Hi Guys.
Our main desktop computer will run for about 5 to 10 minutes, then it freezes up. I have not used it frequently lately, but my wife uses it to pay bills and play games. I don't know if we have a hardware or software problem. I did see Apple's ITunes updater on screen when it froze up, but we don't use ITunes, so I removed all the related Apple programs, but it did not solve the problem.
Here are the scans I've been able to run between freeze-ups.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-12-2015 01
Ran by DaveandSuzie (administrator) on DAVEANDSUZIE-PC (12-12-2015 12:42:16)
Running from C:\Users\DaveandSuzie\Desktop
Loaded Profiles: DaveandSuzie & UpdatusUser (Available Profiles: DaveandSuzie & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Creative Technology Ltd.) C:\Windows\V0415Mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqbam08.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] ()
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [V0415Mon.exe] => C:\Windows\V0415Mon.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1689144 2010-06-29] (Hewlett-Packard)
HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\Run: [Google Update] => C:\Users\DaveandSuzie\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-09] (SUPERAntiSpyware)
HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\RunOnce: [Uninstall C:\Users\DaveandSuzie\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\DaveandSuzie\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"
HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\RunOnce: [Uninstall C:\Users\DaveandSuzie\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\DaveandSuzie\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\MountPoints2: J - J:\LaunchU3.exe -a
HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\MountPoints2: {fc97a4cd-211c-11df-8854-002618f7d109} - J:\LaunchU3.exe -a
HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-4251146819-3009193670-3402536777-1003\...\Run: [HPADVISOR] => [X]
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [mozy] -> {b32a6748-f273-4546-b60a-3c5adc239de5} => C:\Program Files\MozyHome\mozyshell.dll [2010-01-04] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy2] -> {747E722C-CB46-4a9d-BDFE-192AAD5099B1} => C:\Program Files\MozyHome\mozyshell.dll [2010-01-04] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy3] -> {EE6F5A00-7898-40f7-AB77-51FF9D6DEB20} => C:\Program Files\MozyHome\mozyshell.dll [2010-01-04] (Mozy, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-01-31]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-09-13]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{FB4DF66A-4FCD-4402-9A10-30418DCEBE9A}: [DhcpNameServer] 10.0.0.1
Internet Explorer:
==================
HKU\S-1-5-21-4251146819-3009193670-3402536777-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
HKU\S-1-5-21-4251146819-3009193670-3402536777-1003\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome_first&locale=en_US&c=94&bd=Pavilion&pf=cndt
HKU\S-1-5-21-4251146819-3009193670-3402536777-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {3402CC29-EC9D-4FF3-8647-077679973A5B} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {3402CC29-EC9D-4FF3-8647-077679973A5B} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-14] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll [2009-04-07] (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-14] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll [2009-04-07] (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab
DPF: HKLM-x32 {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} hxxps://plugins.valueactive.eu/flashax/iefax.cab
Handler-x32: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll [2012-05-18] (TODO: <Company name>)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\DaveandSuzie\AppData\Roaming\Mozilla\Firefox\Profiles\ywxb7n7t.default-1425092590396
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Photosynth,version=2.0 -> C:\Program Files (x86)\Photosynth\npPhotosynthMozilla.dll [2013-02-25] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin-x32: [email protected]/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [2007-03-09] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-4251146819-3009193670-3402536777-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\DaveandSuzie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4251146819-3009193670-3402536777-1000: @talk.google.com/O1DPlugin -> C:\Users\DaveandSuzie\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4251146819-3009193670-3402536777-1000: @tools.google.com/Google Update;version=3 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-4251146819-3009193670-3402536777-1000: @tools.google.com/Google Update;version=9 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-4251146819-3009193670-3402536777-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\DaveandSuzie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4251146819-3009193670-3402536777-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\DaveandSuzie\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-09] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\DaveandSuzie\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\DaveandSuzie\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-09-13] [not signed]
FF HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\Firefox\Extensions: [{BFF829B6-B433-42CE-9A19-E459D3E4E483}] - C:\Users\DaveandSuzie\AppData\Roaming\My.Freeze.com NetAssistant => not found
FF HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/webhp?source=search_app
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\DaveandSuzie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\DaveandSuzie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-12-14]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\DaveandSuzie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-26]
CHR Extension: (Google Cast) - C:\Users\DaveandSuzie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-11-26]
CHR Extension: (Cigarbid.com Freefall Watcher) - C:\Users\DaveandSuzie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcecdnbdgabpkbkcjepmhicbkmbipjeh [2014-01-11]
CHR Extension: (CigarBid Free Fall Plugin) - C:\Users\DaveandSuzie\AppData\Local\Google\Chrome\User Data\Default\Extensions\haggdgmfhabhnmfmcmodogfmehljdoco [2015-11-26]
CHR Extension: (The Fancy Pants Adventure: World 2) - C:\Users\DaveandSuzie\AppData\Local\Google\Chrome\User Data\Default\Extensions\loamdenijebhollnjgehcfbnpeelfhlk [2014-01-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\DaveandSuzie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-26]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-20] (SUPERAntiSpyware.com)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-11-12] (SurfRight B.V.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [79672 2010-01-04] (Mozy, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [20480 2007-09-05] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2007-05-24] (Intuit Inc.) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 a016bus; C:\Windows\System32\DRIVERS\a016bus.sys [109096 2008-01-18] (MCCI Corporation)
S3 a016mdfl; C:\Windows\System32\DRIVERS\a016mdfl.sys [19496 2008-01-18] (MCCI Corporation)
S3 a016mdm; C:\Windows\System32\DRIVERS\a016mdm.sys [146472 2008-01-18] (MCCI Corporation)
S3 a016mgmt; C:\Windows\System32\DRIVERS\a016mgmt.sys [130600 2008-01-18] (MCCI Corporation)
S3 a016obex; C:\Windows\System32\DRIVERS\a016obex.sys [125480 2008-01-18] (MCCI Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [41080 2015-12-12] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [66040 2010-01-04] (Mozy, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2015-01-24] (CACE Technologies, Inc.)
R3 RLDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\livecamv.sys [49664 2007-02-05] ()
S3 s115bus; C:\Windows\System32\DRIVERS\s115bus.sys [108296 2007-04-23] (MCCI Corporation)
S3 s115mdfl; C:\Windows\System32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation)
S3 s115mdm; C:\Windows\System32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation)
S3 s115mgmt; C:\Windows\System32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation)
S3 s115obex; C:\Windows\System32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2010-02-02] (Sony Ericsson Mobile Communications)
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [399424 2012-09-30] (TASCAM)
S3 TASCAM_US122L_MIDI; C:\Windows\System32\drivers\tscusb2m.sys [31296 2012-09-30] (TASCAM)
S3 TASCAM_US122L_WDM; C:\Windows\System32\drivers\tscusb2a.sys [50240 2012-09-30] (TASCAM)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
R3 V0415Vid; C:\Windows\System32\DRIVERS\V0415Vid.sys [336448 2009-08-04] (Creative Technology Ltd.)
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-12 12:21 - 2015-12-12 12:27 - 00064174 _____ C:\Users\DaveandSuzie\Desktop\Addition.txt
2015-12-12 12:19 - 2015-12-12 12:43 - 00028105 _____ C:\Users\DaveandSuzie\Desktop\FRST.txt
2015-12-12 12:19 - 2015-12-12 12:19 - 00000000 ____D C:\Users\DaveandSuzie\Desktop\FRST-OlderVersion
2015-12-11 08:34 - 2015-12-12 12:38 - 00041080 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-12-09 19:44 - 2015-12-09 19:44 - 00032675 _____ C:\Users\DaveandSuzie\Downloads\Addition.txt
2015-12-09 19:41 - 2015-12-12 12:42 - 00000000 ____D C:\FRST
2015-12-09 19:41 - 2015-12-09 19:44 - 00067161 _____ C:\Users\DaveandSuzie\Downloads\FRST.txt
2015-12-09 19:40 - 2015-12-12 12:19 - 02369536 _____ (Farbar) C:\Users\DaveandSuzie\Desktop\FRST64.exe
2015-12-05 18:37 - 2015-12-05 18:37 - 00000000 ____D C:\Users\DaveandSuzie\AppData\Local\{7CD858EC-B1DA-4CD4-A836-607915EA8822}
2015-12-05 13:25 - 2015-12-05 13:25 - 00002233 _____ C:\Users\DaveandSuzie\Desktop\HP Support Assistant.lnk
2015-12-05 13:25 - 2015-12-05 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-12-05 06:36 - 2015-12-05 06:36 - 00000000 ____D C:\Users\DaveandSuzie\AppData\Local\{38E3BA64-0C4B-439E-B3E0-D9C2B7BB10D5}
2015-12-04 18:36 - 2015-12-04 18:36 - 00000000 ____D C:\Users\DaveandSuzie\AppData\Local\{E5671AAE-486B-4C76-A64E-1ABFD928036E}
2015-12-04 06:36 - 2015-12-04 06:36 - 00000000 ____D C:\Users\DaveandSuzie\AppData\Local\{533A5DE7-9806-46A7-9CC4-EC0676C9D0EF}
2015-12-03 18:36 - 2015-12-03 18:36 - 00000000 ____D C:\Users\DaveandSuzie\AppData\Local\{CD1F7884-160C-44E6-BB02-DA75EE0624CD}
2015-11-27 08:21 - 2015-11-27 08:22 - 00000000 ____D C:\Users\DaveandSuzie\AppData\Local\{831A0A60-060D-4623-945C-3BBBB5772B39}
2015-11-17 05:25 - 2015-11-17 05:25 - 00000000 ____D C:\Users\DaveandSuzie\AppData\Local\{DCDF9129-1EB7-42EB-9F09-B76F3001DB55}
2015-11-12 03:29 - 2015-11-03 12:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-12 12:38 - 2014-11-13 09:04 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4251146819-3009193670-3402536777-1000UA1cfff4ab7e2bad0.job
2015-12-12 12:32 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-12 12:29 - 2012-07-21 13:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-12 12:26 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2015-12-12 12:25 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-12 12:25 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-10 07:45 - 2013-08-14 19:46 - 00689478 _____ C:\Windows\ntbtlog.txt
2015-12-09 19:37 - 2013-03-04 23:59 - 00000000 ____D C:\Users\UpdatusUser
2015-12-09 19:01 - 2014-04-04 21:10 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-09 18:51 - 2010-02-02 22:33 - 00007601 _____ C:\Users\DaveandSuzie\AppData\Local\Resmon.ResmonCfg
2015-12-09 18:49 - 2012-10-21 20:53 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-12-09 17:02 - 2009-08-19 05:42 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2015-12-09 17:01 - 2014-06-22 08:30 - 00000000 ____D C:\Users\DaveandSuzie\AppData\Local\Amazon Music
2015-12-09 17:01 - 2013-08-20 07:15 - 00000588 _____ C:\Windows\system32\.crusader
2015-12-09 16:46 - 2009-07-14 00:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-09 16:46 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2015-12-09 16:42 - 2010-01-09 21:13 - 00000000 ____D C:\Users\DaveandSuzie
2015-12-09 16:39 - 2015-02-06 18:04 - 00000360 _____ C:\Windows\Tasks\HPCeeScheduleForDaveandSuzie.job
2015-12-09 16:39 - 2009-07-13 23:45 - 00372400 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 16:38 - 2015-04-04 02:02 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-09 16:38 - 2013-03-14 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 16:38 - 2013-03-14 02:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 16:38 - 2010-01-10 00:18 - 00000000 ____D C:\ProgramData\ArcSoft
2015-12-09 16:38 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\servicing
2015-12-09 16:38 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-12-09 16:37 - 2013-03-14 02:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 16:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2015-12-09 16:37 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-09 16:36 - 2009-08-19 05:33 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-12-09 03:12 - 2013-08-14 18:26 - 00000000 ____D C:\Windows\system32\MRT
2015-12-08 19:29 - 2012-07-21 13:31 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-08 19:29 - 2012-07-21 13:30 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-08 19:29 - 2011-07-03 12:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-08 17:54 - 2013-05-04 19:52 - 00002104 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-08 09:38 - 2011-11-24 16:14 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4251146819-3009193670-3402536777-1000Core.job
2015-12-05 13:25 - 2009-08-19 05:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-05 13:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
2015-12-05 13:20 - 2010-01-09 21:29 - 00092208 _____ C:\Users\DaveandSuzie\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-05 13:20 - 2009-08-19 05:22 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-12-05 13:11 - 2010-12-17 07:05 - 00000000 ____D C:\swsetup
2015-12-04 00:46 - 2010-01-18 21:11 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 00:46 - 2010-01-18 21:11 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 00:46 - 2010-01-18 21:11 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-04 00:46 - 2010-01-18 21:11 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-03 21:00 - 2013-11-17 10:02 - 00566272 ___SH C:\Users\DaveandSuzie\Downloads\Thumbs.db
2015-12-01 09:33 - 2014-11-13 09:04 - 00003920 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4251146819-3009193670-3402536777-1000UA1cfff4ab7e2bad0
2015-12-01 09:33 - 2011-11-24 16:14 - 00003524 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4251146819-3009193670-3402536777-1000Core
2015-11-20 17:27 - 2015-02-06 18:04 - 00003228 _____ C:\Windows\System32\Tasks\HPCeeScheduleForDaveandSuzie
2015-11-17 10:03 - 2013-12-28 16:08 - 00015496 _____ C:\Users\DaveandSuzie\Desktop\Meds update.odt
2015-11-17 10:02 - 2010-11-14 10:51 - 01060864 ___SH C:\Users\DaveandSuzie\Documents\Thumbs.db
2015-11-17 09:58 - 2010-05-01 14:24 - 00000000 ____D C:\Users\DaveandSuzie\Documents\Suzanne
2015-11-12 03:59 - 2015-11-06 23:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-12 03:59 - 2012-07-21 13:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-12 03:26 - 2010-02-01 06:56 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-12 03:06 - 2011-03-12 09:17 - 00774632 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-12 03:02 - 2009-07-14 02:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-12 00:35 - 2012-03-05 20:40 - 00000000 ____D C:\Users\DaveandSuzie\Documents\My Scans
==================== Files in the root of some directories =======
2011-06-03 15:26 - 2011-09-02 15:18 - 0001854 _____ () C:\Users\DaveandSuzie\AppData\Roaming\GhostObjGAFix.xml
2010-01-13 18:35 - 2015-05-27 02:24 - 0001622 _____ () C:\Users\DaveandSuzie\AppData\Roaming\wklnhst.dat
2010-02-14 16:06 - 2011-01-29 19:20 - 0005120 _____ () C:\Users\DaveandSuzie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-01-10 00:23 - 2011-09-13 19:10 - 0422138 _____ () C:\Users\DaveandSuzie\AppData\Local\installer.log
2010-01-10 00:31 - 2010-01-10 00:31 - 0000183 _____ () C:\Users\DaveandSuzie\AppData\Local\LaunchHomeCenter.log
2010-02-02 22:33 - 2015-12-09 18:51 - 0007601 _____ () C:\Users\DaveandSuzie\AppData\Local\Resmon.ResmonCfg
2010-11-14 11:10 - 2010-11-14 11:10 - 0771924 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpDSC00025.0
2010-11-14 11:10 - 2010-11-14 11:10 - 0300440 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpDSC00025.JPG
2010-03-13 17:13 - 2010-03-13 17:13 - 0585596 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpDSC00028.0
2010-03-13 17:13 - 2010-03-13 17:13 - 0739150 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpDSC00028.JPG
2010-01-27 21:47 - 2010-01-27 21:47 - 0433269 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpFOOD CITY RECEIPT.0
2010-01-27 21:47 - 2010-01-27 21:47 - 0484407 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpFOOD CITY RECEIPT.JPG
2010-09-20 19:25 - 2010-09-20 19:25 - 3789650 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpP2210035.JPG
2010-09-20 19:13 - 2010-09-20 19:13 - 3791233 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpP2210037.JPG
2010-01-10 14:14 - 2010-01-10 14:14 - 4251124 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpP2250099.0
2010-01-10 14:14 - 2010-01-10 14:14 - 1422495 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpP2250099.JPG
2010-05-23 20:04 - 2010-05-23 20:04 - 3111204 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpSAM_0032.JPG
2010-05-23 20:04 - 2010-05-23 20:04 - 3066599 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpSAM_0033.JPG
2010-05-23 20:04 - 2010-05-23 20:04 - 3102648 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpSAM_0034.JPG
2010-05-23 20:02 - 2010-05-23 20:02 - 3138522 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpSAM_0036.JPG
2010-05-23 20:02 - 2010-05-23 20:02 - 3072031 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpSAM_0043.JPG
2010-05-23 20:03 - 2010-05-23 20:03 - 3101044 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpSAM_0044.JPG
2010-05-23 20:03 - 2010-05-23 20:03 - 3151966 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpSAM_0045.JPG
2010-08-27 07:32 - 2010-08-27 07:32 - 3590004 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpSAM_0150.1.0
2010-08-27 07:32 - 2010-08-27 07:32 - 1601326 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpSAM_0150.1.JPG
2010-08-27 07:35 - 2010-08-27 07:35 - 3938234 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpSAM_0151.1.0
2010-08-27 07:35 - 2010-08-27 07:35 - 1694421 _____ () C:\Users\DaveandSuzie\AppData\Local\tmpSAM_0151.1.JPG
2012-09-10 17:04 - 2012-09-10 17:04 - 0000000 _____ () C:\ProgramData\fd68be3e8c3f995fff4a00f38cadd87f_c
2011-09-13 19:11 - 2011-09-13 19:38 - 0000778 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\DaveandSuzie\AppData\Local\Temp\8.1.30.1-EasyShrx.Dll
C:\Users\DaveandSuzie\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\DaveandSuzie\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\DaveandSuzie\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\DaveandSuzie\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\DaveandSuzie\AppData\Local\Temp\Quarantine.exe
C:\Users\DaveandSuzie\AppData\Local\Temp\SAS6_Update.exe
C:\Users\DaveandSuzie\AppData\Local\Temp\sp64126.exe
C:\Users\DaveandSuzie\AppData\Local\Temp\tmp69CC.exe
C:\Users\DaveandSuzie\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\DaveandSuzie\AppData\Local\Temp\VistaLib64_1.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-30 00:08
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-12-2015 01
Ran by DaveandSuzie (2015-12-12 12:44:36)
Running from C:\Users\DaveandSuzie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-01-10 02:13:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4251146819-3009193670-3402536777-500 - Administrator - Disabled)
DaveandSuzie (S-1-5-21-4251146819-3009193670-3402536777-1000 - Administrator - Enabled) => C:\Users\DaveandSuzie
Guest (S-1-5-21-4251146819-3009193670-3402536777-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4251146819-3009193670-3402536777-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-4251146819-3009193670-3402536777-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4500_G510af_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.8 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.6.606 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: - )
Amazon MP3 Downloader 1.0.18 (HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\Amazon Amazon Music) (Version: 3.0.0.564 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.0.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 3.0.0 - Amazon Services LLC) Hidden
Angry Birds (HKLM-x32\...\{8156D076-6317-44AF-AB53-37C2E529D510}) (Version: 3.3.3 - Rovio Entertainment Ltd.)
ArcSoft Print Creations - Album Page (HKLM-x32\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version: - ArcSoft)
ArcSoft Print Creations - Funhouse (HKLM-x32\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version: - ArcSoft)
ArcSoft Print Creations - Greeting Card (HKLM-x32\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version: - ArcSoft)
ArcSoft Print Creations - Scrapbook (HKLM-x32\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version: - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}) (Version: 2.8.255.384 - ArcSoft)
Audacity 1.3.12 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
ChromecastApp (HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Creative Live! Cam Video IM Ultra (VF0415) (1.01.03.00) (HKLM\...\Creative VF0415) (Version: - )
Creative Live! Central (HKLM-x32\...\Creative Live! Central) (Version: - )
Creative System Information (HKLM-x32\...\SysInfo) (Version: - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
GIMP 2.6.10 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.10.251 - SurfRight B.V.)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3420 - Hewlett-Packard)
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3601 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{26280024-DFB7-4967-90DB-7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet 4500 G510a-f (HKLM\...\{C98517B6-DCE9-49B7-B19E-E384178D3986}) (Version: 13.0 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.9.0 - TopSeed)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 3.2.1.0 - Microsoft Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1901 - CyberLink Corp.) Hidden
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: - )
LightScribe System Software (HKLM-x32\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe)
LSI PCI-SV92EX Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.560.0 - Microsoft Live Search Toolbar)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MIKSOFT Mobile 3GP converter (HKLM-x32\...\MIKSOFT Mobile 3GP converter_is1) (Version: - MIKSOFT)
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MozyHome Remote Backup (HKLM\...\{86B77B5A-B157-6386-37B0-DB2494DEEAFF}) (Version: 1.16.4.0 - Mozy, Inc.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
My.Freeze.com NetAssistant (x32 Version: 3.6.3 - Freeze.com) Hidden
My.Freeze.com NetAssistant for Firefox (HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\My.Freeze.com NetAssistant) (Version: 3.6.3 - Freeze.com)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.1.0.418 - Native Instruments)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.6 - NVIDIA Corporation)
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OLYMPUS Master 2 (HKLM-x32\...\{3A1AB8E6-748E-4B95-AA2D-FE9952EB3106}) (Version: 1.0.13 - OLYMPUS IMAGING CORP.)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenGL Extensions Viewer 4.0 (HKLM-x32\...\GLVIEW3) (Version: 409 - )
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
OverDrive for Windows (HKLM-x32\...\{C96D82F1-6CB0-42C2-8ED3-C3DD739E0280}) (Version: 3.4.0 - OverDrive, Inc.)
Paint.NET v3.5.5 (HKLM\...\{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD1}) (Version: 3.55.0 - dotPDN LLC)
Photosynth 2.0110.0317.1042 (HKLM-x32\...\{B08AC850-5B07-41F1-9DB1-56CF72003BDA}) (Version: 3.3.3.3 - Microsoft)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
QuickBooks Simple Start 2008 (HKLM-x32\...\{8ECB8220-F419-4BEB-9596-97033C533702}) (Version: 18.0.4001.606 - Intuit Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SketchUp 2013 (HKLM-x32\...\{72B622C9-AA10-47D7-A10C-377CF9BC8502}) (Version: 13.0.4124 - Trimble Navigation Limited)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1012 - SUPERAntiSpyware.com)
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Unity Web Player (HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update Service (HKLM-x32\...\Update Service) (Version: 2.10.2.50 - Sony Ericsson Mobile Communications AB)
US-122 MKII / US-144 MKII (HKLM\...\USB_AUDIO_DEusb-audio.deTascam) (Version: - )
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Warzone 2100-3.1.0 (HKLM-x32\...\Warzone 2100-3.1.0) (Version: 3.1.0 - Warzone 2100 Project)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software 6.1.0.4400 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.1.0.4400 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 3.1.1.0 - Microsoft Corporation)
Yahoo! Install Manager (HKLM-x32\...\YInstHelper) (Version: - )
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\DaveandSuzie\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
CustomCLSID: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\DaveandSuzie\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
==================== Restore Points =========================
28-11-2015 05:24:28 Windows Update
02-12-2015 05:24:46 Windows Update
05-12-2015 13:17:18 Installed HP Support Assistant
05-12-2015 13:22:52 Windows Modules Installer
05-12-2015 13:24:19 Windows Modules Installer
06-12-2015 04:24:50 Windows Update
09-12-2015 03:00:24 Windows Update
09-12-2015 16:29:19 Restore Operation
09-12-2015 16:59:31 Checkpoint by HitmanPro
12-12-2015 12:33:51 Removed Apple Software Update
12-12-2015 12:35:43 Removed QuickTime
12-12-2015 12:37:07 Removed Bonjour
12-12-2015 12:38:47 Removed Apple Application Support
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D6D2500-8AB8-4321-A349-83D865D36DD0} - System32\Tasks\{994E96E3-27DE-4A69-B952-9087E435D275} => C:\Users\DaveandSuzie\AppData\Local\EnglishHarbourCasino\Bin\CasinoApp.exe
Task: {10BDF3FF-BBB6-4BBF-A3D3-92264373BFD2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {19EF9526-99F4-447E-B7D4-4ACA30D61C2B} - System32\Tasks\{88E7922C-CB3B-41FA-9240-2071F13EE9C2} => C:\Users\DaveandSuzie\AppData\Local\VIPSlotsCasino\Bin\CasinoApp.exe
Task: {1E07C31B-670B-4022-BDB7-9C46981F2C34} - System32\Tasks\{CFFE9D75-5CB9-4DA8-B24A-465DAD9C5400} => C:\Program Files (x86)\RichCasino\clientbrowser.exe
Task: {2258215B-DEF9-4C72-B84F-101F10D4A61C} - System32\Tasks\{67F675A3-F792-4131-A645-2A070D1A2A36} => C:\Users\DaveandSuzie\AppData\Local\EnglishHarbourCasino\Bin\CasinoApp.exe
Task: {25B1FCD6-7DAE-41F9-BACA-7FB710543B96} - System32\Tasks\{010A6ACB-B925-4AC9-96F4-776D73F2AC17} => C:\Users\DaveandSuzie\AppData\Local\EnglishHarbourCasino\Bin\CasinoApp.exe
Task: {27AD707C-47F3-4BF7-A7FC-5B9A06AB4E22} - System32\Tasks\{CBA4EE33-BC64-4C42-9CDD-757EAF223A76} => C:\Users\DaveandSuzie\AppData\Local\VIPSlotsCasino\Bin\CasinoApp.exe
Task: {2C015C20-73E5-48CD-9CCB-01F02981B5DE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {2FE4FE72-0C8B-4C47-9DCA-652E1B88E307} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {32A19868-C765-4060-94B1-60F9ACA0C6C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08] (Adobe Systems Incorporated)
Task: {340539AE-CFE7-48B9-ABF0-9EC55E8272A2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {4299BD69-9AC6-419B-8B10-476C6DC4C3E1} - System32\Tasks\{E13F9AEA-CE7D-4598-B850-9339167D1142} => C:\Users\DaveandSuzie\AppData\Local\VIPSlotsCasino\Bin\CasinoApp.exe
Task: {46CAAB37-2A07-47C5-AED1-5DBBDE736932} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4251146819-3009193670-3402536777-1000Core => C:\Users\DaveandSuzie\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {47AEE707-ED9D-4756-8893-CD5B93C1B33E} - System32\Tasks\{E52AB377-B5AC-443C-ABB8-70738A95ABEE} => C:\Users\DaveandSuzie\AppData\Local\EnglishHarbourCasino\Bin\CasinoApp.exe
Task: {58A2A21D-184E-4595-B4F8-828DED024361} - System32\Tasks\{6679F1FF-271A-411E-B721-54E971F73563} => pcalua.exe -a "C:\Users\DaveandSuzie\Downloads\Avery Wizard 3.1.5.exe" -d C:\Users\DaveandSuzie\Downloads
Task: {5959B371-6604-490A-81C9-95490ACABF3D} - System32\Tasks\{9C069F07-42F5-464B-B9A2-ACAB16BCDA16} => C:\Users\DaveandSuzie\AppData\Local\EnglishHarbourCasino\Bin\CasinoApp.exe
Task: {5EF16E73-25D9-4D92-927E-89121850EC30} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-09-24] (Hewlett-Packard)
Task: {64577BED-130D-4EAE-ADF1-760AD268BFEB} - System32\Tasks\RunAsStdUser Task => C:\Users\DaveandSuzie\AppData\Local\PlayVolcanoSA\bin\1.0.10.0\PlayVolcanoSA.exe
Task: {649569E2-1F1D-4226-8C81-E44A76ED8E7C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4251146819-3009193670-3402536777-1000UA => C:\Users\DaveandSuzie\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {7453B983-BAB6-4FC1-B8D2-52F68963565E} - \Scheduled Update for Ask Toolbar -> No File <==== ATTENTION
Task: {7508F18F-ACE9-4B3E-8AE0-6A006B2DC264} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {7632478E-8AA9-462C-B014-B35CD34765A6} - System32\Tasks\{9113B2C6-CDFC-46F1-8D39-DD25DAF7B349} => C:\Users\DaveandSuzie\AppData\Local\VIPSlotsCasino\Bin\CasinoApp.exe
Task: {7EC44A46-307B-4D8D-9899-B6A074826CDB} - System32\Tasks\{4AA4B523-43E0-48BA-AC8D-0EF8C6956BBE} => Chrome.exe
Task: {8587AC13-9D77-4368-AEAC-D8776D6411BD} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-10-20] (CyberLink Corp.)
Task: {89D5B2CE-8378-4439-8D6B-90F971B2C948} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-12-01] (CyberLink)
Task: {8E328A9C-A6F5-4B63-8301-8AD10104EB5E} - System32\Tasks\{AFE7F63B-D6E9-4B44-927E-D79E69216300} => C:\Program Files (x86)\Warzone 2100-3.1_rc3\warzone2100.exe
Task: {8F8C5415-C5AA-4D78-A03C-0E217B5AA8C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {93D78062-C24C-463A-AE39-E0344BE912FF} - System32\Tasks\{3E499885-51C7-45F6-94EF-3113A50351C0} => C:\Program Files (x86)\Warzone 2100-3.1_rc3\warzone2100.exe
Task: {96AB33E1-D662-4DF9-A102-E76DFE01A0B6} - System32\Tasks\{641E2960-CC66-4B28-A5FF-51B897D62DBF} => C:\Users\DaveandSuzie\AppData\Local\EnglishHarbourCasino\Bin\CasinoApp.exe
Task: {A0DB09BE-8837-4265-92AF-7A1BDDBB7D55} - System32\Tasks\HPCeeScheduleForDaveandSuzie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {A1344F61-AD37-4333-A0CD-7CC9ADFF2282} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {A49AF05D-1715-4C83-BD3C-95DDC7B14947} - System32\Tasks\{0FB9CF56-F49D-487B-BCDE-3C364CCB1011} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsWLM
Task: {AC4BFE32-1F4C-4A91-9E8C-C783E6486D9F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4251146819-3009193670-3402536777-1000UA1cfff4ab7e2bad0 => C:\Users\DaveandSuzie\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B2D1C104-8F88-44C9-95B1-866B9B043562} - System32\Tasks\{1DEB86FC-AD41-49D2-A918-CFE977ACB898} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {B3CF0D7A-B014-4ED2-9EF6-87BE46962B7D} - System32\Tasks\{F4CA03CC-D3D0-467C-92E0-B1A2A667B593} => C:\Program Files (x86)\RichCasino\clientbrowser.exe
Task: {BE83CE56-B7BF-4856-88F8-9402BE3D1A90} - System32\Tasks\{3FA40FE1-7064-4FBA-B6ED-695A15BF9A12} => C:\Users\DaveandSuzie\AppData\Local\EnglishHarbourCasino\Bin\CasinoApp.exe
Task: {C39DFA44-EC57-4D05-A0CC-2C9AF1D2D667} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2013-05-16] (Safer-Networking Ltd.)
Task: {C95B3E7E-B883-4778-8BC9-B8D6942B8584} - System32\Tasks\{BBE60FC3-5506-4E54-8A05-F92795010BD8} => pcalua.exe -a E:\Installer.exe -d E:\
Task: {DC3F5C86-D29F-4C4B-9FB1-E7642D8A4362} - System32\Tasks\{01B10829-6AF1-4C04-882F-EDA4120A69B6} => C:\Users\DaveandSuzie\AppData\Local\VIPSlotsCasino\Bin\CasinoApp.exe
Task: {DD0D8767-BB77-4805-B68B-F36271181E94} - System32\Tasks\Amazon Music Helper => C:\Users\DaveandSuzie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
Task: {ED81334A-99A1-4EFA-83FA-281DC909ED34} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-09-24] (Hewlett-Packard)
Task: {F28EC67A-348C-43C8-8821-E9D7E4AD421C} - System32\Tasks\{6C822BEF-9BDB-41F8-93DA-A1E892F0036B} => C:\Users\DaveandSuzie\AppData\Local\VIPSlotsCasino\Bin\CasinoApp.exe
Task: {F7047211-78E3-4D9B-A6D2-63A664A0533B} - System32\Tasks\{3804FE1F-C2DF-4A4B-B383-A7189F810980} => C:\Program Files (x86)\Warzone 2100-3.1_rc3\warzone2100.exe
Task: {FCFEE098-A50E-4D4A-A998-B961DA8ED079} - System32\Tasks\{61E4631D-4A86-4C16-A622-0A3BA71963EB} => C:\Users\DaveandSuzie\AppData\Local\EnglishHarbourCasino\Bin\CasinoApp.exe
Task: {FE1ECC29-9EB9-4740-A9ED-5C1F37EC6D65} - System32\Tasks\{3B2C1750-6A92-4264-AB5B-28DE1760CBD1} => C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe [2009-07-23] (CyberLink)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4251146819-3009193670-3402536777-1000Core.job => C:\Users\DaveandSuzie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4251146819-3009193670-3402536777-1000UA.job => C:\Users\DaveandSuzie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4251146819-3009193670-3402536777-1000UA1cfff4ab7e2bad0.job => C:\Users\DaveandSuzie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDaveandSuzie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2013-03-04 23:59 - 2013-01-31 04:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-04 11:36 - 2010-01-04 11:36 - 00078136 _____ () C:\Program Files\MozyHome\librs2.dll
2009-07-08 16:35 - 2009-07-08 16:35 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2008-02-08 15:25 - 2008-02-08 15:25 - 00167936 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2009-05-26 03:36 - 2009-05-26 03:36 - 00656896 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
2013-08-31 07:31 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-08-31 07:31 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-08-31 07:31 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-08-31 07:31 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-08-31 07:31 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-06-29 23:12 - 2010-06-29 23:12 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-06-29 23:12 - 2010-06-29 23:12 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-06-29 23:12 - 2010-06-29 23:12 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-06-29 23:12 - 2010-06-29 23:12 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-06-29 23:12 - 2010-06-29 23:12 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-06-29 23:12 - 2010-06-29 23:12 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-06-29 23:12 - 2010-06-29 23:12 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-06-29 23:12 - 2010-06-29 23:12 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2009-12-01 19:49 - 2009-12-01 19:49 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\...\123simsen.com -> www.123simsen.com
There are 7865 more sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4251146819-3009193670-3402536777-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DaveandSuzie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk => C:\Windows\pss\Kodak EasyShare software.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MozyHome Status.lnk => C:\Windows\pss\MozyHome Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^DaveandSuzie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Amazon Cloud Player => C:\Users\DaveandSuzie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\DaveandSuzie\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: OM2_Monitor => "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SkyDrive => "C:\Users\DaveandSuzie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{098909F5-D11D-4D57-B0A3-DD88410555CC}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{CFC001F2-4C5E-456A-8DD5-327EF3F9AEE1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{15F695B8-1011-452C-BEAD-0783A7407D4D}] => (Allow) svchost.exe
FirewallRules: [{0DA12491-79DC-4657-9C6E-93E977376783}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{73FB7448-E047-4676-B52B-C5C3CA289FDD}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Service\Update Service.exe
FirewallRules: [{E6501473-F116-46F1-9FD3-80B50D7ADD2F}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Service\Update Service.exe
FirewallRules: [{3E81D6A4-E88A-47A6-B5ED-AFF0FB869C04}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{BE4D80DA-95CA-41B8-8019-14261C76A2CC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{581F1882-A5C7-417F-BF17-931F933C7793}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{751EDA81-9507-4084-BD36-90B982F0BB8F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{881E3934-C54A-48B3-B65C-6DED8A6BD944}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [TCP Query User{B7F435A4-7C2D-491B-A0B7-930C7A633DD3}C:\users\daveandsuzie\appdata\local\betonsoft\lucky creek\code\win32\vc80\release\gamehost\gameclient.exe] => (Allow) C:\users\daveandsuzie\appdata\local\betonsoft\lucky creek\code\win32\vc80\release\gamehost\gameclient.exe
FirewallRules: [UDP Query User{8D5DB71F-F08C-4291-BD88-4E35CDA39116}C:\users\daveandsuzie\appdata\local\betonsoft\lucky creek\code\win32\vc80\release\gamehost\gameclient.exe] => (Allow) C:\users\daveandsuzie\appdata\local\betonsoft\lucky creek\code\win32\vc80\release\gamehost\gameclient.exe
FirewallRules: [{008AB504-7B80-4705-9BCC-08E33A56070D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{A3318F06-AA88-43AB-9A24-3918142B10EF}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{B6B74827-DAA4-4926-8135-0D93ED8B1448}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{88916E2F-B7AB-4DCF-8A95-BF29D717910B}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{BF85815B-2FFF-4EE9-9A06-111EFDF8680F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{DD02BC8F-4E96-4B0D-B40A-2D57ADBF3915}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{FC2336CF-8A8D-433C-B750-FF7DB56EEBB0}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{F8C388B5-E92C-44C2-B502-639B1A3425A0}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{82D056A3-F014-45EE-A624-EC9698FA82AB}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{0FACA8CA-89DC-40E4-9C99-5ED8C643C1AB}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{8DAF9B45-06B1-4914-A983-5CF4377602EC}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{1778BFBC-D446-4071-8316-95E8C7E75627}] => (Allow) LPort=9322
FirewallRules: [{0A57E734-5E30-4686-8331-A26F32350F6B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CBC22EB0-ADAB-4683-B1C3-6B48CEA96C8F}] => (Allow) LPort=2869
FirewallRules: [{BD2CDBF6-2605-4961-B9AB-111CEB339EB9}] => (Allow) LPort=1900
FirewallRules: [{2D6AF2AD-AEA3-4C80-BCE7-992F5042E9F4}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{51AB94D3-C1C9-49BC-A53A-C7819EDA5EFD}] => (Allow) %ProgramFiles%\Windows Live\Mesh\wlcrasvc.exe
FirewallRules: [{B1425683-E564-4DF9-A0ED-542F998506E6}] => (Allow) C:\Program Files (x86)\DirecTV\DirecTV\DIRECTV2PC.exe
FirewallRules: [{2522F195-D0D2-47EC-9F33-406602FE9BE8}] => (Allow) C:\Program Files (x86)\DirecTV\DirecTV\VDTV.exe
FirewallRules: [{D5B0C110-7CE8-4A51-B84A-C12C544294C6}] => (Allow) C:\Program Files (x86)\DirecTV\DirecTV\Kernel\CLML\VDTVRec.exe
FirewallRules: [{41EF612F-A894-4B26-B405-8DDDE7EFF6B2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{4C3D0BD5-6740-4434-8194-5024B967993B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{D6D4C7D8-8FA3-4464-A854-2069F48E4AC8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{2AB253A7-DE89-4E72-8DDA-9555348F64D1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{D8F26534-DB45-4D12-AB7C-A116F9117161}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{42A0D9AE-1EFC-4DAE-B5E0-45A5C0DD0558}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{E49D8072-77BD-4D85-ABC2-2CDE871248D5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{44526B23-E52E-433E-884B-3CED073A12E0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{EA80D41C-9B7B-4C29-A372-896E6CE31B4F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{9E7621F8-AC65-4BC1-9E53-1DEE5981F08F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{F8237D98-5E6C-4583-8C93-F4110A3F6A51}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{2142336B-EEA3-4C64-8131-E74F558AC614}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{AFFE5372-E051-46E6-814F-C6E2001928D6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{BE12C659-629E-4824-97CA-2455B0CB749F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{E622490B-E7D2-4028-8D4B-E0E8379DEC58}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{E67E3A7E-7A70-448C-B739-1BB5C49CEC5D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{836AF019-C25A-4811-838E-FCB498F1DE4C}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{434973C0-0A94-4FF0-AFB7-9418290E739D}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{9AD8D1B1-C04D-4FC9-A8DB-5E2130987F56}] => (Allow) %ProgramFiles%\Windows Live\Mesh\wlcrasvc.exe
FirewallRules: [{1A85B42E-C808-4BA9-A8CC-89377CB26BAC}] => (Allow) C:\Users\DaveandSuzie\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{18EA4B82-4103-43EA-97E8-1E86ABA6BFE0}] => (Allow) C:\Users\DaveandSuzie\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{4CD96291-F5FC-4795-BEC5-5E32503E3981}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8FFF3B8D-E821-4541-BE52-6FCA571D9383}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6DF50D14-B5A2-4148-A054-9214D337FEC4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{D0D03FEA-5C74-4EB1-A952-A1775C6FB73A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DC72F9E9-6D92-4418-80C1-5E1C28019271}] => (Allow) C:\Users\DaveandSuzie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{BA86DE5D-6A24-47C2-A7BD-4CE3BCE4A8B6}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [UDP Query User{AE081FF4-693B-44E5-A7DA-F33B7F11E517}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [{16AF80E5-C1CB-4E91-9AFD-5706F4E18E12}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9DC66558-0DFB-4512-88CB-3D84BBCE3300}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3F388889-F244-4A1C-9751-5330E1F566D2}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{4636C6B8-8A9D-413F-9AD6-69F9FC20F51E}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{29817264-67CD-4828-9A8D-62B79EF08F61}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A67F8FFF-9BE0-4524-8941-EA58F7963DE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A388F047-3F07-43C8-BF8A-8BF1A83D26CF}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{C607060E-1D55-4612-ACEF-709E2BE0D818}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Faulty Device Manager Devices =============
Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/09/2015 06:44:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 42.0.0.5780, time stamp: 0x5632d0a4
Faulting module name: mozglue.dll, version: 42.0.0.5780, time stamp: 0x5632ba58
Exception code: 0x80000003
Fault offset: 0x0000ed50
Faulting process id: 0xccc
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (12/09/2015 06:44:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 42.0.0.5780 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1638
Start Time: 01d132db3edb40b0
Termination Time: 16
Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: b2a733f1-9ece-11e5-a95b-002618f7d109
Error: (12/09/2015 05:02:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.1.18.91, time stamp: 0x51949fc0
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19045, time stamp: 0x56258f05
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0x14a4
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report Id: SDUpdate.exe3
Error: (12/09/2015 05:02:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001f8,(null),0,REG_BINARY,0000000000ECEFA0.72). hr = 0x80070005, Access is denied.
.
Error: (12/09/2015 05:02:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000002f4,(null),0,REG_BINARY,0000000000D9DDC0.72). hr = 0x80070005, Access is denied.
.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {c426587f-6efd-4a05-b06c-66498e04cde5}
Error: (12/09/2015 05:02:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x0000071c,(null),0,REG_BINARY,0000000011FBDEB0.72). hr = 0x80070005, Access is denied.
.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
Writer Name: WMI Writer
Writer Instance ID: {29baf83b-c132-4697-b2f4-17938871fbd3}
Error: (12/09/2015 05:02:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001a8,SYSTEM\CurrentControlSet\Services\VSS\Diag\COM+ REGDB Writer,0,REG_BINARY,00000000023CF370.72). hr = 0x80070005, Access is denied.
.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Writer Name: COM+ REGDB Writer
Writer Instance ID: {4e82702b-ccc7-48a7-acca-6bbd1956a186}
Error: (12/09/2015 05:02:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001e4,SYSTEM\CurrentControlSet\Services\VSS\Diag\Shadow Copy Optimization Writer,0,REG_BINARY,0000000001FEEDE0.72). hr = 0x80070005, Access is denied.
.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {9d279382-d428-4135-a438-681be1a0b92a}
Error: (12/09/2015 05:02:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000194,SYSTEM\CurrentControlSet\Services\VSS\Diag\Registry Writer,0,REG_BINARY,00000000022EEB20.72). hr = 0x80070005, Access is denied.
.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
Writer Name: Registry Writer
Writer Instance ID: {f7dfafaa-a1eb-44f1-8909-a50def7311ba}
Error: (12/09/2015 05:02:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000002f4,(null),0,REG_BINARY,0000000000D9DDC0.72). hr = 0x80070005, Access is denied.
.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {c426587f-6efd-4a05-b06c-66498e04cde5}
System errors:
=============
Error: (12/12/2015 12:32:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE
Error: (12/12/2015 12:32:25 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:29:14 PM on 12/12/2015 was unexpected.
Error: (12/12/2015 12:25:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5
Error: (12/12/2015 12:17:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE
Error: (12/12/2015 12:17:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Updating Service service failed to start due to the following error:
%%1053
Error: (12/12/2015 12:17:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
Error: (12/12/2015 12:16:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (12/12/2015 12:16:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (12/12/2015 12:15:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the QBCFMonitorService service to connect.
Error: (12/12/2015 12:14:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:58:12 AM on 12/12/2015 was unexpected.
CodeIntegrity:
===================================
Date: 2015-08-01 19:19:28.397
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-08-01 19:19:28.390
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-08-01 19:19:28.365
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-08-01 19:19:28.331
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-08-01 19:19:25.736
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-08-01 19:19:25.729
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-08-01 19:19:25.678
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-08-01 19:19:25.670
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-08-01 19:19:25.578
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-08-01 19:19:25.570
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
==================== Memory info ===========================
Processor: AMD Athlon II X2 215 Processor
Percentage of memory in use: 55%
Total physical RAM: 3966.49 MB
Available physical RAM: 1763.43 MB
Total Virtual: 7931.19 MB
Available Virtual: 5293.27 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:453.72 GB) (Free:323.15 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.94 GB) (Free:2.13 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=453.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=11.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Thanks for your attention.
Dave423
Edited by dave423, 15 December 2015 - 06:45 AM.