This topic is locked
FIRST MY COMPUTER WAS GETTING ALL KIND OF POP UPS EVERY TIME I WOULD CLICK ON ANY LINK MORE POP UPS SHOWED UP, SO THEN I RESTORED MY COMPUTER TO AN EARLIER VERSION. THIS DID CLEAR UP ALL POP UPS BUT NOW WILL NOT ALLOW ME TO DOWNLOAD ANYTHING. NO ATTACHMENTS IN MY EMAIL, NOTHING AT ALL, SO I FOUND YOUR HELP BLOG. HOPEFULLY YOU CAN FIND THE PROBLEM. THANK YOU.
Additional scan result of Farbar Recovery Scan Tool (x86) Version:19-08-2015
Ran by Laurie (2015-08-19 11:02:32)
Running from C:\Users\Laurie\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-287398816-2082105823-3791064297-500 - Administrator - Disabled)
Alyssa (S-1-5-21-287398816-2082105823-3791064297-1001 - Limited - Enabled) => C:\Users\Alyssa
Christina (S-1-5-21-287398816-2082105823-3791064297-1004 - Limited - Enabled) => C:\Users\Christina
Guest (S-1-5-21-287398816-2082105823-3791064297-501 - Limited - Disabled)
Laurie (S-1-5-21-287398816-2082105823-3791064297-1000 - Administrator - Enabled) => C:\Users\Laurie
Mackenzie (S-1-5-21-287398816-2082105823-3791064297-1003 - Limited - Enabled) => C:\Users\Mackenzie
Matthew (S-1-5-21-287398816-2082105823-3791064297-1005 - Limited - Enabled) => C:\Users\Matthew
Tony (S-1-5-21-287398816-2082105823-3791064297-1002 - Limited - Enabled) => C:\Users\Tony
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
4500_G510nz_Help (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0.1 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.06 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader 8.1.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81300000003}) (Version: 8.1.5 - Adobe Systems Incorporated)
Agatha Christie - Dead Man's Folly (Version: 2.2.0.82 - WildTangent) Hidden
Altnet Music Plugin (HKLM\...\Altnet Music Plugin_is1) (Version: - Altnet Inc.)
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AudibleManager (HKLM\...\AudibleManager) (Version: 4759644.48.2147328000.4759644 - Audible, Inc.)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Better Surf Plus (HKLM\...\Better Surf Plus) (Version: 1.1 - Better Surf) <==== ATTENTION
Bing Rewards Client Installer (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Bookworm Adventures Volume 2 (Version: 2.2.0.82 - WildTangent) Hidden
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Call of Duty® - World at War™ (HKLM\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty® - World at War™ (Version: 1.0 - Activision) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000 - Hewlett-Packard) Hidden
Color Style Studio 2.47 (HKLM\...\Color Style Studio_is1) (Version: 2.47 - XVEL Software)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.3) (Version: 5.0.0.3 - Coupons.com Incorporated)
CouponXplorer Firefox Toolbar (HKLM\...\CouponXplorer_5zbar Uninstall Firefox) (Version: - Mindspark Interactive Network) <==== ATTENTION
CouponXplorer Internet Explorer Toolbar (HKLM\...\CouponXplorer_5zbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
Curitel Packet Service Software (HKLM\...\{FDC00EC6-5A51-4fd9-9FF9-9A69D9947C7A}) (Version: 2.0.a10.0507 - CURITEL Inc.)
CyberLink DVD Suite Deluxe (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: .1707 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Defaulttab (HKLM\...\DefaultTab) (Version: 2.4.8.2 - Search Results, LLC) <==== ATTENTION
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DownloadTerms (HKU\S-1-5-21-287398816-2082105823-3791064297-1000\...\DownloadTerms) (Version: 1.0 - Unlimited Downloads, LLC) <==== ATTENTION
DVD-Cover Printmaster 1.4 (HKLM\...\{38AFE2B1-19DB-432A-BA4A-410BFBA78DCE}) (Version: 1.4 - biu software)
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: - Hewlett-Packard)
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
GearDrvs (Version: 1.00.0000 - GEAR Software) Hidden
GearDrvs (Version: 5.0.0.2 - Symantec Corporation) Hidden
Google Talk Plugin (HKLM\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Graboid Video 1.73 (HKLM\...\Graboid Video) (Version: 1.73 - Graboid Inc.)
H&R Block Arizona 2009 (HKLM\...\{C8D11A15-2311-4D39-8DB4-46AAC397BC4E}) (Version: 1.09.2901 - HRB Technology, LLC.)
H&R Block Deluxe + Efile + State 2009 (HKLM\...\{53A19323-917A-4822-B27E-A57D1EF6E9FC}) (Version: 09.04.7101 - HRB Technology, LLC.)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4861.15 - PC-Doctor, Inc.)
Hotel Mahjong Deluxe (Version: 2.2.0.90 - WildTangent) Hidden
HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Demo (HKLM\...\{97ABD26A-3249-46CB-B2E2-F66E64B2E480}) (Version: 1.00.0000 - Hewlett-Packard)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.2.3309 - Hewlett-Packard)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 6520 series Basic Device Software (HKLM\...\{D9B4150C-9EF6-4861-902F-5F5CB760D7ED}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 6520 series Help (HKLM\...\{D3293275-1002-41F5-BC37-099B4251FF5B}) (Version: 28.0.0 - Hewlett Packard)
HP Photosmart 6520 series Product Improvement Study (HKLM\...\{DF711F5A-C9E4-4241-9A83-58532C99DB28}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (Version: 2.03.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPTCSSetup (HKLM\...\{FA3B34BE-4246-4062-90A3-34CBBEA12B72}) (Version: 1.0.964.2626 - Hewlett-Packard Company)
iTunes (HKLM\...\{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 17 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java™ SE Runtime Environment 6 Update 1 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KB408682 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81300000003}_814) (Version: - Adobe Systems Incorporated)
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.2.2913 - CyberLink Corp.)
LightScribe System Software (HKLM\...\{2EC502F7-CBB0-44F8-8F5D-C9A6FC1E5A2A}) (Version: 1.18.4.1 - LightScribe)
LightScribeTemplateLabeler (HKLM\...\{305D4B08-5807-4475-B1C8-D54685534864}) (Version: 1.10.23.1 - LightScribe)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Masque IGT Slots Little Green Men (HKLM\...\{A54F806B-A2E1-4794-A7FE-365167EC67CB}) (Version: 1.0.3 - Masque Publishing)
Masque IGT Slots Texas Tea (HKLM\...\{C5A17C43-4712-4B16-B80C-ED3FF97500C2}) (Version: 1.0.2 - Masque Publishing)
Masque IGT Slots Wolf Run (HKLM\...\{7C0BF6E9-7021-46E4-87B3-4C4587256A22}) (Version: 1.0.0 - Masque Publishing)
Media Player (HKLM\...\MediaPlayerV1alpha830) (Version: 1.1 - Media Player) <==== ATTENTION
Media View (HKLM\...\MediaViewV1alpha2807) (Version: 1.1 - Media View) <==== ATTENTION
Media View (HKLM\...\MediaViewV1alpha7175) (Version: 1.1 - Media View) <==== ATTENTION
Media Viewer (HKLM\...\MediaViewerV1alpha794) (Version: 1.1 - Media Viewer) <==== ATTENTION
Media Watch (HKLM\...\MediaWatchV1home211) (Version: 1.1 - Media Watch) <==== ATTENTION
Memorex exPressit Label Design Studio (HKLM\...\MVApplication1) (Version: - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MotoHelper 2.0.44 Driver 4.9.0 (HKLM\...\MotoHelper) (Version: 2.0.44 - Motorola)
MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden
MOTOROLA MEDIA LINK (HKLM\...\{D9DC70B6-BE13-41DD-9053-9E617E72D085}) (Version: 1.2.6000.0 - Motorola)
Motorola Mobile Drivers Installation 4.9.0 (Version: 4.9.0 - Motorola Inc.) Hidden
Mozilla ActiveX Control v1.7.12 (HKLM\...\Mozilla ActiveX Control v1.7.12) (Version: - )
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Oasis (HKLM\...\{C17F3696-8EE5-46B0-ADD7-7F5ED6208879}) (Version: 1.0.0 - W3i, LLC)
muvee autoProducer 6.1 (HKLM\...\{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}) (Version: 6.10.050 - muvee Technologies)
My Web Search (HKLM\...\MyWebSearch bar Uninstall) (Version: - My Web Search) <==== ATTENTION
Nancy Drew - Phantom of Venice and Haunting of Castle Malloy (HKLM\...\{562B97B1-D6BA-4BE9-B9C2-CD6DB2CA8CB7}) (Version: 1.00.0000 - Encore Software, Inc.)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
Network (Version: 130.0.374.000 - Hewlett-Packard) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OffersWizard (HKU\S-1-5-21-287398816-2082105823-3791064297-1000\...\OffersWizard) (Version: - )
OffersWizard Network System Driver (HKLM\...\inethnfd) (Version: 1.0.0.3001 - ) <==== ATTENTION
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Pahelika - Secret Legends (Version: 2.2.0.82 - WildTangent) Hidden
Pdf995 (installed by H&R Block) (HKLM\...\Pdf995) (Version: - )
PdfEdit995 (installed by H&R Block) (HKLM\...\PdfEdit995) (Version: - )
Photo Viewer s2.5 (HKLM\...\Photo Viewer_is1) (Version: - )
PhotoMail Maker (HKLM\...\PhotoMail) (Version: 6.0.0.1007 - IncrediMail Ltd.)
PhotoMail Maker (Version: 6.0.0.1007 - IncrediMail) Hidden
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.4109 - CyberLink Corp.)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2926 - CyberLink Corp.)
PowerDirector (Version: 6.5.2926 - CyberLink Corp.) Hidden
PSSWCORE (Version: 2.03.0000 - Hewlett-Packard) Hidden
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Python 2.5.2 (HKLM\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.)
ResumeMaker Professional (HKLM\...\{D2E80193-7318-4707-A9DE-49AF663ADA73}) (Version: 17.0.0 - Individual Software Inc.)
Rhapsody Player Engine (HKLM\...\{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}) (Version: 1.1.0 - RealNetworks)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
ShopAtHome.com Helper (HKLM\...\ShopAtHome.com Helper) (Version: 7.0.3.14 - ShopAtHome.com) <==== ATTENTION
ShopAtHome.com Toolbar (HKLM\...\ShopAtHome.com Toolbar) (Version: 7.0.3.14 - ShopAtHome.com) <==== ATTENTION
Slingo Mystery - Whos Gold (Version: 2.2.0.82 - WildTangent) Hidden
SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.74.00 - Conexant Systems)
Software Version Updater (HKLM\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.4.2 - ) <==== ATTENTION
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
sp44626 (HKLM\...\sp44626) (Version: - Hewlett-Packard)
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
TaxCut Arizona 2008 (HKLM\...\{C9158633-1A68-43E5-81F9-AFB2482DEACF}) (Version: 1.08.2801 - H&R Block Digital Tax Solutions LLC.)
TaxCut Premium + Efile 2008 (HKLM\...\{79207BEE-6CD3-483C-824C-944663BACAC4}) (Version: 08.06.7101 - H & R Block)
Text Express 2 Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
The Price is Right 2010 Edition (Version: 2.2.0.82 - WildTangent) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
UnderCoverXP 1.21 (HKLM\...\UnderCoverXP_is1) (Version: - Wicked & Wild Inc.)
Update Installer for WildTangent Games App (Version: - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (Version: 2.2.0.97 - WildTangent) Hidden
Video Player (HKLM\...\Video Player) (Version: 1.1 - Video Player) <==== ATTENTION
VideoToolkit01 (Version: 110.0.171.000 - Hewlett-Packard) Hidden
VLC media player 1.0.1 (HKLM\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Web Games Player Plugin (HKLM\...\Web Games Player Plugin) (Version: - Zylom Games)
WebCake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - WebCake LLC) <==== ATTENTION
Webexp Enhanced (HKLM\...\Webexp Enhanced) (Version: 1.1 - Webexp Enhanced) <==== ATTENTION
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WildTangent Games App for HP (Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
World Mosaics 2 (Version: 2.2.0.82 - WildTangent) Hidden
Zombie Bowl-o-Rama (Version: 2.2.0.82 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
17-07-2015 00:00:01 Scheduled Checkpoint
18-07-2015 00:00:01 Scheduled Checkpoint
19-07-2015 00:00:03 Scheduled Checkpoint
21-07-2015 01:51:22 Windows Update
21-07-2015 03:00:12 Windows Update
22-07-2015 00:00:03 Scheduled Checkpoint
23-07-2015 00:00:02 Scheduled Checkpoint
28-07-2015 03:27:39 Windows Update
04-08-2015 03:28:08 Windows Update
11-08-2015 01:46:42 Windows Update
11-08-2015 11:35:30 Restore Operation
11-08-2015 13:02:07 Windows Update
11-08-2015 15:18:46 Windows Update
11-08-2015 16:10:32 Removed TomTom HOME Visual Studio Merge Modules
12-08-2015 03:00:13 Windows Update
13-08-2015 11:22:58 Restore Operation
13-08-2015 13:17:42 Restore Operation
18-08-2015 13:38:54 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04A5D1B3-88B7-46FD-8340-EA7E9395708B} - System32\Tasks\MotoHelper Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {0E71EF0F-A305-449F-B275-923A33A41D9E} - System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => C:\Program Files\PC-Doctor for Windows\task_swap.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {1C409D89-0C25-48B0-A98E-D1AEFA407E4A} - System32\Tasks\HPCeeScheduleForMackenzie => C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2007-12-17] (Hewlett-Packard)
Task: {276E9A63-7113-4833-B2E4-880D0E4D2C3E} - System32\Tasks\PC-Doctor\Scheduled Maintenance => C:\Program Files\PC-Doctor for Windows\RunProfiler.exe [2008-04-09] (PC-Doctor, Inc.)
Task: {2B162A9B-D17F-4E28-ACDD-8851D5F302D3} - System32\Tasks\{29403E3B-B522-4A5D-9CC3-42C62DBB8326} => pcalua.exe -a "C:\Users\Laurie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XXGZOI0S\AddInSetup[2].exe" -d C:\Windows\system32
Task: {2B5F46F7-7B92-41DD-B144-455B74F36F89} - System32\Tasks\MotoHelper Routing => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {3054E5A6-1451-4C9B-B0AC-73175B31126C} - \Security Center Update - 3303202799 -> No File <==== ATTENTION
Task: {37B524FE-AD1D-4389-A547-D23A06C7E4CF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4A9EA24C-F0A5-4FAB-AD9C-0E438444992B} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02] (Hewlett-Packard)
Task: {50AF0C25-C25A-43AA-87EA-7D7B47F73866} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {50D177F7-D840-4C97-AA0F-F8F92CE10B3F} - System32\Tasks\MotoHelper MUM => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {53A33B1D-4F31-4AEA-A2E0-669051F3478D} - System32\Tasks\HP AR Program Upload - 2c43a5844e8443e2a59f4a39949d20fdc6dffcfe441e42c2abd8b5ad7cca2f41 => C:\Program Files\HP\HP Photosmart 6520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {54F82743-0EF7-4D26-B2F1-15A4F036B7A7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-15] (Google Inc.)
Task: {5ABAD4B0-69CF-4ADC-AA1C-2DC5101D9C10} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-287398816-2082105823-3791064297-1002UA => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {5E9DDB18-CB81-49D3-B878-F4068C886659} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-287398816-2082105823-3791064297-1002Core => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {8164C7D7-4576-480C-B197-F6DA51FBF72E} - System32\Tasks\Norton PC Checkup Setup => C:\Users\Laurie\AppData\Local\Temp\PCCUStubInstaller\SymcPCCUInstaller.exe <==== ATTENTION
Task: {82C5FB00-CFCA-4282-9B09-48F78BEE9777} - System32\Tasks\MotoHelper Initial Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {8C8DB607-C100-4355-9E5B-BB06AAB14DC4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-15] (Google Inc.)
Task: {A4A9487F-F6E9-491B-AD39-C55CF426B0D3} - System32\Tasks\DTReg => C:\Windows\system32\config\systemprofile\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
Task: {C4072BA1-334B-445B-970B-B2DFE47C87B1} - \task14512835 -> No File <==== ATTENTION
Task: {CB2E6456-710D-4B70-B4A8-747B3F061CCC} - System32\Tasks\hpUtility.exe_{677D7C7B-6ACD-4F38-A14A-4B0DFAF7B9D8} => C:\Program Files\HP\HP Photosmart 6520 series\Bin\utils\hpUtility.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {D4691785-2F54-4F3F-93A7-57783128E0AB} - System32\Tasks\Norton Internet Security - Run Full System Scan - Laurie => c:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe
Task: {DA1F752A-E643-4E1E-80F4-8BA8CAC8E932} - System32\Tasks\HPCeeScheduleForLaurie => C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2007-12-17] (Hewlett-Packard)
Task: {EDE1DC3B-4663-426C-9402-63C7848DF69D} - System32\Tasks\HPCustParticipation HP Photosmart 6520 series => C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {F5B61500-E43E-46F3-A69C-2266916D8311} - System32\Tasks\AmiUpdXp => C:\Users\Laurie\AppData\Local\29326\Updater.exe [2014-10-19] () <==== ATTENTION
Task: {FFAD53A3-A864-45D5-8351-78F80204EE72} - System32\Tasks\DTChk => C:\Users\Public\Util\DTChk.exe <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Laurie\AppData\Local\29326\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-287398816-2082105823-3791064297-1002Core.job => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-287398816-2082105823-3791064297-1002UA.job => C:\Users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLaurie.job => C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMackenzie.job => C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Laurie.job => c:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exeB/TASK C:\ProgramData\Symantec\Norton AntiVirus\Tasks\mycomp.sca
==================== Loaded Modules (Whitelisted) ==============
2010-01-22 00:47 - 2010-01-22 00:47 - 00051716 _____ () C:\Windows\System32\pdf995mon.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-08 15:36 - 2013-07-08 15:36 - 00107520 _____ () C:\Users\Laurie\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
2010-11-01 13:12 - 2010-11-01 13:12 - 00114688 ____R () C:\Program Files\Motorola Media Link\liveupdatetactics.dll
2010-11-01 13:12 - 2010-11-01 13:12 - 00018432 ____R () C:\Program Files\Motorola Media Link\DbAccess.dll
2010-11-01 13:13 - 2010-11-01 13:13 - 00460199 ____R () C:\Program Files\Motorola Media Link\sqlite3.dll
2010-11-01 13:12 - 2010-11-01 13:12 - 00038912 ____R () C:\Program Files\Motorola Media Link\NAdvLog.dll
2010-11-01 13:12 - 2010-11-01 13:12 - 00026624 ____R () C:\Program Files\Motorola Media Link\NFileCacheDBAccess.dll
2010-11-01 13:12 - 2010-11-01 13:12 - 00057344 ____R () C:\Program Files\Motorola Media Link\netsharingservice.dll
2010-11-01 13:12 - 2010-11-01 13:12 - 00044032 ____R () C:\Program Files\Motorola Media Link\InterProcessChannel.dll
2010-11-01 13:13 - 2010-11-01 13:13 - 00036864 ____R () C:\Program Files\Motorola Media Link\NLog.dll
2011-01-27 14:13 - 2011-01-27 14:13 - 00226624 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
2013-04-26 18:58 - 2013-04-26 20:54 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe
2015-07-29 15:57 - 2015-07-29 15:57 - 00190464 _____ () C:\Windows\system32\netupdsrv.exe
2012-10-12 20:06 - 2013-11-11 15:10 - 00307928 _____ () C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
2012-10-12 20:06 - 2013-10-30 19:06 - 00380928 _____ () C:\Program Files\NETGEAR\WNA3100\WifiLib.dll
2011-01-27 14:13 - 2011-01-27 14:13 - 00673088 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
2009-12-07 18:33 - 2009-11-19 12:46 - 00065344 _____ () C:\Program Files\SGPSA\ie3sh.exe
2010-06-30 00:12 - 2010-06-30 00:12 - 00061440 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00131072 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00040960 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00005632 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00018944 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00036864 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00007680 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
2015-08-13 10:18 - 2015-08-13 10:18 - 00982016 _____ () C:\Users\Laurie\AppData\Local\{49890F0E-DCFD-46BA-AA1C-F43D19158304}\OffersWizard.exe
2012-10-12 20:06 - 2013-11-22 19:34 - 08266456 _____ () C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
2012-10-12 20:06 - 2013-11-01 17:31 - 00278528 _____ () C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:3A171849
AlternateDataStreams: C:\ProgramData\TEMP:75B1A93C
AlternateDataStreams: C:\ProgramData\TEMP:A9C7B545
AlternateDataStreams: C:\ProgramData\TEMP:F84B8DB5
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-287398816-2082105823-3791064297-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{2BC6132D-FDBB-4C06-ACC7-8C8C21DD5333}] => (Allow) c:\Program Files\Cyberlink\PowerDirector\PDR.EXE
FirewallRules: [{62E6D115-E60B-4AA9-BD38-AEE6F06A91E5}] => (Allow) C:\Program Files\123CopyDVD 2009\123CopyDVD.exe
FirewallRules: [{8E2F4281-26EB-4A0B-A087-611F3C33077F}] => (Allow) C:\Program Files\123CopyDVD 2009\123CopyDVD.exe
FirewallRules: [{8E994736-E105-48AD-9D85-5FC7FBC06C10}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{87CFA6AF-FBDE-4BE1-8C12-C4842722E207}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{1B7C826C-F639-4310-8C87-4F9AFAFED7AC}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{3B511900-B7E4-4FA9-938A-C0A3E05903D8}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{3DB8B0C3-03FE-4860-A155-830346B50507}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{986637B6-78C9-47FD-8D3D-DF221F446684}] => (Allow) c:\Program Files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{43A4420D-57DC-42F5-9E82-CB376AC8DD41}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{DF925FBA-73B5-417F-9266-EDBDACCDC1D5}] => (Allow) svchost.exe
FirewallRules: [{FC6F4432-CAC9-4A18-A7F7-B6B22352D30E}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{4C5BD99D-7108-4E3D-A80D-B0827C8AB934}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{BAFBD6A5-5A66-41CD-BCC0-7253662A0F89}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{14B1BB48-F87C-4427-B4D6-D8F3D48C5485}] => (Allow) LPort=26675
FirewallRules: [{748C650D-B3F2-4AF7-846E-48E3335F7521}] => (Allow) C:\Program Files\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{D512695C-5755-4273-97C0-7ED4789374D5}] => (Allow) C:\Program Files\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{F5F9962D-6113-409D-9FDA-6C015E25D353}] => (Allow) C:\Users\Laurie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W8JUXQ92\magentic_install[1].exe
FirewallRules: [{B2FB1885-4891-4FC8-98A2-D816648524AC}] => (Allow) C:\Users\Laurie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W8JUXQ92\magentic_install[1].exe
FirewallRules: [{BC0658CA-1E93-4E0F-87F7-998E0E479610}] => (Allow) C:\Program Files\Magentic\Bin\MgApp.exe
FirewallRules: [{31C3039D-B88D-4E03-A043-CDFF141019B7}] => (Allow) C:\Program Files\Magentic\Bin\MgApp.exe
FirewallRules: [{7DAB0DD2-E234-4949-80C1-4D4C648CE82A}] => (Allow) C:\Program Files\Magentic\Bin\Magentic.exe
FirewallRules: [{6FCA71A5-9BF5-4BF6-A64C-47A4C15FF59B}] => (Allow) C:\Program Files\Magentic\Bin\Magentic.exe
FirewallRules: [{E404D281-DB71-4664-87D1-21C5ED2B0BEE}] => (Allow) C:\Program Files\Magentic\Bin\MgImp.exe
FirewallRules: [{E119ACCD-6AFB-42E5-AE96-ADD9FB7D27CD}] => (Allow) C:\Program Files\Magentic\Bin\MgImp.exe
FirewallRules: [{96B84CFB-CFE6-412B-AB7A-D79C9C91549C}] => (Allow) C:\Program Files\IncrediMail\Bin\IncMail.exe
FirewallRules: [{9422C017-8302-40CE-90C7-4C35BA3220B1}] => (Allow) C:\Program Files\IncrediMail\Bin\IncMail.exe
FirewallRules: [{243FB85F-1BD6-4209-B562-CF65312943EC}] => (Allow) C:\Program Files\IncrediMail\Bin\ImApp.exe
FirewallRules: [{5F23C75A-AC13-4C89-BBBD-53FBBD9D29FF}] => (Allow) C:\Program Files\IncrediMail\Bin\ImApp.exe
FirewallRules: [{C37D482F-2D3A-483F-825E-E6031C26EC3D}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{8BB27603-3F58-42AD-86B5-FD28A7F72D8B}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{2479691A-EA52-4E53-BBB7-E4F8A904BF0F}] => (Allow) LPort=80
FirewallRules: [{D6E8F3FD-E897-472B-A857-8E41025F109D}] => (Allow) LPort=80
FirewallRules: [{487BB894-B16D-447F-A80A-50EA97AB424E}] => (Allow) LPort=80
FirewallRules: [TCP Query User{509C3FE3-5CE7-47BD-8E24-9ABBE696CA0D}C:\program files\motorola media link\mml.exe] => (Block) C:\program files\motorola media link\mml.exe
FirewallRules: [UDP Query User{97AE65E4-AD3B-401F-A7FD-61EBC479E7B0}C:\program files\motorola media link\mml.exe] => (Block) C:\program files\motorola media link\mml.exe
FirewallRules: [{484B6E8F-ADC5-4CB0-9BFB-4FA02CF1CF11}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{10287B15-4813-4D00-8F3E-BD852E7CDC68}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{F105A644-F90B-4FF4-A2F4-66DD0B5AA2EC}] => (Allow) LPort=26675
FirewallRules: [{33E82495-8650-4D1C-8C51-1C77CEE817E1}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{22875F08-50F0-404E-840A-03AB49E9423E}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{1170495F-8675-4F04-A575-B6698C69A4FE}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{0FC995F0-39C7-4719-9A46-9234175DAFCC}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{09425F7F-3927-401D-9AA4-4E1AC593AD2D}] => (Allow) C:\Program Files\Raptr\Raptr.exe
FirewallRules: [{B83D79BD-9DF6-4C68-9BA1-190885F1E756}] => (Allow) C:\Program Files\Raptr\Raptr.exe
FirewallRules: [{C740BB5A-0B72-4FA4-9256-4A1CD9F547DC}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{3A249885-94CF-4AA1-835C-E51FE461115F}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{EBEEAA1E-A44A-4AE0-B12A-8919CC0D9518}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{12738133-ED5D-4D8F-BAC4-C6EC35ABA4A4}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{D5508BA0-2545-4B6C-8961-AC7A6F19441F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{358361E1-7886-4CF3-BA40-7D4BFE0832A9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{AF5BF70C-D968-496B-8697-92F2845E50A0}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{C94FFA19-A6E4-4E32-AA8C-CACC89BD0440}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{8209D087-8D4C-43B1-8868-E9EBA4C558EE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{0C8384EB-3A5A-481A-9586-C9893BFC1CA6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{3332C11A-6CED-49A1-A409-2D4CB7B76A74}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{4EFD6F8A-29EE-4976-AAD1-8CD34246B89F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{BDBF5B75-3337-4154-BF83-A99D7C1721D6}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{C2DD0A42-F0F0-4396-9B7B-C81E628D99AC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{992C20B9-0C77-45C4-83E5-C6B3480E4801}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{3B60ADBE-3A39-4368-AF1D-D1634B27BCCA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{9BB156EB-C31F-4367-9D54-830817B90CDF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{93F3ABD5-BE66-4B05-BC7E-F1A8A3028357}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{BC74CC62-409E-4802-AE16-8B272F73528F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{4D3DB959-8BB9-4AC6-B809-99C81E077AC6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{D3F9BC4B-9270-45F4-A299-E10D428831ED}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{4763FA48-21C0-465F-81B2-1730A86930BE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{25225330-30F9-4604-A271-31284737FF75}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{EDECC605-EAF5-4364-B6F9-94A795888673}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{97C5955C-B445-4F5D-BD20-4A0407E3F31B}] => (Allow) C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{11357786-42C8-4B94-92A6-933D5827DA7A}] => (Allow) C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{77EE4FC5-BF1A-4CE0-8BA3-0753C80FA7B0}] => (Allow) C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{A00E0543-E3D9-4B3A-A339-2BE7E7BE4840}] => (Allow) C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{6D9EB849-B41F-487C-91B9-C2CD1EFCCB6E}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{8FF6E8D3-077B-4B59-983B-3C0E73D8B898}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{93AFFDDA-E961-42FD-B19A-9BD3B0D3DC9B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CDD33813-02B0-431A-8B96-341760D80E2B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9785C6B1-3705-47CE-934A-63443597617F}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3C776FAC-69A6-4DF0-B548-D738611ADDF2}] => (Allow) LPort=2869
FirewallRules: [{F775B6B9-5CD3-482A-AD0E-6DD47A8273A3}] => (Allow) LPort=1900
FirewallRules: [{E1B4557B-166B-42D3-BFCB-D895888FA45E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{FB296804-0E0F-4B84-87C8-6A98B4921398}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\DeviceSetup.exe
FirewallRules: [{15F30379-EFF8-4C79-A211-D0DE6A7433A4}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{C88A0A93-4650-4982-B6D1-CDEEEE7EAF54}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicatorCom.exe
==================== Faulty Device Manager Devices =============
Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47)
Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/19/2015 10:59:39 AM) (Source: profsvc) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Access is denied.
Error: (08/19/2015 10:59:38 AM) (Source: profsvc) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Access is denied.
Error: (08/18/2015 01:42:46 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\LAURIE\APPDATA\LOCALLOW\COUPONXPLORER_5Z\ZHWAZRBBF\LOCAL\GOOGLE\CHROME\USER DATA> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (08/18/2015 01:42:46 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\LAURIE\APPDATA\LOCALLOW\COUPONXPLORER_5Z\ZHWAZRBBF\LOCAL\GOOGLE\CHROME\USER DATA> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (08/18/2015 01:42:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\LAURIE\APPDATA\LOCALLOW\COUPONXPLORER_5Z\ZHWAZRBBF\LOCAL\GOOGLE\CHROME> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (08/18/2015 01:42:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\LAURIE\APPDATA\LOCALLOW\COUPONXPLORER_5Z\ZHWAZRBBF\LOCAL\GOOGLE\CHROME> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (08/18/2015 01:42:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\LAURIE\APPDATA\LOCALLOW\COUPONXPLORER_5Z\ZHWAZRBBF\LOCAL\GOOGLE> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (08/18/2015 01:42:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\LAURIE\APPDATA\LOCALLOW\COUPONXPLORER_5Z\ZHWAZRBBF\LOCAL\GOOGLE> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (08/18/2015 01:42:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\LAURIE\APPDATA\LOCALLOW\DIVX\LUHEEYH\LOCAL\GOOGLE\CHROME\USER DATA> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (08/18/2015 01:42:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\LAURIE\APPDATA\LOCALLOW\DIVX\LUHEEYH\LOCAL\GOOGLE\CHROME\USER DATA> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
System errors:
=============
Error: (08/18/2015 02:38:00 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: "C:\Windows\system32\Adobe\Director\SwDnld.exe" -Embedding740{D21ED08F-6B88-45EC-A71C-6BD453B561D0}
Error: (08/16/2015 04:22:31 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
Error: (08/16/2015 04:22:28 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
Error: (08/16/2015 07:24:55 AM) (Source: Dhcp) (EventID: 1000) (User: )
Description: Your computer has lost the lease to its IP address 192.168.0.3 on the Network Card with network address 2CB05D6662B1.
Error: (08/13/2015 10:03:33 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: "C:\Windows\system32\Adobe\Director\SwDnld.exe" -Embedding740{D21ED08F-6B88-45EC-A71C-6BD453B561D0}
Error: (08/13/2015 09:07:41 PM) (Source: DCOM) (EventID: 10016) (User: Laurie-PC)
Description: application-specificLocalActivation{4991D34B-80A1-4291-83B6-3328366B9097}Laurie-PCLaurieS-1-5-21-287398816-2082105823-3791064297-1000LocalHost (Using LRPC)
Error: (08/13/2015 09:03:00 PM) (Source: DCOM) (EventID: 10016) (User: Laurie-PC)
Description: application-specificLocalActivation{4991D34B-80A1-4291-83B6-3328366B9097}Laurie-PCLaurieS-1-5-21-287398816-2082105823-3791064297-1000LocalHost (Using LRPC)
Error: (08/13/2015 09:01:13 PM) (Source: DCOM) (EventID: 10016) (User: Laurie-PC)
Description: application-specificLocalActivation{4991D34B-80A1-4291-83B6-3328366B9097}Laurie-PCLaurieS-1-5-21-287398816-2082105823-3791064297-1000LocalHost (Using LRPC)
Error: (08/13/2015 08:54:37 PM) (Source: DCOM) (EventID: 10016) (User: Laurie-PC)
Description: application-specificLocalActivation{4991D34B-80A1-4291-83B6-3328366B9097}Laurie-PCLaurieS-1-5-21-287398816-2082105823-3791064297-1000LocalHost (Using LRPC)
Error: (08/13/2015 08:44:40 PM) (Source: DCOM) (EventID: 10016) (User: Laurie-PC)
Description: application-specificLocalActivation{4991D34B-80A1-4291-83B6-3328366B9097}Laurie-PCLaurieS-1-5-21-287398816-2082105823-3791064297-1000LocalHost (Using LRPC)
Microsoft Office:
=========================
Error: (08/19/2015 10:59:39 AM) (Source: profsvc) (EventID: 1542) (User: NT AUTHORITY)
Description: Access is denied.
Error: (08/19/2015 10:59:38 AM) (Source: profsvc) (EventID: 1542) (User: NT AUTHORITY)
Description: Access is denied.
Error: (08/18/2015 01:42:46 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\LAURIE\APPDATA\LOCALLOW\COUPONXPLORER_5Z\ZHWAZRBBF\LOCAL\GOOGLE\CHROME\USER DATA
Error: (08/18/2015 01:42:46 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\LAURIE\APPDATA\LOCALLOW\COUPONXPLORER_5Z\ZHWAZRBBF\LOCAL\GOOGLE\CHROME\USER DATA
Error: (08/18/2015 01:42:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\LAURIE\APPDATA\LOCALLOW\COUPONXPLORER_5Z\ZHWAZRBBF\LOCAL\GOOGLE\CHROME
Error: (08/18/2015 01:42:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\LAURIE\APPDATA\LOCALLOW\COUPONXPLORER_5Z\ZHWAZRBBF\LOCAL\GOOGLE\CHROME
Error: (08/18/2015 01:42:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\LAURIE\APPDATA\LOCALLOW\COUPONXPLORER_5Z\ZHWAZRBBF\LOCAL\GOOGLE
Error: (08/18/2015 01:42:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\LAURIE\APPDATA\LOCALLOW\COUPONXPLORER_5Z\ZHWAZRBBF\LOCAL\GOOGLE
Error: (08/18/2015 01:42:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\LAURIE\APPDATA\LOCALLOW\DIVX\LUHEEYH\LOCAL\GOOGLE\CHROME\USER DATA
Error: (08/18/2015 01:42:45 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\LAURIE\APPDATA\LOCALLOW\DIVX\LUHEEYH\LOCAL\GOOGLE\CHROME\USER DATA
CodeIntegrity:
===================================
Date: 2012-12-01 17:53:29.034
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2012-12-01 17:53:28.716
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2012-12-01 17:53:28.399
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2012-12-01 17:53:28.076
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2011-04-02 17:10:18.108
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2011-04-02 17:10:17.872
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2011-04-02 17:10:17.644
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2011-04-02 17:10:17.420
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2011-03-26 17:50:33.807
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2011-03-26 17:50:33.562
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Athlon™ 64 X2 Dual Core Processor 4600+
Percentage of memory in use: 62%
Total physical RAM: 2941.76 MB
Available physical RAM: 1098.66 MB
Total Virtual: 6102.04 MB
Available Virtual: 3572.62 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:324.13 GB) (Free:115.93 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.22 GB) (Free:1.54 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 335.4 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=324.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11.2 GB) - (Type=07 NTFS)
==================== End of log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:19-08-2015
Ran by Laurie (administrator) on LAURIE-PC (19-08-2015 11:00:59)
Running from C:\Users\Laurie\Desktop
Loaded Profiles: Laurie (Available Profiles: Laurie & Alyssa & Tony & Mackenzie & Christina & Matthew)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(COMPANYVERS_NAME) C:\Program Files\CouponXplorer_5z\bar\1.bin\5zbarsvc.exe
() C:\Users\Laurie\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
(Nero AG) C:\Program Files\Motorola Media Link\NServiceEntry.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
(MyWebSearch.com) C:\Program Files\MyWebSearch\bar\2.bin\MWSSVC.EXE
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\netupdsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
() C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wpcumi.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
() C:\Program Files\SGPSA\ie3sh.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(MyWebSearch.com) C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(VER_COMPANY_NAME) C:\Program Files\CouponXplorer_5z\bar\1.bin\5zbrmon.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
() C:\Users\Laurie\AppData\Local\{49890F0E-DCFD-46BA-AA1C-F43D19158304}\OffersWizard.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-02] (Hewlett-Packard)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [WPCUMI] => C:\Windows\system32\WpcUmi.exe [176128 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [DVDAgent] => c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2009-09-09] (CyberLink Corp.)
HKLM\...\Run: [FBSSA] => C:\Program Files\SGPSA\ie3sh.exe [65344 2009-11-19] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [MyWebSearch Email Plugin] => C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE [32849 2012-10-08] (MyWebSearch.com)
HKLM\...\Run: [My Web Search Bar Search Scope Monitor] => C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE [34336 2012-10-08] (MyWebSearch.com)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [132760 2007-04-07] (Sun Microsystems, Inc.)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [81920 2008-06-02] (Hewlett-Packard)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [ShopAtHomeWatcher] => C:\Users\Laurie\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
HKLM\...\Run: [ShopAtHomeUpdater] => C:\Users\Laurie\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe
HKLM\...\Run: [CouponXplorer Search Scope Monitor] => C:\Program Files\CouponXplorer_5z\bar\1.bin\5zSrchMn.exe [44784 2013-08-17] (MindSpark)
HKLM\...\Run: [CouponXplorer_5z Browser Plugin Loader] => C:\Program Files\CouponXplorer_5z\bar\1.bin\5zbrmon.exe [30096 2013-08-17] (VER_COMPANY_NAME)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-20] (Adobe Systems Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKU\S-1-5-21-287398816-2082105823-3791064297-1000\...\Run: [HPAdvisor] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1689144 2010-06-30] (Hewlett-Packard)
HKU\S-1-5-21-287398816-2082105823-3791064297-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-287398816-2082105823-3791064297-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-03-05] (Google Inc.)
HKU\S-1-5-21-287398816-2082105823-3791064297-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-287398816-2082105823-3791064297-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2015-03-18] (Microsoft Corporation)
HKU\S-1-5-21-287398816-2082105823-3791064297-1000\...\Run: [{cd5d6097-ccd5-d484-925f-a1d8ee6aec1a}] => C:\Users\Laurie\AppData\Local\Microsoft\{cd5d6097-ccd5-d484-925f-a1d8ee6aec1a}\{cd5d6097-ccd5-d484-925f-a1d8ee6aec1a}.exe [293945 2014-10-27] ()
HKU\S-1-5-21-287398816-2082105823-3791064297-1000\...\Run: [Torozbnemd] => regsvr32.exe /s "C:\Users\Laurie\AppData\Local\Windows Live Writer\Torozbnemd.dll" <===== ATTENTION
HKU\S-1-5-21-287398816-2082105823-3791064297-1000\...\Run: [{04b50ea9-94fe-4509-c03e-886817b3d859}] => C:\Users\Laurie\AppData\Local\{04b50ea9-94fe-4509-c03e-886817b3d859}\{04b50ea9-94fe-4509-c03e-886817b3d859}.exe [359424 2014-11-24] ()
HKU\S-1-5-21-287398816-2082105823-3791064297-1000\...\Run: [OffersWizard update] => C:\Users\Laurie\AppData\Local\{49890F0E-DCFD-46BA-AA1C-F43D19158304}\OffersWizard.exe [982016 2015-08-13] ()
HKU\S-1-5-21-287398816-2082105823-3791064297-1000\...409d6c4515e9\InprocServer32: [Default-shell32] \\?\globalroot\Device\HarddiskVolume1\Users\Laurie\AppData\Local\Temp\spofcne\seipvhs\wow.dllATTENTION! ====> ZeroAccess?
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-04-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2012-10-12]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()
Startup: C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2013-08-23]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2010-10-10]
ShortcutTarget: IMVU.lnk -> C:\Users\Laurie\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2009-08-10]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-287398816-2082105823-3791064297-1005\User: Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-287398816-2082105823-3791064297-1004\User: Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-287398816-2082105823-3791064297-1003\User: Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-287398816-2082105823-3791064297-1002\User: Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-287398816-2082105823-3791064297-1001\User: Restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.magentic.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Pavilion&pf=cndt
HKU\S-1-5-21-287398816-2082105823-3791064297-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
URLSearchHook: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
URLSearchHook: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 - (No Name) - {9b138bf3-1d40-4e7e-84bb-2975198ad938} - No File
SearchScopes: HKLM -> {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml?id=ZRxdm7195DUS&ptnrS=ZRxdm7195DUS&ptb=wR7wleVBUN8ebv.dckzP0w&ind=2011010520&n=&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM -> {5a1d0d31-749c-4186-a295-4106e6e7b26a} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AFA^xdm072^S06083^us&si=cd3772&ptb=9273F583-8FFA-49CA-9CCD-3A2219ED73F4&ind=2013081716&n=77fd3074&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM -> {74322DF1-2894-438D-B2E4-ADF7A3B1703F} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM -> {98290752-E9BC-47AB-AE7F-3BCEE77A1556} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKLM -> {CD10120B-C165-4f8d-8C74-639629E238FF} URL = hxxp://mystart.magentic.com/?search={searchTerms}&loc=search_box
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-19 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-20 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> DefaultScope {C1E00E2A-211D-4C4B-936B-1E885C37AB5D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289847&CUI=UN15795858271509719&UM=2
SearchScopes: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> {25D35721-2593-463A-93B8-79CA3849D200} URL = hxxp://www.fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=19&tid={438F6934-136E-4206-86CC-FEF4979D3247}
SearchScopes: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> {2B96D3FF-33E5-4D00-A1EE-7FDBDFA15464} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3300033&SearchSource=45&q={searchTerms}
SearchScopes: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZRxdm7195DUS&ptnrS=ZRxdm7195DUS&ptb=wR7wleVBUN8ebv.dckzP0w&ind=2010120702&n=77d001fe&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> {5a1d0d31-749c-4186-a295-4106e6e7b26a} URL =
SearchScopes: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> {74322DF1-2894-438D-B2E4-ADF7A3B1703F} URL =
SearchScopes: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> {98290752-E9BC-47AB-AE7F-3BCEE77A1556} URL =
SearchScopes: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> {C1E00E2A-211D-4C4B-936B-1E885C37AB5D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289847&CUI=UN15795858271509719&UM=2
SearchScopes: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> {CD10120B-C165-4f8d-8C74-639629E238FF} URL =
BHO: MyWebSearch Search Assistant BHO -> {00A6FAF1-072E-44cf-8957-5838F569A31D} -> C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL [2012-10-08] (MyWebSearch.com)
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: Toolbar BHO -> {0297a026-3011-46d3-ad62-bb9a7612aea7} -> C:\Program Files\CouponXplorer_5z\bar\1.bin\5zbar.dll [2013-08-17] (MindSpark)
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: mwsBar BHO -> {07B18EA1-A523-4961-B6BB-170DE4475CCA} -> C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL [2012-10-08] (MyWebSearch.com)
BHO: DownloadTerms -> {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} -> C:\Users\Laurie\AppData\Local\DownloadTerms\temp.dat [2013-03-20] ()
BHO: Webexp Enhanced -> {470d9a15-ea3d-41f5-a333-514df149c633} -> C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha893\ie\WebexpEnhancedV1alpha893.dll [2013-12-19] ()
BHO: ShopAtHome.com Cash Back Helper -> {66516A07-F617-488A-90CF-4E690CFB3C5F} -> C:\Users\Laurie\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll [2013-08-02] (ShopAtHome.com)
BHO: Media Player -> {670e6075-343d-45b2-a997-158ed8a490a9} -> C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha830\ie\MediaPlayerV1alpha830.dll [2014-01-28] ()
BHO: Webexp Enhanced -> {6bd18712-cea6-4443-8536-02d7a5168d72} -> C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha2167\ie\WebexpEnhancedV1alpha2167.dll [2013-12-19] ()
BHO: Video Player -> {759e771c-61c6-45cc-8b49-55cf6819636c} -> C:\Program Files\VideoPlayerV3\VideoPlayerV3beta20\ie\VideoPlayerV3beta20.dll [2014-01-07] ()
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-23] (Oracle Corporation)
BHO: Media Watch -> {7bd9b906-4619-4679-997a-1843b9ac7fc0} -> C:\Program Files\MediaWatchV1\MediaWatchV1home211\ie\MediaWatchV1home211.dll [2014-03-20] ()
BHO: Search Assistant BHO -> {7d69ed06-0171-4379-9528-08df51092727} -> C:\Program Files\CouponXplorer_5z\bar\1.bin\5zSrcAs.dll [2013-08-17] (MindSpark)
BHO: DefaultTab Browser Helper -> {7F6AFBF1-E065-4627-A2FD-810366367D01} -> C:\Windows\system32\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll [2014-11-08] (Search Results LLC.)
BHO: BrowserHelper Class -> {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} -> C:\Program Files\SGPSA\SearchAssistant.dll [2009-10-15] (Make The Web Better, LLC)
BHO: Media View -> {8b93608f-2f06-4f2d-b268-b002ad832422} -> C:\Program Files\MediaViewV1\MediaViewV1alpha7175\ie\MediaViewV1alpha7175.dll [2014-02-27] ()
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Media View -> {945660b1-a473-4bce-8ba8-94d63d2e39f2} -> C:\Program Files\MediaViewV1\MediaViewV1alpha2807\ie\MediaViewV1alpha2807.dll [2014-02-26] ()
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-11] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Media Viewer -> {c2e2b67a-d832-4d78-9592-7c3ca0c5bcfa} -> C:\Program Files\MediaViewerV1\MediaViewerV1alpha794\ie\MediaViewerV1alpha794.dll [2014-02-23] ()
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-23] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL [2012-10-08] (MyWebSearch.com)
Toolbar: HKLM - ShopAtHome.com Toolbar - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Laurie\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll [2013-08-02] (ShopAtHome.com)
Toolbar: HKLM - CouponXplorer - {65c72339-fb1d-4155-84e1-9afacee02d6f} - C:\Program Files\CouponXplorer_5z\bar\1.bin\5zbar.dll [2013-08-17] (MindSpark)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-11] (Google Inc.)
Toolbar: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-08-11] (Google Inc.)
Toolbar: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
Toolbar: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL [2012-10-08] (MyWebSearch.com)
Toolbar: HKU\S-1-5-21-287398816-2082105823-3791064297-1000 -> CouponXplorer - {65C72339-FB1D-4155-84E1-9AFACEE02D6F} - C:\Program Files\CouponXplorer_5z\bar\1.bin\5zbar.dll [2013-08-17] (MindSpark)
DPF: {21F49842-BFA9-11D2-A89C-00104B62BDDA}
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-07] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192 2008-01-20] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192 2008-01-20] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192 2008-01-20] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192 2008-01-20] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192 2008-01-20] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192 2008-01-20] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192 2008-01-20] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192 2008-01-20] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\system32\wpclsp.dll [72192 2008-01-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{3E3A99C7-7F50-4745-A876-99B2C6C1F1B4}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{FB6AA326-0925-4710-A962-A46CEF0FC5E1}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2009-02-02] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin: @CouponXplorer_5z.com/Plugin -> C:\Program Files\CouponXplorer_5z\bar\1.bin\NP5zStub.dll [2013-08-17] (MindSpark)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [No File]
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll [2013-03-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-03-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @mywebsearch.com/Plugin -> C:\Program Files\MyWebSearch\bar\2.bin\NPMyWebS.dll [2012-10-08] (MyWebSearch.com)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.1 -> C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll [2007-09-18] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll [2013-10-15] ()
FF Plugin: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2009-07-02] (Zylom)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-12-20] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Extension: PlaySushi TextLinks - C:\Users\Laurie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2010-04-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-28]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\MyWebSearch\bar\2.bin
FF Extension: My Web Search - C:\Program Files\MyWebSearch\bar\2.bin [2012-10-08]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-04-26]
FF HKLM\...\Firefox\Extensions: [5zffxtbr@CouponXplorer_5z.com] - C:\Program Files\CouponXplorer_5z\bar\1.bin
FF Extension: No Name - C:\Program Files\CouponXplorer_5z\bar\1.bin [2013-08-17]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-10-02]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\BetterSurf\ff
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Better-Surf\ff
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\BetterSurf\BetterSurfPlus\ff
FF Extension: Better Surf Plus - C:\Program Files\BetterSurf\BetterSurfPlus\ff [2013-12-10]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha893\ff
FF Extension: Webexp Enhanced - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha893\ff [2013-12-20]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha2167\ff
FF Extension: Webexp Enhanced - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha2167\ff [2014-01-09]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta20\ff
FF Extension: Video Player - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta20\ff [2014-01-10]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha830\ff
FF Extension: Media Player - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha830\ff [2014-01-29]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha794\ff
FF Extension: Media Viewer - C:\Program Files\MediaViewerV1\MediaViewerV1alpha794\ff [2014-02-23]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\MediaViewV1\MediaViewV1alpha2807\ff
FF Extension: Media View - C:\Program Files\MediaViewV1\MediaViewV1alpha2807\ff [2014-02-27]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\MediaViewV1\MediaViewV1alpha7175\ff
FF Extension: Media View - C:\Program Files\MediaViewV1\MediaViewV1alpha7175\ff [2014-03-15]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\MediaWatchV1\MediaWatchV1home211\ff
FF Extension: Media Watch - C:\Program Files\MediaWatchV1\MediaWatchV1home211\ff [2014-03-22]
FF HKU\S-1-5-21-287398816-2082105823-3791064297-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Video Player) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\alpbokmhfagafhfaghmgblnalabpafgk [2014-02-25]
CHR Extension: (Google Docs) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-25]
CHR Extension: (Google Drive) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-25]
CHR Extension: (YouTube) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-25]
CHR Extension: (Google Search) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-25]
CHR Extension: (Webexp Enhanced) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkgdfgpgjedkgmemjnbhpakdbkjdhkg [2014-02-25]
CHR Extension: (No Name) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-02-25]
CHR Extension: (Media Viewer) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\epiollcijkbdofffmkfjlcicmjjkcibk [2014-02-25]
CHR Extension: (Media Watch) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjipgiaabcfimghibkgdjkdfcggjenco [2014-03-22]
CHR Extension: (No Name) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-01]
CHR Extension: (Webexp Enhanced) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\imdanlnahgkncdnmhnchakpiphldbilb [2014-02-25]
CHR Extension: (Media View) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcahfkiahmlmlfpnepeefopajkbbgmk [2014-03-15]
CHR Extension: (No Name) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-15]
CHR Extension: (Better Surf Plus) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl [2014-02-25]
CHR Extension: (Media View) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\najcjpobeicoipjljigljfcallbbpdgm [2014-02-27]
CHR Extension: (No Name) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-25]
CHR Extension: (Gmail) - C:\Users\Laurie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-25]
CHR HKLM\...\Chrome\Extension: [alpbokmhfagafhfaghmgblnalabpafgk] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta20\ch\VideoPlayerV3beta20.crx [2014-01-07]
CHR HKLM\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files\BetterSurf\ch\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [dhkgdfgpgjedkgmemjnbhpakdbkjdhkg] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha893\ch\WebexpEnhancedV1alpha893.crx [2013-12-19]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-20]
CHR HKLM\...\Chrome\Extension: [epiollcijkbdofffmkfjlcicmjjkcibk] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha794\ch\MediaViewerV1alpha794.crx [2014-02-23]
CHR HKLM\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files\WebCake\WebCakeLayers.crx <not found>
CHR HKLM\...\Chrome\Extension: [gjipgiaabcfimghibkgdjkdfcggjenco] - C:\Program Files\MediaWatchV1\MediaWatchV1home211\ch\MediaWatchV1home211.crx [2014-03-20]
CHR HKLM\...\Chrome\Extension: [imdanlnahgkncdnmhnchakpiphldbilb] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha2167\ch\WebexpEnhancedV1alpha2167.crx [2013-12-19]
CHR HKLM\...\Chrome\Extension: [jdcahfkiahmlmlfpnepeefopajkbbgmk] - C:\Program Files\MediaViewV1\MediaViewV1alpha7175\ch\MediaViewV1alpha7175.crx [2014-02-27]
CHR HKLM\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2013-12-10]
CHR HKLM\...\Chrome\Extension: [najcjpobeicoipjljigljfcallbbpdgm] - C:\Program Files\MediaViewV1\MediaViewV1alpha2807\ch\MediaViewV1alpha2807.crx [2014-02-26]
CHR HKLM\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files\Better-Surf\ch\Chrome.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CouponXplorer_5zService; C:\Program Files\CouponXplorer_5z\bar\1.bin\5zbarsvc.exe [42504 2013-08-17] (COMPANYVERS_NAME)
R2 DefaultTabUpdate; C:\Users\Laurie\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2013-07-08] () [File not signed]
R2 DeviceMonitorService; C:\Program Files\Motorola Media Link\NServiceEntry.exe [81920 2010-11-01] (Nero AG) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-17] (WildTangent)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [660992 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-04-13] (Hewlett-Packard Company) [File not signed]
R2 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [226624 2011-01-27] ()
R2 MyWebSearchService; C:\Program Files\MyWebSearch\bar\2.bin\MWSSVC.EXE [28762 2012-10-08] (MyWebSearch.com) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
S2 NetHttpService; C:\Windows\system32\nethtsrv.exe [349696 2015-07-29] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2013-04-26] ()
R2 ServiceUpdater; C:\Windows\system32\netupdsrv.exe [190464 2015-07-29] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
R2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R5 ACPI; C:\Windows\System32\drivers\acpi.sys [265688 2009-04-10] (Microsoft Corporation)
R5 atapi; C:\Windows\System32\drivers\atapi.sys [19944 2009-04-10] (Microsoft Corporation)
R3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [1074944 2011-12-12] (Broadcom Corporation)
R5 CLFS; C:\Windows\System32\CLFS.sys [244152 2015-03-04] (Microsoft Corporation)
R5 crcdisk; C:\Windows\System32\drivers\crcdisk.sys [24632 2008-01-20] (Microsoft Corporation)
R5 disk; C:\Windows\System32\drivers\disk.sys [53736 2009-04-10] (Microsoft Corporation)
R5 Ecache; C:\Windows\System32\drivers\ecache.sys [140224 2015-07-21] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [58936 2008-01-20] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-10] (Microsoft Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [440768 2015-06-12] (Microsoft Corporation)
R5 MountMgr; C:\Windows\System32\drivers\mountmgr.sys [56256 2015-07-21] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [16440 2008-01-20] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [48104 2009-04-10] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [527848 2009-04-10] (Microsoft Corporation)
R1 nethfdrv; C:\Windows\system32\drivers\nethfdrv.sys [49152 2015-07-29] () [File not signed]
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
R5 nvraid; C:\Windows\System32\drivers\nvraid.sys [102968 2008-01-20] (NVIDIA Corporation)
R5 nvstor32; C:\Windows\System32\drivers\nvstor32.sys [145440 2008-06-06] (NVIDIA Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [53120 2012-03-20] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [149480 2009-04-10] (Microsoft Corporation)
R5 pciide; C:\Windows\System32\drivers\pciide.sys [14312 2009-04-10] (Microsoft Corporation)
R5 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows ® Codename Longhorn DDK provider)
R5 spldr; C:\Windows\system32\Drivers\spldr.sys [21048 2008-01-20] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [905664 2014-04-04] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [52792 2008-01-20] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [292840 2009-04-10] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [224640 2012-08-21] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [527064 2013-06-26] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 lcjiljlq; \??\C:\Windows\system32\drivers\lcjiljlq.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [X]
U3 Winsock - Google Desktop Search Backup Before First Install; no ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-19 11:00 - 2015-08-19 11:01 - 00040404 _____ C:\Users\Laurie\Desktop\FRST.txt
2015-08-19 10:59 - 2015-08-19 11:01 - 00000000 ____D C:\FRST
2015-08-19 10:55 - 2015-08-19 10:55 - 01677312 _____ (Farbar) C:\Users\Laurie\Desktop\FRST.exe
2015-08-18 04:28 - 2015-08-18 04:28 - 00000687 _____ C:\awh1E2A.tmp
2015-08-13 23:03 - 2015-08-13 23:03 - 00000000 ____D C:\Users\Laurie\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2015-08-13 23:02 - 2015-08-13 23:02 - 00000000 _____ C:\Users\Laurie\Desktop\Scan0001.txt
2015-08-13 22:49 - 2015-08-13 22:49 - 00000907 _____ C:\Users\Laurie\Desktop\Scan0001 - Shortcut.lnk
2015-08-13 12:48 - 2015-08-13 12:48 - 00000687 _____ C:\awh4604.tmp
2015-08-13 11:11 - 2015-08-13 11:11 - 00000687 _____ C:\awh169B.tmp
2015-08-13 10:31 - 2015-08-13 10:31 - 00000687 _____ C:\awh14B8.tmp
2015-08-13 10:18 - 2015-08-13 14:16 - 00000000 ____D C:\Users\Laurie\AppData\Local\{49890F0E-DCFD-46BA-AA1C-F43D19158304}
2015-08-13 10:11 - 2015-08-13 10:11 - 00000000 ____D C:\ProgramData\WindowsSearch
2015-08-13 09:57 - 2015-08-13 09:57 - 03088296 _____ (Symantec Corporation) C:\Users\Laurie\Downloads\NPE.exe
2015-08-13 09:04 - 2015-08-13 09:04 - 00000687 _____ C:\awh26B2.tmp
2015-08-12 11:09 - 2015-08-12 11:09 - 00000687 _____ C:\awh22EA.tmp
2015-08-12 11:01 - 2015-08-12 11:01 - 00000687 _____ C:\awh7F73.tmp
2015-08-11 15:56 - 2015-08-11 15:56 - 00000687 _____ C:\awh82A6.tmp
2015-08-11 15:39 - 2015-07-21 13:55 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 15:39 - 2015-07-21 09:07 - 03605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-11 15:39 - 2015-07-21 09:07 - 03553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 15:39 - 2015-07-21 09:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-08-11 15:39 - 2015-07-21 09:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 15:39 - 2015-07-21 09:03 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-08-11 15:39 - 2015-07-21 09:03 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-11 15:39 - 2015-07-21 09:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-11 15:39 - 2015-07-03 09:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-08-11 15:37 - 2015-07-31 12:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 15:37 - 2015-06-17 09:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-08-11 15:37 - 2015-06-17 08:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-08-11 15:36 - 2015-07-09 07:20 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-08-11 15:36 - 2015-06-12 09:01 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-08-11 15:35 - 2015-07-10 12:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-11 15:34 - 2015-07-11 08:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-11 15:32 - 2015-07-18 09:03 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-11 15:27 - 2015-07-10 12:37 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 15:27 - 2015-07-10 12:37 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 15:26 - 2015-05-31 01:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-08-11 15:25 - 2015-07-31 15:08 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-11 15:25 - 2015-07-31 14:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-08-11 15:25 - 2015-07-31 14:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-08-11 15:25 - 2015-07-31 14:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-08-11 15:25 - 2015-07-31 14:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-08-11 15:25 - 2015-07-31 13:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-11 15:25 - 2015-07-31 13:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-08-11 15:25 - 2015-07-31 13:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-11 15:25 - 2015-07-31 13:33 - 02066944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 15:25 - 2015-07-31 13:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-11 15:25 - 2015-07-31 13:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-11 15:25 - 2015-07-31 13:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-11 15:23 - 2015-06-27 09:03 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-11 15:23 - 2015-06-27 09:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-11 15:23 - 2015-06-27 09:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-11 15:23 - 2015-06-27 09:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-08-11 15:23 - 2015-06-27 07:21 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-11 15:23 - 2015-06-27 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-11 15:23 - 2015-06-12 06:13 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 15:23 - 2015-01-08 17:17 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-11 15:22 - 2015-07-09 07:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-11 15:22 - 2015-07-09 07:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 15:22 - 2015-07-01 08:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-11 12:31 - 2015-07-22 13:54 - 12386816 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-11 12:31 - 2015-07-22 13:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 12:31 - 2015-07-22 13:51 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 12:31 - 2015-07-22 13:47 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 12:31 - 2015-07-22 13:46 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 12:31 - 2015-07-22 13:46 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 12:31 - 2015-07-22 13:45 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 12:31 - 2015-07-22 13:45 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-08-11 12:31 - 2015-07-22 13:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-11 12:31 - 2015-07-22 13:44 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 12:31 - 2015-07-22 13:44 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 12:31 - 2015-07-22 13:44 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 12:31 - 2015-07-22 13:44 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 12:31 - 2015-07-22 13:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-11 12:31 - 2015-07-22 13:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-11 12:31 - 2015-07-22 13:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-11 12:31 - 2015-07-22 13:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-11 12:31 - 2015-07-22 13:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-11 12:31 - 2015-07-22 13:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-08-11 12:31 - 2015-07-22 13:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-08-11 12:31 - 2015-07-22 13:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-08-11 12:31 - 2015-07-22 13:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 12:02 - 2015-08-11 12:02 - 00000687 _____ C:\awh38BB.tmp
2015-08-11 10:56 - 2015-08-11 10:56 - 00000687 _____ C:\awh8861.tmp
2015-08-11 10:31 - 2015-08-11 10:31 - 00000687 _____ C:\awh66CD.tmp
2015-08-11 00:34 - 2015-08-11 00:34 - 00000687 _____ C:\awhD48.tmp
2015-08-10 23:57 - 2015-08-10 23:57 - 00567133 _____ C:\Users\Laurie\Downloads\Setup.zip
2015-08-10 23:26 - 2015-08-10 23:32 - 00000000 ____D C:\Users\Laurie\Desktop\Mackenzie Smith Physical Forms
2015-08-10 19:01 - 2015-08-10 19:01 - 00000687 _____ C:\awhE06.tmp
2015-08-06 05:56 - 2015-08-06 05:56 - 00000000 ____D C:\Users\Laurie\AppData\Local\{EE54D9C5-56F2-426C-934B-A55D0F7C65BE}
2015-08-05 00:03 - 2015-08-05 00:03 - 00877152 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-08-05 00:03 - 2015-08-05 00:03 - 00538208 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-08-02 05:56 - 2015-08-02 05:56 - 00000000 ____D C:\Users\Laurie\AppData\Local\{BA8AF620-01B3-4437-9D2B-C3E2490DE95F}
2015-07-31 18:48 - 2015-07-31 18:48 - 00000000 ____D C:\Users\Laurie\AppData\Local\{BAC2B2F9-C08F-4BC2-A6C8-A31AB0A09BE3}
2015-07-29 15:57 - 2015-07-29 15:57 - 00190464 _____ C:\Windows\system32\netupdsrv.exe
2015-07-29 15:57 - 2015-07-29 15:57 - 00140288 _____ C:\Windows\system32\installd.exe
2015-07-29 15:57 - 2015-07-29 15:57 - 00049152 _____ () C:\Windows\system32\Drivers\nethfdrv.sys
2015-07-29 15:56 - 2015-07-29 15:56 - 00437248 _____ C:\Windows\system32\hfpapi.dll
2015-07-29 15:56 - 2015-07-29 15:56 - 00349696 _____ C:\Windows\system32\nethtsrv.exe
2015-07-29 15:56 - 2015-07-29 15:56 - 00108544 _____ C:\Windows\system32\hfnapi.dll
2015-07-26 06:56 - 2015-07-26 06:56 - 00000000 ____D C:\Users\Laurie\AppData\Local\{4B136AE8-652A-4BA4-AB7D-6ED2E2BC8F4F}
2015-07-24 05:56 - 2015-07-24 05:56 - 00000000 ____D C:\Users\Laurie\AppData\Local\{44BE5933-93AC-4B59-BBF7-24B672B6A89C}
2015-07-20 03:52 - 2015-07-20 03:52 - 00000687 _____ C:\awhD538.tmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-19 10:50 - 2006-11-02 05:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-19 10:50 - 2006-11-02 05:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-19 10:17 - 2008-10-01 00:16 - 01697988 _____ C:\Windows\WindowsUpdate.log
2015-08-18 12:34 - 2015-04-07 14:45 - 00000326 _____ C:\Windows\Tasks\HPCeeScheduleForLaurie.job
2015-08-16 19:11 - 2012-12-13 20:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-16 18:37 - 2009-10-29 18:58 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-16 18:23 - 2010-12-20 21:29 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-287398816-2082105823-3791064297-1002UA.job
2015-08-16 16:02 - 2006-11-02 03:33 - 00758854 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-16 16:01 - 2013-12-08 19:51 - 00018504 _____ C:\Windows\setupact.log
2015-08-16 12:37 - 2009-10-29 18:58 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-16 10:18 - 2013-07-10 15:15 - 00000370 _____ C:\Windows\Tasks\AmiUpdXp.job
2015-08-15 20:23 - 2010-12-20 21:29 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-287398816-2082105823-3791064297-1002Core.job
2015-08-15 17:44 - 2009-01-21 02:41 - 00000052 _____ C:\Windows\system32\DOErrors.log
2015-08-13 22:48 - 2009-09-13 23:46 - 00000000 ____D C:\Users\Laurie\AppData\Local\HP
2015-08-13 14:23 - 2010-04-25 11:52 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-08-13 14:22 - 2006-11-02 06:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-13 14:22 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\Msdtc
2015-08-13 14:21 - 2006-11-02 03:22 - 64487424 _____ C:\Windows\system32\config\software_previous
2015-08-13 14:21 - 2006-11-02 03:22 - 48496640 _____ C:\Windows\system32\config\components_previous
2015-08-13 14:21 - 2006-11-02 03:22 - 29360128 _____ C:\Windows\system32\config\system_previous
2015-08-13 14:21 - 2006-11-02 03:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2015-08-13 14:21 - 2006-11-02 03:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2015-08-13 14:21 - 2006-11-02 03:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2015-08-13 14:20 - 2009-01-04 00:07 - 00000000 ____D C:\Users\Laurie
2015-08-13 14:19 - 2009-01-31 22:53 - 00000000 ____D C:\Users\Christina
2015-08-13 14:19 - 2009-01-17 20:04 - 00000000 ____D C:\Users\Matthew
2015-08-13 14:18 - 2009-01-12 09:05 - 00000000 ____D C:\Users\Tony
2015-08-13 14:18 - 2009-01-05 20:23 - 00000000 ____D C:\Users\Alyssa
2015-08-13 14:18 - 2009-01-05 18:15 - 00000000 ____D C:\Users\Mackenzie
2015-08-13 14:16 - 2014-11-14 12:02 - 00000000 ____D C:\Users\Laurie\AppData\Local\{04b50ea9-94fe-4509-c03e-886817b3d859}
2015-08-13 14:16 - 2014-01-28 11:54 - 00000000 ___SD C:\Users\Laurie\Documents\My Data Sources
2015-08-13 14:16 - 2014-01-24 09:17 - 00000000 ____D C:\Users\Laurie\AppData\Local\Windows Live Writer
2015-08-13 14:16 - 2014-01-03 22:16 - 00000000 ____D C:\Users\Laurie\AppData\Roaming\WildTangent
2015-08-13 14:16 - 2013-08-17 13:04 - 00000000 ____D C:\Users\Laurie\AppData\Roaming\ShopAtHome
2015-08-13 14:16 - 2013-07-07 15:01 - 00000000 ____D C:\Users\Laurie\Documents\The Haunting of Castle Malloy
2015-08-13 14:16 - 2013-07-05 17:55 - 00000000 ____D C:\Users\Laurie\Documents\The Phantom of Venice
2015-08-13 14:16 - 2013-04-26 19:33 - 00000000 ____D C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr
2015-08-13 14:16 - 2010-06-07 20:13 - 00000000 ____D C:\Users\Tony\AppData\Roaming\vlc
2015-08-13 14:16 - 2010-05-29 02:08 - 00000000 ____D C:\Users\Laurie\AppData\Roaming\vlc
2015-08-13 14:16 - 2009-12-02 23:08 - 00000000 ____D C:\Users\Laurie\Documents\Audible
2015-08-13 14:16 - 2009-08-20 23:17 - 00000000 ____D C:\Users\Laurie\Documents\Hunting Unlimited 2008
2015-08-13 14:16 - 2009-07-13 21:58 - 00000000 ____D C:\Users\Tony\AppData\Roaming\Mozilla
2015-08-13 14:16 - 2009-06-28 17:21 - 00000000 ____D C:\Users\Laurie\Documents\The Curse of Blackmoor Manor
2015-08-13 14:16 - 2009-05-26 07:31 - 00000000 ____D C:\Users\Laurie\Documents\LightScribe
2015-08-13 14:16 - 2009-05-23 15:17 - 00000000 ____D C:\Users\Laurie\AppData\Roaming\Costco Photo Viewer US
2015-08-13 14:16 - 2009-01-04 00:07 - 00000000 ___RD C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-13 14:16 - 2009-01-04 00:07 - 00000000 ___RD C:\Users\Laurie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 14:16 - 2006-11-02 04:18 - 00000000 __RSD C:\Windows\Media
2015-08-13 14:16 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\spool
2015-08-13 14:15 - 2013-07-10 15:15 - 00000000 ____D C:\Users\Laurie\AppData\Local\SwvUpdater
2015-08-13 14:15 - 2009-07-14 21:01 - 00000000 ____D C:\Users\Laurie\AppData\Local\MicroVision Applications
2015-08-13 14:12 - 2014-10-19 10:33 - 00000000 ____D C:\Users\Laurie\AppData\Local\29326
2015-08-13 14:12 - 2013-07-08 15:36 - 00000000 ____D C:\Users\Laurie\AppData\Local\DownloadTerms
2015-08-13 14:12 - 2010-06-04 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 14:12 - 2010-01-22 00:47 - 00000000 ____D C:\ProgramData\pdf995
2015-08-13 14:12 - 2009-12-03 02:09 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 14:12 - 2009-11-19 02:53 - 00000000 ____D C:\Users\Laurie\.GalleryRemote
2015-08-13 14:12 - 2009-08-07 16:15 - 00000000 ____D C:\Users\Laurie\AppData\Local\Microsoft Help
2015-08-13 14:12 - 2009-07-10 23:06 - 00000000 ____D C:\Users\Laurie\AppData\Local\Graboid
2015-08-13 14:05 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\registration
2015-08-13 12:29 - 2009-02-27 20:09 - 00000000 ____D C:\Program Files\Google
2015-08-13 12:29 - 2008-08-25 21:15 - 00000000 ____D C:\Program Files\Yahoo!
2015-08-13 10:57 - 2010-04-25 11:43 - 00000012 _____ C:\Windows\bthservsdp.dat
2015-08-13 10:57 - 2006-11-02 06:01 - 00032650 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-12 03:41 - 2014-11-02 22:30 - 00000000 ____D C:\ProgramData\ZesaJupi
2015-08-12 03:41 - 2014-11-02 22:30 - 00000000 ____D C:\ProgramData\SagehHeget
2015-08-12 03:41 - 2008-01-20 19:47 - 00731068 _____ C:\Windows\PFRO.log
2015-08-12 03:01 - 2013-07-15 03:07 - 00000000 ____D C:\Windows\system32\MRT
2015-08-11 15:59 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-11 15:51 - 2006-11-02 05:47 - 00450664 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-11 15:47 - 2006-11-02 05:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-08-11 15:36 - 2009-08-07 16:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-11 15:21 - 2006-11-02 03:23 - 00000254 _____ C:\Windows\win.ini
2015-08-11 15:08 - 2014-02-05 11:29 - 00000000 ____D C:\Users\Laurie\Documents\Outlook Files
2015-08-11 12:11 - 2012-12-13 20:03 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-11 12:11 - 2012-12-13 20:03 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-05 21:39 - 2014-07-30 15:23 - 00000000 ____D C:\Users\Laurie\AppData\Roaming\HpUpdate
2015-07-28 11:01 - 2006-11-02 03:24 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
==================== Files in the root of some directories =======
2013-04-26 18:59 - 2013-04-26 20:55 - 0022328 _____ () C:\Users\Laurie\AppData\Roaming\PnkBstrK.sys
2009-07-24 09:17 - 2009-07-24 09:17 - 0024206 _____ () C:\Users\Laurie\AppData\Roaming\UserTile.png
2009-01-21 08:45 - 2014-10-19 11:28 - 0004162 _____ () C:\Users\Laurie\AppData\Roaming\wklnhst.dat
2009-01-04 01:26 - 2015-04-07 14:14 - 0000680 _____ () C:\Users\Laurie\AppData\Local\d3d9caps.dat
2009-01-18 22:40 - 2013-12-29 20:45 - 0055296 _____ () C:\Users\Laurie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-04-06 19:40 - 2009-04-06 20:11 - 0012270 _____ () C:\Users\Laurie\AppData\Local\slot1.mm1
2012-10-12 19:58 - 2012-12-13 18:49 - 0001940 _____ () C:\Users\Laurie\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2014-07-30 15:19 - 2014-07-30 15:19 - 0000057 _____ () C:\ProgramData\Ament.ini
2008-08-25 21:04 - 2013-04-26 20:32 - 0001141 _____ () C:\ProgramData\hpzinstall.log
Alureon:
C:\Users\Laurie\AppData\Local\Temp\spofcne\seipvhs\wow.dll
Some files in TEMP:
====================
C:\Users\Alyssa\AppData\Local\Temp\oaqfvmnixxnamfnsqfm.bfg
C:\Users\Laurie\AppData\Local\Temp\BetterSurfPlusInstaller.exe
C:\Users\Laurie\AppData\Local\Temp\F06E73C7628.exe
C:\Users\Laurie\AppData\Local\Temp\izpv.dll
C:\Users\Laurie\AppData\Local\Temp\lgpwxss.dll
C:\Users\Laurie\AppData\Local\Temp\of3w40728.exe
C:\Users\Laurie\AppData\Local\Temp\set-app.exe
C:\Users\Laurie\AppData\Local\Temp\setapp.exe
C:\Users\Laurie\AppData\Local\Temp\Setup-a.exe
C:\Users\Laurie\AppData\Local\Temp\Setup.exe
C:\Users\Laurie\AppData\Local\Temp\Setup1.exe
C:\Users\Laurie\AppData\Local\Temp\Setup2.exe
C:\Users\Laurie\AppData\Local\Temp\srv49492.exe
C:\Users\Laurie\AppData\Local\Temp\srv58708.exe
C:\Users\Laurie\AppData\Local\Temp\srv6083.exe
C:\Users\Laurie\AppData\Local\Temp\upd44558.exe
C:\Users\Laurie\AppData\Local\Temp\UpdateFlashPlayer_022eeda7.exe
C:\Users\Laurie\AppData\Local\Temp\UpdateFlashPlayer_0802f3b3.exe
C:\Users\Laurie\AppData\Local\Temp\UpdateFlashPlayer_1ad88211.exe
C:\Users\Laurie\AppData\Local\Temp\UpdateFlashPlayer_5a7c13b7.exe
C:\Users\Laurie\AppData\Local\Temp\UpdateFlashPlayer_8f9a6777.exe
C:\Users\Laurie\AppData\Local\Temp\UpdateFlashPlayer_8ff05a6d.exe
C:\Users\Laurie\AppData\Local\Temp\UpdateFlashPlayer_a526cd4a.exe
C:\Users\Laurie\AppData\Local\Temp\UpdateFlashPlayer_fad62739.exe
C:\Users\Laurie\AppData\Local\Temp\updr19042.exe
C:\Users\Laurie\AppData\Local\Temp\updr28319.exe
C:\Users\Laurie\AppData\Local\Temp\updr62762.exe
C:\Users\Laurie\AppData\Local\Temp\updr77641.exe
C:\Users\Laurie\AppData\Local\Temp\updtr70301.exe
C:\Users\Laurie\AppData\Local\Temp\zxupd37256.exe
C:\Users\Mackenzie\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Tony\AppData\Local\Temp\conduitinstaller.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-19 03:26
==================== End of log ============================
Sign In
Create Account
