Mom's computer won't log in to aol, locks up, needs good cleaning.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Miaddie (administrator) on MIADDIE-PC (13-01-2016 21:20:50)
Running from C:\Users\Miaddie\Desktop
Loaded Profiles: Miaddie (Available Profiles: Miaddie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: C:\PROGRA~2\AOLDES~1.7C\aol.exe "%1" )
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(MyWebSearch.com) C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEMON.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(MyWebSearch.com) C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE
(Authentium, Inc) C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.8.1a\waol.exe
(Authentium, Inc) C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Authentium, Inc) C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
() C:\Program Files (x86)\Microsoft Office\Office\FINDFAST.EXE
() C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AOL Inc.) C:\Program Files (x86)\Common Files\aol\1279729449\ee\aolsoftware.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.8.1a\shellmon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\aol\1279729449\ee\aolupdates.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1279729449\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [MyWebSearch Email Plugin] => C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEMON.EXE [32849 2011-04-30] (MyWebSearch.com)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [My Web Search Bar Search Scope Monitor] => "C:\PROGRA~2\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h
HKLM-x32\...\Run: [ShopAtHomeWatcher] => C:\Users\Miaddie\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
HKLM-x32\...\Run: [ShopAtHomeUpdater] => C:\Users\Miaddie\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Run: [MyWebSearch Email Plugin] => C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEMON.EXE [32849 2011-04-30] (MyWebSearch.com)
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-08-02] (Google Inc.)
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Run: [bwldcebu] => "C:\Users\Miaddie\AppData\Local\niwngdgs.exe"
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.8.1a\AOL.EXE [73584 2015-10-06] (AOL Inc.)
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Policies\Explorer: [NoViewContextMenu] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk [2013-06-26]
ShortcutTarget: Event Reminder.lnk -> C:\Program Files (x86)\PrintMaster 16\pmremind.exe (Broderbund Properties LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-11-01]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-01-13]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk [2010-01-17]
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Startup: C:\Users\Miaddie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Find Fast.lnk [2010-07-21]
ShortcutTarget: Microsoft Find Fast.lnk -> C:\Program Files (x86)\Microsoft Office\Office\FINDFAST.EXE ()
Startup: C:\Users\Miaddie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Office Startup.lnk [2010-07-21]
ShortcutTarget: Office Startup.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{BCAEC965-F33B-4005-91AA-EEB1CDFD7AC1}: [DhcpNameServer] 192.168.254.254
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\S-1-5-21-947602546-141725-2524230356-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aol.com/?mtmhp=hyplogusaolp00000092
URLSearchHook: HKU\S-1-5-21-947602546-141725-2524230356-1001 - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
URLSearchHook: HKU\S-1-5-21-947602546-141725-2524230356-1001 - (No Name) - {ffb11c0c-da90-4969-a995-8dca2e0fc10a} - No File
URLSearchHook: HKU\S-1-5-21-947602546-141725-2524230356-1001 - (No Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No File
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {29C5C11D-39C7-4AA2-9781-C3ABBD8FC5E9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {5BA6C7E2-AFE3-41EC-975F-544F10D02112} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> DefaultScope {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml?id=ZCzeb0043DUS_ZZzer000&ptnrS=ZCzeb0043DUS_ZZzer000&ptb=UUKS6jFCEuEmKquMS0DFsw&ind=2010072318&n=&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {29C5C11D-39C7-4AA2-9781-C3ABBD8FC5E9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-aolrt-chromesbox-en-us&tb_uuid=20100721162445122&tb_oid=21-07-2010&tb_mrud=03-09-2012
SearchScopes: HKLM-x32 -> {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml?id=ZCzeb0043DUS_ZZzer000&ptnrS=ZCzeb0043DUS_ZZzer000&ptb=UUKS6jFCEuEmKquMS0DFsw&ind=2010072318&n=&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 -> {5BA6C7E2-AFE3-41EC-975F-544F10D02112} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm044^S06473^us&si=CNK528nmi7kCFbAWMgodxT0A5Q&ptb=83B282C7-F17C-44B3-AA1A-B36300C36E00&psa=&ind=2013092022&st=sb&n=77fd58b6&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> DefaultScope {08CB21D0-9DB2-46DD-9B77-17095D4C69A2} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3201318
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {08CB21D0-9DB2-46DD-9B77-17095D4C69A2} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3201318
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {29C5C11D-39C7-4AA2-9781-C3ABBD8FC5E9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-aolrt-chromesbox-en-us&tb_uuid=20100721162445122&tb_oid=21-07-2010&tb_mrud=03-09-2012
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml?id=ZCzeb0043DUS_ZZzer000&ptnrS=ZCzeb0043DUS_ZZzer000&ptb=UUKS6jFCEuEmKquMS0DFsw&ind=2010072318&n=&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {5BA6C7E2-AFE3-41EC-975F-544F10D02112} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm044^S06473^us&si=CNK528nmi7kCFbAWMgodxT0A5Q&ptb=83B282C7-F17C-44B3-AA1A-B36300C36E00&psa=&ind=2013092022&st=sb&n=77fd58b6&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com//?search={searchTerms}&loc=search_box&a=1pb9rS8h3eC
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: MyWebSearch Search Assistant BHO -> {00A6FAF1-072E-44cf-8957-5838F569A31D} -> C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL [2011-04-30] (MyWebSearch.com)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: mwsBar BHO -> {07B18EA1-A523-4961-B6BB-170DE4475CCA} -> C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL [2011-04-30] (MyWebSearch.com)
BHO-x32: AOL Toolbar Loader -> {3ef64538-8b54-4573-b48f-4d34b0238ab2} -> C:\Program Files (x86)\AOL Toolbar\aoltb.dll [2013-08-09] (AOL Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Toolbar: HKLM-x32 - My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL [2011-04-30] (MyWebSearch.com)
Toolbar: HKLM-x32 - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll [2013-08-09] (AOL Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> No Name - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - No File
Toolbar: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> No Name - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
DPF: HKLM-x32 {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/CursorManiaInitialSetup1.0.1.1.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-17] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @mywebsearch.com/Plugin -> C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll [2011-04-30] (MyWebSearch.com)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-22] (Google Inc.)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2010-12-07] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-947602546-141725-2524230356-1001: @hulu.com/Hulu Desktop -> C:\Users\Miaddie\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll [2010-08-12] (Hulu LLC)
FF Plugin HKU\S-1-5-21-947602546-141725-2524230356-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Miaddie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-10-24] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [m3ffxtbr@mywebsearch.com] - C:\Program Files (x86)\MyWebSearch\bar\2.bin
FF Extension: My Web Search - C:\Program Files (x86)\MyWebSearch\bar\2.bin [2011-10-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-11-01] [not signed]
FF HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\gcswf32.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll (MyWebSearch.com)
CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Miaddie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Hulu Desktop) - C:\Users\Miaddie\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\Miaddie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Miaddie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 MyWebSearchService; C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE [28762 2011-04-30] (MyWebSearch.com) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 vseamps; C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe [149544 2010-04-08] (Authentium, Inc)
R2 vsedsps; C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe [148008 2010-04-08] (Authentium, Inc)
R2 vseqrts; C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe [205352 2010-04-08] (Authentium, Inc)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
U0 sr; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-13 21:20 - 2016-01-13 21:22 - 00024493 _____ C:\Users\Miaddie\Desktop\FRST.txt
2016-01-13 21:20 - 2016-01-13 21:20 - 00000000 ____D C:\FRST
2016-01-13 21:18 - 2016-01-13 21:20 - 02370560 _____ (Farbar) C:\Users\Miaddie\Desktop\FRST64.exe
2016-01-13 21:03 - 2016-01-13 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-01-05 19:03 - 2016-01-05 19:08 - 00162654 _____ C:\Windows\ntbtlog.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-13 21:20 - 2009-07-13 23:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-13 21:20 - 2009-07-13 23:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-13 21:20 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2016-01-13 21:16 - 2010-08-04 23:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-13 21:13 - 2010-08-04 23:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-13 21:13 - 1996-11-16 23:00 - 00023950 ____H C:\Windows\SysWOW64\FFASTLOG.TXT
2016-01-13 21:12 - 2012-07-26 19:28 - 00000498 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2016-01-13 21:12 - 2010-01-17 23:29 - 00000000 ____D C:\ProgramData\Norton
2016-01-13 21:12 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-13 21:03 - 2015-09-03 20:33 - 00001966 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-01-13 21:02 - 2015-11-17 15:23 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-01-05 19:25 - 2012-04-11 16:43 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-05 19:06 - 2013-09-20 21:26 - 00000000 ____D C:\Users\Miaddie\AppData\LocalLow\ShopAtHome
2015-12-31 14:05 - 2015-06-29 10:35 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMiaddie
2015-12-31 14:05 - 2015-06-29 10:35 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForMiaddie.job
2015-12-27 12:45 - 2010-07-21 11:38 - 00000000 ____D C:\Users\Miaddie\AppData\Local\ElevatedDiagnostics
2015-12-24 18:20 - 2010-07-21 10:49 - 00000000 ____D C:\Users\Miaddie\AppData\Local\Hewlett-Packard
2015-12-24 18:20 - 2010-07-21 10:48 - 00000000 ____D C:\Users\Miaddie
2015-12-22 15:00 - 2009-07-14 00:13 - 00801988 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-22 15:00 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2015-12-22 14:35 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-22 14:19 - 2012-04-18 18:39 - 00002145 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-22 14:11 - 2010-08-04 23:50 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-22 14:11 - 2010-08-04 23:50 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-22 14:11 - 2010-08-04 22:37 - 00000000 ____D C:\Users\Miaddie\AppData\Local\Google
==================== Files in the root of some directories =======
2013-06-18 17:58 - 2013-06-18 17:58 - 0000000 _____ () C:\Users\Miaddie\AppData\Roaming\SharedSettings.ccs
2010-07-21 11:40 - 2015-09-03 20:32 - 0008132 _____ () C:\Users\Miaddie\AppData\Roaming\wklnhst.dat
2012-01-30 23:08 - 2012-07-10 07:06 - 0120832 _____ () C:\Users\Miaddie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-19 09:35 - 2013-06-19 09:35 - 0045960 _____ () C:\Users\Miaddie\AppData\Local\dfheiklm
2013-06-18 17:59 - 2013-06-18 17:59 - 0598808 _____ () C:\Users\Miaddie\AppData\Local\hhabgtds
2013-06-19 09:35 - 2013-06-19 09:35 - 0598808 _____ () C:\Users\Miaddie\AppData\Local\kbeqwqjh
2013-06-18 17:58 - 2013-06-18 17:58 - 0045960 _____ () C:\Users\Miaddie\AppData\Local\sjqiqlca
2014-03-27 17:38 - 2014-03-27 17:38 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-15 22:26 - 2013-11-01 21:27 - 0016309 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\Miaddie\AppData\Local\Temp\AcsInstall.dll
C:\Users\Miaddie\AppData\Local\Temp\aol_toolbar41F7.exe
C:\Users\Miaddie\AppData\Local\Temp\aol_toolbar592E.exe
C:\Users\Miaddie\AppData\Local\Temp\aol_toolbar9467.exe
C:\Users\Miaddie\AppData\Local\Temp\aol_toolbarAA55.exe
C:\Users\Miaddie\AppData\Local\Temp\cdrun.exe
C:\Users\Miaddie\AppData\Local\Temp\ffunzip.exe
C:\Users\Miaddie\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Miaddie\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Miaddie\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Miaddie\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\Miaddie\AppData\Local\Temp\ICSTMP_9316.exe
C:\Users\Miaddie\AppData\Local\Temp\install_reader10_en_chra_aih[1].exe
C:\Users\Miaddie\AppData\Local\Temp\NetFramework45.exe
C:\Users\Miaddie\AppData\Local\Temp\Resource.exe
C:\Users\Miaddie\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Miaddie\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\Miaddie\AppData\Local\Temp\sp46257.exe
C:\Users\Miaddie\AppData\Local\Temp\sp49905.exe.exe
C:\Users\Miaddie\AppData\Local\Temp\sp52594.exe.exe
C:\Users\Miaddie\AppData\Local\Temp\sp53904.exe
C:\Users\Miaddie\AppData\Local\Temp\sp54931.exe
C:\Users\Miaddie\AppData\Local\Temp\sp58915.exe
C:\Users\Miaddie\AppData\Local\Temp\sp64126.exe
C:\Users\Miaddie\AppData\Local\Temp\tbCybe.dll
C:\Users\Miaddie\AppData\Local\Temp\tbedrs.dll
C:\Users\Miaddie\AppData\Local\Temp\tbFLV2.dll
C:\Users\Miaddie\AppData\Local\Temp\tbIncr.dll
C:\Users\Miaddie\AppData\Local\Temp\tbpreinst64CC.exe
C:\Users\Miaddie\AppData\Local\Temp\tbpreinstF941.exe
C:\Users\Miaddie\AppData\Local\Temp\TB_6A24.exe
C:\Users\Miaddie\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Miaddie\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Miaddie\AppData\Local\Temp\Update.exe
C:\Users\Miaddie\AppData\Local\Temp\Vbrun60.exe
C:\Users\Miaddie\AppData\Local\Temp\_mvpfk-s.dll
C:\Users\Miaddie\AppData\Local\Temp\~InstallCyberDefenderEDC-050662[1].exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-12-24 18:43
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Miaddie (administrator) on MIADDIE-PC (13-01-2016 21:20:50)
Running from C:\Users\Miaddie\Desktop
Loaded Profiles: Miaddie (Available Profiles: Miaddie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: C:\PROGRA~2\AOLDES~1.7C\aol.exe "%1" )
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(MyWebSearch.com) C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEMON.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(MyWebSearch.com) C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE
(Authentium, Inc) C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.8.1a\waol.exe
(Authentium, Inc) C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Authentium, Inc) C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
() C:\Program Files (x86)\Microsoft Office\Office\FINDFAST.EXE
() C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AOL Inc.) C:\Program Files (x86)\Common Files\aol\1279729449\ee\aolsoftware.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.8.1a\shellmon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\aol\1279729449\ee\aolupdates.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1279729449\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [MyWebSearch Email Plugin] => C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEMON.EXE [32849 2011-04-30] (MyWebSearch.com)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [My Web Search Bar Search Scope Monitor] => "C:\PROGRA~2\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h
HKLM-x32\...\Run: [ShopAtHomeWatcher] => C:\Users\Miaddie\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
HKLM-x32\...\Run: [ShopAtHomeUpdater] => C:\Users\Miaddie\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Run: [MyWebSearch Email Plugin] => C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEMON.EXE [32849 2011-04-30] (MyWebSearch.com)
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-08-02] (Google Inc.)
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Run: [bwldcebu] => "C:\Users\Miaddie\AppData\Local\niwngdgs.exe"
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.8.1a\AOL.EXE [73584 2015-10-06] (AOL Inc.)
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Policies\Explorer: [NoViewContextMenu] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk [2013-06-26]
ShortcutTarget: Event Reminder.lnk -> C:\Program Files (x86)\PrintMaster 16\pmremind.exe (Broderbund Properties LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-11-01]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-01-13]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk [2010-01-17]
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Startup: C:\Users\Miaddie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Find Fast.lnk [2010-07-21]
ShortcutTarget: Microsoft Find Fast.lnk -> C:\Program Files (x86)\Microsoft Office\Office\FINDFAST.EXE ()
Startup: C:\Users\Miaddie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Office Startup.lnk [2010-07-21]
ShortcutTarget: Office Startup.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{BCAEC965-F33B-4005-91AA-EEB1CDFD7AC1}: [DhcpNameServer] 192.168.254.254
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\S-1-5-21-947602546-141725-2524230356-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aol.com/?mtmhp=hyplogusaolp00000092
URLSearchHook: HKU\S-1-5-21-947602546-141725-2524230356-1001 - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
URLSearchHook: HKU\S-1-5-21-947602546-141725-2524230356-1001 - (No Name) - {ffb11c0c-da90-4969-a995-8dca2e0fc10a} - No File
URLSearchHook: HKU\S-1-5-21-947602546-141725-2524230356-1001 - (No Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No File
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {29C5C11D-39C7-4AA2-9781-C3ABBD8FC5E9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {5BA6C7E2-AFE3-41EC-975F-544F10D02112} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> DefaultScope {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml?id=ZCzeb0043DUS_ZZzer000&ptnrS=ZCzeb0043DUS_ZZzer000&ptb=UUKS6jFCEuEmKquMS0DFsw&ind=2010072318&n=&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {29C5C11D-39C7-4AA2-9781-C3ABBD8FC5E9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-aolrt-chromesbox-en-us&tb_uuid=20100721162445122&tb_oid=21-07-2010&tb_mrud=03-09-2012
SearchScopes: HKLM-x32 -> {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml?id=ZCzeb0043DUS_ZZzer000&ptnrS=ZCzeb0043DUS_ZZzer000&ptb=UUKS6jFCEuEmKquMS0DFsw&ind=2010072318&n=&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 -> {5BA6C7E2-AFE3-41EC-975F-544F10D02112} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm044^S06473^us&si=CNK528nmi7kCFbAWMgodxT0A5Q&ptb=83B282C7-F17C-44B3-AA1A-B36300C36E00&psa=&ind=2013092022&st=sb&n=77fd58b6&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> DefaultScope {08CB21D0-9DB2-46DD-9B77-17095D4C69A2} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3201318
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {08CB21D0-9DB2-46DD-9B77-17095D4C69A2} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3201318
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {29C5C11D-39C7-4AA2-9781-C3ABBD8FC5E9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-aolrt-chromesbox-en-us&tb_uuid=20100721162445122&tb_oid=21-07-2010&tb_mrud=03-09-2012
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml?id=ZCzeb0043DUS_ZZzer000&ptnrS=ZCzeb0043DUS_ZZzer000&ptb=UUKS6jFCEuEmKquMS0DFsw&ind=2010072318&n=&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {5BA6C7E2-AFE3-41EC-975F-544F10D02112} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^XP^xdm044^S06473^us&si=CNK528nmi7kCFbAWMgodxT0A5Q&ptb=83B282C7-F17C-44B3-AA1A-B36300C36E00&psa=&ind=2013092022&st=sb&n=77fd58b6&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com//?search={searchTerms}&loc=search_box&a=1pb9rS8h3eC
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: MyWebSearch Search Assistant BHO -> {00A6FAF1-072E-44cf-8957-5838F569A31D} -> C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL [2011-04-30] (MyWebSearch.com)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: mwsBar BHO -> {07B18EA1-A523-4961-B6BB-170DE4475CCA} -> C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL [2011-04-30] (MyWebSearch.com)
BHO-x32: AOL Toolbar Loader -> {3ef64538-8b54-4573-b48f-4d34b0238ab2} -> C:\Program Files (x86)\AOL Toolbar\aoltb.dll [2013-08-09] (AOL Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Toolbar: HKLM-x32 - My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL [2011-04-30] (MyWebSearch.com)
Toolbar: HKLM-x32 - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll [2013-08-09] (AOL Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> No Name - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - No File
Toolbar: HKU\S-1-5-21-947602546-141725-2524230356-1001 -> No Name - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
DPF: HKLM-x32 {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/CursorManiaInitialSetup1.0.1.1.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-17] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @mywebsearch.com/Plugin -> C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll [2011-04-30] (MyWebSearch.com)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-22] (Google Inc.)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2010-12-07] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-947602546-141725-2524230356-1001: @hulu.com/Hulu Desktop -> C:\Users\Miaddie\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll [2010-08-12] (Hulu LLC)
FF Plugin HKU\S-1-5-21-947602546-141725-2524230356-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Miaddie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-10-24] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [m3ffxtbr@mywebsearch.com] - C:\Program Files (x86)\MyWebSearch\bar\2.bin
FF Extension: My Web Search - C:\Program Files (x86)\MyWebSearch\bar\2.bin [2011-10-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-11-01] [not signed]
FF HKU\S-1-5-21-947602546-141725-2524230356-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\gcswf32.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll (MyWebSearch.com)
CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Miaddie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Hulu Desktop) - C:\Users\Miaddie\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\Miaddie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Miaddie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 MyWebSearchService; C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE [28762 2011-04-30] (MyWebSearch.com) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 vseamps; C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe [149544 2010-04-08] (Authentium, Inc)
R2 vsedsps; C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe [148008 2010-04-08] (Authentium, Inc)
R2 vseqrts; C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe [205352 2010-04-08] (Authentium, Inc)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
U0 sr; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-13 21:20 - 2016-01-13 21:22 - 00024493 _____ C:\Users\Miaddie\Desktop\FRST.txt
2016-01-13 21:20 - 2016-01-13 21:20 - 00000000 ____D C:\FRST
2016-01-13 21:18 - 2016-01-13 21:20 - 02370560 _____ (Farbar) C:\Users\Miaddie\Desktop\FRST64.exe
2016-01-13 21:03 - 2016-01-13 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-01-05 19:03 - 2016-01-05 19:08 - 00162654 _____ C:\Windows\ntbtlog.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-13 21:20 - 2009-07-13 23:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-13 21:20 - 2009-07-13 23:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-13 21:20 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2016-01-13 21:16 - 2010-08-04 23:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-13 21:13 - 2010-08-04 23:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-13 21:13 - 1996-11-16 23:00 - 00023950 ____H C:\Windows\SysWOW64\FFASTLOG.TXT
2016-01-13 21:12 - 2012-07-26 19:28 - 00000498 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2016-01-13 21:12 - 2010-01-17 23:29 - 00000000 ____D C:\ProgramData\Norton
2016-01-13 21:12 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-13 21:03 - 2015-09-03 20:33 - 00001966 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-01-13 21:02 - 2015-11-17 15:23 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-01-05 19:25 - 2012-04-11 16:43 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-05 19:06 - 2013-09-20 21:26 - 00000000 ____D C:\Users\Miaddie\AppData\LocalLow\ShopAtHome
2015-12-31 14:05 - 2015-06-29 10:35 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMiaddie
2015-12-31 14:05 - 2015-06-29 10:35 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForMiaddie.job
2015-12-27 12:45 - 2010-07-21 11:38 - 00000000 ____D C:\Users\Miaddie\AppData\Local\ElevatedDiagnostics
2015-12-24 18:20 - 2010-07-21 10:49 - 00000000 ____D C:\Users\Miaddie\AppData\Local\Hewlett-Packard
2015-12-24 18:20 - 2010-07-21 10:48 - 00000000 ____D C:\Users\Miaddie
2015-12-22 15:00 - 2009-07-14 00:13 - 00801988 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-22 15:00 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2015-12-22 14:35 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-22 14:19 - 2012-04-18 18:39 - 00002145 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-22 14:11 - 2010-08-04 23:50 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-22 14:11 - 2010-08-04 23:50 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-22 14:11 - 2010-08-04 22:37 - 00000000 ____D C:\Users\Miaddie\AppData\Local\Google
==================== Files in the root of some directories =======
2013-06-18 17:58 - 2013-06-18 17:58 - 0000000 _____ () C:\Users\Miaddie\AppData\Roaming\SharedSettings.ccs
2010-07-21 11:40 - 2015-09-03 20:32 - 0008132 _____ () C:\Users\Miaddie\AppData\Roaming\wklnhst.dat
2012-01-30 23:08 - 2012-07-10 07:06 - 0120832 _____ () C:\Users\Miaddie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-19 09:35 - 2013-06-19 09:35 - 0045960 _____ () C:\Users\Miaddie\AppData\Local\dfheiklm
2013-06-18 17:59 - 2013-06-18 17:59 - 0598808 _____ () C:\Users\Miaddie\AppData\Local\hhabgtds
2013-06-19 09:35 - 2013-06-19 09:35 - 0598808 _____ () C:\Users\Miaddie\AppData\Local\kbeqwqjh
2013-06-18 17:58 - 2013-06-18 17:58 - 0045960 _____ () C:\Users\Miaddie\AppData\Local\sjqiqlca
2014-03-27 17:38 - 2014-03-27 17:38 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-15 22:26 - 2013-11-01 21:27 - 0016309 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\Miaddie\AppData\Local\Temp\AcsInstall.dll
C:\Users\Miaddie\AppData\Local\Temp\aol_toolbar41F7.exe
C:\Users\Miaddie\AppData\Local\Temp\aol_toolbar592E.exe
C:\Users\Miaddie\AppData\Local\Temp\aol_toolbar9467.exe
C:\Users\Miaddie\AppData\Local\Temp\aol_toolbarAA55.exe
C:\Users\Miaddie\AppData\Local\Temp\cdrun.exe
C:\Users\Miaddie\AppData\Local\Temp\ffunzip.exe
C:\Users\Miaddie\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Miaddie\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Miaddie\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Miaddie\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\Miaddie\AppData\Local\Temp\ICSTMP_9316.exe
C:\Users\Miaddie\AppData\Local\Temp\install_reader10_en_chra_aih[1].exe
C:\Users\Miaddie\AppData\Local\Temp\NetFramework45.exe
C:\Users\Miaddie\AppData\Local\Temp\Resource.exe
C:\Users\Miaddie\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Miaddie\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\Miaddie\AppData\Local\Temp\sp46257.exe
C:\Users\Miaddie\AppData\Local\Temp\sp49905.exe.exe
C:\Users\Miaddie\AppData\Local\Temp\sp52594.exe.exe
C:\Users\Miaddie\AppData\Local\Temp\sp53904.exe
C:\Users\Miaddie\AppData\Local\Temp\sp54931.exe
C:\Users\Miaddie\AppData\Local\Temp\sp58915.exe
C:\Users\Miaddie\AppData\Local\Temp\sp64126.exe
C:\Users\Miaddie\AppData\Local\Temp\tbCybe.dll
C:\Users\Miaddie\AppData\Local\Temp\tbedrs.dll
C:\Users\Miaddie\AppData\Local\Temp\tbFLV2.dll
C:\Users\Miaddie\AppData\Local\Temp\tbIncr.dll
C:\Users\Miaddie\AppData\Local\Temp\tbpreinst64CC.exe
C:\Users\Miaddie\AppData\Local\Temp\tbpreinstF941.exe
C:\Users\Miaddie\AppData\Local\Temp\TB_6A24.exe
C:\Users\Miaddie\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Miaddie\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Miaddie\AppData\Local\Temp\Update.exe
C:\Users\Miaddie\AppData\Local\Temp\Vbrun60.exe
C:\Users\Miaddie\AppData\Local\Temp\_mvpfk-s.dll
C:\Users\Miaddie\AppData\Local\Temp\~InstallCyberDefenderEDC-050662[1].exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-12-24 18:43
==================== End of FRST.txt ============================