can't access internet after remove ytalsp.dll

karyang97 · December 23, 2014

Please!help...I can't access internet after remove ytalsp.dll

karyang97 · December 23, 2014

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2014 01

Ran by Joey at 2014-12-23 21:28:16

Running from C:\Users\Joey\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)

Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.5 (HKLM-x32\...\{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}) (Version: 11.5.8.612 - Adobe Systems, Inc)

Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)

Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden

Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{AB71D51A-DD83-4C22-98E2-DF8CB803F65D}) (Version: 1.14.17.06729 - Alcor Micro Corp.)

Alcor Micro USB Card Reader (x32 Version: 1.14.17.06729 - Alcor Micro Corp.) Hidden

Any Audio Converter 3.3.1 (HKLM-x32\...\Any Audio Converter_is1) (Version: - Any-Audio-Converter.com)

Any Video Converter 3.5.8 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)

Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{75104836-CAC7-444E-A39E-3F54151942F5}) (Version: 4.0.0.97 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ATI Catalyst Install Manager (HKLM\...\{3497481A-4317-34E7-A3C7-682D6B04730F}) (Version: 3.0.790.0 - ATI Technologies, Inc.)

AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)

AVG 2015 (Version: 15.0.4257 - AVG Technologies) Hidden

AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.0.2282.0 - Microsoft Corporation)

Bing Bar Platform (x32 Version: 6.0.2282.0 - Microsoft Corporation) Hidden

BioExcess (Version: 7.0.34.0 - Egis Technology Inc.) Hidden

Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden

Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)

Brother MFL-Pro Suite DCP-J125 (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.)

Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden

ccc-core-static (x32 Version: 2010.0909.1412.23625 - ATI) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3320 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

Dota 2 (HKLM-x32\...\Steam App 570) (Version: - )

DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)

DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden

Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)

ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)

Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)

Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden

FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden

Fences Pro (HKLM-x32\...\Fences Pro) (Version: 1.0.1.312.19219 - Stardock Corporation)

Fences Pro (Version: 1.0.1.312 - Stardock Corporation) Hidden

Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden

Google Chrome (HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Chrome (HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Chrome (HKU\S-1-5-21-293088945-2885159693-2904122782-1016-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Google Chrome) (Version: 32.0.1700.107 - Google Inc.)

Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden

HP 3D DriveGuard (HKLM\...\{C84FFB07-C687-45CF-91C8-868DB8D8C8CD}) (Version: 4.0.10.1 - Hewlett-Packard Company)

HP CloudDrive (HKLM-x32\...\ZumoDrive) (Version: - Zecter Inc.)

HP Documentation (HKLM-x32\...\{264779DD-BD81-4B42-968F-71DBF32EEBD1}) (Version: 1.1.2.0 - Hewlett-Packard)

HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)

HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)

HP MediaSmart Movies and TV (HKLM\...\{09BDCC02-80F2-4EFB-8F1B-A807D2C38E31}) (Version: 1.0.1.2 - Hewlett-Packard)

HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4604 - Hewlett-Packard)

HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)

HP MediaSmart SmartMenu (HKLM\...\{BE6725F2-6D15-477C-86C6-4522B8569D62}) (Version: 3.1.2.2 - Hewlett-Packard)

HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)

HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.3303 - Hewlett-Packard)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.4042 - HP Photo Creations Powered by RocketLife)

HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)

HP Quick Launch (HKLM-x32\...\{BB1C717E-376C-4AA1-8940-81BFC38D9778}) (Version: 2.4.4 - Hewlett-Packard Company)

HP QuickWeb Installer (HKLM-x32\...\{394FA67A-FF0A-4356-BB77-D85E5A300BDE}) (Version: 1.4.6.0 - DeviceVM Inc.)

HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)

HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)

HP SimplePass Identity Protection (HKLM-x32\...\InstallShield_{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}) (Version: 7.0.34.0 - Egis Technology Inc.)

HP Software Framework (HKLM-x32\...\{6C302296-6129-4125-9FD6-2188ECD8814E}) (Version: 4.1.6.1 - Hewlett-Packard Company)

HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)

HP Wireless Assistant (HKLM\...\{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}) (Version: 4.0.10.0 - Hewlett-Packard Company)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)

Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)

Intel® Wireless Display (HKLM\...\{929685C0-FC01-45E1-8B39-2948E8FF861E}) (Version: 1.2.21.0 - Intel Corporation)

Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)

JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3220 - CyberLink Corp.)

LabelPrint (x32 Version: 2.5.3220 - CyberLink Corp.) Hidden

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft Excel 2010 (HKLM-x32\...\Office14.EXCEL) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0016-0000-0000-0000000FF1CE}_Office14.EXCEL_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)

Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINT_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)

Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)

Microsoft PowerPoint 2010 (HKLM-x32\...\Office14.POWERPOINT) (Version: 14.0.6029.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Word 2010 (HKLM-x32\...\Office14.WORD) (Version: 14.0.6029.1000 - Microsoft Corporation)

Minecraft (HKLM-x32\...\{34D9106C-A947-47ED-B4AB-764736350769}) (Version: 1.6.1 - MINECRAFTinstall.net)

Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.04.03 - Huawei Technologies Co.,Ltd)

Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)

Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden

Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden

PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)

PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden

PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)

Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden

Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden

Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4419 - CyberLink Corp.)

Power2Go (x32 Version: 6.1.4419 - CyberLink Corp.) Hidden

PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3320 - CyberLink Corp.)

PowerDirector (x32 Version: 8.0.3320 - CyberLink Corp.) Hidden

PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.25.824.2010 - Realtek)

RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden

Recovery Manager (x32 Version: 5.5.3223 - CyberLink Corp.) Hidden

SoftStylus (HKLM-x32\...\{4D31A225-453B-4798-8452-9F2181CA6971}) (Version: 2.2.135.3 - Motorola)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)

Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden

Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.)

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

WEB Partner (HKLM-x32\...\WEB Partner) (Version: TOOL-ConnLaucher_WIN1.01.01.00 - Huawei Technologies Co.,Ltd)

Wik & The Fable of Souls (HKLM-x32\...\Wik & The Fable of Souls Retail_is1) (Version: - Reflexive Entertainment, Inc.)

WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.10.2 - WildTangent)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)

WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

WinZip 15.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C3}) (Version: 15.5.9579 - WinZip Computing, S.L. )

World Cup Cricket 20-20 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

谷歌拼音输入法 2.7 (HKLM\...\GooglePinyin2) (Version: - Google Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-293088945-2885159693-2904122782-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-293088945-2885159693-2904122782-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-293088945-2885159693-2904122782-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-293088945-2885159693-2904122782-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

16-12-2014 03:15:31 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16C90263-3704-466A-BA6C-5D143376A638} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns

Task: {18471A3D-FE39-4D60-AAB2-2C32AC6800AA} - System32\Tasks\HPCeeScheduleForJoey => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

Task: {18819452-CF7C-47A9-893E-EED1525F8A59} - System32\Tasks\RNUpgradeHelperResumePrompt_Joey => C:\Users\Joey\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-12-12] (RealNetworks, Inc.)

Task: {252B046A-E082-4958-8151-943194871159} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-293088945-2885159693-2904122782-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-11-08] (RealNetworks, Inc.)

Task: {26C80DB4-FCBA-427B-8FD6-BBA5C9580D17} - System32\Tasks\ReclaimerUpdateXML_Joey => C:\Users\Joey\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-12-12] (RealNetworks, Inc.)

Task: {2DFDCAED-CA09-4DCD-8098-B00F58BC9189} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)

Task: {2E690250-5861-4429-8727-9B9069B78933} - System32\Tasks\HPCeeScheduleForJOEY-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

Task: {3352E337-C6D5-4ECF-9C07-D7FBF75DB6B1} - System32\Tasks\{DFB9F452-0281-484E-AD6F-64ABF137A5F0} => pcalua.exe -a E:\PlatypusSetup.exe -d E:\

Task: {3974814F-9908-43E7-940F-65CF4122651F} - System32\Tasks\RealCreateProcessScheduledTask1332310S-1-5-21-293088945-2885159693-2904122782-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2011-11-30] (RealNetworks, Inc.)

Task: {39B6387D-B06D-46A7-AEBF-BEF40A9E2979} - System32\Tasks\RealCreateProcessScheduledTask165049S-1-5-21-293088945-2885159693-2904122782-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2011-11-30] (RealNetworks, Inc.)

Task: {3A4E84F0-7D1D-4AB6-9384-F3A760678877} - System32\Tasks\RealCreateProcessScheduledTask1058763S-1-5-21-293088945-2885159693-2904122782-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2011-11-30] (RealNetworks, Inc.)

Task: {3FFE8539-6E11-4536-A8AF-2C5578D48F6C} - System32\Tasks\{3A3A6A49-D4BD-45D2-8E32-394265FA642E} => pcalua.exe -a "C:\Users\Joey\Desktop\New folder (2)\ARM16x_M20x Vista PCL PS.exe" -d "C:\Users\Joey\Desktop\New folder (2)"

Task: {40DA5146-0490-47C0-8415-6057470159CD} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-293088945-2885159693-2904122782-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-11-08] (RealNetworks, Inc.)

Task: {47DE9406-7B71-4F52-A797-26E557E0919F} - System32\Tasks\{EFF157E9-7C5F-458D-BB6D-0336B7FC1F67} => pcalua.exe -a C:\Users\Joey\AppData\Local\Temp\install1\Setup.EXE -d C:\Users\Joey\AppData\Local\Temp\install1

Task: {495BD330-95E7-4A2B-A768-049C0BA3E5C1} - System32\Tasks\{C58E3BE1-5971-4F04-8D0B-6F5B61632C1F} => pcalua.exe -a C:\Users\Joey\Desktop\cod\Setup.EXE -d C:\Users\Joey\Desktop\cod

Task: {4D01C5DD-92DE-47CD-8143-780910DE06B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)

Task: {5048E93D-FEEF-4AE1-B3F4-563520ECC12B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1000Core => C:\Users\Joey\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-16] (Facebook Inc.)

Task: {51B031DF-3098-487B-B7E4-9776B2168088} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: {53EABDA8-7B2E-4344-9E63-B19FC54C51D8} - System32\Tasks\HPCeeScheduleForhun => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

Task: {56F0242B-A185-47B3-9D72-81A65570FF1E} - System32\Tasks\YTAUpdate => C:\PROGRA~2\YOUTUB~1\Updater.exe <==== ATTENTION

Task: {6586EC29-7090-44CB-8A9E-CAF8D0EF0E33} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe

Task: {66CCD87F-5FC5-4D36-8339-A048374EB03D} - System32\Tasks\RNUpgradeHelperLogonPrompt_Joey => C:\Users\Joey\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-12-12] (RealNetworks, Inc.)

Task: {7356792C-6A2A-498F-9B70-6FFA1519B2C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: {759029FB-39AD-4ADC-89C3-599721F4808C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {7CF82DB3-B4AE-48DF-BF61-58AE63613F08} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1000UA => C:\Users\Joey\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-16] (Facebook Inc.)

Task: {7EA292D9-803B-4132-9833-1D49B471CAA1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1000Core => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {842D15CA-0F67-4228-9C65-7159953CBA29} - System32\Tasks\RealCreateProcessScheduledTask242909S-1-5-21-293088945-2885159693-2904122782-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2011-11-30] (RealNetworks, Inc.)

Task: {8FB70992-E305-46FB-B5C0-D7A46DA8F346} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-293088945-2885159693-2904122782-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-11-08] (RealNetworks, Inc.)

Task: {A295B2F1-B1C9-4340-ADCD-4D351C2B00B2} - System32\Tasks\SPBIW_UpdateTask_Time_343137353431363234362d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION

Task: {AB106A87-C49A-4D0F-B056-D5469E356190} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-293088945-2885159693-2904122782-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-11-08] (RealNetworks, Inc.)

Task: {AD8FA0EE-B67E-44E7-B76A-FAE646571540} - System32\Tasks\YTAHelper => C:\Program Files (x86)\YTAHelper\YTAHelper.exe <==== ATTENTION

Task: {B16445F1-688C-422C-902B-E0097B8D211A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-293088945-2885159693-2904122782-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-11-08] (RealNetworks, Inc.)

Task: {B9D806B7-5E5A-4BC4-B780-EB9441738D47} - System32\Tasks\RealCreateProcessScheduledTask23792757S-1-5-21-293088945-2885159693-2904122782-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2011-11-30] (RealNetworks, Inc.)

Task: {BE91EDFB-9479-418E-BCC0-19863400A20B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1016Core => C:\Users\yang.Joey-HP\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-05] (Google Inc.)

Task: {C20922A8-5084-40D2-9C2E-9BA010168820} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {C652FA07-2C60-4B1E-AA69-5CDD35113BBE} - System32\Tasks\ReclaimerUpdateFiles_Joey => C:\Users\Joey\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-12-12] (RealNetworks, Inc.)

Task: {C826551A-0583-4237-894F-A6F348DE37AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)

Task: {C8C3E2F5-9ED7-45BC-87EE-15689C71EB96} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-27] ()

Task: {CD89DDAC-1C72-4C69-955C-F3B9A7691BFE} - System32\Tasks\Google Pinyin Daemon => C:\Program Files (x86)\Google\Google Pinyin 2\GooglePinyinDaemon.exe [2011-12-03] (Google Inc.)

Task: {D2F0D1EA-7509-4B21-B8D6-B4D1465CA74D} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-293088945-2885159693-2904122782-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-11-08] (RealNetworks, Inc.)

Task: {D99D465C-7650-4F34-B195-A69BE519A0A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14] (Adobe Systems Incorporated)

Task: {E5D2EF41-F97B-4E61-AED9-677F2EFEA9B4} - System32\Tasks\RealCreateProcessScheduledTask12231383S-1-5-21-293088945-2885159693-2904122782-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2011-11-30] (RealNetworks, Inc.)

Task: {E9589DD5-DF9F-4B26-873C-5CF19FCEBD54} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1016UA => C:\Users\yang.Joey-HP\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-05] (Google Inc.)

Task: {EF940130-36EE-4BBE-A70C-D9D95C737830} - System32\Tasks\YTAUpdate_logon => C:\PROGRA~2\YOUTUB~1\Updater.exe <==== ATTENTION

Task: {F211431A-A2D5-4CE2-B67C-48CDC7395B23} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-09-04] (CyberLink)

Task: {F586553D-39A3-491B-916D-EC94597E0AB6} - System32\Tasks\RealCreateProcessScheduledTask12785966S-1-5-21-293088945-2885159693-2904122782-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2011-11-30] (RealNetworks, Inc.)

Task: {F6CD159C-B7F7-4C07-9157-ABF92ABCC74A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1000UA => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1000Core.job => C:\Users\Joey\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1000UA.job => C:\Users\Joey\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1000Core.job => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1000UA.job => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1016Core.job => C:\Users\yang.Joey-HP\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1016UA.job => C:\Users\yang.Joey-HP\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HPCeeScheduleForhun.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\Windows\Tasks\HPCeeScheduleForJOEY-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\Windows\Tasks\HPCeeScheduleForJoey.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\Windows\Tasks\ParetoLogic Registration.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll

Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Joey.job => C:\Users\Joey\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe

Task: C:\Windows\Tasks\ReclaimerUpdateXML_Joey.job => C:\Users\Joey\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe

Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Joey.job => C:\Users\Joey\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe

==================== Loaded Modules (whitelisted) =============

2010-03-06 00:21 - 2010-03-06 00:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll

2010-03-06 00:21 - 2010-03-06 00:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2010-07-30 10:39 - 2010-07-30 10:39 - 00173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll

2011-12-03 00:27 - 2011-12-03 00:27 - 00845880 _____ () C:\Program Files (x86)\Google\Google Pinyin 2\GooglePinyinService.exe

2010-09-01 08:16 - 2010-09-01 08:16 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

2010-09-10 06:50 - 2010-09-10 06:50 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2010-09-10 05:11 - 2010-09-10 05:11 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2010-07-22 05:33 - 2010-07-22 05:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll

2010-07-22 05:33 - 2010-07-22 05:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll

2010-07-22 05:33 - 2010-07-22 05:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll

2014-12-23 20:19 - 2014-12-23 20:19 - 00199168 ____N () C:\Users\Joey\AppData\Local\Temp\WindowsAPI.dll246611331202724183.lib

2014-12-23 20:19 - 2014-12-23 20:19 - 00379904 _____ () C:\Users\Joey\AppData\Local\Temp\libsqlitejdbc-3814799667306249597.lib

2011-11-06 01:03 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

2012-06-02 23:18 - 2012-06-02 23:18 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9ce0ce721b9dc3a97121b44f72d9d087\IsdiInterop.ni.dll

2011-04-28 05:38 - 2010-04-28 08:05 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879

AlternateDataStreams: C:\ProgramData\Temp:661DFA1C

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

========================= Accounts: ==========================

Administrator (S-1-5-21-293088945-2885159693-2904122782-500 - Administrator - Disabled)

Guest (S-1-5-21-293088945-2885159693-2904122782-501 - Limited - Disabled)

hun (S-1-5-21-293088945-2885159693-2904122782-1001 - Limited - Enabled) => C:\Users\hun

Joey (S-1-5-21-293088945-2885159693-2904122782-1000 - Administrator - Enabled) => C:\Users\Joey

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device

Description: Bluetooth Peripheral Device

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:

==================

Error: (12/23/2014 09:10:14 PM) (Source: Google Update) (EventID: 20) (User: Joey-HP)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=auto, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=auto, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned

Error: (12/21/2014 11:48:53 PM) (Source: ATIeRecord) (EventID: 16398) (User: )

Description: ATI EEU failed to post message to CCC

Error: (12/18/2014 04:44:05 PM) (Source: Google Update) (EventID: 20) (User: Joey-HP)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80

Error: (12/12/2014 02:02:52 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d1c

Start Time: 01d015c3faa93903

Termination Time: 1669

Application Path: C:\Windows\Explorer.EXE

Report Id: 7c480ce2-81c4-11e4-9892-cc52af093204

Error: (12/12/2014 00:27:56 PM) (Source: Google Update) (EventID: 20) (User: Joey-HP)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80

Error: (12/09/2014 01:46:54 PM) (Source: Google Update) (EventID: 20) (User: Joey-HP)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80

Error: (12/07/2014 09:44:00 PM) (Source: Google Update) (EventID: 20) (User: Joey-HP)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80

Error: (12/07/2014 09:32:51 PM) (Source: Google Update) (EventID: 20) (User: Joey-HP)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80

Error: (12/06/2014 00:22:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 6740

Error: (12/06/2014 00:22:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 6740

System errors:

=============

Error: (12/23/2014 08:21:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Google Update Service (gupdate) service failed to start due to the following error:

%%2

Error: (12/23/2014 08:19:46 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (12/23/2014 08:19:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The YouTubeAcceleratorService service failed to start due to the following error:

%%2

Error: (12/23/2014 08:19:31 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 8:17:23 PM on ‎23/‎12/‎2014 was unexpected.

Error: (12/23/2014 08:10:02 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (12/23/2014 08:06:12 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (12/23/2014 08:04:43 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (12/23/2014 08:02:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Google Update Service (gupdate) service failed to start due to the following error:

%%2

Error: (12/23/2014 08:00:02 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (12/23/2014 08:00:00 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Microsoft Office Sessions:

=========================

Error: (12/23/2014 09:10:14 PM) (Source: Google Update) (EventID: 20) (User: Joey-HP)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=auto, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=auto, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned

Error: (12/21/2014 11:48:53 PM) (Source: ATIeRecord) (EventID: 16398) (User: )

Description:

Error: (12/18/2014 04:44:05 PM) (Source: Google Update) (EventID: 20) (User: Joey-HP)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80

Error: (12/12/2014 02:02:52 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Explorer.EXE6.1.7601.17567d1c01d015c3faa939031669C:\Windows\Explorer.EXE7c480ce2-81c4-11e4-9892-cc52af093204

Error: (12/12/2014 00:27:56 PM) (Source: Google Update) (EventID: 20) (User: Joey-HP)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80

Error: (12/09/2014 01:46:54 PM) (Source: Google Update) (EventID: 20) (User: Joey-HP)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80

Error: (12/07/2014 09:44:00 PM) (Source: Google Update) (EventID: 20) (User: Joey-HP)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80

Error: (12/07/2014 09:32:51 PM) (Source: Google Update) (EventID: 20) (User: Joey-HP)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80

Error: (12/06/2014 00:22:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 6740

Error: (12/06/2014 00:22:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 6740

==================== Memory info ===========================

Processor: Intel® Core i5 CPU M 560 @ 2.67GHz

Percentage of memory in use: 55%

Total physical RAM: 3893.86 MB

Available physical RAM: 1718.01 MB

Total Pagefile: 7785.91 MB

Available Pagefile: 5196.11 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:564.07 GB) (Free:471.49 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive d: (RECOVERY) (Fixed) (Total:31.81 GB) (Free:4.68 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive h: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 596.2 GB) (Disk ID: 36AB6E19)

Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=564.1 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=31.8 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

karyang97 · December 23, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2014 01

Ran by Joey (administrator) on JOEY-HP on 23-12-2014 21:27:21

Running from C:\Users\Joey\Desktop

Loaded Profiles: Joey & (Available profiles: Joey & hun)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 9

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe

(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Egis Technology Inc. ) C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(DeviceVM, Inc.) C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

() C:\Program Files (x86)\Google\Google Pinyin 2\GooglePinyinService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

(Microsoft Corporation) C:\Windows\System32\alg.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

(Zecter Inc.) C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\zumodrive.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

(Egis Technology Inc. ) C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2010-09-14] (Synaptics Incorporated)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-09-08] (Alcor Micro Corp.)

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [489472 2010-09-28] (IDT, Inc.)

HKLM\...\Run: [intelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-06] (Intel® Corporation)

HKLM\...\Run: [smartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-01] ()

HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-22] (Hewlett-Packard Company)

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-10] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-28] (Intel Corporation)

HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)

HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)

HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)

HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe [380272 2010-06-14] (Egis Technology Inc. )

HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-11] (Microsoft Corporation)

HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)

HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2011-11-30] (RealNetworks, Inc.)

HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)

HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-02] (Hewlett-Packard)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\Run: [ZumoDrive] => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2040 2011-09-17] ()

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\Run: [Google Update] => "C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe" /c

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\Run: [Raouol] => F:\RECYCLER\0xFFD12566.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\Run: [Windows Media service] => C:\Users\Joey\AppData\Local\wmps.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\Run: [Facebook Update] => C:\Users\Joey\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-08-16] (Facebook Inc.)

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: F - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {0280647e-eea8-11e0-81cb-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {0913a409-1b81-11e3-8bb4-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {0913a40d-1b81-11e3-8bb4-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {0b33a4a0-c75b-11e0-b2fa-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {17ba4c41-f4c3-11e0-bd9d-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {17ba4c49-f4c3-11e0-bd9d-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {18b71eb9-9b5e-11e0-8124-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {22b778ab-bdbe-11e0-a746-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {2558ee16-14d5-11e1-bc83-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {2558ee19-14d5-11e1-bc83-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {2558ee5a-14d5-11e1-bc83-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {2558ee5c-14d5-11e1-bc83-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {2ee2cc6e-b081-11e0-9bce-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {2ee2ccd1-b081-11e0-9bce-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {3294b785-d8a5-11e1-b295-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {3294b788-d8a5-11e1-b295-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {377ad943-b068-11e0-81a1-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {3a1562ed-9eee-11e0-80be-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {3a169ed1-1530-11e1-82b2-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {3a6098d3-369d-11e1-9341-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {3ccc0628-ae64-11e1-9b32-806e6f6e6963} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {3e6e5d53-be56-11e0-a8a7-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {5a83118d-fe3e-11e1-9fb0-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {5a831191-fe3e-11e1-9fb0-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {5a8311a3-fe3e-11e1-9fb0-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {5a8311af-fe3e-11e1-9fb0-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {5a8311b4-fe3e-11e1-9fb0-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {5e0469db-bd22-11e0-8f4a-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {5e0469e2-bd22-11e0-8f4a-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {5e0469e4-bd22-11e0-8f4a-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {615f1b47-ebaa-11e1-816f-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {63f5030d-eea9-11e0-80f4-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {6563b0d2-f5b6-11e0-a5e0-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {6805cdc8-e5f0-11e1-bd00-a2b9aa647892} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {6805cdcd-e5f0-11e1-bd00-a2b9aa647892} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {69b729d9-f00c-11e0-9c92-001e101f7f74} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {69b729dc-f00c-11e0-9c92-001e101f7f74} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {6e628c3b-2fcf-11e2-8343-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {6e628c3e-2fcf-11e2-8343-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {7cc14788-71e0-11e1-b480-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {811ae040-da04-11e1-839f-001e101f50a4} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {81a8b236-7756-11e0-8222-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {81a8b23f-7756-11e0-8222-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {850e48ec-b12f-11e0-b278-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {884528c5-2bef-11e2-82b7-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {884528c9-2bef-11e2-82b7-cc52af093204} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {88e905a2-accc-11e1-b896-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {88e905a6-accc-11e1-b896-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {8a32c5c5-8788-11e0-b249-001e101f63cf} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {923a9d47-0e44-11e2-8692-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {923a9d4b-0e44-11e2-8692-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {930f091e-d995-11e1-9884-001e101f2b52} - I:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {930f092a-d995-11e1-9884-001e101f2b52} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {930f092d-d995-11e1-9884-001e101f2b52} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {969c3deb-c739-11e0-a9b5-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {969c3df3-c739-11e0-a9b5-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {977a04eb-8c0b-11e0-9e2a-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {977a04f5-8c0b-11e0-9e2a-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {9c34b166-d966-11e1-8008-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {9c34b169-d966-11e1-8008-cc52af093204} - I:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {a05afaf7-15e0-11e1-b3a9-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {a692a489-eb64-11e0-a927-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {a692a4b1-eb64-11e0-a927-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {a692a4b4-eb64-11e0-a927-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {ac111e8a-6246-11e2-8392-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {ad012c4c-eb24-11e0-a499-cc52af093204} - I:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {ad012c4e-eb24-11e0-a499-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {ad012c5e-eb24-11e0-a499-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {b32f6bec-c68e-11e0-b2ef-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {b32f6bf5-c68e-11e0-b2ef-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {b40c545a-77a9-11e0-8d02-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {b55466d3-773e-11e0-9417-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {b879d2d9-a0ac-11e1-bd40-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {be25deef-87b8-11e0-a3d9-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {c697ea24-f34f-11e1-b28b-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {cbed15c9-7b51-11e2-8bdd-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {d10a7725-da34-11e1-ad52-001e101fe5e1} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {d10a7728-da34-11e1-ad52-001e101fe5e1} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {d10a775d-da34-11e1-ad52-001e101fe5e1} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {d6c709a1-f301-11e0-b64d-cc52af093204} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {d6c709b2-f301-11e0-b64d-cc52af093204} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {d6c70a15-f301-11e0-b64d-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {dbcbb018-3368-11e1-ada8-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {dbcbb01f-3368-11e1-ada8-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {dbcbb024-3368-11e1-ada8-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {e201246d-f19d-11e0-a267-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {e67c046a-c73b-11e0-afb6-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {e67c04c0-c73b-11e0-afb6-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {ebd238fd-b114-11e0-8d18-cc52af093204} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {ede3311c-7196-11e1-bd2a-cc52af093204} - F:\install.bat

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {f9889e6a-5e21-11e2-8fdc-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {f9889e7f-5e21-11e2-8fdc-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {f9889e84-5e21-11e2-8fdc-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {fcde6aec-86cc-11e0-9035-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\...\MountPoints2: {fcde6b04-86cc-11e0-9035-cc52af093204} - I:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ZumoDrive] => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2040 2011-09-17] ()

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => "C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe" /c

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Raouol] => F:\RECYCLER\0xFFD12566.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Windows Media service] => C:\Users\Joey\AppData\Local\wmps.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Facebook Update] => C:\Users\Joey\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-08-16] (Facebook Inc.)

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0280647e-eea8-11e0-81cb-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0913a409-1b81-11e3-8bb4-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0913a40d-1b81-11e3-8bb4-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0b33a4a0-c75b-11e0-b2fa-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {17ba4c41-f4c3-11e0-bd9d-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {17ba4c49-f4c3-11e0-bd9d-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {18b71eb9-9b5e-11e0-8124-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {22b778ab-bdbe-11e0-a746-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2558ee16-14d5-11e1-bc83-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2558ee19-14d5-11e1-bc83-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2558ee5a-14d5-11e1-bc83-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2558ee5c-14d5-11e1-bc83-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2ee2cc6e-b081-11e0-9bce-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2ee2ccd1-b081-11e0-9bce-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3294b785-d8a5-11e1-b295-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3294b788-d8a5-11e1-b295-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {377ad943-b068-11e0-81a1-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3a1562ed-9eee-11e0-80be-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3a169ed1-1530-11e1-82b2-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3a6098d3-369d-11e1-9341-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3ccc0628-ae64-11e1-9b32-806e6f6e6963} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3e6e5d53-be56-11e0-a8a7-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5a83118d-fe3e-11e1-9fb0-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5a831191-fe3e-11e1-9fb0-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5a8311a3-fe3e-11e1-9fb0-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5a8311af-fe3e-11e1-9fb0-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5a8311b4-fe3e-11e1-9fb0-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5e0469db-bd22-11e0-8f4a-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5e0469e2-bd22-11e0-8f4a-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5e0469e4-bd22-11e0-8f4a-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {615f1b47-ebaa-11e1-816f-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {63f5030d-eea9-11e0-80f4-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6563b0d2-f5b6-11e0-a5e0-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6805cdc8-e5f0-11e1-bd00-a2b9aa647892} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6805cdcd-e5f0-11e1-bd00-a2b9aa647892} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {69b729d9-f00c-11e0-9c92-001e101f7f74} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {69b729dc-f00c-11e0-9c92-001e101f7f74} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6e628c3b-2fcf-11e2-8343-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6e628c3e-2fcf-11e2-8343-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7cc14788-71e0-11e1-b480-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {811ae040-da04-11e1-839f-001e101f50a4} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {81a8b236-7756-11e0-8222-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {81a8b23f-7756-11e0-8222-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {850e48ec-b12f-11e0-b278-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {884528c5-2bef-11e2-82b7-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {884528c9-2bef-11e2-82b7-cc52af093204} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {88e905a2-accc-11e1-b896-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {88e905a6-accc-11e1-b896-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {8a32c5c5-8788-11e0-b249-001e101f63cf} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {923a9d47-0e44-11e2-8692-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {923a9d4b-0e44-11e2-8692-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {930f091e-d995-11e1-9884-001e101f2b52} - I:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {930f092a-d995-11e1-9884-001e101f2b52} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {930f092d-d995-11e1-9884-001e101f2b52} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {969c3deb-c739-11e0-a9b5-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {969c3df3-c739-11e0-a9b5-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {977a04eb-8c0b-11e0-9e2a-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {977a04f5-8c0b-11e0-9e2a-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9c34b166-d966-11e1-8008-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9c34b169-d966-11e1-8008-cc52af093204} - I:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {a05afaf7-15e0-11e1-b3a9-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {a692a489-eb64-11e0-a927-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {a692a4b1-eb64-11e0-a927-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {a692a4b4-eb64-11e0-a927-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ac111e8a-6246-11e2-8392-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ad012c4c-eb24-11e0-a499-cc52af093204} - I:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ad012c4e-eb24-11e0-a499-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ad012c5e-eb24-11e0-a499-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b32f6bec-c68e-11e0-b2ef-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b32f6bf5-c68e-11e0-b2ef-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b40c545a-77a9-11e0-8d02-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b55466d3-773e-11e0-9417-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b879d2d9-a0ac-11e1-bd40-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {be25deef-87b8-11e0-a3d9-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {c697ea24-f34f-11e1-b28b-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cbed15c9-7b51-11e2-8bdd-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {d10a7725-da34-11e1-ad52-001e101fe5e1} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {d10a7728-da34-11e1-ad52-001e101fe5e1} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {d10a775d-da34-11e1-ad52-001e101fe5e1} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {d6c709a1-f301-11e0-b64d-cc52af093204} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {d6c709b2-f301-11e0-b64d-cc52af093204} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {d6c70a15-f301-11e0-b64d-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {dbcbb018-3368-11e1-ada8-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {dbcbb01f-3368-11e1-ada8-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {dbcbb024-3368-11e1-ada8-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e201246d-f19d-11e0-a267-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e67c046a-c73b-11e0-afb6-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e67c04c0-c73b-11e0-afb6-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ebd238fd-b114-11e0-8d18-cc52af093204} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ede3311c-7196-11e1-bd2a-cc52af093204} - F:\install.bat

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f9889e6a-5e21-11e2-8fdc-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f9889e7f-5e21-11e2-8fdc-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f9889e84-5e21-11e2-8fdc-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {fcde6aec-86cc-11e0-9035-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {fcde6b04-86cc-11e0-9035-cc52af093204} - I:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ZumoDrive] => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2040 2011-09-17] ()

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [PPS Accelerator] => D:\PPS.tv\PPStream\ppsap.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Adobe Speed Launcher] => 1419272325

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {006c2c17-f241-11e0-b014-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {006c2c70-f241-11e0-b014-001e101fe70e} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0b33a4a0-c75b-11e0-b2fa-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0edacdd2-af06-11e0-a205-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {17ba4c49-f4c3-11e0-bd9d-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {18b71eb9-9b5e-11e0-8124-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2bc2d179-af05-11e0-8269-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2ee2ccd1-b081-11e0-9bce-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3a169ed1-1530-11e1-82b2-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3a6098d3-369d-11e1-9341-806e6f6e6963} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3ccc0628-ae64-11e1-9b32-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3e6e5d53-be56-11e0-a8a7-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5a8311b4-fe3e-11e1-9fb0-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5e0469db-bd22-11e0-8f4a-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5e0469e2-bd22-11e0-8f4a-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5e0469e4-bd22-11e0-8f4a-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {615f1b47-ebaa-11e1-816f-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {63f5030d-eea9-11e0-80f4-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6563b0d2-f5b6-11e0-a5e0-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6805cdcd-e5f0-11e1-bd00-a2b9aa647892} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6a0cc06b-af06-11e0-857e-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6a0cc074-af06-11e0-857e-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6e628c3e-2fcf-11e2-8343-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7cc14788-71e0-11e1-b480-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {811ae040-da04-11e1-839f-001e101f50a4} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {884528c9-2bef-11e2-82b7-cc52af093204} - G:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {88e905a6-accc-11e1-b896-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {8a32c5c5-8788-11e0-b249-001e101f63cf} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {923a9d4b-0e44-11e2-8692-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {930f091e-d995-11e1-9884-001e101f2b52} - I:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {930f092a-d995-11e1-9884-001e101f2b52} - I:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {930f092d-d995-11e1-9884-001e101f2b52} - I:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9c34b169-d966-11e1-8008-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {a05afaf7-15e0-11e1-b3a9-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ac111e8a-6246-11e2-8392-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b32f6bf5-c68e-11e0-b2ef-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b40c545a-77a9-11e0-8d02-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b55466d3-773e-11e0-9417-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b879d2d9-a0ac-11e1-bd40-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b9febf2d-87c2-11e0-8006-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b9febf30-87c2-11e0-8006-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {c697ea24-f34f-11e1-b28b-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cbed15c9-7b51-11e2-8bdd-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {dbcbb024-3368-11e1-ada8-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e201246d-f19d-11e0-a267-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e67c046a-c73b-11e0-afb6-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e67c04c0-c73b-11e0-afb6-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ebd238fd-b114-11e0-8d18-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f53c9f3f-5e7a-11e2-8f5e-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f9889e84-5e21-11e2-8fdc-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1016-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\yang.Joey-HP\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-05] (Google Inc.)

HKU\S-1-5-21-293088945-2885159693-2904122782-1016-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-293088945-2885159693-2904122782-1016-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-293088945-2885159693-2904122782-1016-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ac111e8a-6246-11e2-8392-806e6f6e6963} - F:\AutoRun.exe

HKU\S-1-5-21-293088945-2885159693-2904122782-1016-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f9889e84-5e21-11e2-8fdc-cc52af093204} - F:\AutoRun.exe

HKU\S-1-5-18\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-18\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

IFEO\bitguard.exe: [Debugger] tasklist.exe

IFEO\bprotect.exe: [Debugger] tasklist.exe

IFEO\bpsvc.exe: [Debugger] tasklist.exe

IFEO\browserdefender.exe: [Debugger] tasklist.exe

IFEO\browserprotect.exe: [Debugger] tasklist.exe

IFEO\browsersafeguard.exe: [Debugger] tasklist.exe

IFEO\dprotectsvc.exe: [Debugger] tasklist.exe

IFEO\jumpflip: [Debugger] tasklist.exe

IFEO\protectedsearch.exe: [Debugger] tasklist.exe

IFEO\searchinstaller.exe: [Debugger] tasklist.exe

IFEO\searchprotection.exe: [Debugger] tasklist.exe

IFEO\searchprotector.exe: [Debugger] tasklist.exe

IFEO\searchsettings.exe: [Debugger] tasklist.exe

IFEO\searchsettings64.exe: [Debugger] tasklist.exe

IFEO\snapdo.exe: [Debugger] tasklist.exe

IFEO\stinst32.exe: [Debugger] tasklist.exe

IFEO\stinst64.exe: [Debugger] tasklist.exe

IFEO\umbrella.exe: [Debugger] tasklist.exe

IFEO\utiljumpflip.exe: [Debugger] tasklist.exe

IFEO\volaro: [Debugger] tasklist.exe

IFEO\vonteera: [Debugger] tasklist.exe

IFEO\websteroids.exe: [Debugger] tasklist.exe

IFEO\websteroidsservice.exe: [Debugger] tasklist.exe

Lsa: [Notification Packages] EgisPwdFilter EgisDSPwdFilter

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk

ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

ShellIconOverlayIdentifiers: [00Zecter] -> {D25B32FE-CB96-491A-98FF-AD59DA382D69} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)

ShellIconOverlayIdentifiers: [01Zecter] -> {EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)

ShellIconOverlayIdentifiers: [02Zecter] -> {B3C78E40-6B64-47C3-AE34-60B770881EB8} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)

ShellIconOverlayIdentifiers: [03Zecter] -> {622AFE52-33F6-4D9F-9966-E0BC52D7D69D} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)

ShellIconOverlayIdentifiers: [04Zecter] -> {855156F0-2A0F-11DE-8C30-0800200C9A66} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

GroupPolicyUsers\S-1-5-21-293088945-2885159693-2904122782-1001\User: Group Policy restriction detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL/32

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL/32

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/32

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/32

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL/32

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/32

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.jp.msn.com/HPALL/32

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/webhp?client=aff-ime

HKU\S-1-5-21-293088945-2885159693-2904122782-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/32

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/webhp?client=aff-ime

HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/32

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL/32

HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/32

HKU\S-1-5-21-293088945-2885159693-2904122782-1016-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL/32

HKU\S-1-5-21-293088945-2885159693-2904122782-1016-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/32

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/4825-111085-10563-0/4?satitle={searchTerms}&mfe=Notebooks

SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/4825-111085-10563-0/4?satitle={searchTerms}&mfe=Notebooks

SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-293088945-2885159693-2904122782-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKU\S-1-5-21-293088945-2885159693-2904122782-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKU\S-1-5-21-293088945-2885159693-2904122782-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKU\S-1-5-21-293088945-2885159693-2904122782-1000 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/4825-111085-10563-0/4?satitle={searchTerms}&mfe=Notebooks

SearchScopes: HKU\S-1-5-21-293088945-2885159693-2904122782-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/4825-111085-10563-0/4?satitle={searchTerms}&mfe=Notebooks

SearchScopes: HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =

SearchScopes: HKU\S-1-5-21-293088945-2885159693-2904122782-1016-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =

BHO: EgisPBIE Class -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll (Egis Technology Inc.)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)

BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: EgisPBIE Class -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll (Egis Technology Inc.)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)

Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

Toolbar: HKU\S-1-5-21-293088945-2885159693-2904122782-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

Toolbar: HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

Toolbar: HKU\S-1-5-21-293088945-2885159693-2904122782-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

DPF: HKLM-x32 {2B6F3D45-8258-4A13-85B8-58C62DFDB4EA} https://secure1.playfps.com/play/ava/ax/WebLauncher.cab

Winsock: Catalog9 01 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()

Winsock: Catalog9 02 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()

Winsock: Catalog9 03 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()

Winsock: Catalog9 04 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()

Winsock: Catalog9 05 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()

Winsock: Catalog9 06 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()

Winsock: Catalog9 07 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()

Winsock: Catalog9 08 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()

Winsock: Catalog9 20 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

Tcpip\..\Interfaces\{D22506A4-3270-4A1B-8DA8-D7C4E3D67126}: [NameServer] 0.0.0.0

FireFox:

========

FF ProfilePath: C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\xikksx7w.default

FF SearchEngineOrder.1: default-search.net

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File

FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: @real.com/nppl3260;version=15.0.0.198 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprjplug;version=15.0.0.198 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpjplug;version=15.0.0.198 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-293088945-2885159693-2904122782-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Joey\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF Plugin HKU\S-1-5-21-293088945-2885159693-2904122782-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

FF Plugin HKU\S-1-5-21-293088945-2885159693-2904122782-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

FF Plugin HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Joey\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF Plugin HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

FF Plugin HKU\S-1-5-21-293088945-2885159693-2904122782-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

FF Plugin HKU\S-1-5-21-293088945-2885159693-2904122782-1016-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\yang.Joey-HP\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-293088945-2885159693-2904122782-1016-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\yang.Joey-HP\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF user.js: detected! => C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\xikksx7w.default\user.js

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml

FF Extension: CostMin - C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\xikksx7w.default\Extensions\p-qnax@abctmlkld.edu [2014-06-25]

FF Extension: Youtube Accelerator Helper - C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\xikksx7w.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-06-25]

FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt

FF Extension: SimplePass Online Accounts Extension - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt [2011-04-28]

FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension

FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-04-28]

FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-11-30]

FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox

FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2012-06-02]

Chrome:

=======

CHR dev: Chrome dev build detected! <======= ATTENTION

CHR Profile: C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-25]

CHR Extension: (YouTube) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-21]

CHR Extension: (Google Search) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-21]

CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-04-21]

CHR Extension: (CostMin) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgbkeanmjipiicabdjgbcgpoaeancif [2014-06-25]

CHR Extension: (Google Wallet) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]

CHR Extension: (Gmail) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-21]

CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-11-30]

CHR StartMenuInternet: Google Chrome - C:\Users\Joey\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]

R2 DvmMDES; C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe [338208 2010-09-29] (DeviceVM, Inc.)

R2 EgisTec Service; C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [697712 2010-06-14] (Egis Technology Inc. )

S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-08] (WildTangent)

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-06] ()

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)

S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5144608 2013-07-23] (INCA Internet Co., Ltd.)

S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]

S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)

R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2009-11-12] (DeviceVM, Inc.)

R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)

S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [119296 2008-01-22] (Huawei Technologies Co., Ltd.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-23] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)

S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2004-12-31] (INCA Internet Co., Ltd.) [File not signed]

S3 dump_wmimmc; \??\C:\Program Files (x86)\Asiasoft Online\SuddenAttackSEA\GameGuard\dump_wmimmc.sys [X]

S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]

S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Messenger\Room\safedrv.sys [X]

S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]

S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

S3 xspirit; \??\C:\Windows\xspirit.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 21:27 - 2014-12-23 21:27 - 00076459 _____ () C:\Users\Joey\Desktop\FRST.txt

2014-12-23 21:27 - 2014-12-23 21:27 - 00000000 ____D () C:\FRST

2014-12-23 21:26 - 2014-12-23 21:26 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-12-23 21:25 - 2014-12-23 21:26 - 02122240 _____ (Farbar) C:\Users\Joey\Desktop\FRST64.exe

2014-12-23 21:25 - 2014-12-23 21:25 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-12-23 21:25 - 2014-12-23 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-12-23 21:25 - 2014-12-23 21:25 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-12-23 21:25 - 2014-12-23 21:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-12-23 21:25 - 2014-12-23 21:22 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Joey\Desktop\mbam-setup-2.0.4.1028.exe

2014-12-23 21:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-12-23 21:25 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-12-23 21:25 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-12-23 21:21 - 2014-12-23 21:21 - 00000000 _____ () C:\Windows\setuperr.log

2014-12-23 21:21 - 2014-12-23 21:21 - 00000000 _____ () C:\Windows\setupact.log

2014-12-23 19:26 - 2014-12-23 19:26 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-12-23 19:26 - 2014-12-23 19:26 - 00001979 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-12-14 01:22 - 2014-12-14 01:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-12-13 03:11 - 2014-12-13 03:11 - 00000000 ____D () C:\Users\hun\AppData\Roaming\AVG2015

2014-12-13 03:11 - 2014-12-13 03:11 - 00000000 ____D () C:\Users\hun\AppData\Local\Avg2015

2014-12-12 22:34 - 2014-12-23 20:19 - 00000372 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Joey.job

2014-12-12 22:34 - 2014-12-23 18:38 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Joey.job

2014-12-12 22:34 - 2014-12-22 22:40 - 00002952 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Joey

2014-12-12 22:34 - 2014-12-22 22:40 - 00000362 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Joey.job

2014-12-12 22:34 - 2014-12-21 19:37 - 00002956 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Joey

2014-12-12 22:34 - 2014-12-12 22:34 - 00003606 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Joey

2014-12-12 22:34 - 2014-12-12 22:34 - 00002660 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Joey

2014-12-12 16:15 - 2014-12-19 22:15 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJoey

2014-12-12 16:15 - 2014-12-19 22:15 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForJoey.job

2014-12-12 15:23 - 2014-12-12 15:23 - 00000000 ____D () C:\Users\Joey\AppData\Local\{18E88071-8A96-4846-8ADC-7FF13DD0A35D}

2014-12-12 15:05 - 2014-12-12 15:05 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\AVG2015

2014-12-12 15:04 - 2014-12-12 15:04 - 00000925 _____ () C:\Users\Public\Desktop\AVG 2015.lnk

2014-12-12 15:04 - 2014-12-12 15:04 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\TuneUp Software

2014-12-12 15:04 - 2014-12-12 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-12-12 15:03 - 2014-12-12 15:05 - 00000000 ____D () C:\ProgramData\AVG2015

2014-12-12 15:03 - 2014-12-12 15:03 - 00000000 ___HD () C:\$AVG

2014-12-12 15:02 - 2014-12-12 15:02 - 00000000 ____D () C:\Program Files (x86)\AVG

2014-12-12 15:00 - 2014-12-12 15:01 - 36904648 _____ (Microsoft Corporation) C:\Users\Joey\Downloads\Windows-KB890830-x64-V5.19.exe

2014-12-12 14:57 - 2014-12-15 15:10 - 00000000 ____D () C:\Users\Joey\AppData\Local\Avg2015

2014-12-12 14:57 - 2014-12-12 14:57 - 04578040 _____ (AVG Technologies) C:\Users\Joey\Downloads\avg_free_stb_all_2015_5315_ppc12.exe

2014-12-12 14:09 - 2014-12-12 14:09 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 21:27 - 2009-07-14 12:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-12-23 21:27 - 2009-07-14 12:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-12-23 21:26 - 2009-07-14 13:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-12-23 21:12 - 2012-04-25 18:49 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-12-23 21:10 - 2014-08-16 00:05 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1000UA.job

2014-12-23 21:09 - 2012-06-17 19:44 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-12-23 21:03 - 2014-02-16 12:01 - 01724046 _____ () C:\Windows\WindowsUpdate.log

2014-12-23 21:02 - 2011-09-18 22:07 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\ZumoDrive

2014-12-23 21:00 - 2012-04-21 13:07 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1000UA.job

2014-12-23 20:50 - 2014-02-05 18:46 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1016UA.job

2014-12-23 20:26 - 2012-11-15 11:32 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-12-23 20:19 - 2012-09-03 16:21 - 00000436 _____ () C:\Windows\system32\Drivers\etc\hosts.ics

2014-12-23 20:19 - 2012-06-02 01:54 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job

2014-12-23 20:19 - 2012-04-25 18:49 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-12-23 20:19 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-12-23 20:05 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-12-23 19:26 - 2010-10-18 02:28 - 00000000 ____D () C:\ProgramData\Adobe

2014-12-23 19:26 - 2010-10-18 02:27 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-12-23 19:23 - 2011-07-30 23:36 - 00000000 ____D () C:\Users\Joey\Desktop\project

2014-12-23 18:51 - 2014-02-05 18:46 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1016Core.job

2014-12-23 18:39 - 2014-10-12 21:40 - 00003336 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-293088945-2885159693-2904122782-1000

2014-12-23 18:39 - 2014-10-12 11:13 - 00003200 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-293088945-2885159693-2904122782-1000

2014-12-23 16:00 - 2012-04-21 13:07 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1000Core.job

2014-12-23 12:36 - 2014-02-17 00:28 - 00000000 ____D () C:\ProgramData\MFAData

2014-12-23 03:52 - 2011-09-18 00:27 - 00000000 ____D () C:\Users\hun\AppData\Roaming\ZumoDrive

2014-12-23 02:18 - 2014-06-25 16:53 - 00000464 _____ () C:\Windows\Tasks\ParetoLogic Registration.job

2014-12-22 13:21 - 2011-07-27 02:41 - 00003334 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-293088945-2885159693-2904122782-1001

2014-12-22 13:21 - 2011-07-27 02:41 - 00003196 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-293088945-2885159693-2904122782-1001

2014-12-18 00:47 - 2011-06-30 00:38 - 00003170 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForhun

2014-12-18 00:47 - 2011-06-30 00:38 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForhun.job

2014-12-18 00:10 - 2014-08-16 00:05 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-293088945-2885159693-2904122782-1000Core.job

2014-12-15 13:51 - 2012-04-25 17:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-12-14 19:32 - 2014-10-06 19:37 - 00000000 ____D () C:\Users\Joey\AppData\Local\Adobe

2014-12-14 19:31 - 2012-06-17 19:44 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-12-14 19:31 - 2012-04-20 19:57 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-12-14 19:31 - 2011-05-14 23:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-12-12 15:55 - 2012-06-02 01:54 - 00000000 ____D () C:\Windows\AutoKMS

2014-12-12 15:29 - 2011-10-28 10:10 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-12-12 15:29 - 2011-05-20 19:23 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log

2014-12-12 15:23 - 2011-07-12 22:45 - 00000000 ____D () C:\Users\Joey\AppData\Local\Windows Live

2014-12-12 12:56 - 2011-05-29 18:53 - 00003216 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJOEY-HP$

2014-12-12 12:56 - 2011-05-29 18:53 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForJOEY-HP$.job

2014-12-12 12:28 - 2012-06-02 01:54 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS

2014-12-07 21:44 - 2011-05-06 20:45 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\Skype

2014-12-07 21:44 - 2011-05-06 20:45 - 00000000 ____D () C:\ProgramData\Skype

2014-12-05 19:49 - 2010-10-18 02:24 - 00000000 ____D () C:\ProgramData\Temp

2014-11-30 14:06 - 2012-08-25 01:41 - 00000000 ____D () C:\Users\hun\Documents\Bluetooth Exchange Folder

2014-11-27 16:40 - 2011-05-08 15:57 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-11-27 02:16 - 2014-11-05 00:47 - 00000000 ____D () C:\Users\hun\Downloads\fenix flashlight

Some content of TEMP:

====================

C:\Users\hun\AppData\Local\Temp\swt-gdip-win32-3448.dll

C:\Users\hun\AppData\Local\Temp\swt-win32-3448.dll

C:\Users\Joey\AppData\Local\Temp\swt-gdip-win32-3448.dll

C:\Users\Joey\AppData\Local\Temp\swt-win32-3448.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-16 01:45

==================== End Of Log ============================

MrCharlie · December 23, 2014

Welcome to the forum....your logs are all mixed up.

This might work to get you back online:

Resetting Network Adapter (Winsock Reset)

https://iihelp.iinet.net.au/Resetting_Network_Adapter_(Winsock_Reset)#toc_1

=================================

Please re-scan with FRST and Make sure the Addition Box is checked.

Post or attach the 2 logs FRST(64).txt and Addition.txt

MrC

karyang97 · December 23, 2014

Thank You So Much MrC,now im back online,did i still need to post the FRST and Addition Box?

MrCharlie · December 23, 2014

If you were having a problem with the system and need help cleaning up any malware.....I would post the logs, if not..you're good to go.

MrC

AdvancedSetup · December 29, 2014

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Sign In

can't access internet after remove ytalsp.dll

Recommended Posts

karyang97

Link to post

Share on other sites

karyang97

Link to post

Share on other sites

karyang97

Link to post

Share on other sites

MrCharlie

Link to post

Share on other sites

karyang97

Link to post

Share on other sites

MrCharlie

Link to post

Share on other sites

AdvancedSetup

Link to post

Share on other sites

Recently Browsing 0 members

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information