyd
2010-08-24 19:48 - 2010-08-24 19:48 - 00720896 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\_ssl.pyd
2010-08-24 19:48 - 2010-08-24 19:48 - 00011776 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\select.pyd
2012-09-27 22:46 - 2012-09-27 22:46 - 00019968 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\zope.interface._zope_interface_coptimizations.pyd
2012-09-27 22:47 - 2012-09-27 22:47 - 00010240 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\OpenSSL.rand.pyd
2012-09-27 22:47 - 2012-09-27 22:47 - 00061440 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\OpenSSL.crypto.pyd
2012-09-27 22:47 - 2012-09-27 22:47 - 00039424 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\OpenSSL.SSL.pyd
2010-08-24 19:48 - 2010-08-24 19:48 - 00073728 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\_ctypes.pyd
2010-08-24 19:48 - 2010-08-24 19:48 - 00286208 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\_hashlib.pyd
2012-02-07 12:10 - 2012-02-07 12:10 - 00035840 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32process.pyd
2012-09-27 22:46 - 2012-09-27 22:46 - 00007680 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\twisted.protocols._c_urlarg.pyd
2012-02-07 11:10 - 2012-02-07 11:10 - 00024064 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32pdh.pyd
2012-09-27 22:47 - 2012-09-27 22:47 - 00006656 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\pyovpnc.pyd
2012-02-07 12:11 - 2012-02-07 12:11 - 00167424 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32gui.pyd
2012-02-07 12:10 - 2012-02-07 12:10 - 00018432 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\win32event.pyd
2012-07-15 12:48 - 2012-07-15 12:48 - 00005632 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-23 19:17 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-08-07 07:05 - 2014-08-07 07:05 - 00098816 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\win32api.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00110080 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\pywintypes27.dll
2014-08-07 07:05 - 2014-08-07 07:05 - 00364544 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\pythoncom27.dll
2014-08-07 07:05 - 2014-08-07 07:05 - 00044032 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\_socket.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 01153024 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\_ssl.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00320512 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\win32com.shell.shell.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00711680 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\_hashlib.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 01175040 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\wx._core_.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00805888 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\wx._gdi_.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00811008 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\wx._windows_.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 01062400 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\wx._controls_.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00735232 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\wx._misc_.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00128512 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\_elementtree.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00127488 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\pyexpat.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00557056 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\pysqlite2._sqlite.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00087040 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\_ctypes.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00119808 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\win32file.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00108544 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\win32security.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00018432 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\win32event.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00038912 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\win32inet.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00122368 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\wx._wizard.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00026624 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\_multiprocessing.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00070656 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\wx._html2.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00010240 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\select.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00686080 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\unicodedata.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00025600 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\win32pdh.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00521680 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\windows._lib_cacheinvalidation.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00011264 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\win32crypt.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00024064 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\win32pipe.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00035840 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\win32process.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00017408 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\win32profile.pyd
2014-08-07 07:05 - 2014-08-07 07:05 - 00022528 _____ () C:\Users\Mehtab\AppData\Local\Temp\_MEI22162\win32ts.pyd
2013-06-26 18:39 - 2012-12-20 14:05 - 00045056 _____ () C:\Program Files (x86)\Standard Mouse Driver\lan.dll
2013-06-26 18:39 - 2012-08-30 14:24 - 00061440 _____ () C:\Program Files (x86)\Standard Mouse Driver\hiddriver.dll
2014-02-08 10:06 - 2013-04-17 16:25 - 00046352 _____ () C:\Program Files (x86)\PRTG Network Monitor\PaesslerTrafficControl.dll
2014-07-08 14:36 - 2014-07-08 14:36 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
2014-07-03 09:25 - 2014-07-03 09:25 - 00448512 _____ () C:\ProgramData\BitSaver\b6.dll
2014-06-11 12:41 - 2014-06-11 12:41 - 00370688 _____ () C:\ProgramData\JouniCouPoon\bv.dll
2014-07-18 23:27 - 2014-07-18 23:27 - 00449024 _____ () C:\ProgramData\RanndomPrice\mN.dll
2014-08-03 16:30 - 2014-08-03 16:30 - 00449024 _____ () C:\ProgramData\SAVeMAss\ZW3lP7m.dll
2014-06-09 20:28 - 2014-06-09 20:28 - 00371200 _____ () C:\ProgramData\DiogiSaveR\UIINKfgfO.dll
2014-05-22 14:52 - 2014-07-11 20:53 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-26 16:17 - 2014-07-11 20:53 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-22 14:52 - 2014-07-11 20:53 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-10 11:17 - 2014-07-11 20:53 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-03-25 14:23 - 2014-06-26 18:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 14:52 - 2014-07-15 22:28 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-22 14:52 - 2014-04-28 20:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2012-09-10 19:06 - 2014-07-15 22:28 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-09-10 19:06 - 2014-05-01 19:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-01-27 15:35 - 2014-01-23 01:56 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
2014-01-27 15:35 - 2014-01-23 01:56 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
2014-01-27 15:35 - 2014-01-23 01:56 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-27 15:35 - 2014-01-23 01:57 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-27 15:35 - 2014-01-23 01:55 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
2014-02-18 20:33 - 2014-02-18 20:33 - 13632904 _____ () C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\PepperFlash\12.0.0.70\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:9A870F8B
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
Name: iPodDrv
Description: iPodDrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: iPodDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/18/2014 03:03:23 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (08/15/2014 00:34:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (08/14/2014 01:41:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (08/13/2014 07:37:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16618 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 203c
 
Start Time: 01cfb74f5b33b582
 
Termination Time: 30
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id:
 
Error: (08/13/2014 06:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: League of Legends.exe, version: 4.14.0.351, time stamp: 0x53e56c69
Faulting module name: League of Legends.exe, version: 4.14.0.351, time stamp: 0x53e56c69
Exception code: 0xc0000005
Fault offset: 0x0087b8ae
Faulting process id: 0xc7c
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3
 
Error: (08/13/2014 06:39:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: League of Legends.exe, version: 4.14.0.351, time stamp: 0x53e56c69
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00001c00
Faulting process id: 0xc7c
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3
 
Error: (08/13/2014 00:18:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ipoint.exe, version: 2.1.177.0, time stamp: 0x51065d33
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17932, time stamp: 0x503285c2
Exception code: 0xc000041d
Fault offset: 0x000000000000caed
Faulting process id: 0x6cc
Faulting application start time: 0xipoint.exe0
Faulting application path: ipoint.exe1
Faulting module path: ipoint.exe2
Report Id: ipoint.exe3
 
Error: (08/12/2014 04:19:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: League of Legends.exe, version: 4.13.0.265, time stamp: 0x53d68f6b
Faulting module name: League of Legends.exe, version: 4.13.0.265, time stamp: 0x53d68f6b
Exception code: 0xc0000005
Fault offset: 0x008a458e
Faulting process id: 0x104c
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3
 
Error: (08/12/2014 04:18:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: League of Legends.exe, version: 4.13.0.265, time stamp: 0x53d68f6b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x3500302e
Faulting process id: 0x104c
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3
 
Error: (08/11/2014 00:34:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (08/14/2014 01:34:01 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (08/08/2014 00:13:32 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (08/07/2014 07:07:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: 
%%1053
 
Error: (08/07/2014 07:07:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.
 
Error: (08/07/2014 07:06:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the PRTG Core Server Service service to connect.
 
Error: (08/07/2014 07:06:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The iPodDrv service failed to start due to the following error: 
%%2
 
Error: (08/07/2014 07:05:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Assistant service to connect.
 
Error: (08/07/2014 07:04:50 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:42:50 PM on ‎06/‎08/‎2014 was unexpected.
 
Error: (07/31/2014 04:49:06 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (07/30/2014 08:10:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the PRTG Probe Service service to connect.
 
 
Microsoft Office Sessions:
=========================
Error: (08/18/2014 03:03:23 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (08/15/2014 00:34:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
 
Error: (08/14/2014 01:41:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (08/13/2014 07:37:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.16618203c01cfb74f5b33b58230C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Error: (08/13/2014 06:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe4.14.0.35153e56c69League of Legends.exe4.14.0.35153e56c69c00000050087b8aec7c01cfb743e0c60309C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.50\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.50\deploy\League of Legends.exeacbc1dcb-233a-11e4-b428-78acc095d5df
 
Error: (08/13/2014 06:39:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe4.14.0.35153e56c69unknown0.0.0.000000000c000000500001c00c7c01cfb743e0c60309C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.50\deploy\League of Legends.exeunknown9fc68367-233a-11e4-b428-78acc095d5df
 
Error: (08/13/2014 00:18:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ipoint.exe2.1.177.051065d33KERNELBASE.dll6.1.7601.17932503285c2c000041d000000000000caed6cc01cfb22f7b6f8fe6c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exeC:\Windows\system32\KERNELBASE.dll6e4f3bf5-2305-11e4-b428-78acc095d5df
 
Error: (08/12/2014 04:19:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe4.13.0.26553d68f6bLeague of Legends.exe4.13.0.26553d68f6bc0000005008a458e104c01cfb6660b8efe9cC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.49\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.49\deploy\League of Legends.exee8280bb5-225d-11e4-b428-78acc095d5df
 
Error: (08/12/2014 04:18:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe4.13.0.26553d68f6bunknown0.0.0.000000000c00000053500302e104c01cfb6660b8efe9cC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.49\deploy\League of Legends.exeunknownd62fde39-225d-11e4-b428-78acc095d5df
 
Error: (08/11/2014 00:34:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
 
 
==================== Memory info =========================== 
 
Processor: AMD Phenom™ II X4 955 Processor
Percentage of memory in use: 65%
Total physical RAM: 4087.89 MB
Available physical RAM: 1421.15 MB
Total Pagefile: 9731.57 MB
Available Pagefile: 5439.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:917.7 GB) (Free:22.17 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:13.52 GB) (Free:1.65 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E6EF942B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=917.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 


  • 0

Advertisements

#2
Essexboy
Posted 19 August 2014 - 08:16 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi, first thing that you must do is disable Google chrome synch and delete the current online backup. Otherwise it will return

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

AppInit_DLLs: C:\PROGRA~2\ASSIST~2.DLL => C:\Program Files (x86)\Assistant_x64.dll [4210176 2014-05-20] ()
AppInit_DLLs-x32: c:\progra~2\assist~1.dll => c:\Program Files (x86)\Assistant.dll [4296192 2014-05-20] ()
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2419} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPDTDF
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2419} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
BHO: BitSaver -> {05925749-8476-F44D-4572-0A532582A688} -> C:\ProgramData\BitSaver\b6.x64.dll ()
BHO: JouniCouPoon -> {0FC2F741-B3A5-0AB4-D311-05482777AF31} -> C:\ProgramData\JouniCouPoon\bv.x64.dll ()
BHO: RanndomPrice -> {4C36EDF2-7844-40C3-8698-606E6275E9C8} -> C:\ProgramData\RanndomPrice\mN.x64.dll ()
BHO: SAVeMAss -> {AB07AE92-B266-A52D-DAD1-D15507FF8FEB} -> C:\ProgramData\SAVeMAss\ZW3lP7m.x64.dll ()
BHO: DeailEoXXpReSs -> {BE6DE552-172D-892D-3738-64F1FDBE4B27} -> C:\ProgramData\DeailEoXXpReSs\C.x64.dll ()
BHO: DiogiSaveR -> {D1C67105-24B7-8279-538E-7248349A3574} -> C:\ProgramData\DiogiSaveR\UIINKfgfO.x64.dll ()aver
BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File
BHO-x32: BitSaver -> {05925749-8476-F44D-4572-0A532582A688} -> C:\ProgramData\BitSaver\b6.dll ()
BHO-x32: JouniCouPoon -> {0FC2F741-B3A5-0AB4-D311-05482777AF31} -> C:\ProgramData\JouniCouPoon\bv.dll ()
BHO-x32: No Name -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> No File
BHO-x32: RanndomPrice -> {4C36EDF2-7844-40C3-8698-606E6275E9C8} -> C:\ProgramData\RanndomPrice\mN.dll ()
BHO-x32: SAVeMAss -> {AB07AE92-B266-A52D-DAD1-D15507FF8FEB} -> C:\ProgramData\SAVeMAss\ZW3lP7m.dll ()
BHO-x32: DeailEoXXpReSs -> {BE6DE552-172D-892D-3738-64F1FDBE4B27} -> C:\ProgramData\DeailEoXXpReSs\C.dll ()
BHO-x32: DiogiSaveR -> {D1C67105-24B7-8279-538E-7248349A3574} -> C:\ProgramData\DiogiSaveR\UIINKfgfO.dll ()
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
FF DefaultSearchEngine: Search the web (Babylon)
FF SearchEngineOrder.1: Search the web (Babylon)
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://search.easylifeapp.com/
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.37\Bin\npSSOAxCtrlForPTLogin.dll ()
FF Plugin HKCU: @doubletwist.com/NPPodcast -> C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll No File
FF Plugin HKCU: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File
FF Extension: No Name - C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\staged [2014-01-12]
FF Extension: Shopping Helper Smartbar - C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\{1e36242d-8532-6718-b654-f7c2a9d1999d} [2014-04-26]
FF Extension: Searchqu Toolbar - C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2012-02-02]
CHR StartupUrls: "hxxp://searchy.easylifeapp.com/", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZcPmSeeX2prPxWbmUqaThTGEzCpizpraA3UBAzOJQ2RZiY45mKonr-UXSgb1DF8bCpzkSa15o9JdsPmRwF7kK_Hl67wO1n8fKmTk1YJuljQOGnHcAFlgvfbveweSqauM4saeqxqZuTaFg,,", "hxxp://search.easylifeapp.com/"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 1a34a8e0; c:\Program Files (x86)\AssistantSvc.dll [174928 2014-05-20] () [File not signed]
S2 699fd52f; "C:\Windows\system32\rundll32.exe" "c:\progra~3\assist~1\AssistantSvc.dll",service
S3 TesSafe; C:\Windows\system32\TesSafe.sys [159160 2013-06-17] (TENCENT) [File not signed]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
2014-08-17 20:35 - 2014-08-17 20:35 - 00000000 ____D () C:\ProgramData\DeailEoXXpReSs
2014-08-03 16:31 - 2014-08-03 16:31 - 00000000 ____D () C:\ProgramData\mfmlbokloflnfihflclokeiodijfpljb
2014-08-03 16:30 - 2014-08-03 16:31 - 00000000 ____D () C:\ProgramData\SAVeMAss
2014-08-17 20:36 - 2014-01-12 12:55 - 00000000 ____D () C:\ProgramData\fd6b50f17e064d9d
2014-08-17 20:35 - 2014-08-17 20:35 - 00000000 ____D () C:\ProgramData\DeailEoXXpReSs
2014-08-16 11:38 - 2013-10-19 17:32 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-08-10 07:05 - 2014-05-20 10:14 - 00000446 ____H () C:\Windows\Tasks\Upd Inst-S-938006130.job
2014-08-03 16:31 - 2014-08-03 16:31 - 00000000 ____D () C:\ProgramData\mfmlbokloflnfihflclokeiodijfpljb
2014-08-03 16:31 - 2014-08-03 16:30 - 00000000 ____D () C:\ProgramData\SAVeMAss
Task: {4AF95B97-EAA6-434D-A85B-A232D6CF58C5} - System32\Tasks\Upd Inst-S-938006130 => c:\programdata\excellent4app\upd inst\Upd Inst.exe [2014-05-20] ()
Task: C:\Windows\Tasks\Upd Inst-S-938006130.job => c:\programdata\excellent4app\upd inst\Upd Inst.exe
2014-05-20 10:14 - 2014-05-20 10:14 - 04210176 _____ () C:\Program Files (x86)\Assistant_x64.dll
2014-05-20 10:14 - 2014-05-20 10:14 - 04296192 _____ () c:\Program Files (x86)\Assistant.dll
2014-05-20 10:14 - 2014-05-20 10:14 - 00174928 _____ () c:\Program Files (x86)\AssistantSvc.dll
c:\programdata\excellent4app
C:\Users\Mehtab\cache.dat
C:\Users\Mehtab\crossfire_setup_v1066.exe
C:\Users\Mehtab\jagex_cl_runescape_LIVE.dat
C:\Users\Mehtab\jagex_cl_runescape_LIVE1.dat
C:\Users\Mehtab\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\Mehtab\jagex_cl_runescape_LIVE_BETA1.dat
C:\Users\Mehtab\jagex_runescape_preferences.dat
C:\Users\Mehtab\jagex_runescape_preferences2.dat
C:\Users\Mehtab\random.dat
C:\ProgramData\RanndomPrice
C:\ProgramData\SAVeMAss
C:\ProgramData\DeailEoXXpReSs
C:\ProgramData\DiogiSaveR
C:\Program Files (x86)\Common Files\Tencent
C:\ProgramData\JouniCouPoon\bv.dll
C:\ProgramData\BitSaver
C:\ProgramData\DeailEoXXpReSs\
C:\ProgramData\DiogiSaveR\UIINKfgfO.x64.dll ()
C:\ProgramData\JouniCouPoon
C:\ProgramData\RanndomPrice
C:\ProgramData\SAVeMAss
c:\Program Files (x86)\Assistant.dll
C:\ProgramData\BitS
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that


THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#3
altwiz
Posted 20 August 2014 - 06:31 AM

altwiz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
# AdwCleaner v3.307 - Report created 20/08/2014 at 08:20:10
# Updated 17/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mehtab - MEHTAB-HP
# Running from : C:\Users\Mehtab\Desktop\adwcleaner_3.307.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Assistant
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Happy2Save
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\QuestScan
Folder Deleted : C:\ProgramData\SNT
Folder Deleted : C:\ProgramData\SoftWarehouse
Folder Deleted : C:\ProgramData\Tencent
Folder Deleted : C:\ProgramData\WebTouch
Folder Deleted : C:\ProgramData\grEEatsavere
Folder Deleted : C:\ProgramData\TakeTheCoupoN
Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\Program Files (x86)\QuestScan
Folder Deleted : C:\Program Files (x86)\Tencent
Folder Deleted : C:\Program Files (x86)\grEEatsavere
Folder Deleted : C:\Program Files (x86)\TakeTheCoupoN
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Mehtab\AppData\Local\PackageAware
Folder Deleted : C:\Users\Mehtab\AppData\Local\torch
Folder Deleted : C:\Users\Mehtab\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Mehtab\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Mehtab\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Mehtab\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Mehtab\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Mehtab\AppData\LocalLow\ShopperReports3
Folder Deleted : C:\Users\Mehtab\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Mehtab\AppData\Roaming\pccustubinstaller
Folder Deleted : C:\Users\Mehtab\AppData\Roaming\Tencent
Folder Deleted : C:\Users\Mehtab\AppData\Roaming\VOPackage
Folder Deleted : C:\Users\Mehtab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Folder Deleted : C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Searchqutoolbar
Folder Deleted : C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog
Folder Deleted : C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
Folder Deleted : C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalbifknmclbnmjlljdemhjjlkmppjjl
[!] Folder Deleted : C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Windows\SysWOW64\RegistryHelperLM.ocx
File Deleted : C:\Windows\System32\GroupPolicy\Machine\Registry.pol
File Deleted : C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{00894511-B737-5398-6E7A-13EBFFF11FE9}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-938006130
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{699fd52f}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3074349
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hjsplit_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hjsplit_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_league-replays_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_league-replays_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\FreeSoftToday
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\TENCENT
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\ShopperReports3
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\GS.Enabler
Key Deleted : HKLM\SOFTWARE\ImInstaller
Key Deleted : HKLM\SOFTWARE\SearchquMediabarTb
Key Deleted : HKLM\SOFTWARE\TENCENT
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Upd Inst
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7223EDAC-E091-B3C1-BD91-B66CE557800F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8E8C2E2D-7F21-2CF5-0ADB-64935121ECF0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC6E9B2A-A7E6-4B17-8A6C-29D519673E12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16618
 
 
-\\ Mozilla Firefox v12.0 (en-US)
 
[ File : C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\prefs.js ]
 
Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Line Deleted : user_pref("browser.search.defaultengine", "Web Search");
 
-\\ Google Chrome v36.0.1985.143
 
[ File : C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZcPmSeeX2prPxWbmUqaThTGEzCpizpraA3UBAzOJQ2RZiY45mKonr-UXSgb1DF8bCpzkSa15o9JdsPq01kf2m8SDS48Pr6SdfFYfHLFp4ArC7iXvTbSZ5wIKcugLpGCEVBvGGCfJ4iUgg,,&q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Startup_urls] : hxxp://searchy.easylifeapp.com/
Deleted [Startup_urls] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZcPmSeeX2prPxWbmUqaThTGEzCpizpraA3UBAzOJQ2RZiY45mKonr-UXSgb1DF8bCpzkSa15o9JdsPmRwF7kK_Hl67wO1n8fKmTk1YJuljQOGnHcAFlgvfbveweSqauM4saeqxqZuTaFg,,
Deleted [Startup_urls] : hxxp://search.easylifeapp.com/
Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Deleted [Extension] : cknghehebaconkajgiobncfleofebcog
Deleted [Extension] : jpnbdefcbnoefmmcpelplabbkfmfhlho
Deleted [Extension] : majjphhgppkndjjkmhhnbgafooenebhd
Deleted [Extension] : mkboeomohomdkbhncbmggohoapedbldl
Deleted [Extension] : oalbifknmclbnmjlljdemhjjlkmppjjl
 
*************************
 
AdwCleaner[R0].txt - [16209 octets] - [20/08/2014 08:18:15]
AdwCleaner[S0].txt - [15716 octets] - [20/08/2014 08:20:10]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15777 octets] ##########
 
 
 
 
 
 
 
 
 
 
 
 
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2014 01
Ran by Mehtab at 2014-08-19 12:45:39 Run:1
Running from C:\Users\Mehtab\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
AppInit_DLLs: C:\PROGRA~2\ASSIST~2.DLL => C:\Program Files (x86)\Assistant_x64.dll [4210176 2014-05-20] ()
AppInit_DLLs-x32: c:\progra~2\assist~1.dll => c:\Program Files (x86)\Assistant.dll [4296192 2014-05-20] ()
HKCU\Software\MICROSOFT\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2419} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPDTDF
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2419} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.c...q={searchTerms}
BHO: BitSaver -> {05925749-8476-F44D-4572-0A532582A688} -> C:\ProgramData\BitSaver\b6.x64.dll ()
BHO: JouniCouPoon -> {0FC2F741-B3A5-0AB4-D311-05482777AF31} -> C:\ProgramData\JouniCouPoon\bv.x64.dll ()
BHO: RanndomPrice -> {4C36EDF2-7844-40C3-8698-606E6275E9C8} -> C:\ProgramData\RanndomPrice\mN.x64.dll ()
BHO: SAVeMAss -> {AB07AE92-B266-A52D-DAD1-D15507FF8FEB} -> C:\ProgramData\SAVeMAss\ZW3lP7m.x64.dll ()
BHO: DeailEoXXpReSs -> {BE6DE552-172D-892D-3738-64F1FDBE4B27} -> C:\ProgramData\DeailEoXXpReSs\C.x64.dll ()
BHO: DiogiSaveR -> {D1C67105-24B7-8279-538E-7248349A3574} -> C:\ProgramData\DiogiSaveR\UIINKfgfO.x64.dll ()aver
BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File
BHO-x32: BitSaver -> {05925749-8476-F44D-4572-0A532582A688} -> C:\ProgramData\BitSaver\b6.dll ()
BHO-x32: JouniCouPoon -> {0FC2F741-B3A5-0AB4-D311-05482777AF31} -> C:\ProgramData\JouniCouPoon\bv.dll ()
BHO-x32: No Name -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> No File
BHO-x32: RanndomPrice -> {4C36EDF2-7844-40C3-8698-606E6275E9C8} -> C:\ProgramData\RanndomPrice\mN.dll ()
BHO-x32: SAVeMAss -> {AB07AE92-B266-A52D-DAD1-D15507FF8FEB} -> C:\ProgramData\SAVeMAss\ZW3lP7m.dll ()
BHO-x32: DeailEoXXpReSs -> {BE6DE552-172D-892D-3738-64F1FDBE4B27} -> C:\ProgramData\DeailEoXXpReSs\C.dll ()
BHO-x32: DiogiSaveR -> {D1C67105-24B7-8279-538E-7248349A3574} -> C:\ProgramData\DiogiSaveR\UIINKfgfO.dll ()
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
FF DefaultSearchEngine: Search the web (Babylon)
FF SearchEngineOrder.1: Search the web (Babylon)
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://search.easylifeapp.com/
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.37\Bin\npSSOAxCtrlForPTLogin.dll ()
FF Plugin HKCU: @doubletwist.com/NPPodcast -> C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll No File
FF Plugin HKCU: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File
FF Extension: No Name - C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\staged [2014-01-12]
FF Extension: Shopping Helper Smartbar - C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\{1e36242d-8532-6718-b654-f7c2a9d1999d} [2014-04-26]
FF Extension: Searchqu Toolbar - C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2012-02-02]
CHR StartupUrls: "hxxp://searchy.easylifeapp.com/", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZcPmSeeX2prPxWbmUqaThTGEzCpizpraA3UBAzOJQ2RZiY45mKonr-UXSgb1DF8bCpzkSa15o9JdsPmRwF7kK_Hl67wO1n8fKmTk1YJuljQOGnHcAFlgvfbveweSqauM4saeqxqZuTaFg,,", "hxxp://search.easylifeapp.com/"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 1a34a8e0; c:\Program Files (x86)\AssistantSvc.dll [174928 2014-05-20] () [File not signed]
S2 699fd52f; "C:\Windows\system32\rundll32.exe" "c:\progra~3\assist~1\AssistantSvc.dll",service
S3 TesSafe; C:\Windows\system32\TesSafe.sys [159160 2013-06-17] (TENCENT) [File not signed]
S3 X6va017; \??\C:\Windows\SysWOW64\DRIVERS\X6va017 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\DRIVERS\X6va021 [X]
2014-08-17 20:35 - 2014-08-17 20:35 - 00000000 ____D () C:\ProgramData\DeailEoXXpReSs
2014-08-03 16:31 - 2014-08-03 16:31 - 00000000 ____D () C:\ProgramData\mfmlbokloflnfihflclokeiodijfpljb
2014-08-03 16:30 - 2014-08-03 16:31 - 00000000 ____D () C:\ProgramData\SAVeMAss
2014-08-17 20:36 - 2014-01-12 12:55 - 00000000 ____D () C:\ProgramData\fd6b50f17e064d9d
2014-08-17 20:35 - 2014-08-17 20:35 - 00000000 ____D () C:\ProgramData\DeailEoXXpReSs
2014-08-16 11:38 - 2013-10-19 17:32 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-08-10 07:05 - 2014-05-20 10:14 - 00000446 ____H () C:\Windows\Tasks\Upd Inst-S-938006130.job
2014-08-03 16:31 - 2014-08-03 16:31 - 00000000 ____D () C:\ProgramData\mfmlbokloflnfihflclokeiodijfpljb
2014-08-03 16:31 - 2014-08-03 16:30 - 00000000 ____D () C:\ProgramData\SAVeMAss
Task: {4AF95B97-EAA6-434D-A85B-A232D6CF58C5} - System32\Tasks\Upd Inst-S-938006130 => c:\programdata\excellent4app\upd inst\Upd Inst.exe [2014-05-20] ()
Task: C:\Windows\Tasks\Upd Inst-S-938006130.job => c:\programdata\excellent4app\upd inst\Upd Inst.exe
2014-05-20 10:14 - 2014-05-20 10:14 - 04210176 _____ () C:\Program Files (x86)\Assistant_x64.dll
2014-05-20 10:14 - 2014-05-20 10:14 - 04296192 _____ () c:\Program Files (x86)\Assistant.dll
2014-05-20 10:14 - 2014-05-20 10:14 - 00174928 _____ () c:\Program Files (x86)\AssistantSvc.dll
c:\programdata\excellent4app
C:\Users\Mehtab\cache.dat
C:\Users\Mehtab\crossfire_setup_v1066.exe
C:\Users\Mehtab\jagex_cl_runescape_LIVE.dat
C:\Users\Mehtab\jagex_cl_runescape_LIVE1.dat
C:\Users\Mehtab\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\Mehtab\jagex_cl_runescape_LIVE_BETA1.dat
C:\Users\Mehtab\jagex_runescape_preferences.dat
C:\Users\Mehtab\jagex_runescape_preferences2.dat
C:\Users\Mehtab\random.dat
C:\ProgramData\RanndomPrice
C:\ProgramData\SAVeMAss
C:\ProgramData\DeailEoXXpReSs
C:\ProgramData\DiogiSaveR
C:\Program Files (x86)\Common Files\Tencent
C:\ProgramData\JouniCouPoon\bv.dll
C:\ProgramData\BitSaver
C:\ProgramData\DeailEoXXpReSs\
C:\ProgramData\DiogiSaveR\UIINKfgfO.x64.dll ()
C:\ProgramData\JouniCouPoon
C:\ProgramData\RanndomPrice
C:\ProgramData\SAVeMAss
c:\Program Files (x86)\Assistant.dll
C:\ProgramData\BitS
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
"C:\PROGRA~2\ASSIST~2.DLL" => Value Data removed successfully.
"c:\progra~2\assist~1.dll" => Value Data removed successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key deleted successfully.
"HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2419}" => Key deleted successfully.
"HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2419}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key deleted successfully.
"HKCR\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05925749-8476-F44D-4572-0A532582A688}" => Key deleted successfully.
"HKCR\CLSID\{05925749-8476-F44D-4572-0A532582A688}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FC2F741-B3A5-0AB4-D311-05482777AF31}" => Key deleted successfully.
"HKCR\CLSID\{0FC2F741-B3A5-0AB4-D311-05482777AF31}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4C36EDF2-7844-40C3-8698-606E6275E9C8}" => Key deleted successfully.
"HKCR\CLSID\{4C36EDF2-7844-40C3-8698-606E6275E9C8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB07AE92-B266-A52D-DAD1-D15507FF8FEB}" => Key deleted successfully.
"HKCR\CLSID\{AB07AE92-B266-A52D-DAD1-D15507FF8FEB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE6DE552-172D-892D-3738-64F1FDBE4B27}" => Key deleted successfully.
"HKCR\CLSID\{BE6DE552-172D-892D-3738-64F1FDBE4B27}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1C67105-24B7-8279-538E-7248349A3574}" => Key deleted successfully.
"HKCR\CLSID\{D1C67105-24B7-8279-538E-7248349A3574}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}" => Key deleted successfully.
"HKCR\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05925749-8476-F44D-4572-0A532582A688}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{05925749-8476-F44D-4572-0A532582A688}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FC2F741-B3A5-0AB4-D311-05482777AF31}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0FC2F741-B3A5-0AB4-D311-05482777AF31}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4C36EDF2-7844-40C3-8698-606E6275E9C8}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{4C36EDF2-7844-40C3-8698-606E6275E9C8}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB07AE92-B266-A52D-DAD1-D15507FF8FEB}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AB07AE92-B266-A52D-DAD1-D15507FF8FEB}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE6DE552-172D-892D-3738-64F1FDBE4B27}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{BE6DE552-172D-892D-3738-64F1FDBE4B27}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1C67105-24B7-8279-538E-7248349A3574}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{D1C67105-24B7-8279-538E-7248349A3574}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}" => Key deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/TXSSO" => Key deleted successfully.
C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.37\Bin\npSSOAxCtrlForPTLogin.dll => Moved successfully.
"HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast" => Key deleted successfully.
C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll not found.
"HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0" => Key deleted successfully.
C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll not found.
C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\staged => Moved successfully.
C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\{1e36242d-8532-6718-b654-f7c2a9d1999d} => Moved successfully.
C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} => Moved successfully.
Chrome StartupUrls deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
1a34a8e0 => Service stopped successfully.
1a34a8e0 => Service deleted successfully.
699fd52f => Service deleted successfully.
TesSafe => Service deleted successfully.
X6va017 => Service deleted successfully.
X6va021 => Service deleted successfully.
C:\ProgramData\DeailEoXXpReSs => Moved successfully.
C:\ProgramData\mfmlbokloflnfihflclokeiodijfpljb => Moved successfully.
C:\ProgramData\SAVeMAss => Moved successfully.
C:\ProgramData\fd6b50f17e064d9d => Moved successfully.
"C:\ProgramData\DeailEoXXpReSs" => File/Directory not found.
C:\Program Files (x86)\osu! => Moved successfully.
C:\Windows\Tasks\Upd Inst-S-938006130.job => Moved successfully.
"C:\ProgramData\mfmlbokloflnfihflclokeiodijfpljb" => File/Directory not found.
"C:\ProgramData\SAVeMAss" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4AF95B97-EAA6-434D-A85B-A232D6CF58C5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AF95B97-EAA6-434D-A85B-A232D6CF58C5}" => Key deleted successfully.
C:\Windows\System32\Tasks\Upd Inst-S-938006130 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Upd Inst-S-938006130" => Key deleted successfully.
C:\Windows\Tasks\Upd Inst-S-938006130.job not found.
C:\Program Files (x86)\Assistant_x64.dll => Moved successfully.
c:\Program Files (x86)\Assistant.dll => Moved successfully.
c:\Program Files (x86)\AssistantSvc.dll => Moved successfully.
c:\programdata\excellent4app => Moved successfully.
C:\Users\Mehtab\cache.dat => Moved successfully.
C:\Users\Mehtab\crossfire_setup_v1066.exe => Moved successfully.
C:\Users\Mehtab\jagex_cl_runescape_LIVE.dat => Moved successfully.
C:\Users\Mehtab\jagex_cl_runescape_LIVE1.dat => Moved successfully.
C:\Users\Mehtab\jagex_cl_runescape_LIVE_BETA.dat => Moved successfully.
C:\Users\Mehtab\jagex_cl_runescape_LIVE_BETA1.dat => Moved successfully.
C:\Users\Mehtab\jagex_runescape_preferences.dat => Moved successfully.
C:\Users\Mehtab\jagex_runescape_preferences2.dat => Moved successfully.
C:\Users\Mehtab\random.dat => Moved successfully.
C:\ProgramData\RanndomPrice => Moved successfully.
"C:\ProgramData\SAVeMAss" => File/Directory not found.
"C:\ProgramData\DeailEoXXpReSs" => File/Directory not found.
C:\ProgramData\DiogiSaveR => Moved successfully.
C:\Program Files (x86)\Common Files\Tencent => Moved successfully.
C:\ProgramData\JouniCouPoon\bv.dll => Moved successfully.
C:\ProgramData\BitSaver => Moved successfully.
"C:\ProgramData\DeailEoXXpReSs" => File/Directory not found.
"C:\ProgramData\DiogiSaveR\UIINKfgfO.x64.dll ()" => File/Directory not found.
C:\ProgramData\JouniCouPoon => Moved successfully.
"C:\ProgramData\RanndomPrice" => File/Directory not found.
"C:\ProgramData\SAVeMAss" => File/Directory not found.
"c:\Program Files (x86)\Assistant.dll" => File/Directory not found.
"C:\ProgramData\BitS" => File/Directory not found.
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {F77E5641-1A2C-4588-A249-5268711F26C9}.
0 out of 1 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 1.2 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

  • 0

#4
Essexboy
Posted 20 August 2014 - 07:21 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you now run a fresh FRST scan please and let me know how the computer is behaving
  • 0

#5
altwiz
Posted 20 August 2014 - 07:31 AM

altwiz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Mehtab (administrator) on MEHTAB-HP on 20-08-2014 09:24:47
Running from C:\Users\Mehtab\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccsvchst.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccsvchst.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(LOL Replay) C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
() C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Standard Mouse Driver] => C:\Program Files (x86)\Standard Mouse Driver\Monitor.exe [147456 2013-01-04] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [Google Update] => C:\Users\Mehtab\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-01] (Google Inc.)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [BIBLauncher] => C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe [915248 2012-05-16] ()
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [Facebook Update] => C:\Users\Mehtab\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-26] (Facebook Inc.)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-11-23] (AMD)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [361072 2013-12-17] (CyberGhost S.R.L.)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21415040 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\MountPoints2: F - F:\RunGame.exe
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\MountPoints2: L - L:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\MountPoints2: {6ed170dc-7ddd-11e2-8038-78acc095d5df} - L:\SETUP.EXE
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk
ShortcutTarget: PrivateTunnel.lnk -> C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe ()
Startup: C:\Users\Mehtab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\Mehtab\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\Mehtab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\6.4.1.14\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\6.4.1.14\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\6.4.1.14\buShell.dll (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: http=127.0.0.1:13986
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {F2C43291-151E-499C-98A7-923C120B88FA} -  No File
DPF: HKLM {AEA3991E-3109-4C98-989E-33994FEB1A91} http://content.syste...64_4.4.21.0.cab
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2A0820D6-59B2-4F38-92EC-ED0FF11CC60A}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{30BF91DC-964F-4C55-BD08-788118581410}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{4A6AB73F-5367-43FC-8710-68A140069E99}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{5EFBDFFD-F8FD-41D5-A2C5-E247258C9BCC}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{67A42F23-A3CD-488D-8B22-128935A7B8C2}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{84B93D0E-690C-46DC-BE91-8A0E131D153B}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{A74B671D-2860-42B9-A88D-B6089CE9C8A8}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{ABB8DF49-AC4C-4098-9B1F-1363C2ED3CEB}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{BE71214A-7E9C-428F-AE3C-6A57A5553B75}: [NameServer]208.69.150.252,208.69.150.250
 
FireFox:
========
FF ProfilePath: C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Mehtab\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/Acrobat,version=5.1 -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @powerchallenge.com/PowerLoader -> C:\Users\Mehtab\AppData\LocalLow\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Mehtab\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Mehtab\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Mehtab\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Mehtab\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Mehtab\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mehtab\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: electronicarts.com/GameFacePlugin -> C:\Users\Mehtab\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mehtab\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Mehtab\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: ReloadEvery - C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2011-07-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-05-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-27]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-06-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\CodecCheck\firefox
FF Extension: Premiumplay Codec-C - C:\ProgramData\CodecCheck\firefox [2011-09-08]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\IPSFFPlgn [2014-04-28]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\coFFPlgn [2014-08-20]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://searchy.easylifeapp.com/", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZcPmSeeX2prPxWbmUqaThTGEzCpizpraA3UBAzOJQ2RZiY45mKonr-UXSgb1DF8bCpzkSa15o9JdsPmRwF7kK_Hl67wO1n8fKmTk1YJuljQOGnHcAFlgvfbveweSqauM4saeqxqZuTaFg,,", "hxxp://search.easylifeapp.com/"
CHR Extension: (Bejeweled) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2014-01-12]
CHR Extension: (Angry Birds) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-12]
CHR Extension: (Google Drive) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-19]
CHR Extension: (Adblock Plus) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-12]
CHR Extension: (Striker Manager) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmachfiimeggafocgeldapnchdnoiib [2014-01-12]
CHR Extension: (multiNotifier for multiple Gmail accounts) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcdpjakjgmgklajndnlekpojkelnibfp [2014-07-18]
CHR Extension: (Play Line Rider) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhlcfgkjnpcklhdepkakebikblhcbkmg [2014-01-12]
CHR Extension: (Football Champions) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehpibjfkijipalplliffcgkhhmecjgi [2014-01-12]
CHR Extension: (SnapPea Photos) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\epindigjbiphgfhnmlpcocaiafjgbabe [2014-01-12]
CHR Extension: (Wunderlist - To-do and Task list) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc [2014-01-12]
CHR Extension: (AdBlock) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-12]
CHR Extension: (Snakes) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\jacpoliedopniegkhphlcjhkomkohdmm [2014-01-12]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-01-12]
CHR Extension: (Infusionsoft Sync for Gmail) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbeelghpamdhlofdajkleehokdodedeb [2014-08-17]
CHR Extension: (Steambirds: Survival) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn [2014-01-12]
CHR Extension: (Webcam Toy) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-01-12]
CHR Extension: (Skype Click to Call) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-26]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-01-12]
CHR Extension: (Norton Identity Protection) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-04-29]
CHR Extension: (Plants vs Zombies) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2014-01-12]
CHR Extension: (Google Wallet) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (365Scores - Live Scores,Sports News & Alerts) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpppefjehmjbiplimkfjeamnohldmko [2014-01-12]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-04-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\Exts\Chrome.crx [2014-04-30]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63600 2013-12-17] (CyberGhost S.R.L)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mi-raysat_3dsmax2013_64; C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [86016 2011-09-14] () [File not signed]
R2 N360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-15] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 OpenVPNAccessClient; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe [24064 2012-10-12] () [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 PRTGCoreService; C:\Program Files (x86)\PRTG Network Monitor\PRTG Server.exe [7560416 2014-02-04] (Paessler AG)
S2 PRTGProbeService; C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe [9372896 2014-02-04] (Paessler AG)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-12-07] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-12-07] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-12-07] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2010-12-07] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2011-09-06] (LG Electronics Inc.)
S3 AndNetGps; C:\Windows\System32\DRIVERS\lgandnetgps64.sys [28160 2011-09-06] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [35840 2011-09-06] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2011-09-16] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20111201.001\BHDrvx64.sys [1157240 2011-11-29] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-24] (DT Soft Ltd)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20111130.012\IDSVia64.sys [488568 2011-11-23] (Symantec Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-11] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.004\ENG64.SYS [117880 2012-02-17] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.004\EX64.SYS [2048632 2012-02-17] (Symantec Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2014-04-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation)
R3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [35344 2014-07-30] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 iPodDrv; \??\C:\Windows\system32\drivers\iPodDrv.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-20 08:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-20 08:17 - 2014-08-20 08:20 - 00000000 ____D () C:\AdwCleaner
2014-08-20 08:17 - 2014-08-20 08:17 - 01361671 _____ () C:\Users\Mehtab\Desktop\adwcleaner_3.307.exe
2014-08-19 09:41 - 2014-08-19 09:42 - 00076657 _____ () C:\Users\Mehtab\Desktop\Addition.txt
2014-08-19 09:38 - 2014-08-20 09:24 - 00037353 _____ () C:\Users\Mehtab\Desktop\FRST.txt
2014-08-19 09:38 - 2014-08-20 09:24 - 00000000 ____D () C:\FRST
2014-08-19 09:37 - 2014-08-19 09:37 - 02101760 _____ (Farbar) C:\Users\Mehtab\Desktop\FRST64.exe
2014-08-17 19:35 - 2014-08-19 17:00 - 00033263 _____ () C:\Users\Mehtab\Documents\parking tickets.xlsx
2014-08-14 14:05 - 2014-08-14 14:06 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\PAYDAY 2
2014-08-14 14:00 - 2014-08-14 14:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-14 14:00 - 2014-08-14 14:00 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-07 15:25 - 2014-08-07 15:25 - 00000000 ____D () C:\ProgramData\Extreme Blocker
2014-08-07 07:04 - 2014-08-20 08:23 - 00017304 _____ () C:\Windows\PFRO.log
2014-08-06 11:10 - 2014-08-06 15:07 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\RIFT
2014-08-06 11:10 - 2014-08-06 11:10 - 00000000 ____D () C:\Users\Mehtab\Documents\RIFT
2014-08-02 20:45 - 2014-08-02 20:45 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\Oracle
2014-08-02 20:44 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-02 20:44 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-02 20:44 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-02 20:44 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-02 20:43 - 2014-08-02 20:44 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-02 20:40 - 2014-08-02 20:40 - 00918952 _____ (Oracle Corporation) C:\Users\Mehtab\Desktop\chromeinstall-7u65.exe
2014-07-30 08:11 - 2014-07-30 08:11 - 00035344 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-07-22 22:15 - 2014-07-22 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-22 22:15 - 2014-07-22 22:15 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-20 09:26 - 2014-08-19 09:38 - 00037353 _____ () C:\Users\Mehtab\Desktop\FRST.txt
2014-08-20 09:24 - 2014-08-19 09:38 - 00000000 ____D () C:\FRST
2014-08-20 09:22 - 2011-07-31 13:17 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-20 09:03 - 2011-08-09 09:45 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001UA.job
2014-08-20 08:49 - 2012-12-26 12:44 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001UA.job
2014-08-20 08:42 - 2014-07-03 17:44 - 00015112 _____ () C:\Windows\setupact.log
2014-08-20 08:36 - 2012-10-21 11:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-20 08:35 - 2009-07-14 00:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-20 08:35 - 2009-07-14 00:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-20 08:29 - 2011-05-25 14:56 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\Skype
2014-08-20 08:26 - 2011-05-27 15:01 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\LogMeIn Hamachi
2014-08-20 08:25 - 2014-02-08 10:06 - 00000000 ____D () C:\Program Files (x86)\PRTG Network Monitor
2014-08-20 08:25 - 2013-02-09 14:16 - 00043742 _____ () C:\Users\Mehtab\ovpntray.log
2014-08-20 08:25 - 2011-07-31 13:17 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-20 08:25 - 2011-05-15 16:03 - 00000000 ____D () C:\Users\Mehtab
2014-08-20 08:24 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-20 08:23 - 2014-08-07 07:04 - 00017304 _____ () C:\Windows\PFRO.log
2014-08-20 08:22 - 2011-03-15 17:29 - 01159886 _____ () C:\Windows\WindowsUpdate.log
2014-08-20 08:20 - 2014-08-20 08:17 - 00000000 ____D () C:\AdwCleaner
2014-08-20 08:17 - 2014-08-20 08:17 - 01361671 _____ () C:\Users\Mehtab\Desktop\adwcleaner_3.307.exe
2014-08-20 08:17 - 2013-07-08 16:00 - 00000000 ____D () C:\Users\Mehtab\Desktop\Sumotori Dreams
2014-08-20 08:04 - 2012-07-29 20:44 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\.minecraft
2014-08-19 18:23 - 2012-08-30 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-19 17:00 - 2014-08-17 19:35 - 00033263 _____ () C:\Users\Mehtab\Documents\parking tickets.xlsx
2014-08-19 17:00 - 2013-07-08 15:42 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\PMB Files
2014-08-19 17:00 - 2013-07-08 15:42 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-19 15:19 - 2011-11-21 16:30 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-19 13:25 - 2013-04-19 20:44 - 00002220 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-19 13:17 - 2011-07-31 13:17 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-19 13:17 - 2011-07-31 13:17 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-19 13:14 - 2011-05-23 09:47 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\Mozilla
2014-08-19 13:03 - 2011-08-09 09:45 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001Core.job
2014-08-19 12:58 - 2011-08-09 09:45 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001UA
2014-08-19 12:58 - 2011-08-09 09:45 - 00003488 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001Core
2014-08-19 11:49 - 2012-12-26 12:44 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001Core.job
2014-08-19 09:42 - 2014-08-19 09:41 - 00076657 _____ () C:\Users\Mehtab\Desktop\Addition.txt
2014-08-19 09:37 - 2014-08-19 09:37 - 02101760 _____ (Farbar) C:\Users\Mehtab\Desktop\FRST64.exe
2014-08-16 09:36 - 2013-08-16 15:53 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMehtab
2014-08-16 09:36 - 2013-08-16 15:53 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForMehtab.job
2014-08-14 14:06 - 2014-08-14 14:05 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\PAYDAY 2
2014-08-14 14:00 - 2014-08-14 14:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-14 14:00 - 2014-08-14 14:00 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-14 13:42 - 2011-06-15 15:00 - 00003220 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMEHTAB-HP$
2014-08-14 13:42 - 2011-06-15 15:00 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForMEHTAB-HP$.job
2014-08-13 18:39 - 2011-05-21 11:27 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\CrashDumps
2014-08-07 15:25 - 2014-08-07 15:25 - 00000000 ____D () C:\ProgramData\Extreme Blocker
2014-08-06 20:11 - 2011-03-15 17:36 - 00000000 ____D () C:\ProgramData\Temp
2014-08-06 15:07 - 2014-08-06 11:10 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\RIFT
2014-08-06 11:10 - 2014-08-06 11:10 - 00000000 ____D () C:\Users\Mehtab\Documents\RIFT
2014-08-02 20:45 - 2014-08-02 20:45 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\Oracle
2014-08-02 20:44 - 2014-08-02 20:43 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-02 20:44 - 2014-04-09 11:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-02 20:44 - 2011-05-15 19:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-02 20:40 - 2014-08-02 20:40 - 00918952 _____ (Oracle Corporation) C:\Users\Mehtab\Desktop\chromeinstall-7u65.exe
2014-08-02 09:21 - 2012-03-07 21:26 - 00465408 ___SH () C:\Users\Mehtab\Documents\Thumbs.db
2014-07-30 08:11 - 2014-07-30 08:11 - 00035344 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-07-22 22:15 - 2014-07-22 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-22 22:15 - 2014-07-22 22:15 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-22 22:15 - 2013-05-22 16:29 - 00000963 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
 
Some content of TEMP:
====================
C:\Users\Mehtab\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-17 00:43
 
==================== End Of Log ============================
 
 
I have disabled the google account sync as you requested also, the ads are still coming. For example, a common one I get is:
Ads by RaNdomPrricE  
  • 0

#6
Essexboy
Posted 20 August 2014 - 07:57 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Looks like the bad chrome homepage is back, lets try one more time to kill it

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CHR StartupUrls: "hxxp://searchy.easylifeapp.com/", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZcPmSeeX2prPxWbmUqaThTGEzCpizpraA3UBAzOJQ2RZiY45mKonr-UXSgb1DF8bCpzkSa15o9JdsPmRwF7kK_Hl67wO1n8fKmTk1YJuljQOGnHcAFlgvfbveweSqauM4saeqxqZuTaFg,,", "hxxp://search.easylifeapp.com/"
Toolbar: HKCU - No Name - {F2C43291-151E-499C-98A7-923C120B88FA} - No File
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#7
altwiz
Posted 20 August 2014 - 09:05 AM

altwiz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2014 01
Ran by Mehtab at 2014-08-20 10:54:02 Run:2
Running from C:\Users\Mehtab\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CHR StartupUrls: "hxxp://searchy.easylifeapp.com/", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZcPmSeeX2prPxWbmUqaThTGEzCpizpraA3UBAzOJQ2RZiY45mKonr-UXSgb1DF8bCpzkSa15o9JdsPmRwF7kK_Hl67wO1n8fKmTk1YJuljQOGnHcAFlgvfbveweSqauM4saeqxqZuTaFg,,", "hxxp://search.easylifeapp.com/"
Toolbar: HKCU - No Name - {F2C43291-151E-499C-98A7-923C120B88FA} - No File
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Chrome StartupUrls deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F2C43291-151E-499C-98A7-923C120B88FA} => value deleted successfully.
"HKCR\CLSID\{F2C43291-151E-499C-98A7-923C120B88FA}" => Key not found.
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 342.5 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

  • 0

#8
Essexboy
Posted 20 August 2014 - 11:00 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are you still getting the ads ?

Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log
  • 0

#9
altwiz
Posted 21 August 2014 - 08:27 AM

altwiz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
At first I forgot to tick the "Scan for rootkits", so I did one scan with that unticked, then another scan with it ticked.
Scan 1:
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 20/08/2014
Scan Time: 2:50:28 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.20.07
Rootkit Database: v2014.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Mehtab
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 383159
Time Elapsed: 19 min, 17 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 1
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|[email protected], C:\ProgramData\CodecCheck\firefox, Quarantined, [bd1a02c63447af876ed33aaf847efe02]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 3
PUP.Optional.Softonic.A, C:\Users\Mehtab\Desktop\SoftonicDownloader_for_kart-n-crazy.exe, Quarantined, [52857f4998e3da5c726fa388e71a8d73], 
PUP.Optional.Excellent4App, C:\Users\Mehtab\Documents\Pack containing all skins from the compendium (dropbox)..exe, Quarantined, [35a21bada5d6fb3b4ca5eb9efd04847c], 
PUP.Optional.Superfish.A, C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Delete-on-Reboot, [c4136e5a7704a3937807f703986a1ee2], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
Scan 2:
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 21/08/2014
Scan Time: 8:27:13 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.21.03
Rootkit Database: v2014.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Mehtab
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 385891
Time Elapsed: 27 min, 47 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 2
RiskWare.Tool.CK, C:\Users\Mehtab\Desktop\Crack\xf-3dsmax_x64.exe, Quarantined, [58ef3d8acdae42f4e26cf5ce9967fd03], 
PUP.Optional.Superfish.A, C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Delete-on-Reboot, [182f547358232d09345651aaf2107090], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
The ads are still appearing.

  • 0

#10
Essexboy
Posted 21 August 2014 - 08:38 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are the ads in Chrome only or are they in all browsers ?

If in chrome only could you try incognito mode and see if they still appear https://support.goog.../95464?hl=en-GB
  • 0

Advertisements

#11
altwiz
Posted 21 August 2014 - 09:03 AM

altwiz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

You are right, it is only in chrome, and the ads do not appear in incognito mode.


  • 0

#12
Essexboy
Posted 21 August 2014 - 10:00 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

OK that has narrowed it down .  could you run a fresh FRST scan for me please


  • 0

#13
altwiz
Posted 21 August 2014 - 12:59 PM

altwiz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Mehtab (administrator) on MEHTAB-HP on 21-08-2014 14:54:09
Running from C:\Users\Mehtab\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccsvchst.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Paessler AG) C:\Program Files (x86)\PRTG Network Monitor\PRTG Server.exe
(Paessler AG) C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccsvchst.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Standard Mouse Driver] => C:\Program Files (x86)\Standard Mouse Driver\Monitor.exe [147456 2013-01-04] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [Google Update] => C:\Users\Mehtab\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-01] (Google Inc.)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [BIBLauncher] => C:\Program Files (x86)\Business-in-a-Box\BIBLauncher.exe [915248 2012-05-16] ()
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [Facebook Update] => C:\Users\Mehtab\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-26] (Facebook Inc.)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-11-23] (AMD)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [361072 2013-12-17] (CyberGhost S.R.L.)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21415040 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\MountPoints2: F - F:\RunGame.exe
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\MountPoints2: L - L:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-2600669835-3048882585-950309111-1001\...\MountPoints2: {6ed170dc-7ddd-11e2-8038-78acc095d5df} - L:\SETUP.EXE
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk
ShortcutTarget: PrivateTunnel.lnk -> C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\ovpntray.exe ()
Startup: C:\Users\Mehtab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\Mehtab\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\Mehtab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\6.4.1.14\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\6.4.1.14\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\6.4.1.14\buShell.dll (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: http=127.0.0.1:13986
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...s}&mfe=Desktops
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
DPF: HKLM {AEA3991E-3109-4C98-989E-33994FEB1A91} http://content.syste...64_4.4.21.0.cab
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2A0820D6-59B2-4F38-92EC-ED0FF11CC60A}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{30BF91DC-964F-4C55-BD08-788118581410}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{4A6AB73F-5367-43FC-8710-68A140069E99}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{5EFBDFFD-F8FD-41D5-A2C5-E247258C9BCC}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{67A42F23-A3CD-488D-8B22-128935A7B8C2}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{84B93D0E-690C-46DC-BE91-8A0E131D153B}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{A74B671D-2860-42B9-A88D-B6089CE9C8A8}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{ABB8DF49-AC4C-4098-9B1F-1363C2ED3CEB}: [NameServer]208.69.150.252,208.69.150.250
Tcpip\..\Interfaces\{BE71214A-7E9C-428F-AE3C-6A57A5553B75}: [NameServer]208.69.150.252,208.69.150.250
 
FireFox:
========
FF ProfilePath: C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Mehtab\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/Acrobat,version=5.1 -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @powerchallenge.com/PowerLoader -> C:\Users\Mehtab\AppData\LocalLow\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Mehtab\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Mehtab\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Mehtab\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Mehtab\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Mehtab\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mehtab\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: electronicarts.com/GameFacePlugin -> C:\Users\Mehtab\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mehtab\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Mehtab\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: ReloadEvery - C:\Users\Mehtab\AppData\Roaming\Mozilla\Firefox\Profiles\fvfvnqfn.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2011-07-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-05-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-27]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-06-24]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\IPSFFPlgn [2014-04-28]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\coFFPlgn [2014-08-21]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR HomePage: 
CHR Extension: (Bejeweled) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2014-01-12]
CHR Extension: (Angry Birds) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-12]
CHR Extension: (Google Drive) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-19]
CHR Extension: (Adblock Plus) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-12]
CHR Extension: (Striker Manager) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmachfiimeggafocgeldapnchdnoiib [2014-01-12]
CHR Extension: (multiNotifier for multiple Gmail accounts) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcdpjakjgmgklajndnlekpojkelnibfp [2014-07-18]
CHR Extension: (Play Line Rider) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhlcfgkjnpcklhdepkakebikblhcbkmg [2014-01-12]
CHR Extension: (Football Champions) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehpibjfkijipalplliffcgkhhmecjgi [2014-01-12]
CHR Extension: (SnapPea Photos) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\epindigjbiphgfhnmlpcocaiafjgbabe [2014-01-12]
CHR Extension: (Wunderlist - To-do and Task list) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc [2014-01-12]
CHR Extension: (AdBlock) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-12]
CHR Extension: (Snakes) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\jacpoliedopniegkhphlcjhkomkohdmm [2014-01-12]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-01-12]
CHR Extension: (Infusionsoft Sync for Gmail) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbeelghpamdhlofdajkleehokdodedeb [2014-08-17]
CHR Extension: (Steambirds: Survival) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn [2014-01-12]
CHR Extension: (Webcam Toy) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-01-12]
CHR Extension: (Skype Click to Call) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-26]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-01-12]
CHR Extension: (Norton Identity Protection) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-04-29]
CHR Extension: (Plants vs Zombies) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2014-01-12]
CHR Extension: (Google Wallet) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (365Scores - Live Scores,Sports News & Alerts) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpppefjehmjbiplimkfjeamnohldmko [2014-01-12]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Mehtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-04-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\Exts\Chrome.crx [2014-04-30]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63600 2013-12-17] (CyberGhost S.R.L)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mi-raysat_3dsmax2013_64; C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [86016 2011-09-14] () [File not signed]
R2 N360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-15] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 OpenVPNAccessClient; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\core\capiws.exe [24064 2012-10-12] () [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PRTGCoreService; C:\Program Files (x86)\PRTG Network Monitor\PRTG Server.exe [7560416 2014-02-04] (Paessler AG)
R2 PRTGProbeService; C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe [9372896 2014-02-04] (Paessler AG)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-12-07] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-12-07] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-12-07] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2010-12-07] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2011-09-06] (LG Electronics Inc.)
S3 AndNetGps; C:\Windows\System32\DRIVERS\lgandnetgps64.sys [28160 2011-09-06] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [35840 2011-09-06] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2011-09-16] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20111201.001\BHDrvx64.sys [1157240 2011-11-29] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-24] (DT Soft Ltd)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20111130.012\IDSVia64.sys [488568 2011-11-23] (Symantec Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-21] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.004\ENG64.SYS [117880 2012-02-17] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120217.004\EX64.SYS [2048632 2012-02-17] (Symantec Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2014-04-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation)
R3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [35344 2014-08-21] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 iPodDrv; \??\C:\Windows\system32\drivers\iPodDrv.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-21 09:48 - 2014-08-21 09:48 - 00096784 _____ (CACE Technologies) C:\Windows\SysWOW64\WPRO_41_2001woem.tmp
2014-08-20 14:48 - 2014-08-20 14:48 - 00001139 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-20 14:47 - 2014-08-20 14:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mehtab\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-20 09:27 - 2014-08-20 09:27 - 00000004 _____ () C:\Users\Mehtab\AppData\Roaming\appdataFr2.bin
2014-08-20 08:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-20 08:17 - 2014-08-20 08:20 - 00000000 ____D () C:\AdwCleaner
2014-08-20 08:17 - 2014-08-20 08:17 - 01361671 _____ () C:\Users\Mehtab\Desktop\adwcleaner_3.307.exe
2014-08-19 09:41 - 2014-08-19 09:42 - 00076657 _____ () C:\Users\Mehtab\Desktop\Addition.txt
2014-08-19 09:38 - 2014-08-21 14:54 - 00037411 _____ () C:\Users\Mehtab\Desktop\FRST.txt
2014-08-19 09:38 - 2014-08-21 14:54 - 00000000 ____D () C:\FRST
2014-08-19 09:37 - 2014-08-19 09:37 - 02101760 _____ (Farbar) C:\Users\Mehtab\Desktop\FRST64.exe
2014-08-17 19:35 - 2014-08-19 17:00 - 00033263 _____ () C:\Users\Mehtab\Documents\parking tickets.xlsx
2014-08-14 14:05 - 2014-08-14 14:06 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\PAYDAY 2
2014-08-14 14:00 - 2014-08-14 14:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-14 14:00 - 2014-08-14 14:00 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-07 15:25 - 2014-08-07 15:25 - 00000000 ____D () C:\ProgramData\Extreme Blocker
2014-08-07 07:04 - 2014-08-21 09:46 - 00034684 _____ () C:\Windows\PFRO.log
2014-08-06 11:10 - 2014-08-06 15:07 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\RIFT
2014-08-06 11:10 - 2014-08-06 11:10 - 00000000 ____D () C:\Users\Mehtab\Documents\RIFT
2014-08-02 20:45 - 2014-08-02 20:45 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\Oracle
2014-08-02 20:44 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-02 20:44 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-02 20:44 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-02 20:44 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-02 20:43 - 2014-08-02 20:44 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-02 20:40 - 2014-08-02 20:40 - 00918952 _____ (Oracle Corporation) C:\Users\Mehtab\Desktop\chromeinstall-7u65.exe
2014-07-30 08:11 - 2014-08-21 09:48 - 00035344 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-07-22 22:15 - 2014-07-22 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-22 22:15 - 2014-07-22 22:15 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-21 14:56 - 2014-08-19 09:38 - 00037411 _____ () C:\Users\Mehtab\Desktop\FRST.txt
2014-08-21 14:56 - 2011-05-25 14:56 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\Skype
2014-08-21 14:54 - 2014-08-19 09:38 - 00000000 ____D () C:\FRST
2014-08-21 14:52 - 2013-07-08 15:42 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\PMB Files
2014-08-21 14:52 - 2013-07-08 15:42 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-21 14:49 - 2012-12-26 12:44 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001UA.job
2014-08-21 14:48 - 2011-03-15 17:36 - 00000000 ____D () C:\ProgramData\Temp
2014-08-21 14:36 - 2012-10-21 11:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-21 14:22 - 2011-07-31 13:17 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-21 14:03 - 2011-08-09 09:45 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001UA.job
2014-08-21 13:22 - 2011-07-31 13:17 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-21 13:03 - 2011-08-09 09:45 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001Core.job
2014-08-21 11:49 - 2012-12-26 12:44 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001Core.job
2014-08-21 11:00 - 2011-05-21 11:27 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\CrashDumps
2014-08-21 10:53 - 2011-11-21 16:30 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-21 10:44 - 2013-02-09 14:16 - 00204434 _____ () C:\Users\Mehtab\ovpntray.log
2014-08-21 10:24 - 2014-04-29 13:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 09:55 - 2009-07-14 00:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-21 09:55 - 2009-07-14 00:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-21 09:54 - 2011-05-27 15:01 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\LogMeIn Hamachi
2014-08-21 09:54 - 2011-05-15 16:03 - 00000000 ____D () C:\Users\Mehtab
2014-08-21 09:48 - 2014-08-21 09:48 - 00096784 _____ (CACE Technologies) C:\Windows\SysWOW64\WPRO_41_2001woem.tmp
2014-08-21 09:48 - 2014-07-30 08:11 - 00035344 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-08-21 09:47 - 2014-02-08 10:06 - 00000000 ____D () C:\Program Files (x86)\PRTG Network Monitor
2014-08-21 09:46 - 2014-08-07 07:04 - 00034684 _____ () C:\Windows\PFRO.log
2014-08-21 09:46 - 2014-07-03 17:44 - 00015392 _____ () C:\Windows\setupact.log
2014-08-21 09:46 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-21 09:44 - 2011-03-15 17:29 - 01167661 _____ () C:\Windows\WindowsUpdate.log
2014-08-21 09:43 - 2013-02-25 16:53 - 00000000 ____D () C:\Users\Mehtab\Desktop\Crack
2014-08-21 09:40 - 2012-03-07 21:26 - 00465920 ___SH () C:\Users\Mehtab\Documents\Thumbs.db
2014-08-21 08:26 - 2009-07-14 01:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-08-20 19:52 - 2012-07-29 20:44 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\.minecraft
2014-08-20 14:48 - 2014-08-20 14:48 - 00001139 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-20 14:48 - 2014-04-29 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 14:48 - 2014-04-29 13:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 14:47 - 2014-08-20 14:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mehtab\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-20 09:36 - 2013-08-16 15:53 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMehtab
2014-08-20 09:36 - 2013-08-16 15:53 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForMehtab.job
2014-08-20 09:27 - 2014-08-20 09:27 - 00000004 _____ () C:\Users\Mehtab\AppData\Roaming\appdataFr2.bin
2014-08-20 08:20 - 2014-08-20 08:17 - 00000000 ____D () C:\AdwCleaner
2014-08-20 08:17 - 2014-08-20 08:17 - 01361671 _____ () C:\Users\Mehtab\Desktop\adwcleaner_3.307.exe
2014-08-20 08:17 - 2013-07-08 16:00 - 00000000 ____D () C:\Users\Mehtab\Desktop\Sumotori Dreams
2014-08-19 18:23 - 2012-08-30 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-19 17:00 - 2014-08-17 19:35 - 00033263 _____ () C:\Users\Mehtab\Documents\parking tickets.xlsx
2014-08-19 13:25 - 2013-04-19 20:44 - 00002220 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-19 13:17 - 2011-07-31 13:17 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-19 13:17 - 2011-07-31 13:17 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-19 13:14 - 2011-05-23 09:47 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\Mozilla
2014-08-19 12:58 - 2011-08-09 09:45 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001UA
2014-08-19 12:58 - 2011-08-09 09:45 - 00003488 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2600669835-3048882585-950309111-1001Core
2014-08-19 09:42 - 2014-08-19 09:41 - 00076657 _____ () C:\Users\Mehtab\Desktop\Addition.txt
2014-08-19 09:37 - 2014-08-19 09:37 - 02101760 _____ (Farbar) C:\Users\Mehtab\Desktop\FRST64.exe
2014-08-14 14:06 - 2014-08-14 14:05 - 00000000 ____D () C:\Users\Mehtab\AppData\Local\PAYDAY 2
2014-08-14 14:00 - 2014-08-14 14:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-14 14:00 - 2014-08-14 14:00 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-14 13:42 - 2011-06-15 15:00 - 00003220 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMEHTAB-HP$
2014-08-14 13:42 - 2011-06-15 15:00 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForMEHTAB-HP$.job
2014-08-07 15:25 - 2014-08-07 15:25 - 00000000 ____D () C:\ProgramData\Extreme Blocker
2014-08-06 15:07 - 2014-08-06 11:10 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\RIFT
2014-08-06 11:10 - 2014-08-06 11:10 - 00000000 ____D () C:\Users\Mehtab\Documents\RIFT
2014-08-02 20:45 - 2014-08-02 20:45 - 00000000 ____D () C:\Users\Mehtab\AppData\Roaming\Oracle
2014-08-02 20:44 - 2014-08-02 20:43 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-02 20:44 - 2014-04-09 11:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-02 20:44 - 2011-05-15 19:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-02 20:40 - 2014-08-02 20:40 - 00918952 _____ (Oracle Corporation) C:\Users\Mehtab\Desktop\chromeinstall-7u65.exe
2014-07-22 22:15 - 2014-07-22 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-22 22:15 - 2014-07-22 22:15 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-22 22:15 - 2013-05-22 16:29 - 00000963 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-17 00:43
 
==================== End Of Log ============================

  • 0

#14
Essexboy
Posted 21 August 2014 - 01:10 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I cannot see the extension that is causing the problem so it is probably hidden

The way around this is to reset Chrome and then only enable the extensions you need

Details here https://support.goog...296214?hl=en-GB
  • 0

#15
altwiz
Posted 21 August 2014 - 01:58 PM

altwiz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

That seems to have done the trick! Thanks so much for all your help, I guess with this method I can also find which extension is causing the problem, if any get reenabled in the future. Thanks once again!


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: adware, chrome, browser, removal

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP