Jump to content

Recommended Posts

Had to download Farbar via safe mode with networking because computer so badly infected.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015
Ran by Carli (administrator) on ALICE on 11-01-2015 22:22:46
Running from C:\Users\Carli\Downloads
Loaded Profile: Carli (Available profiles: Carli & fbwuser & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\WINDOWS LIVE\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\WINDOWS LIVE\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2768594993-768962890-2991862374-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2768594993-768962890-2991862374-1000\...\Policies\Explorer: [NoDriveAutoRun] 0x00000000
HKU\S-1-5-21-2768594993-768962890-2991862374-1000\...\MountPoints2: G - G:\LG_PC_Programs.exe
HKU\S-1-5-21-2768594993-768962890-2991862374-1000\...\MountPoints2: {692b412c-b89f-11e3-b9ad-0026c7eb3726} - G:\LG_PC_Programs.exe
AppInit_DLLs: C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll => C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll File Not Found
AppInit_DLLs:  C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll => C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll File Not Found
AppInit_DLLs:  c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => c:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [4111176 2013-12-22] ()
ShellIconOverlayIdentifiers: [00Zecter] -> {D25B32FE-CB96-491A-98FF-AD59DA382D69} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)
ShellIconOverlayIdentifiers: [01Zecter] -> {EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)
ShellIconOverlayIdentifiers: [02Zecter] -> {B3C78E40-6B64-47C3-AE34-60B770881EB8} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)
ShellIconOverlayIdentifiers: [03Zecter] -> {622AFE52-33F6-4D9F-9966-E0BC52D7D69D} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)
ShellIconOverlayIdentifiers: [04Zecter] -> {855156F0-2A0F-11DE-8C30-0800200C9A66} => C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (Versionate Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13081
ProxyServer: [s-1-5-21-2768594993-768962890-2991862374-1000] => http=127.0.0.1:13081;https=127.0.0.1:49192
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=484&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = http://dts.search-results.com/sr?src=ieb&appid=100&systemid=102&sr=0&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=484&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Notebooks
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\S-1-5-21-2768594993-768962890-2991862374-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2768594993-768962890-2991862374-1000 -> {71DDD0FE-C071-497A-ADA3-9844A2842CC7} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2768594993-768962890-2991862374-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-2768594993-768962890-2991862374-1000 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL =
SearchScopes: HKU\S-1-5-21-2768594993-768962890-2991862374-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =
BHO: ddeal44mei -> {0272823c-8698-4638-bdbf-84ebfe3f13ef} -> C:\ProgramData\ddeal44mei\SFMUGtECfuTNni.x64.dll ()
BHO: tperfecTcoupon -> {254c6efe-9a8e-45e0-9800-fcfe514dc295} -> C:\ProgramData\tperfecTcoupon\Fwmsp2lCXrRRLZ.x64.dll ()
BHO: AOL Toolbar Loader -> {3ef64538-8b54-4573-b48f-4d34b0238ab2} -> C:\Program Files\AOL Toolbar\aoltb.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: ddeal44mei -> {0272823c-8698-4638-bdbf-84ebfe3f13ef} -> C:\ProgramData\ddeal44mei\SFMUGtECfuTNni.dll ()
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: tperfecTcoupon -> {254c6efe-9a8e-45e0-9800-fcfe514dc295} -> C:\ProgramData\tperfecTcoupon\Fwmsp2lCXrRRLZ.dll ()
BHO-x32: DocsuVoiEweeur -> {5A4B4067-4273-679F-C3B4-5E42257047E1} -> C:\ProgramData\DocsuVoiEweeur\WMDX.dll ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Facebackgrounds -> {B11CBDA9-6702-469E-9CE1-64E3971A6B44} -> C:\Users\Carli\AppData\Local\fb.dll (Facebackgrounds)
BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TravelGraspBHO Class -> {F1813754-5468-41D5-BB9F-A922BBB20399} -> C:\Users\Carli\AppData\Local\TravelGrasp.dll (TODO: <Company name>)
BHO-x32: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll No File
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2768594993-768962890-2991862374-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-2768594993-768962890-2991862374-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKU\S-1-5-21-2768594993-768962890-2991862374-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2768594993-768962890-2991862374-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-2768594993-768962890-2991862374-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\SecureAssist.dll [295080] ()
Winsock: Catalog9 02 C:\Windows\SysWOW64\SecureAssist.dll [295080] ()
Winsock: Catalog9 03 C:\Windows\SysWOW64\SecureAssist.dll [295080] ()
Winsock: Catalog9 04 C:\Windows\SysWOW64\SecureAssist.dll [295080] ()
Winsock: Catalog9 05 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9 06 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9 07 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9 08 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9 19 C:\Windows\SysWOW64\Sendori.dll [325920] (Sendori)
Winsock: Catalog9 20 C:\Windows\SysWOW64\SecureAssist.dll [295080] ()
Winsock: Catalog9-x64 01 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 02 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 03 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 04 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 15 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{137F634D-614F-4CBF-812F-3E549DE502BA}: [NameServer] 50.7.75.35,76.73.7.74
Tcpip\..\Interfaces\{89C37A1D-7088-4375-B250-60C7A39B0392}: [NameServer] 50.7.75.35,76.73.7.74
Tcpip\..\Interfaces\{9E5AFBDC-BE5E-4DA9-9E8C-F3B5231A1A56}: [NameServer] 50.7.75.35,76.73.7.74
Tcpip\..\Interfaces\{D8AA2A3F-0669-4FED-A66E-4EC8F7325344}: [NameServer] 50.7.75.35,76.73.7.74

FireFox:
========
FF ProfilePath: C:\Users\Carli\AppData\Roaming\Mozilla\Firefox\Profiles\6m2mr4ue.default
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2768594993-768962890-2991862374-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Carli\AppData\Roaming\Epic\Epic\Profiles\k2b9nm98.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
FF Plugin HKU\S-1-5-21-2768594993-768962890-2991862374-1000: @updates.epicbrowser.com/Epic Privacy Browser Update;version=3 -> C:\Users\Carli\AppData\Local\Epic Privacy Browser\Update\1.3.27.13\npEpicUpdate3.dll No File
FF Plugin HKU\S-1-5-21-2768594993-768962890-2991862374-1000: @updates.epicbrowser.com/Epic Privacy Browser Update;version=9 -> C:\Users\Carli\AppData\Local\Epic Privacy Browser\Update\1.3.27.13\npEpicUpdate3.dll No File
FF Plugin HKU\S-1-5-21-2768594993-768962890-2991862374-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: BEtTuerPRiCoeChec - C:\Users\Carli\AppData\Roaming\Mozilla\Firefox\Profiles\6m2mr4ue.default\Extensions\Avb@6EfX.com [2014-10-15]
FF Extension: PriinceCoUpon - C:\Users\Carli\AppData\Roaming\Mozilla\Firefox\Profiles\6m2mr4ue.default\Extensions\OS4krby@s.com [2014-10-15]
FF Extension: SalesMagnet - C:\Users\Carli\AppData\Roaming\Mozilla\Firefox\Profiles\6m2mr4ue.default\Extensions\ulsf6b4y6jkhq@wq-zgjbmmb.net [2014-08-19]
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2014-09-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-26]
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afurladvisor@anchorfree.com [2014-09-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-26]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-01-14]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox
FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2012-04-12]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com
FF HKU\S-1-5-21-2768594993-768962890-2991862374-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-2768594993-768962890-2991862374-1000\...\Firefox\Extensions: [{E3B6D8CA-A55F-F5A7-C709-EFC0F089112E}] - C:\Program Files (x86)\VeriBrowse-soft\161.xpi
FF Extension: VeriBrowse - C:\Program Files (x86)\VeriBrowse-soft\161.xpi [2014-05-09]

Chrome:
=======
CHR HKU\S-1-5-21-2768594993-768962890-2991862374-1000\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Carli\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [Not Found]
CHR HKU\S-1-5-21-2768594993-768962890-2991862374-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-04-15]
CHR HKLM-x32\...\Chrome\Extension: [llmdgeannnigncakceelbjdkonldjcif] - C:\Users\Carli\AppData\Local\HREF_FULLGRASP.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Carli\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2012-01-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 70e6ca8c; c:\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll [191640 2013-12-22] ()
S4 Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [805240 2013-02-08] () [File not signed]
S3 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S4 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [831272 2013-06-20] (AnchorFree Inc.)
S4 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-02-21] ()
S4 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [548136 2013-06-20] ()
S4 kxescore; c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe [123992 2013-02-14] (Kingsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-07-19] ()
S3 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2014-05-07] (sendori)
S4 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2014-05-07] (Sendori) <==== ATTENTION
S3 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [X] <==== ATTENTION
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R1 CbFs; C:\Windows\system32\drivers\cbfs64.sys [191960 2010-09-22] (EldoS Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-06-20] (AnchorFree Inc.)
R0 kavbootc; C:\Windows\System32\drivers\kavbootc64.sys [31848 2013-02-14] (Kingsoft Corporation)
R1 KDHacker; c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [164696 2013-02-14] (Kingsoft Corporation)
R2 kisknl; C:\Windows\system32\drivers\kisknl.sys [210296 2013-02-14] (Kingsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-20] (Anchorfree Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-13] (Microsoft Corporation)
S3 CpqDfw; system32\drivers\CpqDfw.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-11 22:10 - 2015-01-11 22:23 - 00024365 _____ () C:\Users\Carli\Downloads\FRST.txt
2015-01-11 22:10 - 2015-01-11 22:10 - 02124288 _____ (Farbar) C:\Users\Carli\Downloads\FRST64.exe
2015-01-11 21:52 - 2015-01-11 22:22 - 00000000 ____D () C:\FRST
2015-01-11 19:07 - 2015-01-11 22:19 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-11 19:07 - 2015-01-11 19:07 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-11 19:07 - 2015-01-11 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-11 19:07 - 2015-01-11 19:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-11 19:07 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-11 19:07 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-11 19:07 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-09 21:08 - 2015-01-09 21:09 - 00000000 ____D () C:\ProgramData\ddeal44mei
2015-01-09 21:08 - 2015-01-09 21:08 - 00000000 ____D () C:\ProgramData\tperfecTcoupon
2015-01-09 13:12 - 2015-01-11 21:50 - 00029890 _____ () C:\Windows\PFRO.log
2015-01-09 06:11 - 2015-01-09 06:11 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-01-09 06:05 - 2015-01-09 06:05 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-09 06:05 - 2015-01-09 06:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-09 06:04 - 2015-01-09 06:05 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-09 06:04 - 2015-01-09 06:05 - 00000000 ____D () C:\Program Files\iTunes
2015-01-09 06:04 - 2015-01-09 06:04 - 00000000 ____D () C:\Program Files\iPod
2015-01-09 06:00 - 2015-01-09 06:00 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForCarli
2015-01-09 05:58 - 2014-12-12 19:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-09 05:58 - 2014-12-12 17:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-08 13:53 - 2015-01-08 13:53 - 00000000 ____D () C:\Users\Carli\AppData\Local\Epic
2015-01-08 13:40 - 2015-01-08 13:40 - 00004310 _____ () C:\Windows\System32\Tasks\Driver Detective-RTMScan
2015-01-08 13:40 - 2015-01-08 13:40 - 00003778 _____ () C:\Windows\System32\Tasks\Driver Detective-RTMUpdater
2015-01-08 13:40 - 2015-01-08 13:40 - 00003766 _____ () C:\Windows\System32\Tasks\Driver Detective-RTMRules
2015-01-08 13:40 - 2015-01-08 13:40 - 00000000 ____D () C:\ProgramData\UAB
2015-01-08 13:40 - 2015-01-08 13:40 - 00000000 ____D () C:\ProgramData\PC Drivers HeadQuarters
2015-01-08 13:24 - 2015-01-08 13:37 - 00000000 ____D () C:\Users\Carli\AppData\Roaming\Vuze Leap
2015-01-08 13:07 - 2015-01-08 13:37 - 00000000 ____D () C:\ProgramData\SaveerPro
2015-01-08 13:07 - 2015-01-08 13:37 - 00000000 ____D () C:\ProgramData\AppptaoU
2015-01-04 20:29 - 2015-01-08 13:37 - 00000000 ____D () C:\Windows\pss
2015-01-04 19:44 - 2015-01-04 19:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-25 08:57 - 2014-12-25 08:57 - 00264668 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-12-19 18:26 - 2015-01-11 22:17 - 00004948 _____ () C:\Windows\setupact.log
2014-12-19 18:26 - 2014-12-19 18:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-19 15:54 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-12-19 15:52 - 2015-01-09 05:57 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-12-19 15:52 - 2014-12-19 15:52 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-12-19 14:35 - 2014-12-19 15:50 - 122418480 _____ (Apple Inc.) C:\Users\Carli\Downloads\iTunes64Setup.exe
2014-12-19 11:06 - 2014-12-19 11:06 - 00000000 __SHD () C:\Users\Carli\AppData\Local\EmieBrowserModeList
2014-12-19 09:10 - 2014-12-19 09:10 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-19 08:42 - 2014-10-17 16:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-19 08:42 - 2014-10-17 15:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-19 08:42 - 2014-07-06 16:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-19 08:42 - 2014-07-06 16:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-19 08:42 - 2014-07-06 16:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-19 08:42 - 2014-07-06 16:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-19 08:42 - 2014-07-06 15:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-19 08:42 - 2014-07-06 15:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-19 08:42 - 2014-07-06 15:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-19 08:42 - 2014-07-06 15:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-19 00:28 - 2014-12-03 16:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-19 00:28 - 2014-12-03 16:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-19 00:28 - 2014-12-03 16:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-19 00:28 - 2014-12-03 16:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-19 00:28 - 2014-12-03 16:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-19 00:28 - 2014-12-03 16:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-19 00:28 - 2014-12-03 16:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-19 00:28 - 2014-12-01 13:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-19 00:27 - 2014-11-26 15:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-19 00:27 - 2014-11-26 15:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-19 00:27 - 2014-11-21 17:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-19 00:27 - 2014-11-21 17:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-19 00:27 - 2014-11-21 16:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-19 00:27 - 2014-11-21 16:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-19 00:27 - 2014-11-21 16:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-19 00:27 - 2014-11-21 16:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-19 00:27 - 2014-11-21 16:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-19 00:27 - 2014-11-21 16:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-19 00:27 - 2014-11-21 16:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-19 00:27 - 2014-11-21 16:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-19 00:27 - 2014-11-21 16:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-19 00:27 - 2014-11-21 16:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-19 00:27 - 2014-11-21 16:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-19 00:27 - 2014-11-21 16:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-19 00:27 - 2014-11-21 16:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-19 00:27 - 2014-11-21 15:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-19 00:27 - 2014-11-21 15:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-19 00:27 - 2014-11-21 15:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-19 00:27 - 2014-11-21 15:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-19 00:27 - 2014-11-21 15:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-19 00:27 - 2014-11-21 15:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-19 00:27 - 2014-11-21 15:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-19 00:27 - 2014-11-21 15:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-19 00:27 - 2014-11-21 15:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-19 00:27 - 2014-11-21 15:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-19 00:27 - 2014-11-21 15:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-19 00:27 - 2014-11-21 15:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-19 00:27 - 2014-11-21 15:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-19 00:27 - 2014-11-21 15:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-19 00:27 - 2014-11-21 15:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-19 00:27 - 2014-11-21 15:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-19 00:27 - 2014-11-21 15:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-19 00:27 - 2014-11-21 15:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-19 00:27 - 2014-11-21 14:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-19 00:27 - 2014-11-21 14:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-19 00:27 - 2014-11-10 17:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-19 00:27 - 2014-11-10 16:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-19 00:27 - 2014-11-10 15:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-19 00:26 - 2014-11-21 17:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-19 00:26 - 2014-11-21 16:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-19 00:26 - 2014-11-21 16:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-19 00:26 - 2014-11-21 16:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-19 00:26 - 2014-11-21 16:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-19 00:26 - 2014-11-21 16:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-19 00:26 - 2014-11-21 16:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-19 00:26 - 2014-11-21 16:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-19 00:26 - 2014-11-21 16:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-19 00:26 - 2014-11-21 16:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-19 00:26 - 2014-11-21 16:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-19 00:26 - 2014-11-21 16:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-19 00:26 - 2014-11-21 15:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-19 00:26 - 2014-11-21 15:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-19 00:26 - 2014-11-21 15:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-19 00:26 - 2014-11-21 15:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-19 00:26 - 2014-11-21 15:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-19 00:23 - 2014-11-07 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-19 00:23 - 2014-11-07 16:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-19 00:23 - 2014-10-29 16:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-19 00:23 - 2014-10-29 15:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-19 00:23 - 2014-10-02 16:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-19 00:23 - 2014-10-02 16:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-19 00:23 - 2014-10-02 16:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-19 00:23 - 2014-10-02 16:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-19 00:23 - 2014-10-02 16:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-19 00:23 - 2014-10-02 15:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-19 00:23 - 2014-10-02 15:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-19 00:23 - 2014-10-02 15:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-19 00:23 - 2014-10-02 15:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-19 00:23 - 2014-10-02 15:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-18 15:00 - 2014-12-18 15:00 - 00003814 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1418950813
2014-12-18 15:00 - 2014-12-18 15:00 - 00001095 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-12-18 15:00 - 2014-12-18 15:00 - 00001095 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-12-18 14:47 - 2014-12-18 14:47 - 00002960 _____ () C:\Windows\System32\Tasks\{FF02BD50-5DC1-47C3-AB4C-B394A730F886}
2014-12-18 14:47 - 2014-12-18 14:47 - 00002960 _____ () C:\Windows\System32\Tasks\{F7C5D4B7-5779-4A98-89FF-C2958790DD79}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-11 22:22 - 2011-12-08 13:17 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-11 22:21 - 2014-06-19 18:15 - 00000292 _____ () C:\Windows\Tasks\UpdaterEX.job
2015-01-11 22:21 - 2012-07-23 04:26 - 01854331 _____ () C:\Windows\WindowsUpdate.log
2015-01-11 22:21 - 2009-07-13 19:13 - 00789962 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-11 22:17 - 2014-10-18 20:59 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-11 22:17 - 2009-07-13 19:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-11 22:01 - 2009-07-13 18:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-11 22:01 - 2009-07-13 18:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-11 21:42 - 2012-04-27 17:46 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-11 21:36 - 2014-06-19 18:16 - 00000000 ____D () C:\Users\Carli\AppData\Roaming\Systweak
2015-01-11 21:36 - 2014-06-19 18:15 - 00000000 ____D () C:\Users\Carli\AppData\Roaming\UpdaterEX
2015-01-11 21:36 - 2014-06-05 10:56 - 00000000 ____D () C:\Program Files (x86)\LPT
2015-01-11 21:36 - 2014-05-09 11:32 - 00000000 ____D () C:\Program Files (x86)\VeriBrowse-soft
2015-01-11 21:36 - 2013-06-17 11:42 - 00000000 ____D () C:\Windows\SysWOW64\WNLT
2015-01-11 21:35 - 2014-10-18 20:59 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-11 21:35 - 2012-08-01 12:16 - 00000338 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-01-11 19:41 - 2013-10-11 22:59 - 00000000 ____D () C:\Windows\system32\ljkb
2015-01-11 19:34 - 2013-10-11 22:59 - 00000000 ____D () C:\Windows\SysWOW64\jmdp
2015-01-11 19:30 - 2014-01-28 13:32 - 00000000 ____D () C:\ProgramData\24f5cca71003c357
2015-01-11 18:43 - 2013-12-29 23:56 - 00000000 ____D () C:\Users\Carli\AppData\Roaming\vlc
2015-01-11 17:28 - 2011-01-19 19:53 - 00000000 ____D () C:\Users\Carli\AppData\Local\CrashDumps
2015-01-09 20:36 - 2009-07-13 17:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-09 14:28 - 2013-02-11 10:49 - 00003212 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForALICE$
2015-01-09 14:28 - 2013-02-11 10:49 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForALICE$.job
2015-01-09 13:36 - 2012-11-08 13:38 - 00000460 _____ () C:\Windows\Tasks\KingSoft_2012118133816.job
2015-01-09 13:12 - 2014-02-19 16:41 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForCarli.job
2015-01-09 06:15 - 2012-02-28 12:30 - 00000000 ____D () C:\Program Files (x86)\Kingsoft
2015-01-09 06:05 - 2013-08-29 08:29 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-09 06:04 - 2013-08-29 08:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-09 06:00 - 2011-01-14 16:23 - 00000000 ____D () C:\Users\Carli
2015-01-09 05:47 - 2014-09-08 18:14 - 00000000 ____D () C:\Users\TEMP
2015-01-09 05:47 - 2013-04-28 07:44 - 00000000 ____D () C:\Users\Guest
2015-01-09 05:47 - 2009-07-13 17:20 - 00000000 ____D () C:\Windows\registration
2015-01-08 13:55 - 2012-02-28 12:30 - 00000000 ____D () C:\ProgramData\Kingsoft
2015-01-08 13:39 - 2014-01-30 10:55 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2015-01-08 13:39 - 2013-12-22 20:05 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2015-01-08 13:39 - 2011-12-08 13:23 - 00000000 ____D () C:\Program Files (x86)\Epic
2015-01-08 13:38 - 2014-08-19 21:54 - 00000000 ____D () C:\Users\Carli\AppData\Local\PC_Drivers_Headquarters
2015-01-08 13:38 - 2014-05-09 11:33 - 00000000 ____D () C:\Users\Carli\AppData\Local\UpdateChecker
2015-01-08 13:38 - 2013-07-19 10:03 - 00000000 ____D () C:\Users\Carli\AppData\Roaming\Opera Software
2015-01-08 13:38 - 2013-07-04 20:49 - 00000000 ___RD () C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-08 13:38 - 2013-07-04 20:49 - 00000000 ___RD () C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-08 13:38 - 2013-07-04 20:49 - 00000000 ____D () C:\Users\fbwuser\AppData\Roaming\Macromedia
2015-01-08 13:38 - 2013-02-25 13:10 - 00000000 ____D () C:\Users\Carli\AppData\Roaming\Epic
2015-01-08 13:38 - 2011-01-14 16:34 - 00000000 ____D () C:\Users\Carli\AppData\Roaming\ZumoDrive
2015-01-08 13:37 - 2014-08-19 21:54 - 00000000 ____D () C:\ProgramData\Driver Support
2015-01-08 13:37 - 2014-08-19 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
2015-01-08 13:37 - 2014-08-19 21:53 - 00000000 ____D () C:\Program Files (x86)\Driver Support
2015-01-08 13:37 - 2014-06-19 18:29 - 00000000 ____D () C:\Users\Carli\AppData\Local\Gameo
2015-01-08 13:37 - 2014-02-11 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-01-08 13:37 - 2014-02-11 18:48 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2015-01-08 13:37 - 2014-01-30 10:55 - 00000000 ____D () C:\ProgramData\DocsuVoiEweeur
2015-01-08 13:37 - 2013-12-30 00:27 - 00000000 ____D () C:\Users\Carli\AppData\Local\genienext
2015-01-08 13:37 - 2013-10-10 23:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-08 13:37 - 2013-05-22 14:21 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-01-08 13:37 - 2013-02-25 13:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic
2015-01-08 13:37 - 2013-02-13 13:54 - 00000000 ____D () C:\Program Files (x86)\YTD Toolbar
2015-01-08 13:37 - 2013-02-13 13:54 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2015-01-08 13:37 - 2012-11-28 08:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2015-01-08 13:37 - 2012-11-28 08:06 - 00000000 ____D () C:\ProgramData\Hotspot Shield
2015-01-08 13:37 - 2012-11-28 08:06 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield
2015-01-08 13:37 - 2012-09-27 13:55 - 00000000 ____D () C:\ProgramData\Anti-phishing Domain Advisor
2015-01-08 13:37 - 2012-07-13 11:44 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2015-01-08 13:37 - 2012-07-11 08:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingsoft Antivirus
2015-01-08 13:37 - 2012-06-21 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpicAssistants
2015-01-08 13:37 - 2012-06-21 13:21 - 00000000 ____D () C:\Program Files (x86)\extensions
2015-01-08 13:37 - 2012-06-21 13:21 - 00000000 ____D () C:\Program Files (x86)\EpicAssistants
2015-01-08 13:37 - 2012-05-31 19:52 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-01-08 13:37 - 2011-10-11 15:44 - 00000000 ____D () C:\ProgramData\PMB Files
2015-01-08 13:36 - 2014-09-26 12:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-08 13:36 - 2012-05-31 19:52 - 00000000 ____D () C:\ProgramData\Apple
2015-01-08 13:06 - 2014-06-19 19:03 - 00000000 ____D () C:\Users\Carli\AppData\Local\Adobe
2015-01-08 11:10 - 2013-11-12 20:13 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-08 11:02 - 2011-01-26 15:18 - 00000000 ____D () C:\Users\Carli\AppData\Local\Deployment
2015-01-06 04:36 - 2011-04-04 11:57 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-04 20:56 - 2013-07-19 10:03 - 00000000 ____D () C:\Users\Carli\AppData\Local\Opera Software
2015-01-04 20:21 - 2014-04-03 22:22 - 00000000 ____D () C:\temp
2015-01-04 20:21 - 2012-10-05 15:58 - 00000000 ____D () C:\ProgramData\Browser Manager
2014-12-25 12:37 - 2011-10-11 15:45 - 00000000 ____D () C:\Users\Carli\AppData\Local\PMB Files
2014-12-25 08:34 - 2014-08-19 21:54 - 00004308 _____ () C:\Windows\System32\Tasks\Driver Support-RTMScan
2014-12-19 09:10 - 2014-05-07 12:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-19 09:10 - 2009-07-13 17:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-19 09:10 - 2009-07-13 17:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-19 08:54 - 2011-01-14 16:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-19 08:52 - 2013-08-29 14:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-19 08:46 - 2011-02-02 13:37 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-18 16:21 - 2011-08-17 11:57 - 00000000 ____D () C:\Users\Carli\Pictures\Documents\poetryquotesemail
2014-12-18 14:48 - 2013-12-30 00:25 - 00000000 ____D () C:\Users\Carli\AppData\Roaming\uTorrent

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.7928.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2012-07-23 21:16

==================== End Of Log ============================

Link to post
Share on other sites

ADDITIONAL Txt File

 

10:43 PM 1/11/2015Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015
Ran by Carli at 2015-01-11 22:23:56
Running from C:\Users\Carli\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kingsoft Antivirus System Defense (Enabled - Up to date) {B6A51389-A795-5AC9-13BA-F569D73F3FE8}
AS: Kingsoft Antivirus System Defense (Enabled - Up to date) {0DC4F26D-81AF-5547-290A-CE1BACB87555}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}) (Version: 11.5.8.612 - Adobe Systems, Inc)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Anti-phishing Domain Advisor (HKLM-x32\...\Anti-phishing Domain Advisor) (Version: 1.1.0.1 - Visicom Media Inc. (Powered by Panda Security))
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3320 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ddeal44mei (HKLM-x32\...\{09854D8E-46B5-057B-5B6E-BFD2A04AD5AB}) (Version:  - "") <==== ATTENTION
DocsuVoiEweeur (HKLM-x32\...\{20974FF5-82D5-C53C-61C8-0648002BE4F7}) (Version:  - DocSViieweer)
Driver Support (HKLM-x32\...\{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 8.1 - PC Drivers Headquarters, LP)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Epic 1.9.9.1 (HKLM-x32\...\{91CB1F7A-3C16-4782-8084-706A04C18CDF}_is1) (Version:  - Hidden Reflex)
EpicAssistants version 1.0 (HKLM-x32\...\{4AAD693F-7E2C-459B-9260-2468159C1904}_is1) (Version: 1.0 - HiddenReflex)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Extended Update (HKU\S-1-5-21-2768594993-768962890-2991862374-1000\...\UpdaterEX) (Version:  - Extended Update) <==== ATTENTION
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Hotspot Shield 3.09 (HKLM-x32\...\HotspotShield) (Version: 3.09 - AnchorFree Inc.)
HP CloudDrive (HKLM-x32\...\ZumoDrive) (Version:  - Zecter Inc.)
HP Documentation (HKLM-x32\...\{4D1193CC-0658-4C98-B1FF-86CBC5BFB27C}) (Version: 1.2.0.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.5122 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.3303 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.8812 - HP Photo Creations Powered by RocketLife)
HP Power Manager (HKLM-x32\...\{AF306BD8-F9D1-4627-89B9-246E59074A05}) (Version: 1.1.2 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EF682D1C-591D-48B5-9803-628DA622C281}) (Version: 2.2.7 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{6B114F59-6732-4EA5-A33E-ACC6DEC49B61}) (Version: 4.0.70.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6292.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3220 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3220 - CyberLink Corp.) Hidden
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
MSN Toolbar Platform (x32 Version: 4.0.0357.1 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Opera Stable 17.0.1241.45 (HKLM-x32\...\Opera 17.0.1241.45) (Version: 17.0.1241.45 - Opera Software ASA)
Opera Stable 18.0.1284.68 (HKLM-x32\...\Opera 18.0.1284.68) (Version: 18.0.1284.68 - Opera Software ASA)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version:  - PC Utilities Software Limited) <==== ATTENTION
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4419 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4419 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3320 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3320 - CyberLink Corp.) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3223 - CyberLink Corp.) Hidden
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
Sendori (HKLM-x32\...\Sendori) (Version: 2.0.17 - Sendori, Inc.) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
tperfecTcoupon (HKLM-x32\...\{23B82977-C816-92D2-66E7-BE67DD1E7786}) (Version:  - "") <==== ATTENTION
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UpdateChecker (HKU\S-1-5-21-2768594993-768962890-2991862374-1000\...\UpdateChecker) (Version:  - ) <==== ATTENTION
VeriBrowse (HKLM-x32\...\5626869A-ABE5-7770-E36C-9CBC7FB6B1EA) (Version:  - VeriBrowse-software) <==== ATTENTION
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WorldofTanks (HKU\S-1-5-21-2768594993-768962890-2991862374-1000\...\WorldofTanks) (Version:  - WorldofTanks) <==== ATTENTION!
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION
YTD Toolbar v6.9 (HKLM-x32\...\{C7B1C030-8B9F-48A2-91E3-6999FC624AE5}) (Version: 6.9 - Spigot, Inc.) <==== ATTENTION
YTD Video Downloader 4.8.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.4 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

04-12-2014 13:26:33 Windows Update
18-12-2014 10:32:03 Windows Update
18-12-2014 21:06:16 Windows Update
19-12-2014 08:36:54 Windows Update
19-12-2014 15:52:37 Installed iTunes
19-12-2014 16:02:24 Windows Update
25-12-2014 08:32:33 Windows Update
25-12-2014 13:16:41 Windows Update
04-01-2015 18:10:58 Windows Update
05-01-2015 20:13:15 Removed iTunes
05-01-2015 20:18:44 Installed iTunes
08-01-2015 10:31:41 Windows Update
08-01-2015 13:32:14 Restore Operation
08-01-2015 13:45:04 Windows Update
08-01-2015 13:50:39 Removed iTunes
08-01-2015 13:56:50 Installed iTunes
08-01-2015 14:00:59 Windows Update
09-01-2015 05:43:43 Restore Operation
09-01-2015 05:55:31 Removed iTunes
09-01-2015 05:58:08 Removed iTunes
09-01-2015 06:02:06 Installed iTunes

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 16:34 - 2009-06-10 11:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0500E9AE-E502-43EA-9B36-1E322BB7835B} - System32\Tasks\{FF02BD50-5DC1-47C3-AB4C-B394A730F886} => Firefox.exe
Task: {056811D7-E0DB-4F16-A5E7-71632B8B6A73} - System32\Tasks\Test TimeTrigger => C:\Users\Carli\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {0848579A-2552-4C8B-B771-60F69750212C} - System32\Tasks\{066856A5-A1DB-46CA-BD7F-459ECDFBB01D} => pcalua.exe -a "C:\Program Files (x86)\ImTOO\Video Converter Ultimate\Uninstall.exe"
Task: {114A3E47-708C-47DE-AB4A-725F0D9C2310} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe
Task: {1327194F-12A9-4DA4-959F-F83D2E11D0CA} - System32\Tasks\{2B37A4B0-E2A8-4999-BBDE-4133877B2BC1} => Iexplore.exe http://ui.skype.com/ui/0/4.2.0.166.324/en/abandoninstall?page=tsOptions&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {1EBB1BDB-A794-4322-BFFA-BCB4C78ACDC1} - System32\Tasks\{1EB876BF-8D31-4867-B5AE-C5E34BACB687} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE
Task: {2BB63D11-C181-48F5-B864-01ACCFD51276} - System32\Tasks\{A7AEB30E-0B50-418E-BE7D-5B4968636EF3} => c:\program files (x86)\opera\launcher.exe [2014-12-16] (Opera Software)
Task: {3415D8DB-AE62-4031-A8BD-C7CDBB58FCFD} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-05-07] (PC Drivers Headquarters)
Task: {34EF2B0B-61A8-4A53-B99B-3EC47EB12CF7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {484EE193-EAA3-4D84-9EEF-9EE71BA4B396} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {4964225C-8AB4-4F81-A2E8-79BDB7869145} - System32\Tasks\{937ED3A0-E291-4D92-869F-748B1B9F1517} => c:\program files (x86)\opera\launcher.exe [2014-12-16] (Opera Software)
Task: {52B5DDA2-E33B-4766-BF5D-58E96C7A25D1} - System32\Tasks\KingSoft_2012118133816 => C:\program files (x86)\kingsoft\kingsoft antivirus\kshdscan.exe [2013-02-14] (Kingsoft Corporation)
Task: {5D6E90A7-8BC0-4518-919E-F243255CC06E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-17] (Adobe Systems Incorporated)
Task: {60529495-BC5D-4BE0-A8B4-BA6837A1526A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {61620C01-EE89-415B-AA51-D8707BD58A2E} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-05-07] (PC Drivers Headquarters)
Task: {62A4405D-971D-48E9-9088-DBB4C8837982} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe
Task: {656FAD73-7C37-4CD6-9B48-8FF11DE61278} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2013-02-19] (Hewlett-Packard)
Task: {664DB62E-8658-4F23-8464-4FDA2A7C0305} - System32\Tasks\{81870AD9-495C-4088-A0E4-B8FB4F6A4C72} => c:\program files (x86)\opera\opera.exe
Task: {684094FD-8900-4039-8246-2CF6988C7B57} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-08-09] (Hewlett-Packard)
Task: {6A13C475-6407-47C0-90F0-179BF3FA99EA} - \VisualBeeRecovery No Task File <==== ATTENTION
Task: {733700FF-A259-4B76-8CCB-12E20FE31E35} - System32\Tasks\Driver Support-RTMRules => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-05-07] (PC Drivers Headquarters)
Task: {7C21F168-EE83-4BE8-B25A-4E5DDD3C7260} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {8275C4B5-2DE9-42FB-95B0-2D5A51B72ECC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2013-09-17] (Microsoft)
Task: {85C1AC78-BEA1-4EAA-ADEB-EB985317BB95} - System32\Tasks\UpdaterEX => C:\Users\Carli\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {94A15F08-8F10-4717-A0CD-180D1EBB08F0} - System32\Tasks\HPCeeScheduleForCarli => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {967FF8DE-AABD-40DA-AA79-A883300AF998} - System32\Tasks\Opera scheduled Autoupdate 1418950813 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-16] (Opera Software)
Task: {96A4592A-92FD-4131-92ED-79148163905F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-09-03] (CyberLink)
Task: {9B450EDD-E6B3-4F1E-8AE1-B76ADD6DB851} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {A84A6310-A2BB-4683-8E72-93AD3E48F992} - System32\Tasks\Amazon Music Helper => C:\Users\Carli\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
Task: {B3802719-A9F2-46D3-BCC5-689F5B578E4E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2768594993-768962890-2991862374-1000
Task: {B3D6EE51-D1C0-4AB2-AE83-0A2FA7C8E8C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {BBEC411A-A110-4FE6-868E-088ED14FAD12} - System32\Tasks\HPCeeScheduleForALICE$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {C23A4C82-B84F-4439-88A1-6733AAF41D6D} - System32\Tasks\DTReg => C:\Users\Carli\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
Task: {C6733A15-6053-49D1-BDC2-D46C29F85691} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {CA2A6184-FEA5-46DD-9E72-FD5A497297B0} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-05-07] (PC Drivers Headquarters)
Task: {CBA78036-976E-4001-A221-9A2C22C82AFD} - System32\Tasks\Driver Support-RTMScan => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-05-07] (PC Drivers Headquarters)
Task: {D4639C19-F093-493C-A7B9-9842035C1A38} - System32\Tasks\{605E91B9-2DB1-47D0-BCC5-4D8F3A821A97} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {D801030F-85E9-4010-9ED5-443FC5D09F1E} - System32\Tasks\KsafeDelay => C:\Program Files (x86)\Kingsoft\PcDoctor\KSafeTray.exe
Task: {DFA333EB-07AE-4819-9D6D-4182DDC649E4} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E876CCE5-2FC9-45E1-A7C6-C575A9560F96} - System32\Tasks\{F7C5D4B7-5779-4A98-89FF-C2958790DD79} => Firefox.exe
Task: {F76446D6-CAC0-4DAF-A90A-D2E7CC27E046} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-05-07] (PC Drivers Headquarters)
Task: {FBCA6A14-EB55-4257-8EDE-0E1E5C5D339B} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2012-08-01] ()
Task: {FDC7CD46-6473-40B6-BBD6-DB788EB13E94} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2013-02-19] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\HPCeeScheduleForALICE$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForCarli.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\KingSoft_2012118133816.job => C:\program files (x86)\kingsoft\kingsoft antivirus\kshdscan.exe
Task: C:\Windows\Tasks\KsafeDelay.job => C:\Program Files (x86)\Kingsoft\PcDoctor\KSafeTray.exe
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\Carli\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:214562D2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AESTFilters => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Application Updater => 3
MSCONFIG\Services: Bonjour Service => 3
MSCONFIG\Services: EvtEng => 3
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HP Support Assistant Service => 3
MSCONFIG\Services: HP Wireless Assistant Service => 2
MSCONFIG\Services: HPClientSvc => 3
MSCONFIG\Services: HPDrvMntSvc.exe => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 3
MSCONFIG\Services: HPWMISVC => 3
MSCONFIG\Services: hshld => 3
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 3
MSCONFIG\Services: IBUpdaterService => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: kxescore => 2
MSCONFIG\Services: LMS => 3
MSCONFIG\Services: LPTSystemUpdater => 3
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: RegSrvc => 3
MSCONFIG\Services: SecureAssist => 3
MSCONFIG\Services: Service Sendori => 3
MSCONFIG\Services: Skype C2C Service => 3
MSCONFIG\Services: sndappv2 => 3
MSCONFIG\Services: STacSV => 3
MSCONFIG\Services: UNS => 3
MSCONFIG\Services: VeriBrowse => 3
MSCONFIG\startupreg: Driver Detective => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe /applicationMode:systemTray /showWelcome:false
MSCONFIG\startupreg: Driver Support => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe /applicationMode:systemTray /showWelcome:false
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: kxesc => "c:\program files (x86)\kingsoft\kingsoft antivirus\kxetray.exe" -autorun
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Carli\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

========================= Accounts: ==========================

Administrator (S-1-5-21-2768594993-768962890-2991862374-500 - Administrator - Disabled)
Carli (S-1-5-21-2768594993-768962890-2991862374-1000 - Administrator - Enabled) => C:\Users\Carli
fbwuser (S-1-5-21-2768594993-768962890-2991862374-1001 - Limited - Enabled) => C:\Users\fbwuser
Guest (S-1-5-21-2768594993-768962890-2991862374-501 - Limited - Disabled) => C:\Users\TEMP

==================== Faulty Device Manager Devices =============

Name: Officejet 7400 series
Description: Officejet 7400 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 7400 series
Description: Officejet 7400 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P3005
Description: HP LaserJet P3005
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet 4050 Series
Description: HP LaserJet 4050 Series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet 4050 Series
Description: HP LaserJet 4050 Series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet Professional P1102w
Description: HP LaserJet Professional P1102w
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet Professional P1102w
Description: HP LaserJet Professional P1102w
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Deskjet 3050A J611 series
Description: Deskjet 3050A J611 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet Professional P1102w
Description: HP LaserJet Professional P1102w
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 7510 series
Description: Photosmart 7510 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 7400 series
Description: Officejet 7400 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet Professional P1102w
Description: HP LaserJet Professional P1102w
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart 7510 series
Description: Photosmart 7510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6700
Description: Officejet 6700
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/11/2015 05:51:30 PM) (Source: Driver Detective) (EventID: 100) (User: )
Description: Timestamp: 1/12/2015 3:51:30 AM
Message: An exception occured and was caught: InvalidOperationException
---------Exception Information----------
Local Time: 1/11/2015 5:51:30 PM
Type: ExceptionLogging, Version=3.0.0.102, Culture=neutral, PublicKeyToken=null
Message: There is an error in XML document (1, 879).
Source: System.Xml
Target Site: System.Object Deserialize(System.Xml.XmlReader, System.String, System.Xml.Serialization.XmlDeserializationEvents)
Stack Trace:    at System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader, String encodingStyle, XmlDeserializationEvents events)
 
   at System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader)
 
   at DriversHQ.Common.Serialization.SerializationUtility.FromXML[T](XmlReader reader, XmlRootAttribute rootAttribute, Type[] extraTypes)
 
   at DriversHQ.Common.Serialization.SerializationUtility.FromXML[T](TextReader reader, XmlRootAttribute rootAttribute, Type[] extraTypes, Boolean validateSchema, ValidationEventHandler validationCallback)
 
   at DriversHQ.Common.Serialization.SerializationUtility.FromXML[T](String xml, XmlRootAttribute rootAttribute, Type[] extraTypes, Boolean validateSchema, ValidationEventHandler validationCallback)
 
   at DriversHQ.Common.Serialization.SerializationUtility.FromXML[T](String xml)
 
   at DriversHQ.Common.Serialization.SerializationBase.FromXML[T](String xml)
 
   at DriversHQ.DriverDetective.Client.Communication.DriverComm.a(Object A_0, GetSupportMetaDataApplicationByDeviceCompletedEventArgs A_1)
 ----------Inner Exception Information----------
  Message: Instance validation error: 'Win81' is not a valid value for global::DriversHQ.Common.OperatingSystems.
  Source: System.Xml
  Target Site: Int64 ToEnum(System.String, System.Collections.Hashtable, System.String, Boolean)
  Stack Trace:    at System.Xml.Serialization.XmlCustomFormatter.ToEnum(String val, Hashtable vals, String typeName, Boolean validate)
 
   at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderSupportMetaData.Read10_NullableOfOperatingSystems(Boolean checkType)
 
   at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderSupportMetaData.Read20_PCDriverArticle(Boolean isNullable, Boolean checkType)
 
   at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderSupportMetaData.Read23_PCKnowledgeBaseArticleBase(Boolean isNullable, Boolean checkType)
 
   at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderSupportMetaData.Read24_SupportMetaData(Boolean isNullable, Boolean checkType)
 
   at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderSupportMetaData.Read25_supportMetaData()
--------------------------------------
Additional Information
Machine Name: ALICE
Assembly: ExceptionLogging, Version=3.0.0.102, Culture=neutral, PublicKeyToken=null
Application Domain: DriverSupport.exe
Thread Identity: alice\Carli
Thread Name:
Windows Identity: alice\Carli
Process Name:

Error: (01/11/2015 05:51:30 PM) (Source: Driver Detective) (EventID: 100) (User: )
Description: Timestamp: 1/12/2015 3:51:30 AM
Message: An exception occured and was caught: InvalidOperationException
---------Exception Information----------
Local Time: 1/11/2015 5:51:30 PM
Type: ExceptionLogging, Version=3.0.0.102, Culture=neutral, PublicKeyToken=null
Message: There is an error in XML document (1, 879).
Source: System.Xml
Target Site: System.Object Deserialize(System.Xml.XmlReader, System.String, System.Xml.Serialization.XmlDeserializationEvents)
Stack Trace:    at System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader, String encodingStyle, XmlDeserializationEvents events)
 
   at System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader)
 
   at DriversHQ.Common.Serialization.SerializationUtility.FromXML[T](XmlReader reader, XmlRootAttribute rootAttribute, Type[] extraTypes)
 
   at DriversHQ.Common.Serialization.SerializationUtility.FromXML[T](TextReader reader, XmlRootAttribute rootAttribute, Type[] extraTypes, Boolean validateSchema, ValidationEventHandler validationCallback)
 
   at DriversHQ.Common.Serialization.SerializationUtility.FromXML[T](String xml, XmlRootAttribute rootAttribute, Type[] extraTypes, Boolean validateSchema, ValidationEventHandler validationCallback)
 
   at DriversHQ.Common.Serialization.SerializationUtility.FromXML[T](String xml)
 
   at DriversHQ.Common.Serialization.SerializationBase.FromXML[T](String xml)
 
   at DriversHQ.DriverDetective.Client.Communication.DriverComm.a(Object A_0, GetSupportMetaDataApplicationByDeviceCompletedEventArgs A_1)
 ----------Inner Exception Information----------
  Message: Instance validation error: 'Win81' is not a valid value for global::DriversHQ.Common.OperatingSystems.
  Source: System.Xml
  Target Site: Int64 ToEnum(System.String, System.Collections.Hashtable, System.String, Boolean)
  Stack Trace:    at System.Xml.Serialization.XmlCustomFormatter.ToEnum(String val, Hashtable vals, String typeName, Boolean validate)
 
   at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderSupportMetaData.Read10_NullableOfOperatingSystems(Boolean checkType)
 
   at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderSupportMetaData.Read20_PCDriverArticle(Boolean isNullable, Boolean checkType)
 
   at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderSupportMetaData.Read23_PCKnowledgeBaseArticleBase(Boolean isNullable, Boolean checkType)
 
   at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderSupportMetaData.Read24_SupportMetaData(Boolean isNullable, Boolean checkType)
 
   at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderSupportMetaData.Read25_supportMetaData()
--------------------------------------
Additional Information
Machine Name: ALICE
Assembly: ExceptionLogging, Version=3.0.0.102, Culture=neutral, PublicKeyToken=null
Application Domain: DriverSupport.exe
Thread Identity: alice\Carli
Thread Name:
Windows Identity: alice\Carli
Process Name:

Error: (01/11/2015 05:29:22 PM) (Source: Driver Detective) (EventID: 100) (User: )
Description: Timestamp: 1/12/2015 3:29:22 AM
Message: An exception occured and was caught: FileNotFoundException
---------Exception Information----------
Local Time: 1/11/2015 5:29:22 PM
Type: ExceptionLogging, Version=3.0.0.102, Culture=neutral, PublicKeyToken=null
Message: Could not load file or assembly 'file:///C:\Program Files (x86)\Driver Support\Driver Support\ThemePack.Default.dll' or one of its dependencies. The system cannot find the file specified.
Source: mscorlib
Target Site: System.Reflection.Assembly _nLoad(System.Reflection.AssemblyName, System.String, System.Security.Policy.Evidence, System.Reflection.Assembly, System.Threading.StackCrawlMark ByRef, Boolean, Boolean)
Stack Trace:    at System.Reflection.Assembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection)
 
   at System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection)
 
   at System.Reflection.Assembly.LoadFrom(String assemblyFile)
 
   at DriversHQ.DriverDetective.Client.k.a(DDConfig A_0)
 
   at DriversHQ.DriverDetective.Client.k.b(DDConfig A_0)
 
   at DriversHQ.DriverDetective.Client.k.a()
--------------------------------------
Additional Information
Machine Name: ALICE
Assembly: ExceptionLogging, Version=3.0.0.102, Culture=neutral, PublicKeyToken=null
Application Domain: DriverSupport.exe
Thread Identity: alice\Carli
Thread Name:
Windows Identity: alice\Carli
Process Name:

Error: (01/11/2015 05:28:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: kislive.exe, version: 2012.10.18.155, time stamp: 0x507f7436
Faulting module name: MSVCR80.dll, version: 8.0.50727.762, time stamp: 0x45712238
Exception code: 0x40000015
Fault offset: 0x000046b4
Faulting process id: 0x154
Faulting application start time: 0xkislive.exe0
Faulting application path: kislive.exe1
Faulting module path: kislive.exe2
Report Id: kislive.exe3

Error: (01/11/2015 05:21:08 PM) (Source: Driver Detective) (EventID: 100) (User: )
Description: Timestamp: 1/12/2015 3:21:08 AM
Message: An exception occured and was caught: FileNotFoundException
---------Exception Information----------
Local Time: 1/11/2015 5:21:08 PM
Type: ExceptionLogging, Version=3.0.0.102, Culture=neutral, PublicKeyToken=null
Message: Could not load file or assembly 'file:///C:\Program Files (x86)\Driver Support\Driver Support\ThemePack.Default.dll' or one of its dependencies. The system cannot find the file specified.
Source: mscorlib
Target Site: System.Reflection.Assembly _nLoad(System.Reflection.AssemblyName, System.String, System.Security.Policy.Evidence, System.Reflection.Assembly, System.Threading.StackCrawlMark ByRef, Boolean, Boolean)
Stack Trace:    at System.Reflection.Assembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection)
 
   at System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection)
 
   at System.Reflection.Assembly.LoadFrom(String assemblyFile)
 
   at DriversHQ.DriverDetective.Client.k.a(DDConfig A_0)
 
   at DriversHQ.DriverDetective.Client.k.b(DDConfig A_0)
 
   at DriversHQ.DriverDetective.Client.k.a()
--------------------------------------
Additional Information
Machine Name: ALICE
Assembly: ExceptionLogging, Version=3.0.0.102, Culture=neutral, PublicKeyToken=null
Application Domain: DriverSupport.exe
Thread Identity: alice\Carli
Thread Name:
Windows Identity: alice\Carli
Process Name:

Error: (01/09/2015 10:38:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: kislive.exe, version: 2012.10.18.155, time stamp: 0x507f7436
Faulting module name: MSVCR80.dll, version: 8.0.50727.762, time stamp: 0x45712238
Exception code: 0x40000015
Fault offset: 0x000046b4
Faulting process id: 0x10b4
Faulting application start time: 0xkislive.exe0
Faulting application path: kislive.exe1
Faulting module path: kislive.exe2
Report Id: kislive.exe3

Error: (01/09/2015 08:21:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: kislive.exe, version: 2012.10.18.155, time stamp: 0x507f7436
Faulting module name: MSVCR80.dll, version: 8.0.50727.762, time stamp: 0x45712238
Exception code: 0x40000015
Fault offset: 0x000046b4
Faulting process id: 0x1304
Faulting application start time: 0xkislive.exe0
Faulting application path: kislive.exe1
Faulting module path: kislive.exe2
Report Id: kislive.exe3

Error: (01/09/2015 01:29:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: kislive.exe, version: 2012.10.18.155, time stamp: 0x507f7436
Faulting module name: MSVCR80.dll, version: 8.0.50727.762, time stamp: 0x45712238
Exception code: 0x40000015
Fault offset: 0x000046b4
Faulting process id: 0x1140
Faulting application start time: 0xkislive.exe0
Faulting application path: kislive.exe1
Faulting module path: kislive.exe2
Report Id: kislive.exe3

Error: (01/09/2015 06:15:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: opera.exe, version: 26.0.1656.60, time stamp: 0x54903b64
Faulting module name: opera.exe, version: 26.0.1656.60, time stamp: 0x54903b64
Exception code: 0x80000003
Fault offset: 0x00086280
Faulting process id: 0xcd0
Faulting application start time: 0xopera.exe0
Faulting application path: opera.exe1
Faulting module path: opera.exe2
Report Id: opera.exe3

Error: (01/09/2015 06:04:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: kislive.exe, version: 2012.10.18.155, time stamp: 0x507f7436
Faulting module name: MSVCR80.dll, version: 8.0.50727.762, time stamp: 0x45712238
Exception code: 0x40000015
Fault offset: 0x000046b4
Faulting process id: 0x15e4
Faulting application start time: 0xkislive.exe0
Faulting application path: kislive.exe1
Faulting module path: kislive.exe2
Report Id: kislive.exe3

System errors:
=============
Error: (01/11/2015 10:04:17 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (01/11/2015 10:04:17 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (01/11/2015 10:04:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\IWMSSvc.dll
Error Code: 21

Error: (01/11/2015 10:03:55 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/11/2015 10:03:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
CbFs
discache
kavbootc
spldr
Wanarpv6

Error: (01/11/2015 10:03:49 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/11/2015 09:51:09 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (01/11/2015 09:51:09 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (01/11/2015 09:51:03 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\IWMSSvc.dll
Error Code: 21

Error: (01/11/2015 09:50:58 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 24%
Total physical RAM: 5941.86 MB
Available physical RAM: 4491.26 MB
Total Pagefile: 11881.9 MB
Available Pagefile: 10377.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:436.52 GB) (Free:260.18 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:28.95 GB) (Free:4.24 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DE1C2D32)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=436.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=28.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

Link to post
Share on other sites

Before we start please read and note the following:

  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything unexpected happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 
 
 
51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware
 
Please re-run 51a46ae42d560-malwarebytes_anti_malware. Malwarebytes' Anti-Malware.

  • First of all, select update.
  • Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the newest Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and upload in your next reply.
 
 
 
 

adwcleaner_new.png Fix with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait until the database is updated.
  • Accept the Terms of use and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.

Please include the contents of that file in your reply.
 
Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

Link to post
Share on other sites

1.  initially Malwarebytes was installed.....it was updated, ran the scan, quarantined the files, then deteled all files.

Epic and Opera Browsers no longer worked.....ITunes could no longer access Apple iTunes Store.....

 

2.  The Girl ended up reinstalling all browsers again but still no connect to internet.  She uninstalled Malwarebytes and restored the computer to a previous restore point.  Still same problems.

 

3.  I instructed her to restore back to latest restore point.  computer started showing all sorts of messages involving SecureAssist.dll when trying to run those browsers or accessing apple iTunes store.

 

4.  I reinstalled Malwarebytes...ran scan, quarantined and deleted files but still same problems.

 

5.  many popup windows while using Internet Explorer browswer,  so I decided to try and  go back into safe mode with networking to install Malwarebytes and Farbar.  Then I went back into normal mode to run farbar to extract the frst and additional txt files to upload to you.   but noticed that malware bytes cannot access update server while computer in normal mode.  so I uninstalled and reinstalled malwarebytes again while in normal mode.  but no success.....

 

now I'm back in safe mode with networking once again.   should I uninstall and reinstall Malwarebytes while in Safe mode with networking?

Link to post
Share on other sites

remove%20outdated.jpg Uninstall some programs
 
We need to uninstall some unwanted/unneeded programs.

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time

The list of programs to uninstall:

  • Sendori
  • UpdateChecker
  • YTD Toolbar v6.9

After completing uninstalls, please manually reboot your machine!
 
Note: If you get the message like: An error occurred while trying to uninstall, just press Yes.
 
 
 
 
FRST.gif Fix with Farbar Recovery Scan Tool
 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

fixlist.txt

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.