FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-08-2015
Ran by Brian Hillard (administrator) on BRIANHILLARD-PC (08-08-2015 13:50:21)
Running from C:\Users\Brian Hillard\Desktop
Loaded Profiles: Brian Hillard (Available Profiles: Brian Hillard)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\ns.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\ns.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\Brian Hillard\AppData\Local\Amazon Music\Amazon Music Helper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SecureW2 B.V.) C:\Program Files (x86)\SecureW2\sw2_tray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Seagate LLC) C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-05-17] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [972672 2011-04-27] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-03-24] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [562304 2011-06-30] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544624 2011-05-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-07-01] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218864 2011-06-22] (Toshiba)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [YMailAdvisor] => C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe [174424 2009-05-08] (Yahoo! Inc.)
HKLM-x32\...\Run: [SecureW2 Tray] => C:\Program Files (x86)\SecureW2\sw2_tray.exe [287112 2011-11-04] (SecureW2 B.V.)
HKLM-x32\...\Run: [MaxMenuMgr] => C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [177448 2008-07-17] (Seagate LLC)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\Run: [Amazon Music] => C:\Users\Brian Hillard\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-05] ()
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\RunOnce: [Uninstall C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64"
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\RunOnce: [Uninstall C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.4713.0209] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.4713.0209"
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\RunOnce: [Uninstall C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\RunOnce: [Uninstall C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.4724.0224] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.4724.0224"
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\RunOnce: [Uninstall C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64"
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\RunOnce: [Uninstall C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.4726.0226] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.4726.0226"
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\RunOnce: [Uninstall C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64"
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\RunOnce: [Uninstall C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5849.0427] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5849.0427"
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\RunOnce: [Uninstall C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\RunOnce: [Uninstall C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5860.0512] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5860.0512"
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\RunOnce: [Uninstall C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\RunOnce: [Uninstall C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5907.0716] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-10-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....S&pvid=22.1.0.9
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....S&pvid=22.1.0.9
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....S&pvid=22.1.0.9
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....S&pvid=22.1.0.9
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {270DCF97-4042-44CC-BE0B-DF668B4A80D4} URL = http://www.google.co...ng}&rlz=1I7TSNP
SearchScopes: HKLM-x32 -> {270DCF97-4042-44CC-BE0B-DF668B4A80D4} URL = http://www.google.co...ng}&rlz=1I7TSNP
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3439052073-2592127164-3607994596-1000 -> {270DCF97-4042-44CC-BE0B-DF668B4A80D4} URL = http://www.google.co...1I7TSNP_enUS459
SearchScopes: HKU\S-1-5-21-3439052073-2592127164-3607994596-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3439052073-2592127164-3607994596-1000 -> {81F5F0B8-320F-4D33-9B73-3ED145016BD3} URL = http://www.google.co...1I7TSNP_enUS459
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-02] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-02] (Oracle Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-02] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-02] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46
Tcpip\..\Interfaces\{B2EE03B5-815D-457B-84C5-1D9A0F9BF600}: [DhcpNameServer] 208.59.247.45 208.59.247.46
Tcpip\..\Interfaces\{ED326837-8CB6-4B2C-B089-B81B261A6F91}: [DhcpNameServer] 208.59.247.45 208.59.247.46
FireFox:
========
FF ProfilePath: C:\Users\Brian Hillard\AppData\Roaming\Mozilla\Firefox\Profiles\9ovvxo4c.default-1426767229255
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\windows\system32\npDeployJava1.dll [2012-11-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.1.0.5306261\npmathplugin.dll [2015-04-19] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2013-08-02] (Coupons, Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn [2015-08-08]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-08-06] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\Brian Hillard\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Brian Hillard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-03]
CHR Extension: (Google Drive) - C:\Users\Brian Hillard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-03]
CHR Extension: (YouTube) - C:\Users\Brian Hillard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-03]
CHR Extension: (Norton Security Toolbar) - C:\Users\Brian Hillard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-07-13]
CHR Extension: (Google Search) - C:\Users\Brian Hillard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-03]
CHR Extension: (Norton Identity Safe) - C:\Users\Brian Hillard\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-06-04]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Brian Hillard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-27]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Brian Hillard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-06-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brian Hillard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-03]
CHR Extension: (Gmail) - C:\Users\Brian Hillard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-03]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-21]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\BRIANH~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-06-02]
CHR HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-21]
CHR HKLM-x32\...\Chrome\Extension: [cjkpeelhbaipjkogeledgpkllepmkdmc] - C:\Program Files (x86)\LyricSearch\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [123320 2013-09-12] (Symantec Corporation)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe [282016 2015-07-16] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\BASHDefs\20150728.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\IPSDefs\20150807.001\IDSvia64.sys [692984 2015-06-19] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20150807.017\ENG64.SYS [138488 2015-06-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20150807.017\EX64.SYS [2146040 2015-06-23] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NSx64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-08 02:04 - 2015-08-08 02:04 - 00000000 ____D C:\Users\Brian Hillard\Desktop\FRST-OlderVersion
2015-08-08 01:59 - 2015-08-08 02:00 - 00002733 _____ C:\Users\Brian Hillard\Desktop\AdwCleaner[S2].txt
2015-08-08 01:54 - 2015-08-08 01:54 - 00000000 ____D C:\Users\Brian Hillard\Desktop\Calc SS
2015-08-08 01:49 - 2015-08-08 01:49 - 00011399 _____ C:\Users\Brian Hillard\Desktop\JRT.txt
2015-08-07 22:07 - 2015-08-07 22:07 - 01797896 _____ (Malwarebytes Corporation) C:\Users\Brian Hillard\Desktop\JRT.exe
2015-08-07 22:06 - 2015-08-07 22:06 - 02248704 _____ C:\Users\Brian Hillard\Desktop\AdwCleaner.exe
2015-08-06 22:59 - 2015-08-06 23:12 - 00000000 ____D C:\Users\Brian Hillard\Desktop\iphone pics 8-6
2015-08-06 22:41 - 2015-08-08 01:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-06 00:16 - 2015-08-06 00:39 - 00000000 ____D C:\ProgramData\WindSolutions
2015-08-06 00:16 - 2015-08-06 00:38 - 00000000 ____D C:\Users\Brian Hillard\AppData\Roaming\WindSolutions
2015-08-06 00:16 - 2015-08-06 00:16 - 00001411 _____ C:\Users\Brian Hillard\Desktop\CopyTrans Control Center.lnk
2015-08-06 00:16 - 2015-08-06 00:16 - 00000000 ____D C:\Users\Brian Hillard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2015-08-06 00:07 - 2015-08-06 00:07 - 00000000 ____D C:\Users\Brian Hillard\AppData\Local\Macroplant_LLC
2015-08-06 00:07 - 2015-08-06 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iExplorer
2015-08-06 00:07 - 2015-08-06 00:07 - 00000000 ____D C:\Program Files (x86)\iExplorer
2015-08-02 14:13 - 2015-08-02 14:13 - 00000000 ____D C:\Users\Brian Hillard\Desktop\New folder
2015-07-31 22:48 - 2015-07-31 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-31 22:48 - 2015-07-31 22:48 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-30 23:25 - 2015-07-30 23:25 - 00034304 _____ C:\Users\Brian Hillard\Downloads\je-d-17.03.02.04.cz.580.k.xls
2015-07-30 22:08 - 2015-07-30 22:08 - 00293888 _____ C:\Users\Brian Hillard\Downloads\su-f-01.01.01.22_y-2011.xls
2015-07-30 22:08 - 2015-07-30 22:08 - 00293888 _____ C:\Users\Brian Hillard\Downloads\su-f-01.01.01.22_y-2011 (1).xls
2015-07-29 23:30 - 2015-07-29 23:30 - 00045632 _____ C:\Users\Brian Hillard\Desktop\Addition.txt
2015-07-29 23:29 - 2015-08-08 13:52 - 00030036 _____ C:\Users\Brian Hillard\Desktop\FRST.txt
2015-07-29 23:28 - 2015-08-08 02:04 - 02170368 _____ (Farbar) C:\Users\Brian Hillard\Desktop\FRST64.exe
2015-07-22 00:18 - 2015-07-22 00:18 - 00000000 ____D C:\windows\System32\Tasks\Norton Security
2015-07-09 00:32 - 2015-07-13 01:39 - 00000000 ____D C:\Users\Brian Hillard\Desktop\EnergyPath2015
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-08 13:51 - 2011-09-07 01:44 - 01668277 _____ C:\windows\WindowsUpdate.log
2015-08-08 13:50 - 2013-11-30 13:22 - 00000000 ____D C:\FRST
2015-08-08 13:47 - 2009-07-14 00:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-08 13:47 - 2009-07-14 00:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-08 13:42 - 2011-09-07 02:03 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-08 13:40 - 2013-06-02 09:54 - 00000000 ___RD C:\Users\Brian Hillard\Google Drive
2015-08-08 13:39 - 2011-09-07 02:03 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-08 13:38 - 2009-07-14 01:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-08 13:38 - 2009-07-14 00:51 - 00099047 _____ C:\windows\setupact.log
2015-08-08 02:04 - 2014-10-12 02:34 - 00000000 ___RD C:\Users\Brian Hillard\OneDrive
2015-08-08 01:59 - 2013-01-13 01:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-08 01:59 - 2010-11-20 23:47 - 01619936 _____ C:\windows\PFRO.log
2015-08-08 01:57 - 2013-11-24 12:15 - 00000000 ____D C:\AdwCleaner
2015-08-08 01:45 - 2011-11-25 11:27 - 00000000 ____D C:\Users\Brian Hillard
2015-08-08 01:14 - 2012-11-17 23:18 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-02 14:07 - 2012-05-19 22:23 - 00000000 ____D C:\Users\Brian Hillard\AppData\Local\Windows Live
2015-07-31 22:48 - 2014-10-23 22:32 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-22 00:12 - 2015-01-04 22:11 - 00003216 _____ C:\windows\System32\Tasks\Norton WSC Integration
2015-07-22 00:12 - 2015-01-04 22:08 - 00000000 ____D C:\windows\system32\Drivers\NSx64
2015-07-22 00:12 - 2015-01-04 22:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-07-21 21:46 - 2015-01-04 22:10 - 00111344 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
2015-07-21 21:46 - 2015-01-04 22:10 - 00008214 _____ C:\windows\system32\Drivers\SYMEVENT64x86.CAT
2015-07-20 00:03 - 2011-11-25 17:22 - 00000000 ____D C:\Users\Brian Hillard\AppData\Local\CrashDumps
2015-07-19 00:06 - 2009-07-14 01:13 - 00781522 _____ C:\windows\system32\PerfStringBackup.INI
2015-07-15 21:37 - 2011-09-07 02:03 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 21:37 - 2011-09-07 02:03 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 21:14 - 2012-11-17 23:18 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 21:14 - 2012-03-30 20:57 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 21:14 - 2011-08-01 03:32 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 20:54 - 2014-10-23 22:21 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 20:53 - 2014-12-24 11:39 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-14 21:39 - 2013-06-02 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-13 21:58 - 2011-02-06 15:50 - 00000000 ___RD C:\Users\Brian Hillard\Documents\Employment
2015-07-09 02:25 - 2013-12-28 17:17 - 00000000 ____D C:\Users\Brian Hillard\AppData\Roaming\BitTorrent
==================== Files in the root of some directories =======
2015-06-29 23:16 - 2015-06-29 23:16 - 0007605 _____ () C:\Users\Brian Hillard\AppData\Local\Resmon.ResmonCfg
2013-01-05 01:53 - 2013-01-05 01:53 - 0017408 _____ () C:\Users\Brian Hillard\AppData\Local\WebpageIcons.db
Some files in TEMP:
====================
C:\Users\Brian Hillard\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Brian Hillard\AppData\Local\Temp\Quarantine.exe
C:\Users\Brian Hillard\AppData\Local\Temp\Seagate_Manager.exe
C:\Users\Brian Hillard\AppData\Local\Temp\sqlite3.dll
C:\Users\Brian Hillard\AppData\Local\Temp\x1hsq4uk.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-02 23:14
==================== End of log ============================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:06-08-2015
Ran by Brian Hillard (2015-08-08 13:52:45)
Running from C:\Users\Brian Hillard\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3439052073-2592127164-3607994596-500 - Administrator - Disabled)
Brian Hillard (S-1-5-21-3439052073-2592127164-3607994596-1000 - Administrator - Enabled) => C:\Users\Brian Hillard
Guest (S-1-5-21-3439052073-2592127164-3607994596-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3439052073-2592127164-3607994596-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\Adobe Connect 9 Add-in) (Version: 11,2,385,0 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon Add to Wish List IE Extension 1.2 (HKLM-x32\...\Amazon Add to Wish List IE Extension) (Version: 1.2 - Amazon)
Amazon Music (HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
BitTorrent (HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\BitTorrent) (Version: 7.9.3.40634 - BitTorrent Inc.)
Blackboard Collaborate Launcher (HKLM-x32\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bootstrapper (x32 Version: 1.1.1.0 - Minitab, Inc.) Hidden
CarMD (HKLM-x32\...\{251C65C0-15FF-4603-98BB-E4A61C7DA424}) (Version: 3.1.0 - carmd.com)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.51.2.51 - Conexant)
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\CopyTrans Suite) (Version: 4.002 - WindSolutions)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
FastStone Capture 7.0 (HKLM-x32\...\FastStone Capture) (Version: 7.0 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HHD Software Hex Editor 3.10 (HKLM-x32\...\{96DB0658-F44A-4899-BBD3-29261B18AE93}) (Version: 3.10.0.0000 - HHD Software)
HOMER 2.68 beta (HKLM-x32\...\HOMER_is1) (Version: - )
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iExplorer 3.7.8.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 7 Update 9 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Malwarebytes Anti-Malware version 1.65.1.1000 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.65.1.1000 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Minitab 16 (HKLM-x32\...\Minitab16) (Version: 16.2.3 - Minitab, Inc.)
Minitab16 (x32 Version: 16.2.3.0 - Minitab Inc) Hidden
Minitab16 (x32 Version: 16.2.3.0 - Minitab, Inc.) Hidden
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Netwaiting (HKLM-x32\...\{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}) (Version: 1.0.1 - Conexant Systems, Inc)
Norton Security (HKLM-x32\...\NS) (Version: 22.5.2.15 - Symantec Corporation)
OverDrive Media Console (HKLM-x32\...\{D647F06F-2908-487E-9CDA-DE52148CBF49}) (Version: 3.2.10 - OverDrive, Inc.)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Palringo (HKLM-x32\...\Palringo) (Version: - Palringo Limited)
Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.15 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Screen Recorder Launcher (HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\ScreenRecorderLauncher) (Version: 1.7 - )
Screencast-O-Matic (HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\Screencast-O-Matic) (Version: - Screencast-O-Matic)
Seagate Manager Installer (HKLM-x32\...\InstallShield_{25F31730-1B6C-4E8E-A3B9-818DC0CD961D}) (Version: 2.01.0013 - Seagate)
Seagate Manager Installer (x32 Version: 2.01.0013 - Seagate) Hidden
Secure Download Manager (HKLM-x32\...\{4A5667B2-5D13-46C2-85B5-9D46A6096F61}) (Version: 3.1.0 - Kivuto Solutions Inc.)
SecureW2 Enterprise Client 3.5.5 (HKLM-x32\...\SecureW2 Enterprise Client) (Version: - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}) (Version: 2.2.7530 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}) (Version: 1.3.5.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.17.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.5 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.9.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.12 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.8 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.1.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.3 - TOSHIBA Corporation)
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5B01BCB7-A5D3-476F-AF11-E515BA206591}) (Version: 1.0.5 - TOSHIBA CORPORATION)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.6 - TOSHIBA)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Wolfram CDF Player (M-WIN-D 10.1.0 5306379) (HKLM\...\M-WIN-D 10.1.0 5306379_is1) (Version: 10.1.0 - Wolfram Research, Inc.)
Wolfram Extras 10.1 (5306261) (HKLM\...\A-WIN-Extras 10.1.0 5306261_is1) (Version: 10.1.0 - Wolfram Research, Inc.)
Yahoo! Install Manager (HKLM-x32\...\YInstHelper) (Version: - )
Yahoo! Internet Mail (HKLM-x32\...\Yahoo! Mail) (Version: - )
Yahoo! Mail Advisor (HKLM-x32\...\Yahoo! Mail Advisor) (Version: - )
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3439052073-2592127164-3607994596-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3439052073-2592127164-3607994596-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3439052073-2592127164-3607994596-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Brian Hillard\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
==================== Restore Points =========================
19-07-2015 01:10:34 Scheduled Checkpoint
08-08-2015 01:43:01 JRT Pre-Junkware Removal
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2015-07-31 22:48 - 00000128 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
⸰⸰⸰ऱ獭灳畬捭晡敥挮浯
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D7DF355-0F0C-4CC4-8A84-99D79384FFD9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)
Task: {3A65B433-E0CA-4AA2-8387-8572B9B70F73} - System32\Tasks\SecureW2 Task => C:\Program Files (x86)\SecureW2\sw2_tray.exe [2011-11-04] (SecureW2 B.V.)
Task: {518F43C2-504B-4B32-89F7-95F0E8B3BA0D} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe
Task: {53C31FA4-1BB3-4991-8AB0-C73CA6756962} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {6324D6A2-D0A5-4694-ACF1-4945F237FCDF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {9C733EC0-071B-495E-B887-E6D69426A323} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {B22CE07B-DAAD-4C18-AFF6-6353D9666C47} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {BB428D37-5988-4628-868D-C4FF51B9D4CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {C4193BEB-63E3-4F3F-8BA5-5608774EC13A} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {DC47A215-3D1D-4BC0-98A6-B5E2AA7C5A1E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3439052073-2592127164-3607994596-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {DDD0424F-892A-46A5-8888-C2C6D85F5180} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {F096F395-9DC0-4560-AAEF-AC14D4201935} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {F948625C-1301-4064-A40B-0723C37F3D13} - System32\Tasks\{FC045A89-1E57-44B5-BFFA-87B3277509B5} => pcalua.exe -a "C:\Program Files (x86)\uTorrent\uTorrent.exe" -c /UNINSTALL
Task: {FEE7AB65-19D3-47C0-8EF1-D70BF4F7A7BD} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3439052073-2592127164-3607994596-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-04 22:18 - 2011-04-04 22:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-18 20:18 - 2010-11-18 20:18 - 11190784 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll
2010-12-15 18:19 - 2010-12-15 18:19 - 00124320 _____ () C:\Program Files\Toshiba\TECO\MUIHelp.dll
2014-10-13 21:09 - 2014-09-05 20:54 - 06281536 _____ () C:\Users\Brian Hillard\AppData\Local\Amazon Music\Amazon Music Helper.exe
2011-06-10 00:09 - 2011-06-10 00:09 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2015-08-08 13:39 - 2015-08-08 13:39 - 00098816 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\win32api.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00110080 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\pywintypes27.dll
2015-08-08 13:39 - 2015-08-08 13:39 - 00364544 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\pythoncom27.dll
2015-08-08 13:39 - 2015-08-08 13:39 - 00045568 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\_socket.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 01161216 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\_ssl.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00320512 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\win32com.shell.shell.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00713216 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\_hashlib.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 01175040 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\wx._core_.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00805888 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\wx._gdi_.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00811008 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\wx._windows_.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 01062400 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\wx._controls_.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00735232 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\wx._misc_.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00682496 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\pysqlite2._sqlite.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00087552 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\_ctypes.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00119808 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\win32file.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00108544 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\win32security.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00007168 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\hashobjs_ext.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00068096 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\usb_ext.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00167936 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\win32gui.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00018432 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\win32event.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00128512 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\_elementtree.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00127488 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\pyexpat.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00013824 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\common.time34.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00036864 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\_psutil_windows.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00038912 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\win32inet.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00011264 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\win32crypt.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00070656 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\wx._html2.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00027136 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\_multiprocessing.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00020480 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\_yappi.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00035840 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\win32process.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00686080 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\unicodedata.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00122368 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\wx._wizard.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00024064 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\win32pipe.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00010240 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\select.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00025600 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\win32pdh.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00525640 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\windows._lib_cacheinvalidation.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00017408 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\win32profile.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00022528 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\win32ts.pyd
2015-08-08 13:39 - 2015-08-08 13:39 - 00078336 _____ () C:\Users\Brian Hillard\AppData\Local\Temp\_MEI37242\wx._animate.pyd
2015-07-15 21:14 - 2015-07-15 21:14 - 17448624 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\ecollege.com -> ph.ecollege.com
IE trusted site: HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\mathxl.com -> mathxl.com
IE trusted site: HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\myitlab.com -> myitlab.com
IE trusted site: HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\pearsoncmg.com -> pearsoncmg.com
IE trusted site: HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\pearsoned.com -> pearsoned.com
IE trusted site: HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\psu.edu -> *.cms.psu.edu
IE trusted site: HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\...\tumblr.com -> hxxp://www.tumblr.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3439052073-2592127164-3607994596-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Brian Hillard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.59.247.45 - 208.59.247.46
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4779291C-6B6B-4622-9330-643EA13DBB56}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{11FF5FA7-B6AB-498E-8D03-7157D30F54EB}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{94F75C43-1265-4F5E-A9AB-7C28DBC24B31}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{BA155A20-E7DE-4564-9BF9-B7BA436D00A9}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{20644481-4B23-4656-9126-CACA6A0AD027}] => (Allow) C:\Users\Brian Hillard\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2897AE79-F49C-4EE8-8BDE-1318AE80F0C4}] => (Allow) C:\Users\Brian Hillard\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{511DE74C-8584-43A1-8DF9-571CFC85430E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{43D9B6C8-9D6C-46EF-879E-DCA6928E8C12}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ECAA2863-462C-4B56-8245-ADB3ED62C9CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{344613D3-68AF-47F2-BC5B-1B771F31595E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9AC74860-E1CB-4F22-BF23-D062D36514CF}] => (Allow) C:\Program Files\Wolfram Research\Wolfram CDF Player\10.1\WolframCDFPlayer.exe
FirewallRules: [{B3C14BB5-AE63-4590-9FC5-956C0D3B75B1}] => (Allow) C:\Program Files\Wolfram Research\Wolfram CDF Player\10.1\WolframCDFPlayer.exe
FirewallRules: [{8AC90668-C3BC-45BC-8942-C985EDBB6BB4}] => (Allow) C:\Program Files\Wolfram Research\Wolfram CDF Player\10.1\MathKernel.exe
FirewallRules: [{624AFC5E-57D2-4582-BC46-56ADDD52D28C}] => (Allow) C:\Program Files\Wolfram Research\Wolfram CDF Player\10.1\MathKernel.exe
FirewallRules: [{49286B75-9146-47D9-91A2-E78D3F365D83}] => (Allow) C:\Program Files\Wolfram Research\Wolfram CDF Player\10.1\math.exe
FirewallRules: [{1C079F19-3950-4521-A04C-707EEB9B5CB2}] => (Allow) C:\Program Files\Wolfram Research\Wolfram CDF Player\10.1\math.exe
FirewallRules: [{1B23484B-5D8A-467D-94EC-ADC205AC9EF5}] => (Allow) C:\Users\Brian Hillard\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{EAD962A8-B201-4C2F-803E-EFDF2081BA0F}] => (Allow) C:\Users\Brian Hillard\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{BF3F6651-7540-4C0D-A91D-AAB5E9FFD526}] => (Allow) C:\Users\Brian Hillard\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{53A376E5-1B2D-47B0-A9C8-078124C5397E}] => (Allow) C:\Users\Brian Hillard\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{4200C43F-3805-43F8-A788-78F35E09911D}] => (Allow) C:\Users\Brian Hillard\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{7E07F685-3DE5-43EF-8CD3-23E1107A57D9}] => (Allow) C:\Users\Brian Hillard\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{789A9A9F-2BA5-41E4-9952-067FE062D105}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/08/2015 01:53:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: SxsStore.dll, version: 6.1.7600.16385, time stamp: 0x4a5be073
Exception code: 0xc0000005
Fault offset: 0x0000000000005c07
Faulting process id: 0x19f4
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3
Error: (08/08/2015 01:53:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: SxsStore.dll, version: 6.1.7600.16385, time stamp: 0x4a5be073
Exception code: 0xc0000005
Fault offset: 0x0000000000005c07
Faulting process id: 0x9b0
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3
Error: (08/08/2015 01:52:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: SxsStore.dll, version: 6.1.7600.16385, time stamp: 0x4a5be073
Exception code: 0xc0000005
Fault offset: 0x0000000000005c07
Faulting process id: 0x1b3c
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3
Error: (08/08/2015 01:52:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: SxsStore.dll, version: 6.1.7600.16385, time stamp: 0x4a5be073
Exception code: 0xc0000005
Fault offset: 0x0000000000005c07
Faulting process id: 0x1a60
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3
Error: (08/08/2015 01:51:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: SxsStore.dll, version: 6.1.7600.16385, time stamp: 0x4a5be073
Exception code: 0xc0000005
Fault offset: 0x0000000000005c07
Faulting process id: 0x19b4
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3
Error: (08/08/2015 01:51:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: SxsStore.dll, version: 6.1.7600.16385, time stamp: 0x4a5be073
Exception code: 0xc0000005
Fault offset: 0x0000000000005c07
Faulting process id: 0x1994
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3
Error: (08/08/2015 01:50:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: SxsStore.dll, version: 6.1.7600.16385, time stamp: 0x4a5be073
Exception code: 0xc0000005
Fault offset: 0x0000000000005c07
Faulting process id: 0x1b4
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3
Error: (08/08/2015 01:50:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: SxsStore.dll, version: 6.1.7600.16385, time stamp: 0x4a5be073
Exception code: 0xc0000005
Fault offset: 0x0000000000005c07
Faulting process id: 0x19dc
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3
Error: (08/08/2015 01:49:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: SxsStore.dll, version: 6.1.7600.16385, time stamp: 0x4a5be073
Exception code: 0xc0000005
Fault offset: 0x0000000000005c07
Faulting process id: 0x1b10
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3
Error: (08/08/2015 01:49:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: SxsStore.dll, version: 6.1.7600.16385, time stamp: 0x4a5be073
Exception code: 0xc0000005
Fault offset: 0x0000000000005c07
Faulting process id: 0x1bf0
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3
System errors:
=============
Error: (08/08/2015 01:53:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 23 time(s).
Error: (08/08/2015 01:53:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 22 time(s).
Error: (08/08/2015 01:52:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 21 time(s).
Error: (08/08/2015 01:52:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 20 time(s).
Error: (08/08/2015 01:51:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 19 time(s).
Error: (08/08/2015 01:51:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 18 time(s).
Error: (08/08/2015 01:50:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 17 time(s).
Error: (08/08/2015 01:50:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 16 time(s).
Error: (08/08/2015 01:49:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 15 time(s).
Error: (08/08/2015 01:49:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 14 time(s).
Microsoft Office:
=========================
Error: (08/08/2015 01:53:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TrustedInstaller.exe6.1.7601.175144ce7989bSxsStore.dll6.1.7600.163854a5be073c00000050000000000005c0719f401d0d20324e963ffC:\windows\servicing\TrustedInstaller.exeC:\windows\system32\SxsStore.dll62b39917-3df6-11e5-967a-e89a8fce6bf8
Error: (08/08/2015 01:53:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TrustedInstaller.exe6.1.7601.175144ce7989bSxsStore.dll6.1.7600.163854a5be073c00000050000000000005c079b001d0d20312fe5615C:\windows\servicing\TrustedInstaller.exeC:\windows\system32\SxsStore.dll50ba0c06-3df6-11e5-967a-e89a8fce6bf8
Error: (08/08/2015 01:52:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TrustedInstaller.exe6.1.7601.175144ce7989bSxsStore.dll6.1.7600.163854a5be073c00000050000000000005c071b3c01d0d20301182a3dC:\windows\servicing\TrustedInstaller.exeC:\windows\system32\SxsStore.dll3ed3b91e-3df6-11e5-967a-e89a8fce6bf8
Error: (08/08/2015 01:52:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TrustedInstaller.exe6.1.7601.175144ce7989bSxsStore.dll6.1.7600.163854a5be073c00000050000000000005c071a6001d0d202ef311401C:\windows\servicing\TrustedInstaller.exeC:\windows\system32\SxsStore.dll2ced3f25-3df6-11e5-967a-e89a8fce6bf8
Error: (08/08/2015 01:51:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TrustedInstaller.exe6.1.7601.175144ce7989bSxsStore.dll6.1.7600.163854a5be073c00000050000000000005c0719b401d0d202dd423578C:\windows\servicing\TrustedInstaller.exeC:\windows\system32\SxsStore.dll1b10fe82-3df6-11e5-967a-e89a8fce6bf8
Error: (08/08/2015 01:51:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TrustedInstaller.exe6.1.7601.175144ce7989bSxsStore.dll6.1.7600.163854a5be073c00000050000000000005c07199401d0d202cb5552c7C:\windows\servicing\TrustedInstaller.exeC:\windows\system32\SxsStore.dll091882e5-3df6-11e5-967a-e89a8fce6bf8
Error: (08/08/2015 01:50:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TrustedInstaller.exe6.1.7601.175144ce7989bSxsStore.dll6.1.7600.163854a5be073c00000050000000000005c071b401d0d202b96e3c8cC:\windows\servicing\TrustedInstaller.exeC:\windows\system32\SxsStore.dllf7292f2b-3df5-11e5-967a-e89a8fce6bf8
Error: (08/08/2015 01:50:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TrustedInstaller.exe6.1.7601.175144ce7989bSxsStore.dll6.1.7600.163854a5be073c00000050000000000005c0719dc01d0d202a77e257fC:\windows\servicing\TrustedInstaller.exeC:\windows\system32\SxsStore.dlle54d3ca9-3df5-11e5-967a-e89a8fce6bf8
Error: (08/08/2015 01:49:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TrustedInstaller.exe6.1.7601.175144ce7989bSxsStore.dll6.1.7600.163854a5be073c00000050000000000005c071b1001d0d2029597ab86C:\windows\servicing\TrustedInstaller.exeC:\windows\system32\SxsStore.dlld3570b05-3df5-11e5-967a-e89a8fce6bf8
Error: (08/08/2015 01:49:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TrustedInstaller.exe6.1.7601.175144ce7989bSxsStore.dll6.1.7600.163854a5be073c00000050000000000005c071bf001d0d202839d5b22C:\windows\servicing\TrustedInstaller.exeC:\windows\system32\SxsStore.dllc15f049a-3df5-11e5-967a-e89a8fce6bf8
CodeIntegrity:
===================================
Date: 2013-12-30 09:52:13.459
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-12-30 09:52:13.456
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-12-30 09:52:13.452
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-12-30 09:52:13.431
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-12-30 09:52:13.428
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-12-30 09:52:13.423
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-12-29 14:53:42.516
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-12-29 14:53:42.513
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-12-29 14:53:42.509
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-12-29 14:53:42.488
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 47%
Total physical RAM: 6091.86 MB
Available physical RAM: 3178.84 MB
Total Virtual: 12181.91 MB
Available Virtual: 9148.34 MB
==================== Drives ================================
Drive c: (TI106234W0C) (Fixed) (Total:682.64 GB) (Free:288.47 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: 9DEB38F3)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=682.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.5 GB) - (Type=17)
==================== End of log ============================