Logfile of random's system information tool 1.10 (written by random/random) Run by MATHIAS at 2014-12-03 20:16:50 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 635 GB (45%) free of 1424 GB Total RAM: 12277 MB (76% free) HijackThis download failed ======Listing Processes====== \SystemRoot\System32\smss.exe C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 wininit.exe C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe" C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k LocalService Ati2evxx.exe -Client C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork taskeng.exe {C8D1FE54-37E7-4BAF-A125-EAAB8D4EA361} "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Users\Milan\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe" C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc "C:\Windows\system32\mfevtps.exe" "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\SysWOW64\PnkBstrB.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Users\MATHIAS\AppData\Roaming\VOPackage\VOsrv.exe "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe" C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Windows\system32\SearchIndexer.exe /Embedding WLIDSvcM.exe 2560 "C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe" "C:\Users\THE BOSS\AppData\Roaming\Yontoo\YontooDesktop.exe" "C:\Program Files\McAfee\MSC\McAPExe.exe" "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5b4aa9cf-fef7-4f29-b1cd-29f83f66f6e4 -SystemEventPortName:HostProcess-2832803f-f651-424d-90b7-d1817104a0a9 -IoCancelEventPortName:HostProcess-ea7695e8-9073-49a7-9531-2aaf8b5a58f8 -NonStateChangingEventPortName:HostProcess-30128dca-490a-4544-b37e-45a3604882f9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:92de306b-f516-45ed-95f5-8e54949df323 -DeviceGroupId:WpdFsGroup "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" "C:\Windows\SysWOW64\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait taskeng.exe {F9695415-ED46-40BB-AEE8-9178DCAF2240} "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\Windows\system32\conime.exe "C:\Program Files\Windows Defender\MSASCui.exe" -hide "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun "C:\Users\MATHIAS\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver "C:\Windows\ehome\ehtray.exe" "C:\Windows\SysWOW64\rundll32.exe" "C:\Users\MATHIAS\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run "C:\Users\MATHIAS\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" "C:\Users\MATHIAS\AppData\Local\Apps\2.0\3RR8R9CL.QQ9\HVJ5G280.YG5\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe" /platui /runkey "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide "C:\Program Files (x86)\Bench\BService\1.1\bservice.exe" "C:\Program Files (x86)\Bench\BService\1.1\bservice64.exe" "C:\Program Files (x86)\Bench\Wd\wd.exe" "C:\Program Files (x86)\Bench\Proxy\pwdg.exe" C:\Windows\ehome\ehmsas.exe -Embedding "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files\Windows Media Player\wmpnscfg.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Users\THE BOSS\AppData\Roaming\Yontoo\YontooDesktop.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart B109a-m#1331128591" -Startup "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group17 pct:1h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="204.1.864890817\1182347692" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group17 pct:1h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A7_Stable_R2/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --enable-gpu-rasterization --disable-gpu-compositing --channel="204.4.466943225\695638921" /prefetch:673131151 C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" --parent-window=0 chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ < \\.\pipe\chrome.nativeMessaging.in.2789ec55dab88c3e > \\.\pipe\chrome.nativeMessaging.out.2789ec55dab88c3e "C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" --parent-window=0 chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ "C:\Users\MATHIAS\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe" /lang:NLD /vercfg:2.0 /verman:2.0 /prod:lws /version:13.30.1396 /po:0 /qs:hit=2&hcd1=046d_080f_0009 /cn1:facebook /cv1:13.30.1346 /cn2:gallery /cv2:13.30.1379 /cn3:getmore /cv3:13.30.1396 /cn4:help /cv4:13.30.1379 /cn5:help_main /cv5:13.30.1396 /cn6:launcher /cv6:13.30.1379 /cn7:launcher_main /cv7:13.30.1379 /cn8:models /cv8:13.00.1779 /cn9:motdet /cv9:13.30.1395 /cn10:picvid /cv10:13.30.1395 /cn11:privacyshades /cv11:13.00.1779 /cn12:twitter /cv12:13.30.1346 /cn13:videoeffects /cv13:13.30.1379 /cn14:vmm /cv14:13.30.1379 /cn15:webcamcontroller /cv15:13.30.1395 /cn16:wlmplugin /cv16:13.30.1201 /cn17:youtube /cv17:13.30.1346 "C:\Users\MATHIAS\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe" /lang:NLD /vercfg:2.0 /verman:2.0 /prod:lws /version:13.30.1396 /po:0 /qs:hit=2&hcd1=046d_080f_0009 /cn1:facebook /cv1:13.30.1346 /cn2:gallery /cv2:13.30.1379 /cn3:getmore /cv3:13.30.1396 /cn4:help /cv4:13.30.1379 /cn5:help_main /cv5:13.30.1396 /cn6:launcher /cv6:13.30.1379 /cn7:launcher_main /cv7:13.30.1379 /cn8:models /cv8:13.00.1779 /cn9:motdet /cv9:13.30.1395 /cn10:picvid /cv10:13.30.1395 /cn11:privacyshades /cv11:13.00.1779 /cn12:twitter /cv12:13.30.1346 /cn13:videoeffects /cv13:13.30.1379 /cn14:vmm /cv14:13.30.1379 /cn15:webcamcontroller /cv15:13.30.1395 /cn16:wlmplugin /cv16:13.30.1201 /cn17:youtube /cv17:13.30.1346 /conffile=C:\Users\MATHIAS\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdateProduct.xml "C:\Program Files\McAfee\MAT\McPvTray.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="204.6.1859541347\1921073454" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe" "C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe" /wts 5612 488 492 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\vssvc.exe C:\Windows\system32\wbem\wmiprvse.exe "C:\Users\MATHIAS\Downloads\RSITx64.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saui.exe" -Embedding wmiadap.exe /F /T /R "C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe" {9d7ac750-e018-4625-a92c-fa1030d039b0} /pid=4596 ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\AmiUpdXp.job - C:\Users\Milan\AppData\Local\SwvUpdater\Updater.exe C:\Windows\tasks\APSnotifierPP1.job - C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe --notifier2 A C:\Windows\tasks\APSnotifierPP2.job - C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe --notifier 4 C:\Windows\tasks\APSnotifierPP3.job - C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe --notifier 6 C:\Windows\tasks\bench-S-1-5-21-552174293-927401653-4265545726-1001.job - C:\Program Files (x86)\Bench\Updater\updater.exe -runmode=checkupdate C:\Windows\tasks\bench-sys.job - C:\Program Files (x86)\Bench\Updater\updater.exe -runmode=checkupdate C:\Windows\tasks\cf43921d-02df-421d-ae05-8262e53706bf-4.job - C:\Program Files (x86)\TornPlusTV_version1.11\cf43921d-02df-421d-ae05-8262e53706bf-4.exe /rawdata=vUDCIkPG/JW340gkfoSJuHCcyQm5/dOtjyEGO9Ge2ihYvckHDIUbNYJOrcT5irIMPwSfkyX4tIrCx1xIhJ8brzazEKwl1aZFqxWneIdi26Elet15gWExGpQkSP0S+WRCQMChZcJ3vfatImJwRcaayO9cjvL1gXlzHdkPVnx5KZkE9+Lt+1+VsM3v71YpzbkCFU7y964Qg145ciTkUwGpXpipAhUZl2VnWQVtxH3qXqUWGgs2KocbwATNr8AdDM/J8ZRTnCf0gato7d1bp+v3cxrwiQDy71l9/pVB5JwU+XriiWAL+brmA+ux+KMrYVsx7mixv7fqu6K7f/y2DFTym6RHGswq+ZJwc7QtHHXfkkVFCh9lrqq3l2Nv/w3vPKKDaOLfz6s18chiqh8zJ/tNZiLTbEm+2sgg2b9N+mEytKZsddtHaexOu2R1o4m14gZ2An6z19dTd053B5kK0APVguQHY5B/o+6jCgJA1grkbbRFhAucsrkoyar7X/tFnmBFfEYBs5+LRZbqNAvQuRkHEjkUYZv81GRZAbs+FJ4LGmi/2gVSLEzuVk0tNZqBuuDK0PZ7luwj72BlD8mL5SEonDEN44uYjXv+E68zeI4dj0XNggRbPoVz6h1eGEx/QtGlB2hYYASAJ4FUHw9iDq7eAoFJnNpcxXZFBvbgxvx4/W60eqFmc6FpSnb2ugLqsWZaeeEOpH94SVL0Jt8/n1WYIggobpPDqC7PE9zXN47OUmdo7VhZ9fWgUMfG/d7uSH6YRtSE5k9xKpQVI7xUCTUAqo/RIgaMHyi/e6QKhcK40p24+RDjc+YRU9NBzzbv8gx8fGXO/9plnH9n+zf6AydSNYbSugZ4EwdbukBPAj9vPEkHo3YgCqz287y8RqztZYF1X+FL1JMvycr0HOM6zu7VVsMfrgXzU0uNdlnz5yWohnDnudLsCj6sxnefAgEcJ9PIE/jH7kUt0aAwV6rPnvsaBR14YH7VEEU6O75zy4t9fNq5rqOP/UckO6Gjj74jo4wDCcFOTl76f9etICCNhULS78KyVcusWuv6deuVCrwI8C6DJDiE4n+5/2f9nDV8LiayxZYlTUhtV6doksJ0WU0Ff7Cd/URvwhXPW3PN+AlUbjk3xV/QskEGbu72CqxpoAlhvsXT2alTaA92ye98hg75sQfUOVZkitCFMvieKhn77q1FZRzh7aPt/Wq6RJBi4OsjSrdkSVfGW4nR2zN2LAIVta2HMiX/jjv3Gqjjk5KbQTbGEZz0Ko/GByg2x1QgjlbzodGGdVuomnEPYC23UWdIfZkJ+Ns8C19oHst/KTADAzV2M2IoQ1S9ybROkHldVnMA4swgzmbXd2gLQUw2gPfuBb3m9UbDTa9FllHcygAs3X9XZLOcByODmjWsixHpsz/dYvSkw93DRXjIKLMku+EZ/igh+haN/VUgGvdB8yUO3Ajk1i2yIQwOH9AjzLbp+CPfAFVHe6gydqqpPa3NaFd3/agkNw4IzEnHtTWI/aw3HxyRoN5UTx2XkvzIdeQ4bIvwEQggc+LDwN30v1kVkSRFbf+vUA5r7Xnei/EjjvmuUMHDe3z0EFxPuWSKtW0tbf543kqKWuGL0RJmrhuBEsOK23kY4ZPNXcgfbRGAwDngKjnAskFBtdRaCgI1WQjTlrr8z7D2OwVoooBvxkWSuI5EPW1OkH5ugchV21I9W3x6uXsuOw+2HnMQtWk9rz/fC8QXmzFHcyC2nzm3YNoYkaKeeRX02SlOzNLD9VLsLocJ6JmqE662xMJrixG8eK+NpVuzE0ANPzM1+pNSw4EXdjywkWxkhlQGGz4bTS0px9cCrQZZWE6iMd6oXStQ4xNua7usc8x4ywqRSNSnXmIbXPrCZ1j4DhrRshkZ7jUbBhwIOcvoWVTWlsQryMJUkyA7CCizur+NlJtkOZrG1DfvuDpgUHeaeq1JkJLEDj8Tvf9+z7NkiUjQx3WoLPxIYO5/AAyyO3fXBdD8JaWUMkzEfWL07y10TgRwn7HhT4Qr6aJBQlRzsFfHrhge++RHLKu0oKgDn0TarWouaWTPZoQnIlbbcz3oGt1pAB3ojR/vOtcTg/c5nTVsSkX1yGhlSI7B68dRNGLogM9J9lPMQFQUpzu+tQHogAwrRVODQ2WDT3VgCPq8wEQKXavcvpCfoc3jWKyMtz+kIBU8nFNHDr4NE87efQIFVSzomDBDgAD/O669Cd0= C:\Windows\tasks\DSite.job - C:\Users\THEBOS~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE /Check C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-552174293-927401653-4265545726-1000Core.job - C:\Users\THE BOSS\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-552174293-927401653-4265545726-1000UA.job - C:\Users\THE BOSS\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-552174293-927401653-4265545726-1001Core.job - C:\Users\MATHIAS\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-552174293-927401653-4265545726-1001UA.job - C:\Users\MATHIAS\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6969d4fc1652.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineCore1d002863fa6c0c2.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8dcaf697da69.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineUA1cfeb0b944d343d.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\LyricsContainer Update.job - C:\Program Files (x86)\LyricsContainer\LrcsCtrUpdr.exe /c ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-08-13 5748928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-10-30 294400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6EF0F0-B46B-4CB2-839C-BBE569FAA859}] Browser Champion BHO - C:\Program Files (x86)\Browser Champion\FrameworkBHO64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}] DivX Plus Web Player HTML5