Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Open in new tab redirect to gogarden website


  • This topic is locked This topic is locked
2 replies to this topic

#1 Stampede1000

Stampede1000

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 15 May 2015 - 01:26 PM

Using Firefox 37.0.2

Windowns 7

 

Issue started yesterday (May 14, 2015)

 

When opening a bookmark in a new tab the previous tab is redirected to a site called gogarden page titled Educational Gardens.

Normally happend when opening tabs 3 or more. If I have three open and open 4, 3 is redirected.  If I go to three and hit back button to get out of gogarden then tab 4 redirects to gogarden. I've had it happen in IE as well.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2015 02
Ran by Debbie (administrator) on ADMIN on 15-05-2015 13:14:19
Running from C:\Users\Debbie\Desktop
Loaded Profiles: Debbie (Available profiles: Debbie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.22\ccSvcHst.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.22\ccSvcHst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
() C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
(Dropbox, Inc.) C:\Users\Debbie\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Tech\Wheel Mouse Software\4.1\ACQTMAPP.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10816032 2010-05-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2090528 2010-05-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505768 2010-05-12] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-02-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252728 2010-04-01] (TOSHIBA)
HKLM-x32\...\Run: [Corel File Shell Monitor] => c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [ACQTMOUSE] => C:\Program Files (x86)\Tech\Wheel Mouse Software\4.1\ACQTMAPP.exe [501760 2008-08-01] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office2010\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-2394252256-638096374-409990316-1001\...\Run: [replay_telecorder_skype] => C:\Program Files (x86)\Replay Telecorder for Skype\replay_telecorder_skype.exe [1954304 2012-06-20] (Applian Technologies Inc.)
HKU\S-1-5-21-2394252256-638096374-409990316-1001\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKU\S-1-5-21-2394252256-638096374-409990316-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2394252256-638096374-409990316-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2394252256-638096374-409990316-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2394252256-638096374-409990316-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2394252256-638096374-409990316-1001\...\MountPoints2: {3d2655f5-e266-11e2-8c58-b870f44cf03e} - E:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-09-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-08-28]
ShortcutTarget: Dropbox.lnk -> C:\Users\Debbie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2394252256-638096374-409990316-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {B5F89273-2C3C-4BAC-A27E-4D1E30870A73} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {B5F89273-2C3C-4BAC-A27E-4D1E30870A73} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM-x32 -> DefaultScope {6BCF6422-F5FB-439A-AAF3-9E78CCAA2881} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {6BCF6422-F5FB-439A-AAF3-9E78CCAA2881} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKU\S-1-5-21-2394252256-638096374-409990316-1001 -> {B5F89273-2C3C-4BAC-A27E-4D1E30870A73} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28] (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office2010\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-2394252256-638096374-409990316-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///D:/viewer/ORDcmViewCD.ocx
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\xe2rljdp.default-1414080980121
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://www.google.com/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MI4066~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MI4066~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-11-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-11-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-11-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-11-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-11-08] (Apple Inc.)
FF Extension: FireFTP - C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\xe2rljdp.default-1414080980121\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-03-22]
FF Extension: All-in-One Sidebar - C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\xe2rljdp.default-1414080980121\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2015-05-15]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-09-04]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-03-06]
FF HKU\S-1-5-21-2394252256-638096374-409990316-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Profile: C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-21]
CHR Extension: (Google Drive) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-21]
CHR Extension: (YouTube) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-21]
CHR Extension: (Google Search) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-21]
CHR Extension: (Gmail Offline) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2013-03-23]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-02-21]
CHR Extension: (Gmail) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-21]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [263168 2013-07-03] () [File not signed]
R2 HPSLPSVC; C:\Users\Debbie\AppData\Local\Temp\7zS6728\hpslpsvc64.dll [1039360 2012-08-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office2010\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S4 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.22\SymcPCCULaunchSvc.exe [115056 2010-10-20] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.22\ccSvcHst.exe [126392 2009-08-24] (Symantec Corporation)
S4 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S4 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AirDisplay; C:\Windows\System32\DRIVERS\AVVideoCard.sys [15808 2012-09-24] (Windows ® Win 7 DDK provider)
S3 AirDisplayMirror; C:\Windows\System32\DRIVERS\AVVideoCardMirror.sys [15808 2012-09-24] (Windows ® Win 7 DDK provider)
S3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-25] (Applian Technologies Inc.)
R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-25] (Applian Technologies Inc.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-03-22] (GFI Software)
S3 glancedrv; C:\Windows\System32\DRIVERS\glancedrv.sys [36384 2009-05-13] (Glance Networks, Inc)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [40464 2007-11-06] (CACE Technologies)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254464 2009-09-02] (Jungo)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-15 13:14 - 2015-05-15 13:14 - 00024671 _____ () C:\Users\Debbie\Desktop\FRST.txt
2015-05-15 13:14 - 2015-05-15 13:14 - 00000000 ____D () C:\FRST
2015-05-15 13:13 - 2015-05-15 13:13 - 02106368 _____ (Farbar) C:\Users\Debbie\Desktop\FRST64.exe
2015-05-15 12:55 - 2015-05-15 12:55 - 00000183 _____ () C:\Users\Debbie\Desktop\sitemetercode.txt
2015-05-15 12:23 - 2015-05-15 12:23 - 00001038 _____ () C:\windows\PFRO.log
2015-05-15 12:21 - 2015-05-15 12:36 - 00000112 _____ () C:\windows\setupact.log
2015-05-15 12:21 - 2015-05-15 12:21 - 00000000 _____ () C:\windows\setuperr.log
2015-05-15 12:12 - 2015-05-15 12:13 - 00000000 ____D () C:\AdwCleaner
2015-05-15 11:50 - 2015-05-15 11:50 - 02209792 _____ () C:\Users\Debbie\Desktop\adwcleaner_4.204.exe
2015-05-15 11:47 - 2015-05-15 11:47 - 00002786 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2015-05-15 11:47 - 2015-05-15 11:47 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-15 11:46 - 2015-05-15 11:47 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-15 11:45 - 2015-05-15 11:46 - 06484352 _____ (Piriform Ltd) C:\Users\Debbie\Desktop\ccsetup505.exe
2015-05-15 10:42 - 2015-05-15 10:43 - 00000000 ____D () C:\NPE
2015-05-15 10:34 - 2015-05-15 10:35 - 03060320 ____N (Symantec Corporation) C:\Users\Debbie\Desktop\NPE.exe
2015-05-15 10:29 - 2015-05-15 10:29 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-14 22:28 - 2015-05-14 22:28 - 00012190 _____ () C:\Users\Debbie\Desktop\Book1.xlsx
2015-05-13 08:30 - 2014-05-31 17:43 - 15024128 _____ () C:\Users\Debbie\Desktop\Dental  Abuse Presentation final.ppt
2015-05-06 17:47 - 2015-05-11 11:56 - 00000000 ____D () C:\Users\Debbie\Desktop\FINAL Settlement Agreement Filed
2015-05-01 11:56 - 2015-05-01 12:26 - 00000000 ____D () C:\Users\Debbie\Desktop\Backup USB Sandisk
2015-04-30 16:29 - 2015-04-30 16:29 - 00002283 _____ () C:\Users\Debbie\Desktop\Crittenden County Kentucky - Shortcut.lnk
2015-04-30 12:09 - 2015-05-07 12:14 - 00000000 ____D () C:\Users\Debbie\Desktop\To File Audio
2015-04-22 19:31 - 2015-05-06 19:38 - 00052804 _____ () C:\Users\Debbie\Desktop\150124SmallSmiles-NewsReports.xlsx
2015-04-21 12:48 - 2015-04-21 12:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-20 21:21 - 2015-04-20 21:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-04-17 23:07 - 2015-04-17 23:07 - 00001571 _____ () C:\Users\Debbie\Desktop\Genealogy Family Files.lnk
2015-04-17 23:02 - 2015-04-17 23:03 - 00001390 _____ () C:\Users\Debbie\Desktop\DNA.lnk
2015-04-17 17:39 - 2015-05-07 13:20 - 00000000 ____D () C:\Users\Debbie\Desktop\JRM attachements week of 4-10-2015
2015-04-16 00:28 - 2015-04-16 00:28 - 00000000 ____D () C:\ProgramData\Seagate
2015-04-16 00:26 - 2015-04-17 12:22 - 00000000 ____D () C:\Program Files (x86)\Carbonite
2015-04-16 00:26 - 2015-04-16 00:26 - 00000000 __SHD () C:\windows\ftpcache
2015-04-16 00:26 - 2015-04-16 00:26 - 00000000 ____D () C:\Users\Debbie\AppData\Local\Downloaded Installations
2015-04-16 00:24 - 2015-04-17 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2015-04-16 00:24 - 2015-04-16 00:28 - 00000000 ____D () C:\Program Files (x86)\Seagate
2015-04-16 00:24 - 2015-04-16 00:24 - 00001359 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate muvee Reveal.lnk
2015-04-16 00:20 - 2015-04-16 00:20 - 00000000 ____D () C:\windows\System32\Tasks\Leader Technologies
2015-04-16 00:19 - 2015-04-16 00:19 - 00000000 ____D () C:\Users\Debbie\AppData\Roaming\Leadertech

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-15 13:12 - 2012-08-28 17:34 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-15 13:07 - 2013-02-21 15:49 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-15 12:48 - 2012-08-28 16:11 - 01850684 _____ () C:\windows\WindowsUpdate.log
2015-05-15 12:47 - 2009-07-13 23:45 - 00016304 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-15 12:47 - 2009-07-13 23:45 - 00016304 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-15 12:44 - 2009-07-14 00:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-15 12:41 - 2012-08-28 17:20 - 00000000 ___RD () C:\Users\Debbie\Dropbox
2015-05-15 12:40 - 2012-08-28 17:16 - 00000000 ____D () C:\Users\Debbie\AppData\Roaming\Dropbox
2015-05-15 12:37 - 2013-02-21 15:49 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-15 12:36 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-15 12:19 - 2012-08-28 17:43 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-15 12:07 - 2014-05-24 11:49 - 00000000 ____D () C:\windows\pss
2015-05-15 12:02 - 2012-09-03 09:23 - 00000000 ____D () C:\Users\Debbie\AppData\Local\CrashDumps
2015-05-15 12:02 - 2012-09-01 13:29 - 00000000 ____D () C:\windows\Minidump
2015-05-15 12:02 - 2010-11-25 12:35 - 00000000 ____D () C:\windows\Panther
2015-05-15 10:54 - 2014-11-02 12:31 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-15 10:54 - 2012-09-04 12:21 - 00000000 ____D () C:\Users\Debbie\AppData\Local\NPE
2015-05-15 10:39 - 2012-08-28 16:26 - 00000000 ____D () C:\ProgramData\Norton
2015-05-15 10:29 - 2014-11-02 12:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-15 09:16 - 2015-03-08 22:02 - 00000000 ____D () C:\Users\Debbie\Documents\My PSP Files
2015-05-15 09:16 - 2012-09-02 17:35 - 00000000 ____D () C:\Users\Debbie\AppData\Local\Corel
2015-05-15 09:16 - 2012-09-02 17:34 - 00003766 ___SH () C:\ProgramData\KGyGaAvL.sys
2015-05-14 19:59 - 2013-02-24 09:47 - 00000000 ____D () C:\Users\Debbie\AppData\Roaming\Foxit Software
2015-05-08 21:50 - 2015-04-06 19:25 - 00000000 ____D () C:\Users\Debbie\AppData\Roaming\.minecraft
2015-05-08 21:41 - 2012-08-28 17:17 - 00000000 ____D () C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-08 15:58 - 2012-08-28 15:09 - 00000000 ____D () C:\Users\Debbie\AppData\Roaming\Adobe
2015-05-08 15:54 - 2012-08-28 17:42 - 00000000 ____D () C:\Users\Debbie\AppData\Local\Adobe
2015-05-08 13:14 - 2010-11-24 22:20 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-06 17:01 - 2012-08-28 13:58 - 00000000 ____D () C:\Users\Debbie
2015-05-01 20:35 - 2015-03-08 22:02 - 00000000 ____D () C:\Users\Debbie\Documents\Family Tree Maker
2015-05-01 18:00 - 2012-08-29 16:23 - 00000000 ____D () C:\Program Files (x86)\Replay Video Capture 6
2015-04-22 13:43 - 2012-09-04 12:45 - 00237151 _____ () C:\windows\hpwins20.dat
2015-04-22 13:43 - 2012-09-04 12:45 - 00009912 _____ () C:\ProgramData\hpzinstall.log
2015-04-22 13:37 - 2009-07-13 21:34 - 00000538 _____ () C:\windows\win.ini
2015-04-22 12:44 - 2012-09-10 11:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-22 12:19 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\NDF
2015-04-17 15:06 - 2014-01-22 19:43 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-17 15:06 - 2010-11-24 21:58 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-17 15:00 - 2014-11-02 12:23 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-17 14:36 - 2015-01-31 15:20 - 00000000 ____D () C:\Program Files (x86)\CursorAttention
2015-04-17 14:29 - 2010-11-24 21:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

==================== Files in the root of some directories =======

2012-10-23 11:12 - 2014-11-16 12:38 - 3554258 _____ () C:\Users\Debbie\AppData\Roaming\ReplayConverterLog.log
2013-03-15 12:19 - 2013-03-15 12:19 - 0008428 _____ () C:\Users\Debbie\AppData\Roaming\UserTile.png
2012-09-02 17:35 - 2014-05-21 12:39 - 0015360 _____ () C:\Users\Debbie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-29 16:15 - 2012-08-29 16:15 - 0000000 _____ () C:\Users\Debbie\AppData\Local\Schedule8.dat
2012-09-02 17:34 - 2012-09-25 15:40 - 0000088 __RSH () C:\ProgramData\FD6A00B483.sys
2012-09-04 12:45 - 2015-04-22 13:43 - 0009912 _____ () C:\ProgramData\hpzinstall.log
2012-09-02 17:34 - 2015-05-15 09:16 - 0003766 ___SH () C:\ProgramData\KGyGaAvL.sys

Some content of TEMP:
====================
C:\Users\Debbie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqb_bej.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-14 23:47

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2015 02
Ran by Debbie at 2015-05-15 13:15:29
Running from C:\Users\Debbie\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2394252256-638096374-409990316-500 - Administrator - Disabled)
Debbie (S-1-5-21-2394252256-638096374-409990316-1001 - Administrator - Enabled) => C:\Users\Debbie
Guest (S-1-5-21-2394252256-638096374-409990316-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2394252256-638096374-409990316-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4660_4680_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Applian Director (HKLM-x32\...\Applian Director2.1) (Version: 2.1 - Applian Technologies Inc.)
ATI Catalyst Install Manager (HKLM\...\{47F2D145-BF1E-8D5B-AB3E-82779203D4C4}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 4.0.2.0 - Auslogics Labs Pty Ltd)
AutoHotkey 1.1.09.03 (HKLM\...\AutoHotkey) (Version: 1.1.09.03 - Lexikos)
BCL easyConverter SDK 3 (Word Version) 64 (HKLM\...\{350CC85B-CA59-4F85-909D-8E4CDBF532FA}) (Version: 3.0.64 - BCL Technologies)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BookSmart® 3.4.4 3.4.4 (HKLM-x32\...\BookSmart® 3.4.4 3.4.4) (Version:  - Blurb, Inc)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
ccc-core-static (x32 Version: 2010.0426.2136.36953 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Contents (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
Corel Painter Photo Essentials 4 (HKLM-x32\...\_{707EB912-C597-49D8-9460-46CC9AB03EBE}) (Version:  - Corel Corporation)
Corel Painter Photo Essentials 4 (x32 Version: 4.1 - Corel Corporation) Hidden
Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.109 - Corel Corporation)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Corel PaintShop Pro X6 (HKLM-x32\...\_{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}) (Version: 16.2.0.20 - Corel Corporation)
Corel PaintShop Pro X6 (x32 Version: 16.2.0.20 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
DeviceIO (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
DocMgr (x32 Version: 140.0.65.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2394252256-638096374-409990316-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Dynamic Template Plug-in for Windows Live Writer (HKLM-x32\...\{E9A55E1F-777E-4EB8-AAF8-3FF6340F426F}) (Version: 1.0.3 - Joe Cheng)
Evernote v. 5.8.1 (HKLM-x32\...\{4FD2D1C8-8636-11E4-9D21-00163E98E7D6}) (Version: 5.8.1.6061 - Evernote Corp.)
Family Tree Maker 2005 (HKLM-x32\...\{B136E4A4-7660-4F15-9752-EF8E6BA7866D}) (Version:  - )
Family Tree Maker 2012 (HKLM-x32\...\Family Tree Maker 2012) (Version: 21.0.452 - Ancestry.com, Inc.)
Family Tree Maker 2012 (x32 Version: 21.0.452 - Ancestry.com, Inc.) Hidden
Family Tree Maker 2014 (HKLM-x32\...\Family Tree Maker 2014) (Version: 22.0.207 - Ancestry.com, Inc.)
Family Tree Maker 2014 (Version: 22.0.207 - Ancestry.com, Inc.) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Free Audio Converter version 5.0.54.1215 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free DVD Video Converter version 2.0.24.1111 (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.24.1111 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.54.1215 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free Video Flip and Rotate version 2.1.9.822 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.822 - DVDVideoSoft Ltd.)
Free Video to DVD Converter version 5.0.47.906 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.47.906 - DVDVideoSoft Ltd.)
FUTURA Quartet Software (x32 Version: 4.0.0.0 - Default Company Name) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP OfficeJet J4600 All-In-One Series (HKLM\...\{4945F319-A24D-454C-A411-F3689987315D}) (Version: 14.0 - HP)
HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
ICA (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
ICA (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
Imtech Find & Replace Live Writer Plugin (HKLM-x32\...\{65A74A3D-9362-48A7-BD38-4AB770B5ACA3}) (Version: 1.0.0 - Imtech ICT Business Solutions)
Imtech SEO Slugs Live Writer Plugin (HKLM-x32\...\{0EA27504-48E5-4F31-BE1D-A8DE5F504B80}) (Version: 1.0.0 - Imtech ICT Velocity)
Insert Links Smartly (WLW Plugin) (HKLM-x32\...\{7EAC2E2C-84D5-491C-9FC7-37D85631E93A}) (Version: 1.0.0 - Dmitry Maksimov)
IPM_PSP_COM (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
IPM_PSP_COM64 (Version: 16.1.0.48 - Corel Corporation) Hidden
IPM_PSP_Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
J4680 (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jewel Quest - Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.44.1 - JMicron Technology Corp.)
KompoZer 0.8b3 (HKLM-x32\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version:  - KompoZer)
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Live Writer Insert Symbol Plugin (HKLM-x32\...\{C147E753-2B85-4C6B-BA45-A4FD53080363}) (Version: 1.0.0 - Brian Vallelunga)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2394252256-638096374-409990316-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MLE (x32 Version: 1.0.0.23 - Corel Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 en-US)) (Version: 31.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal Seagate Edition (HKLM-x32\...\{78E9A751-5616-233F-1249-16AC5758C646}) (Version: 7.0.41.11017 - muvee Technologies Pte Ltd)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OutfoxTV (HKLM-x32\...\OutfoxTV) (Version:  - OutfoxTV)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PSPH10Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPContent (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
PSPPro64 (Version: 16.2.0.20 - Corel Corporation) Hidden
PureHD (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealLegal E-Transcript Bundle Viewer (HKLM-x32\...\{28A09BC5-3822-4848-B647-AFAA50E1F807}) (Version: 6.1.1.108 - Thomson Reuters)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Replay AV 8 (HKLM-x32\...\Replay_AV_807) (Version: 8.83B - Applian Technologies Inc.)
Replay Converter 4 (HKLM-x32\...\Replay Converter 4) (Version: 4.10 - Applian Technologies Inc.)
Replay Media Catcher 4 (4.4.4) (HKLM-x32\...\Replay Media Catcher 4) (Version: 4.4.4 - Applian Technologies)
Replay Media Splitter 2.2.1207 (HKLM-x32\...\Replay_Media_Splitter_1.2) (Version: 2.2.1207 - Applian Technologies Inc.)
Replay Telecorder for Skype 1.3.0.12 (HKLM-x32\...\Replay Telecorder for Skype_is1) (Version: 1.3.0.12 - Applian Technologies Inc.)
Replay Video Capture 6 (HKLM-x32\...\Replay Video Capture6.0.6) (Version: 6.0.6 - Applian Technologies Inc.)
Scan (x32 Version: 140.0.167.000 - Hewlett-Packard) Hidden
Scribd Uploader (HKLM-x32\...\{40F6237F-0877-4344-AAD8-736E37969743}) (Version: 1.2.2 - scribd Inc)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Setup (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
Setup (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
Share (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
Share64 (Version: 1.6.1.109 - Corel Corporation) Hidden
Skitch (HKLM-x32\...\Skitch 2.3.1.163) (Version: 2.3.1.163 - Evernote Corp.)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
Tenorshare iPhone 5(5s,5c) Data Recovery  (HKLM-x32\...\Tenorshare iPhone 5(5s,5c) Data Recovery) (Version:  - Tenorshare, Inc.)
Timeline Maker Professional (HKLM-x32\...\{F2394761-3F45-4ec9-B3B6-F795ECF065D8}) (Version: 2.2.5.4 - Progeny Software Inc.)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.2.08-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.6C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.26C - TOSHIBA CORPORATION)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.4 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.6.22 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.7.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.25 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.1.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.1.2 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.11.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Transcript 2.5.0 (HKLM-x32\...\Transcript) (Version: 2.5.0 - Jacob Boerema)
TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Updater By Smilebox 2.0.0.581 (HKLM\...\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1) (Version: 2.0.0.581 - Smilebox)
Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
Video Padlock (HKLM-x32\...\Video Padlock1.20) (Version: 1.20 - Applian Technologies Inc.)
VIO (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
VoiceZoneConnect (HKLM-x32\...\com.twc.voicezoneconnect) (Version: 1.5.0 - Time Warner Cable Media Inc)
VoiceZoneConnect (x32 Version: 1.5.0 - Time Warner Cable Media Inc) Hidden
WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden
Wheel Mouse Software 4.1 (HKLM-x32\...\Wheel Mouse Software_is1) (Version:  - )
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
WinDjView 2.0.2 (HKLM\...\WinDjView) (Version: 2.0.2 - Andrew Zhezherun)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.0.2 (HKLM-x32\...\WinPcapInst) (Version: 4.0.0.1040 - CACE Technologies)
WriteItNow 407f (HKLM-x32\...\3403-1564-8739-1028) (Version:  - Ravenshead Services Ltd)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Debbie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Debbie\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2394252256-638096374-409990316-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

29-04-2015 13:27:13 Windows Update
06-05-2015 16:55:19 Windows Update
06-05-2015 17:24:12 Windows Update
10-05-2015 02:14:35 Windows Update
13-05-2015 08:37:26 Windows Update
15-05-2015 12:18:16 Removed Adobe Acrobat Reader DC.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06FB3166-EE7B-41F5-8E57-8119149362C4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {08B9639B-BE47-4B8D-89A9-FC731E8FFF78} - System32\Tasks\{73C1D6A8-13A9-4488-9E40-66D35C8D4D79} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {3DE8EEA5-8CF0-4C5D-BB02-07B8FF321BC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21] (Google Inc.)
Task: {784BC767-7449-43BD-9968-F99158CC710E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21] (Google Inc.)
Task: {C6DFA20F-1C36-4CEB-86D0-DAE6CB6BEB10} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2394252256-638096374-409990316-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D93127BC-08A0-4B72-AD9A-16CCD5A67484} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {E1667131-977E-4B03-9446-C3A495086C76} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2394252256-638096374-409990316-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-04-07 18:07 - 2010-04-07 18:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 15:26 - 2009-11-03 15:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 16:15 - 2010-03-03 16:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 16:15 - 2010-03-03 16:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2010-11-24 21:59 - 2009-06-22 18:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
2009-03-12 21:08 - 2009-03-12 21:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 20:38 - 2009-07-25 20:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2010-03-12 17:41 - 2010-03-12 17:41 - 00417080 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
2013-03-26 11:25 - 2008-08-01 14:30 - 00501760 _____ () C:\Program Files (x86)\Tech\Wheel Mouse Software\4.1\ACQTMAPP.exe
2009-10-13 12:00 - 2009-10-13 12:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-08-28 16:12 - 2012-08-28 16:12 - 00270336 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-02-05 20:44 - 2010-02-05 20:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-15 12:37 - 2015-05-15 12:37 - 00043008 _____ () c:\users\debbie\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqb_bej.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00750080 _____ () C:\Users\Debbie\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00047616 _____ () C:\Users\Debbie\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00865280 _____ () C:\Users\Debbie\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00200704 _____ () C:\Users\Debbie\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00010240 _____ () C:\Users\Debbie\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00726016 _____ () C:\Users\Debbie\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00010240 _____ () C:\Users\Debbie\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2013-03-26 11:25 - 2008-12-30 11:49 - 00400896 _____ () C:\Program Files (x86)\Tech\Wheel Mouse Software\4.1\ACQDEVCL.DLL
2013-03-26 11:25 - 2007-06-24 15:14 - 00029696 _____ () C:\Program Files (x86)\Tech\Wheel Mouse Software\4.1\ACQTMDLL.DLL
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office2010\Office14\1033\GrooveIntlResource.dll
2015-04-14 17:12 - 2015-04-14 17:12 - 16863920 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Debbie\Desktop\150504 Colorado Springs Small Smiles door-now closed.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Desktop\150505 Aurora Youth Dentistry front door.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Desktop\150505 Aurora Youth Dentistry front.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Desktop\Dental  Abuse Presentation final.ppt:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Desktop\GENEALOGY AVATARS.lnk:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Desktop\Genealogy.lnk:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Downloads\FamilyTreeMaker2014_ESD_US_Direct_SA_9-24-13.exe:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Documents\141105 Feds_ 95 Indiana dental providers have questionable billing-indiana.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Documents\AutoHotkey.ahk:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Documents\Ice Skating 2015.wlmp:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Documents\Income-Expenses-Assets.xlsx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Documents\Santa envelope.docx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Documents\Tree Stark.png:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2394252256-638096374-409990316-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 209.18.47.61 - 209.18.47.62

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Norton PC Checkup Application Launcher => 2
MSCONFIG\Services: PDF Architect 2 => 3
MSCONFIG\Services: pdfforge CrashHandler => 3
MSCONFIG\Services: Thpsrv => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Air Display Support => "C:\Program Files\Avatron\Air Display\AirDisplay.exe"
MSCONFIG\startupreg: Corel Photo Downloader => "c:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: disketup-suspect => rundll32 "C:\Users\Debbie\AppData\Local\Temp\MigAtend64.dll",CreateProcessNotify
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: Skitch => C:\Program Files (x86)\Evernote\Skitch\Skitch.exe -start-on-hide
MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
MSCONFIG\startupreg: Standby => "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: ThpSrv => C:\windows\system32\thpsrv /logon
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{BFD628C3-950B-48FB-B621-911FC132839B}] => (Allow) C:\Users\Debbie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{5B476092-BA2E-4C10-BDA2-2386D5955E9C}] => (Allow) C:\Users\Debbie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0C61C75A-F950-4E30-B59F-CA309CA01651}] => (Allow) C:\Users\Debbie\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{8AD7B8E6-1131-4EE9-A428-26B0DB6BFD12}C:\users\debbie\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\debbie\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{5DED0CD5-EBB1-4ACB-903B-0D5F840ABD81}C:\users\debbie\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\debbie\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{8351CC60-0B6E-4DC8-8351-A7465C6F2216}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS6728\hppiw.exe
FirewallRules: [{35291D5E-5A69-4A20-B207-EDB280F3F9E4}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS6728\hppiw.exe
FirewallRules: [{FE08983E-1EBC-40FF-9FE8-F47D91916F3D}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS6CA7\OJJ4600_Full_14\setup\hpznui40.exe
FirewallRules: [{FB1DDC4D-130F-4B55-AA0E-C3C31075E467}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{76A42F8D-A87C-4AB6-AE02-2930B7B4511D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{34DC6B17-8BFC-44AC-B991-ABE57D09C08C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{948EE006-92A2-4B72-BF7C-EE08E1C5C59F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{2908389C-2865-4563-B7DD-45CAAA7B27A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{94C53C7E-0E35-482E-AA72-0E70459B0EDB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{3650B7C1-9F5D-4C93-B3C3-4490CFF22081}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{D5D785D7-6815-4754-A98B-3376EFE57A4E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{B25B6378-CA96-4FB1-8D89-F854AAB9312F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{44A7B757-A8F2-4F69-8105-EAB8E85FC6AE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{92983D65-C35C-4CD9-A50C-35BB566D2FA3}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{8E0B451F-7383-45E1-A39F-3B4C35B973D6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{16011E90-2582-4C23-8EED-2165526A505C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{5160174A-6E9B-4029-9B54-0EC2E9565FFA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{A66E7311-C01D-4CDD-A195-9020A3B3DEA9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{CAD0F3EE-E131-4C7A-B073-6F8CE505D4C3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{E725C8F6-D4D3-4DE8-A1D3-96D0C1FACAD7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{374AEB03-2E3F-4699-BDD5-EC183E02D427}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{3083DAA7-E102-4D24-9DCE-EA4B6783E99F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{BE85BA07-95F0-4158-B130-6388623ECA97}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{743F3BF5-9D62-4A7E-B9C3-A5B041E402A8}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{59FA7D24-B2F3-4C54-9476-786775EBE69B}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{FA669857-6637-485D-A72B-3B990688DE83}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0BBBBABF-4206-4D75-AB9F-00CF6C5089EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{179FDB25-F2BE-4BDB-96BD-954D7598480F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4E0CC954-4559-4DD8-89F4-293E812AF243}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{61A76AB0-A03E-4A2D-B085-E24218D952BC}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{C6484C6E-0EC0-43C6-9073-606559C31184}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{5BFCB3B3-6188-42FD-AA4B-29C7DFDD9AD7}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{5AB1DD86-8595-4C3E-AE29-79F64AE6893A}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [{71E0463F-71B3-4417-8E32-CD43FEB3003C}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS0CA7\hppiw.exe
FirewallRules: [{5768D6F2-E69A-4C9F-9B08-2BAADA99BEF4}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS0CA7\hppiw.exe
FirewallRules: [TCP Query User{DE01040D-3450-4DAC-83BB-3F25D5DE5DED}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{BC63D997-85B1-48C2-8E8C-F3369813A687}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{98ADC742-639D-4F21-AD0E-D8032E86E150}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS2CF1\hppiw.exe
FirewallRules: [{3FE57A76-876D-4ED3-949D-9C3BA9C7368D}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS2CF1\hppiw.exe
FirewallRules: [{6863E7F3-C0CF-476C-8303-F332E21783C8}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS2F1C\hppiw.exe
FirewallRules: [{06F969DB-9714-4904-9EB7-951E78D8BB6B}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS2F1C\hppiw.exe
FirewallRules: [{2AD66868-F8E9-426B-96DA-98DD729A25B5}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS2F1C\hppiw.exe
FirewallRules: [{CCFD5425-4D4D-4ECD-B29F-4E4838DE7581}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS2F1C\hppiw.exe
FirewallRules: [{CE982739-0831-41BA-A6BF-A64A62FE3BFD}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS6869\hppiw.exe
FirewallRules: [{D83408B9-D948-4580-92BD-B1DEB8CFB55C}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS6869\hppiw.exe
FirewallRules: [{9B95E94F-6926-4C0D-B4FA-1567D79362F6}] => (Allow) C:\Program Files (x86)\Microsoft Office2010\Office14\GROOVE.EXE
FirewallRules: [{AA2B46D5-74E5-4E39-A5DF-3E65DC4EAB26}] => (Allow) C:\Program Files (x86)\Microsoft Office2010\Office14\GROOVE.EXE
FirewallRules: [{03E41623-3724-4D6C-B9B4-DA2824357CD1}] => (Allow) C:\Program Files (x86)\Microsoft Office2010\Office14\ONENOTE.EXE
FirewallRules: [{477BE09C-F757-40E8-973F-C4189E327557}] => (Allow) C:\Program Files (x86)\Microsoft Office2010\Office14\ONENOTE.EXE
FirewallRules: [{8440042C-04EC-4EFB-B7D1-1C1A36895447}] => (Allow) C:\Program Files (x86)\Microsoft Office2010\Office14\outlook.exe
FirewallRules: [{F82DD1A0-BD73-42B6-9C7D-1105C1A3CA9F}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS7695\HPDiagnosticCoreUI.exe
FirewallRules: [{D4898A42-8A72-4C49-990A-BA970DF4C62C}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS7695\HPDiagnosticCoreUI.exe
FirewallRules: [{A8E69447-DA6C-46E4-B2EA-2AF7B0C56EB7}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{30BB49C0-41D9-4A41-86AA-172A39027D46}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS6207\HPDiagnosticCoreUI.exe
FirewallRules: [{65B44AB6-4019-47BB-ADB6-1FDD2FCEEC65}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS6207\HPDiagnosticCoreUI.exe
FirewallRules: [{DD985F57-3911-4DD2-AA38-555C2683B493}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B4F591A6-B1A6-4800-9BC9-A75E1C239843}] => (Allow) LPort=2869
FirewallRules: [{B8A18715-9D86-4076-ABC1-A70A9E9F6EFB}] => (Allow) LPort=1900
FirewallRules: [{C8C6981D-79EB-4BC1-BBBA-FF2F2BC5C339}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ACC13D2A-C4F4-49F6-81EE-AE90E6A2E664}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DA799398-FDE1-493E-BE74-B3D30198471E}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS044E\HPDiagnosticCoreUI.exe
FirewallRules: [{788F0AFC-C693-4E39-AD38-53923BD35902}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS044E\HPDiagnosticCoreUI.exe
FirewallRules: [{3666B37C-378B-468D-95ED-2E74F3EDE215}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS04A0\HPDiagnosticCoreUI.exe
FirewallRules: [{CC0F43F9-19B8-4CF5-9C51-B7F0848E63CA}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS04A0\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{BFFDC119-937A-4BBE-BCE3-7431C44C15A8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7A9C4A36-A532-4A2D-AD78-E626D7D72CCB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{C4C97370-485B-4BD5-9A30-EAA06413CD12}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS566D\HPDiagnosticCoreUI.exe
FirewallRules: [{2F7C2128-E8B1-469B-BD63-127E4CAE26FE}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS566D\HPDiagnosticCoreUI.exe
FirewallRules: [{94E554E4-FCC0-4CA2-A9AB-C3144F81576D}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS578C\HPDiagnosticCoreUI.exe
FirewallRules: [{A2633F19-C38C-448A-9C28-A162B43B1B7A}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS578C\HPDiagnosticCoreUI.exe
FirewallRules: [{5524054A-E556-41F2-A4A2-6329E51B8F82}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS5F5B\HPDiagnosticCoreUI.exe
FirewallRules: [{07AA04FB-88DE-440F-B759-419E54685D7B}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS5F5B\HPDiagnosticCoreUI.exe
FirewallRules: [{F08F8592-EDDB-419A-9763-2F150733C16C}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS08E4\HPDiagnosticCoreUI.exe
FirewallRules: [{BC886DEF-B3BE-4F56-9A76-F4A2B24DF96F}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS08E4\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{38ED1BA0-DAF4-408E-9970-691B5B5186DF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{18B851D9-C92D-4896-AAB9-23A90383432D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{0264467C-1D9C-450B-AAB2-2D958D15DC40}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS4E89\HPDiagnosticCoreUI.exe
FirewallRules: [{7BF60AB2-D444-4489-BC3C-0B081C573DE3}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS4E89\HPDiagnosticCoreUI.exe
FirewallRules: [{68870AF1-946F-439D-AFA6-1C72A6940C9D}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS51F1\HPDiagnosticCoreUI.exe
FirewallRules: [{B553307A-1B2F-4931-B460-827B9BAAD490}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS51F1\HPDiagnosticCoreUI.exe
FirewallRules: [{9DDFF8FC-DF84-44F9-BCEB-906131C78330}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS5923\HPDiagnosticCoreUI.exe
FirewallRules: [{B75CDC23-63BB-4302-850E-5C145289E845}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS5923\HPDiagnosticCoreUI.exe
FirewallRules: [{AC14C48A-0A8A-4A20-B961-F4B8FC917FFB}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS5FCF\HPDiagnosticCoreUI.exe
FirewallRules: [{F831EBE1-68AF-4332-A06C-6FA406BD6320}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS5FCF\HPDiagnosticCoreUI.exe
FirewallRules: [{C64B3B16-F15D-48D2-9467-C0DD02E4E9BE}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS7C6F\HPDiagnosticCoreUI.exe
FirewallRules: [{399B8288-C965-4307-BEB3-3F541C35D7D1}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS7C6F\HPDiagnosticCoreUI.exe
FirewallRules: [{5D4D5F81-7285-487A-ACF7-B880B773FF9D}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS07B2\HPDiagnosticCoreUI.exe
FirewallRules: [{D400D794-0980-4D00-8C4F-ECACE441D8DB}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS07B2\HPDiagnosticCoreUI.exe
FirewallRules: [{EEEAEBA3-28DD-4916-B59A-8995C9D2C927}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet J4680 series
Description: Officejet J4680 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Deskjet 6800
Description: Deskjet 6800
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/15/2015 09:20:18 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (05/14/2015 07:39:58 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (05/14/2015 07:35:43 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (05/14/2015 07:30:48 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (05/14/2015 04:52:09 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (05/13/2015 06:16:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7035

Error: (05/13/2015 06:16:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7035

Error: (05/13/2015 06:16:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/13/2015 06:16:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6037

Error: (05/13/2015 06:16:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6037


System errors:
=============
Error: (05/15/2015 00:42:27 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (05/15/2015 00:40:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (05/15/2015 00:36:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126

Error: (05/15/2015 00:29:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (05/15/2015 00:23:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126

Error: (05/15/2015 10:47:55 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (05/15/2015 10:42:20 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126

Error: (05/15/2015 10:40:16 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The NPEService service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (05/14/2015 10:41:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

Error: (05/14/2015 10:41:17 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD Phenom™ II P960 Quad-Core Processor
Percentage of memory in use: 49%
Total physical RAM: 3835.67 MB
Available physical RAM: 1941.9 MB
Total Pagefile: 7669.53 MB
Available Pagefile: 5384.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (TI106076W0B) (Fixed) (Total:918.45 GB) (Free:456.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 0C84EA67)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=918.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.6 GB) - (Type=17)

==================== End Of Log ============================

 

 



BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,228 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:48 AM

Posted 20 May 2015 - 10:00 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

CreateRestorePoint:
CloseProcesses:

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-2394252256-638096374-409990316-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
C:\Users\Debbie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqb_bej.dll
AlternateDataStreams: C:\Users\Debbie\Desktop\150504 Colorado Springs Small Smiles door-now closed.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Desktop\150505 Aurora Youth Dentistry front door.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Desktop\150505 Aurora Youth Dentistry front.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Desktop\Dental  Abuse Presentation final.ppt:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Desktop\GENEALOGY AVATARS.lnk:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Desktop\Genealogy.lnk:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Downloads\FamilyTreeMaker2014_ESD_US_Direct_SA_9-24-13.exe:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Documents\141105 Feds_ 95 Indiana dental providers have questionable billing-indiana.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Documents\AutoHotkey.ahk:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Documents\Ice Skating 2015.wlmp:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Documents\Income-Expenses-Assets.xlsx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Documents\Santa envelope.docx:com.dropbox.attributes
AlternateDataStreams: C:\Users\Debbie\Documents\Tree Stark.png:com.dropbox.attributes

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F
===

 

Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

This is from Chrome.
If you have any difficulties with Chrome I suggest you remove Chrome using the the instructions on this page.
https://support.google.com/chrome/answer/95319?hl=en

Before you do Export your Bookmarks
Chrome will export your bookmarks as a HTML file, which you can then import into another browser.

Re-install Chrome and the Bookmarks.

If you want to save all your settings refer to this page.
Follow the instructions before removing Chrome.
http://juan2geek.com/how-to-backup-and-restore-entire-google-chrome-setting/
<<<>>>

How is the computer running now?

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,228 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:48 AM

Posted 25 May 2015 - 08:17 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users