My computer frequently notifies me that I need to run Norton Power Eraser because a large amount of suspicious outbound traffic has been detected on my system. I hesitate to run NPE because of a warning that states certain aspects of my computer may change as a result.
The following represents results from the scan performed by FRST64 a few minutes ago.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Holden (administrator) on HPENVYPC (08-11-2015 07:38:05)
Running from C:\Users\Holden\Desktop\FRST64
Loaded Profiles: Holden (Available Profiles: Holden)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\n360.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\n360.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
() C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.GinRummyPro_2.0.1.15_neutral__kx24dqmazqk8j\GinRummy.exe
() C:\Program Files (x86)\Common Files\Intuit\DataProtect\IBuEngHost.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\MemfilesService.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\x64\Win64ShellLink.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Holden\Desktop\FRST64\FRST64 (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2012-08-22] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-06-04] (IDT, Inc.)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2793016 2013-09-05] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [154680 2013-09-05] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [154680 2013-09-05] (Hewlett-Packard)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3775800 2014-02-27] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3264377140-702172241-3405489607-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-10-26] (Glarysoft Ltd)
HKU\S-1-5-21-3264377140-702172241-3405489607-1001\...\Run: [GoogleChromeAutoLaunch_004E6E1CFF9247157F19EAB6B0F7D368] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
AppInit_DLLs-x32: C:\PROGRA~3\{6EB98~1\201~1.9\fico.dll => C:\ProgramData\{6EB9867A-3E3B-57FC-8FBD-277E5F3FF4F0}\2.0.1.9\fico.dll [606720 2015-08-03] ()
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2014-10-27]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2014-10-27]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2014-10-27]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2014\QBW32.EXE (Intuit Inc.)
Startup: C:\Users\Holden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-07-02]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9CF2E8B5-1EEA-42CD-889D-A9E8190D3404}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3264377140-702172241-3405489607-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK14/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
HKU\S-1-5-21-3264377140-702172241-3405489607-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
SearchScopes: HKLM -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL =
SearchScopes: HKLM -> {9FF7C6F1-0D35-4A9B-AE2A-C7E553322CDA} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {9FF7C6F1-0D35-4A9B-AE2A-C7E553322CDA} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3264377140-702172241-3405489607-1001 -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL = hxxp://search.yahoo.com/search?fr=mcafee&type=A011US400&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3264377140-702172241-3405489607-1001 -> {9FF7C6F1-0D35-4A9B-AE2A-C7E553322CDA} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3264377140-702172241-3405489607-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=S1122&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-3264377140-702172241-3405489607-1001 -> {C71C5517-93E7-46AA-8EDD-1D624008A30F} URL = hxxp://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tight14_15_32&cd=2XzuyEtN2Y1L1Qzu0AtD0DtA0CtCyEyE0ByEtDyCtBzzyDtBtN0D0Tzu0StCtAtCtDtN1L2XzutAtFtCtCtFtAtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyD0D0AyE0DyCtC0CtGyD0FyCyBtG0AtD0E0CtGyByE0D0AtGyE0DyE0FyEyC0AyDtDyEzytB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAtCyC0BtDtA0BtG0A0EtA0FtGyE0E0CtCtGzy0ByDyBtG0FyC0Czy0C0ByE0E0FzytAzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzytCtA&cr=1196457357&ir=
SearchScopes: HKU\S-1-5-21-3264377140-702172241-3405489607-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-23] (Hewlett-Packard)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-12] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-12] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-23] (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
DPF: HKLM-x32 {55A2C0CD-3DE8-4264-9637-A0B40B05714E} hxxps://col430-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=301533237
DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
Handler-x32: intu-help-qb7 - {5A03BD9D-766D-47A6-8E87-CD90F60BE245} - C:\Program Files (x86)\Intuit\QuickBooks 2014\HelpAsyncPluggableProtocol.dll [2014-12-10] (Intuit, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\SysWOW64\mscoree.dll [2013-08-21] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-23] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2015-11-03] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.google.com/"
CHR Profile: C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-11]
CHR Extension: (Google Docs) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Google Drive) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Norton Security Toolbar) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-10-13]
CHR Extension: (Google Search) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Email this page (by Google)) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbeoemfhkdniadbojeencpkgmobndpai [2014-10-24]
CHR Extension: (Google Sheets) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-11]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2015-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Norton Identity Safe) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-10-25]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-10-24]
CHR Extension: (Baseball) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\njneehkdlobpllhkldmhhephffnniaec [2014-10-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Gmail) - C:\Users\Holden\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\Exts\Chrome.crx [2015-09-30]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\Exts\Chrome.crx [2015-09-30]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-09-05] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [179184 2014-10-15] (Coupons.com Inc.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-08-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-08-12] (CyberLink)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\N360.exe [282016 2015-09-24] (Symantec Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-09-05] (Softex Inc.) [File not signed]
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2014-12-10] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2013-10-10] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2013-08-19] (Intuit Inc.) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [333824 2013-06-04] (IDT, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-24] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
S3 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20151102.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605040.018\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
R1 GUBootStartup; C:\windows\System32\drivers\GUBootStartup.sys [20160 2015-05-26] (Glarysoft Ltd)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20151106.001\IDSvia64.sys [767224 2015-10-20] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20151107.001\ENG64.SYS [138488 2015-10-26] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20151107.001\EX64.SYS [2148080 2015-10-26] (Symantec Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2512016 2014-06-13] (MediaTek Inc.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1205448 2013-12-27] (Ralink Technology, Corp.)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605040.018\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
S3 ssmirrdr; C:\Windows\system32\DRIVERS\ssmirrdr.sys [10112 2011-03-15] (support.com, Inc)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605040.018\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605040.018\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-08 07:27 - 2015-11-08 07:38 - 00000000 ____D C:\FRST
2015-11-08 07:23 - 2015-11-08 07:34 - 00000000 ____D C:\Users\Holden\Desktop\FRST64
2015-11-08 07:09 - 2015-11-08 07:09 - 00000000 ____D C:\Users\Holden\AppData\Local\NPE
2015-11-06 20:06 - 2015-11-07 20:16 - 00093562 _____ C:\windows\WindowsUpdate.log
2015-11-05 11:00 - 2015-11-05 11:00 - 00000000 ____D C:\ProgramData\GlarySoft
2015-10-31 07:28 - 2015-10-31 07:28 - 00000000 ____D C:\Users\Holden\AppData\Roaming\WinBatch
2015-10-29 18:10 - 2015-10-29 18:10 - 08769024 _____ C:\Users\Holden\Desktop\Rock Solid BuildersNew. (Portable).QBM
2015-10-28 15:38 - 2015-10-28 15:38 - 15326456 _____ C:\Users\Holden\Downloads\Glary_Utilities_v5.37.0.57.exe
2015-10-28 15:37 - 2015-10-28 15:38 - 15316104 _____ C:\Users\Holden\Downloads\Glary_Utilities_v5.36.0.56.exe
2015-10-20 12:37 - 2015-10-22 17:00 - 00000000 ____D C:\Users\Holden\Desktop\Diamond USA 12U Roster - Copy
2015-10-20 12:37 - 2015-10-20 12:37 - 00000000 ____D C:\Users\Holden\Desktop\Diamond USA 12U Roster
2015-10-20 07:54 - 2015-10-20 07:54 - 00000190 _____ C:\Users\Holden\Downloads\example_roster.csv
2015-10-20 07:50 - 2015-11-05 10:21 - 00490922 _____ C:\Users\Holden\Documents\Diamond USA 12U Roster(xps).xps
2015-10-20 06:56 - 2015-11-06 07:20 - 00000000 ____D C:\Users\Holden\Documents\2016 Diamond Baseball
2015-10-15 10:25 - 2015-10-15 10:25 - 00001402 _____ C:\Users\Holden\Desktop\Chess Openings Wizard.lnk
2015-10-15 10:25 - 2015-10-15 10:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bookup
2015-10-15 10:25 - 2015-10-15 10:25 - 00000000 ____D C:\Program Files (x86)\Bookup
2015-10-15 10:24 - 2015-10-15 10:24 - 33952544 _____ (Bookup Corp. ) C:\Users\Holden\Downloads\ChessOpeningsWizardProfessionalSetup (3).exe
2015-10-15 10:23 - 2015-10-15 10:23 - 33952544 _____ (Bookup Corp. ) C:\Users\Holden\Downloads\ChessOpeningsWizardProfessionalSetup (2).exe
2015-10-15 07:48 - 2015-09-18 22:18 - 00035384 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-10-15 07:48 - 2015-09-18 08:42 - 01290752 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-10-15 07:48 - 2015-09-18 08:42 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-10-15 07:48 - 2015-09-18 08:42 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-10-15 07:48 - 2015-09-18 08:42 - 00699904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-10-15 07:48 - 2015-09-18 08:42 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-10-15 07:48 - 2015-09-18 08:42 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-10-14 07:45 - 2015-08-07 16:40 - 01134752 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-10-14 07:45 - 2015-08-07 16:40 - 00686960 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-10-14 07:45 - 2015-08-07 16:40 - 00507176 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-10-14 07:45 - 2015-08-07 09:13 - 00862720 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-10-14 07:45 - 2015-08-06 11:47 - 04710400 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2015-10-14 07:45 - 2015-08-06 11:18 - 04068352 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2015-10-14 07:44 - 2015-09-29 07:31 - 07457624 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-10-14 07:44 - 2015-09-29 07:31 - 01658536 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-10-14 07:44 - 2015-09-29 07:31 - 01519592 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-10-14 07:44 - 2015-09-29 07:31 - 01487008 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-10-14 07:44 - 2015-09-29 07:31 - 01355848 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-10-14 07:44 - 2015-09-29 07:29 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-10-14 07:44 - 2015-09-28 13:45 - 03705344 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-10-14 07:44 - 2015-09-28 13:26 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-10-14 07:44 - 2015-09-28 13:25 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-10-14 07:44 - 2015-09-28 13:25 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-10-14 07:44 - 2015-09-28 13:25 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-10-14 07:44 - 2015-09-28 13:22 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-10-14 07:44 - 2015-09-28 13:22 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-10-14 07:44 - 2015-09-28 13:22 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-10-14 07:44 - 2015-09-28 13:15 - 02243072 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-10-14 07:44 - 2015-09-28 13:13 - 00891904 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-10-14 07:44 - 2015-09-28 13:12 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-10-14 07:44 - 2015-09-24 11:42 - 00348672 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll
2015-10-14 07:44 - 2015-09-24 11:40 - 00737280 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2015-10-14 07:44 - 2015-09-10 13:02 - 25851392 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-10-14 07:44 - 2015-09-10 12:19 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-10-14 07:44 - 2015-09-10 12:18 - 02886656 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-10-14 07:44 - 2015-09-10 12:18 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-10-14 07:44 - 2015-09-10 12:14 - 05990400 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-10-14 07:44 - 2015-09-10 12:09 - 20358144 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-10-14 07:44 - 2015-09-10 12:06 - 00616960 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-10-14 07:44 - 2015-09-10 12:04 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-10-14 07:44 - 2015-09-10 11:51 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-10-14 07:44 - 2015-09-10 11:39 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-10-14 07:44 - 2015-09-10 11:37 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-10-14 07:44 - 2015-09-10 11:37 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-10-14 07:44 - 2015-09-10 11:35 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-10-14 07:44 - 2015-09-10 11:33 - 02279936 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-10-14 07:44 - 2015-09-10 11:28 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-10-14 07:44 - 2015-09-10 11:28 - 00480256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-10-14 07:44 - 2015-09-10 11:27 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-10-14 07:44 - 2015-09-10 11:24 - 14456832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-10-14 07:44 - 2015-09-10 11:21 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-10-14 07:44 - 2015-09-10 11:19 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-10-14 07:44 - 2015-09-10 11:19 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-10-14 07:44 - 2015-09-10 11:19 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-10-14 07:44 - 2015-09-10 11:17 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-10-14 07:44 - 2015-09-10 11:17 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-10-14 07:44 - 2015-09-10 11:07 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-10-14 07:44 - 2015-09-10 11:05 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-10-14 07:44 - 2015-09-10 11:02 - 04527616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-10-14 07:44 - 2015-09-10 11:01 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-10-14 07:44 - 2015-09-10 11:00 - 12853760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-10-14 07:44 - 2015-09-10 10:57 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-10-14 07:44 - 2015-09-10 10:57 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-10-14 07:44 - 2015-09-10 10:55 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-10-14 07:44 - 2015-09-10 10:55 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-10-14 07:44 - 2015-09-10 10:55 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-10-14 07:44 - 2015-09-10 10:45 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-10-14 07:44 - 2015-09-10 10:34 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-10-14 07:44 - 2015-09-10 10:31 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-10-14 07:44 - 2015-09-10 10:27 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-10-14 07:44 - 2015-09-10 10:26 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-10-14 07:44 - 2015-08-26 21:43 - 22372152 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-10-14 07:44 - 2015-08-26 21:42 - 19795904 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00901264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:42 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00984448 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 07:44 - 2015-08-22 08:35 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 07:44 - 2015-08-07 16:40 - 01736520 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-10-14 07:44 - 2015-08-07 16:40 - 01499920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-10-14 07:44 - 2015-08-06 12:05 - 00669184 _____ (Microsoft Corporation) C:\windows\system32\hhctrl.ocx
2015-10-14 07:44 - 2015-08-06 11:37 - 00536576 _____ (Microsoft Corporation) C:\windows\SysWOW64\hhctrl.ocx
2015-10-14 07:44 - 2015-07-16 13:58 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\NcdAutoSetup.dll
2015-10-12 11:50 - 2015-10-12 11:50 - 00000000 ____D C:\Users\Holden\AppData\Roaming\Sun
2015-10-12 11:50 - 2015-10-12 11:50 - 00000000 ____D C:\Users\Holden\AppData\LocalLow\Sun
2015-10-12 11:50 - 2015-10-12 11:50 - 00000000 ____D C:\Users\Holden\.oracle_jre_usage
2015-10-12 11:49 - 2015-10-12 11:49 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-12 11:49 - 2015-10-12 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-12 11:49 - 2015-10-12 11:49 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-12 11:48 - 2015-10-12 11:49 - 00000000 ____D C:\ProgramData\Oracle
2015-10-12 11:47 - 2015-10-12 11:47 - 00584288 _____ (Oracle Corporation) C:\Users\Holden\Downloads\chromeinstall-8u60.exe
2015-10-12 11:47 - 2015-10-12 11:47 - 00000000 ____D C:\Users\Holden\AppData\LocalLow\Oracle
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-08 07:30 - 2014-11-09 10:23 - 00271360 _____ C:\Users\Holden\Documents\Dell Outlook Contacts.pst
2015-11-08 07:30 - 2014-10-24 09:06 - 00000000 ____D C:\Users\Holden\Documents\Outlook Files
2015-11-08 07:23 - 2014-11-20 07:20 - 00000000 ____D C:\Users\Holden\Desktop\Fidelity Plan
2015-11-08 07:00 - 2015-07-23 10:40 - 00000924 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-08 07:00 - 2013-08-22 10:36 - 00000000 ____D C:\windows\system32\sru
2015-11-07 19:00 - 2015-07-23 10:40 - 00000920 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-06 21:49 - 2014-10-24 20:11 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2015-11-06 20:06 - 2013-08-22 10:36 - 00000000 ____D C:\windows\AppReadiness
2015-11-06 18:23 - 2015-02-09 08:35 - 00033792 ___SH C:\Users\Holden\Desktop\Thumbs.db
2015-11-06 09:20 - 2014-10-16 06:43 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3264377140-702172241-3405489607-1001
2015-11-05 12:38 - 2013-08-24 16:38 - 00891984 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-05 12:37 - 2014-10-25 18:58 - 00000000 ___DO C:\Users\Holden\OneDrive
2015-11-05 12:36 - 2013-08-22 10:36 - 00000000 ____D C:\windows\system32\NDF
2015-11-05 12:34 - 2015-09-06 10:07 - 00000437 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-11-05 12:34 - 2013-08-22 09:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-05 12:34 - 2013-08-22 08:25 - 00524288 ___SH C:\windows\system32\config\BBI
2015-11-05 12:32 - 2015-05-26 17:55 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-11-05 12:25 - 2014-10-16 06:38 - 00000000 ____D C:\Users\Holden
2015-11-05 12:24 - 2014-10-26 05:52 - 00000000 ____D C:\Users\Holden\AppData\Local\CrashDumps
2015-11-05 10:23 - 2014-10-16 06:38 - 00000000 ____D C:\Users\Holden\AppData\Local\Packages
2015-10-31 08:13 - 2013-08-22 08:25 - 00262144 ___SH C:\windows\system32\config\ELAM
2015-10-31 08:10 - 2014-10-25 18:26 - 00000354 _____ C:\windows\Tasks\HPCeeScheduleForHolden.job
2015-10-31 07:48 - 2015-03-19 12:31 - 00000000 ____D C:\Users\Holden\Documents\Rock Solid Builders Trial Balances
2015-10-31 07:29 - 2014-07-18 00:20 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-10-31 07:28 - 2013-09-02 23:57 - 00000000 ____D C:\SWSETUP
2015-10-31 07:27 - 2014-07-18 01:00 - 00000000 ____D C:\windows\Hewlett-Packard
2015-10-30 20:42 - 2014-10-25 18:26 - 00003170 _____ C:\windows\System32\Tasks\HPCeeScheduleForHolden
2015-10-28 15:54 - 2014-10-16 16:31 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-28 15:41 - 2015-05-26 17:55 - 00003314 _____ C:\windows\System32\Tasks\GlaryInitialize 5
2015-10-28 15:41 - 2015-05-26 17:55 - 00002974 _____ C:\windows\System32\Tasks\GU5SkipUAC
2015-10-28 15:41 - 2015-05-26 17:55 - 00001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-10-20 14:01 - 2013-08-22 10:20 - 00000000 ____D C:\windows\CbsTemp
2015-10-15 23:51 - 2015-07-17 08:49 - 00810488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-10-15 23:51 - 2015-07-17 08:49 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 10:31 - 2014-12-10 21:01 - 00000000 ____D C:\windows\system32\appraiser
2015-10-15 10:31 - 2014-10-28 07:01 - 00000000 ___SD C:\windows\system32\CompatTel
2015-10-15 04:51 - 2013-08-22 10:36 - 00000000 ____D C:\windows\rescache
2015-10-14 09:40 - 2013-08-22 10:36 - 00000000 ___RD C:\windows\ToastData
2015-10-14 09:38 - 2015-03-15 19:24 - 00000000 ____D C:\2014 PDF Tax Files
2015-10-14 09:05 - 2014-12-04 09:07 - 00000000 ____D C:\Users\Holden\Documents\TurboTax
2015-10-14 08:40 - 2014-10-24 07:18 - 00000000 ____D C:\windows\system32\MRT
2015-10-14 08:36 - 2014-10-24 07:18 - 143481208 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
==================== Files in the root of some directories =======
2014-10-25 11:09 - 2014-10-25 11:09 - 0037709 _____ () C:\Users\Holden\AppData\Roaming\Comma Separated Values.ADR
2014-12-04 09:07 - 2015-03-02 15:33 - 0000614 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-31 04:33
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Holden (2015-11-08 07:38:29)
Running from C:\Users\Holden\Desktop\FRST64
Windows 8.1 (X64) (2014-10-16 11:38:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3264377140-702172241-3405489607-500 - Administrator - Disabled)
Guest (S-1-5-21-3264377140-702172241-3405489607-501 - Limited - Disabled)
Holden (S-1-5-21-3264377140-702172241-3405489607-1001 - Administrator - Enabled) => C:\Users\Holden
HomeGroupUser$ (S-1-5-21-3264377140-702172241-3405489607-1004 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security Suite (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
AMD Catalyst Install Manager (HKLM\...\{B38CC495-7657-3D5A-80C2-8D6E0ED8E638}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - )
Canon MX870 series User Registration (HKLM-x32\...\Canon MX870 series User Registration) (Version: - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
Chess Openings Wizard - Professional build 54 (HKLM-x32\...\ChessOpeningsWizardProfessional_is1) (Version: - Mike Leahy, Bookup)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.3) (Version: 5.0.1.3 - Coupons.com Incorporated)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6805 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3103 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4608 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3215 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3215 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3212 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
G4FON Koch Method Morse Trainer (HKLM-x32\...\G4FON Koch Method Morse Trainer) (Version: - )
Glary Utilities 5.37 (HKLM-x32\...\Glary Utilities 5) (Version: 5.37.0.57 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3264377140-702172241-3405489607-1001\...\HPConnectedMusic) (Version: 1.1 (build 128) hp - Meridian Audio Ltd)
HP Documentation (HKLM-x32\...\{06600E94-1C34-40E2-AB09-D30AECF78172}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.51 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{390AD982-A331-4D4F-AFD1-64005BC7C99D}) (Version: 7.3.35.12 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6482.0 - IDT)
Inst5675 (Version: 8.00.51 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.51 - Softex Inc.) Hidden
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Just Learn Morse Code (HKLM-x32\...\{CBE3B17D-C988-4AF7-B84E-BEFF6F60BCC9}) (Version: 1.0.0.0 - Sigurd Stenersen)
Mediatek Bluetooth stack (HKLM-x32\...\{B39E1237-AB91-4DAE-BB8A-F7EF19C7BA2A}) (Version: 11.0.751.0 - Mediatek)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3264377140-702172241-3405489607-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Norton Security Suite (HKLM-x32\...\N360) (Version: 22.5.4.24 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Pinger (HKLM-x32\...\Pinger 1.1.1.2) (Version: 1.1.1.2 - Pinger Inc.)
Pinger (x32 Version: 1.1.1.2 - Pinger Inc.) Hidden
PlayChess (HKLM-x32\...\PlayChess) (Version: - ChessBase GmbH)
QMemory Software Bundle (HKLM-x32\...\QMemory Software Bundle) (Version: - QMemory)
QuickBooks (x32 Version: 24.0.4008.2403 - Intuit Inc.) Hidden
QuickBooks Premier: Contractor Edition 2014 (HKLM-x32\...\{4E935569-DDE7-49C9-955F-286BA104B2DB}) (Version: 24.0.4001.2403 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.48.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.7001 - CyberLink Corp.) Hidden
Tny_Cassiopesa (HKLM-x32\...\Tny_Cassiopesa) (Version: - Tny_Cassiopesa)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
28-10-2015 02:15:02 Scheduled Checkpoint
31-10-2015 07:26:10 HPSF Applying updates
31-10-2015 07:27:55 HPSF Applying updates
08-11-2015 02:42:29 Scheduled Checkpoint
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A7B775E-BB5E-4F38-817A-E207AFCB51C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-23] (Google Inc.)
Task: {1FF741E0-6C4F-41FD-B1CD-1C0924B7353A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-27] (Hewlett-Packard Company)
Task: {246ABF62-3195-4ACB-B941-AA865F8667DC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-27] (Hewlett-Packard Company)
Task: {348FF3D6-4707-4C60-8DC1-EEF799EE0DC5} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Suite\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {4E57C7FB-E10B-4EC8-9AF0-BF784F603D57} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {53E6B106-6470-4247-AD73-F09FB940BD27} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-10-26] (Glarysoft Ltd)
Task: {5876DC5C-5456-434F-B836-9622C48A8784} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-10-20] (Hewlett-Packard)
Task: {67E8FFC7-94FF-44A7-810A-E1429B76962B} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {7934409A-6FB2-48F7-8C66-20E12E705F6B} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {83D28D08-EBCF-4B26-8025-AC8CFD26813F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-23] (Google Inc.)
Task: {867D2054-0D0B-433B-9D15-6632AB4C0F12} - System32\Tasks\Cassiopesa fico => Wscript.exe "C:\ProgramData\{6EB9867A-3E3B-57FC-8FBD-277E5F3FF4F0}\2.0.1.9\cisa.txt" "433a2f50726f6772616d446174612f7b36454239383637412d334533422d353746432d384642442d3237374535463346463446307d2f322e302e312e392f6669636f2e646c6c" "687474703a2f2f73616f2e63737062696e742e636f6d2f" "--IsErIk" "//E:jscript"
Task: {8C3A5478-2BB9-46E9-87CB-F52729642F23} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-10-14] (Microsoft Corporation)
Task: {8CF5945A-FE13-4FB2-9CE7-02ABDAD76250} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3264377140-702172241-3405489607-1001
Task: {930D76AE-FC60-453E-9CF4-5CE9D42F6588} - System32\Tasks\HPCeeScheduleForHolden => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {A03E0ACF-882E-48FD-8657-B1A1A9956960} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-27] (Hewlett-Packard Company)
Task: {A433B6A5-FF28-404E-B954-F9BAE084C6C5} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {B9FB5FBE-BBDB-44C3-9EE1-36D0CBEF8FC6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {D3E51F0B-AD82-4227-B70E-DD837FE3DD8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2015-09-28] (Hewlett-Packard)
Task: {DD3E07B3-4E4B-40BB-9A2E-E9C372723E89} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-10-26] (Glarysoft Ltd)
Task: {E341A4DB-6C06-4D00-AE7F-8618397E8CC4} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\WSCStub.exe [2015-09-23] (Symantec Corporation)
Task: {EDB5A814-DF9F-46F6-BB48-09326B1950DE} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {F65B92D0-3AB4-4EDD-B209-E2966A509CDD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Tune-up Postponed => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-27] (Hewlett-Packard Company)
Task: {FAC15DD9-D896-4671-B499-84069C114B9C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-10-20] (Hewlett-Packard)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForHolden.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (Whitelisted) ==============
2013-09-05 05:22 - 2013-09-05 05:22 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-09-05 05:24 - 2013-09-05 05:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-09-05 05:24 - 2013-09-05 05:24 - 02540544 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-09-05 05:21 - 2013-09-05 05:21 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-09-05 05:21 - 2013-09-05 05:21 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-09-05 05:21 - 2013-09-05 05:21 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-09-05 05:36 - 2013-09-05 05:36 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-09-05 05:36 - 2013-09-05 05:36 - 01298832 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-10-24 06:14 - 2015-10-07 18:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-10-28 15:53 - 2015-09-01 11:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-05 05:31 - 2013-09-05 05:31 - 00064000 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2013-06-05 17:51 - 2013-06-05 17:51 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2015-10-18 01:05 - 2015-10-18 01:05 - 00028160 _____ () C:\Users\Holden\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\3aa4cbea7adc836ff7968cf73ce11027\Microsoft.PerfTrack.ni.dll
2015-08-03 11:04 - 2015-08-03 11:04 - 00347136 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\1b6c35238563de0cb93d3ed0826a69a3\Windows.Globalization.ni.dll
2015-08-03 11:04 - 2015-08-03 11:04 - 00363520 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\b3972424579e18e6699549ecb948c4ef\Windows.Foundation.ni.dll
2015-08-03 11:04 - 2015-08-03 11:04 - 00207872 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.System\5ab6059d1e922dc371685c5207f6f7a6\Windows.System.ni.dll
2015-08-03 11:04 - 2015-08-03 11:04 - 01278464 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\eea3e743a58cb4d556fe113d6336020b\Windows.Storage.ni.dll
2015-08-03 11:04 - 2015-08-03 11:04 - 01782272 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\f1407bb1d381cf5dee299c4e5f0fdf9d\Windows.ApplicationModel.ni.dll
2015-07-14 01:31 - 2015-07-14 01:31 - 00551440 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.337_x64__8wekyb3d8bbwe\SqliteWrapper.dll
2015-07-14 01:31 - 2015-07-14 01:31 - 00660920 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.337_x64__8wekyb3d8bbwe\Sqlite3.dll
2015-08-03 11:04 - 2015-08-03 11:04 - 01459712 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\5c9c0b89a558d0e589c254af6b1ca238\Windows.UI.ni.dll
2015-10-26 03:55 - 2015-10-26 03:55 - 02207232 _____ () C:\Users\Holden\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.B2e1870ee#\8c884c7e604ce7e64ee208c8e47b3d95\Microsoft.Bing.AppEx.Telemetry.ni.dll
2015-08-03 11:04 - 2015-08-03 11:04 - 01259520 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Networking\84819467f44d3da49aa14236af8fcc9a\Windows.Networking.ni.dll
2015-08-06 03:41 - 2015-08-06 03:41 - 00632320 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Security\2333488328d673bea8d60a9f2e84759c\Windows.Security.ni.dll
2015-10-18 01:05 - 2015-10-18 01:05 - 00117248 _____ () C:\Users\Holden\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\SqliteWrapper\696bd1d3763da57b5fd727587a8edb94\SqliteWrapper.ni.dll
2015-08-06 03:41 - 2015-08-06 03:41 - 01383936 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Web\87bd4b0afae2a321640d4aba350d58a4\Windows.Web.ni.dll
2015-08-06 03:41 - 2015-08-06 03:41 - 00467456 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\f4031c5dbdde97cb4a0c7572cc0d1f29\Windows.Graphics.ni.dll
2015-08-06 03:41 - 2015-08-06 03:41 - 02019840 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Devices\271d406467b9db0758ea399495d00731\Windows.Devices.ni.dll
2015-08-06 03:41 - 2015-08-06 03:41 - 00521216 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\e291aa8a59dc390d0cdf99d3c6d8b6e5\Windows.Data.ni.dll
2015-07-24 01:35 - 2015-07-24 01:35 - 00148480 _____ () C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.GinRummyPro_2.0.1.15_neutral__kx24dqmazqk8j\GinRummy.exe
2014-06-05 11:17 - 2014-11-08 02:13 - 00083768 _____ () C:\Program Files (x86)\Common Files\Intuit\DataProtect\IBuEngHost.exe
2014-06-05 11:17 - 2014-11-08 02:13 - 00067896 _____ () C:\Program Files (x86)\Common Files\Intuit\DataProtect\IBuEng_x64Vista.dll
2015-07-02 20:38 - 2015-07-02 20:38 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-11-20 19:39 - 2014-11-20 19:39 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-10-26 01:53 - 2015-10-26 01:53 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2014-07-18 00:20 - 2013-08-05 02:49 - 00627672 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 17:48 - 2013-08-05 17:48 - 00016856 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-06-05 11:17 - 2014-11-08 02:13 - 00084280 _____ () C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.XmlSerializers.dll
2015-10-28 15:52 - 2015-10-28 15:53 - 01033792 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2015-10-31 04:34 - 2015-10-31 04:34 - 00831488 _____ () C:\Users\Holden\AppData\Local\Packages\26720RandomSaladGamesLLC.GinRummyPro_kx24dqmazqk8j\AC\Microsoft\CLR_v4.0_32\NativeImages\GinRummy\a1af3897e17a1198f6213332de77fae4\GinRummy.ni.exe
2015-08-05 01:48 - 2015-08-05 01:48 - 03530752 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\0b2afd93fc0545b7b94339e8a4a7af97\Windows.UI.Xaml.ni.dll
2015-08-05 01:48 - 2015-08-05 01:48 - 01131008 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\72dff8d45b73e9b02b3838d29765607a\Windows.ApplicationModel.ni.dll
2015-10-31 04:34 - 2015-10-31 04:34 - 03002368 _____ () C:\Users\Holden\AppData\Local\Packages\26720RandomSaladGamesLLC.GinRummyPro_kx24dqmazqk8j\AC\Microsoft\CLR_v4.0_32\NativeImages\MonoGame.Framework\cf2f390790f1508109d9ef9cdd74d64b\MonoGame.Framework.ni.dll
2015-08-05 01:48 - 2015-08-05 01:48 - 00960000 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.UI\8ddd8ad15fe3fb05a871ef0115fb84e2\Windows.UI.ni.dll
2015-08-05 01:48 - 2015-08-05 01:48 - 00228864 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\16c3eb7650767d95d002c998d0c73eb5\Windows.Foundation.ni.dll
2015-08-09 04:06 - 2015-08-09 04:06 - 00304128 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\eff020aac8737300c74dee47a69c9bbf\Windows.Graphics.ni.dll
2015-08-05 01:48 - 2015-08-05 01:48 - 00808448 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Storage\7abff64c7c1ea1fae5bd170c8238b73e\Windows.Storage.ni.dll
2015-08-09 04:06 - 2015-08-09 04:06 - 01282048 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Devices\4764145200fcd33a90ced1505892fce6\Windows.Devices.ni.dll
2015-10-31 04:34 - 2015-10-31 04:34 - 00251392 _____ () C:\Users\Holden\AppData\Local\Packages\26720RandomSaladGamesLLC.GinRummyPro_kx24dqmazqk8j\AC\Microsoft\CLR_v4.0_32\NativeImages\WombatLib\28f354c8b19190101394ad723bab550e\WombatLib.ni.dll
2015-08-09 04:06 - 2015-08-09 04:06 - 00799232 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Networking\86865ced79f3180ebdfa736d895e5edb\Windows.Networking.ni.dll
2015-08-09 04:06 - 2015-08-09 04:06 - 00337920 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Data\98644a649e9bf9e880f2e97889501b07\Windows.Data.ni.dll
2015-08-09 04:06 - 2015-08-09 04:06 - 00402432 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Security\ae4a1bf110c1a12f619514bde2b27939\Windows.Security.ni.dll
2015-08-05 01:48 - 2015-08-05 01:48 - 00133120 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.System\c639835fe3da556a2cbe2e03540996c0\Windows.System.ni.dll
2015-08-09 04:06 - 2015-08-09 04:06 - 00239616 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\94af4549db265c6f339c287c8675d234\Windows.Globalization.ni.dll
2015-10-22 15:01 - 2015-10-20 09:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-22 15:01 - 2015-10-20 09:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3264377140-702172241-3405489607-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Holden\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "Intuit Data Protect.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks_Standard_21.lnk"
HKLM\...\StartupApproved\Run32: => "IJNetworkScanUtility"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9C03A5FA-2186-4679-8204-5FE2D809674C}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{19316862-26C2-4494-92EF-229606519609}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{591F64C5-D5A6-4CD7-B214-7F8EA0386528}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{2BFE9F9D-9E4B-4959-A49F-151CAA8D3E85}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{12E625D4-615D-44AB-A676-3663D412F233}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{E3F10645-4EFA-4452-843F-F60C98FBADC6}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{54FB1226-DC00-4279-A0CF-FDE4F36EA4AB}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{6B78E44E-F809-43ED-8286-0BAFFBF8C9A3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{FDD4E327-5330-4333-9EF0-0A1ED323D661}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{4E04BE06-0BF0-452C-AFF8-65914CAFF958}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{27FD29D0-7E31-4774-9197-EEC92FB84BAF}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{B644B180-75CA-48F9-AA58-96B861EEEBCF}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{F9B4FCE4-055E-4D90-906B-C3A87CEAEF39}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{820A68E9-53D7-4022-8822-4EEC8CCF1D92}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B6A15098-6BD6-4CE2-8571-57B65B2A2395}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7D8004CD-C2D5-4BDC-8D47-00BB44055506}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{99E9B0DD-1A6C-4F96-A601-169CAB138144}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0CEE5A1B-D022-403D-BE0C-4476BDEFA6F5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{22804232-B81A-4BE5-82AC-F17EEE90FA4C}] => (Allow) LPort=2869
FirewallRules: [{9E28EA75-8C7C-406B-BC51-D2B4ACB56B68}] => (Allow) LPort=1900
FirewallRules: [{9E5DD4D6-0615-47B7-9FEC-2ADC37F4EEDB}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5A8C2E8E-B70E-485D-A02A-BA8EAEF2AB8F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{73B8BB8B-1DB0-4E8A-A9BA-76F7F5D24487}] => (Allow) C:\Users\Holden\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{68F4BEF2-84AE-45AB-AF8F-A9524D3054EF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{3B9FE188-5E76-45D0-BEBE-34D841B9A94B}C:\program files (x86)\logitech\desktop messenger\8876480\program\backweb-8876480.exe] => (Allow) C:\program files (x86)\logitech\desktop messenger\8876480\program\backweb-8876480.exe
FirewallRules: [UDP Query User{7E1BEA9D-EDA1-446A-A71F-E17E06BC8CC3}C:\program files (x86)\logitech\desktop messenger\8876480\program\backweb-8876480.exe] => (Allow) C:\program files (x86)\logitech\desktop messenger\8876480\program\backweb-8876480.exe
FirewallRules: [{3B280815-B667-4031-B721-D0FC958D60EC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A15B78BD-C4DF-4619-A5DF-9442560C744D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{79B31C89-8DC3-423D-870E-4C35C4145F97}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{040BC571-E6AF-436A-B48D-B9C5268A86E7}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{2A174AED-75D3-4F86-A29C-097424288556}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{E570629D-8F34-4A8B-A894-67EB3D7230DE}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{A485E48D-E98B-45F4-9AE6-87725371FD19}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{AFC4EBBD-4CDB-4FEB-A95D-C457F1822FC6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{10C84A3D-8C0A-4028-BC85-82927C0EEF55}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/08/2015 06:51:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HPENVYPC)
Description: Activation of app Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/08/2015 05:34:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HPENVYPC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/08/2015 05:34:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HPENVYPC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/08/2015 05:34:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HPENVYPC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/08/2015 05:34:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HPENVYPC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/08/2015 05:34:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HPENVYPC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/08/2015 05:34:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HPENVYPC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/08/2015 05:34:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HPENVYPC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/08/2015 05:34:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HPENVYPC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/07/2015 07:06:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HPENVYPC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (11/07/2015 09:57:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Biometric Service service depends on the Credential Manager service which failed to start because of the following error:
%%1058
Error: (11/07/2015 09:57:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Biometric Service service depends on the Credential Manager service which failed to start because of the following error:
%%1058
Error: (11/07/2015 09:57:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Biometric Service service depends on the Credential Manager service which failed to start because of the following error:
%%1058
Error: (11/07/2015 09:57:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Biometric Service service depends on the Credential Manager service which failed to start because of the following error:
%%1058
Error: (11/07/2015 09:57:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Biometric Service service depends on the Credential Manager service which failed to start because of the following error:
%%1058
Error: (11/07/2015 09:56:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Biometric Service service depends on the Credential Manager service which failed to start because of the following error:
%%1058
Error: (11/07/2015 09:56:58 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Biometric Service service depends on the Credential Manager service which failed to start because of the following error:
%%1058
Error: (11/07/2015 09:56:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Biometric Service service depends on the Credential Manager service which failed to start because of the following error:
%%1058
Error: (11/07/2015 09:56:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Biometric Service service depends on the Credential Manager service which failed to start because of the following error:
%%1058
Error: (11/07/2015 09:56:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Biometric Service service depends on the Credential Manager service which failed to start because of the following error:
%%1058
==================== Memory info ===========================
Processor: AMD A10-6700 APU with Radeon HD Graphics
Percentage of memory in use: 23%
Total physical RAM: 11445.18 MB
Available physical RAM: 8744.37 MB
Total Virtual: 13173.18 MB
Available Virtual: 9311.39 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:1846.24 GB) (Free:1773.11 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery Image) (Fixed) (Total:15.3 GB) (Free:1.85 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (98SE_FAT32) (Fixed) (Total:78.45 GB) (Free:71.63 GB) FAT32
Drive g: (XP_NTFS) (Fixed) (Total:70.58 GB) (Free:41.83 GB) NTFS
Drive i: (Lexar) (Removable) (Total:7.45 GB) (Free:5.47 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 57D23B32)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 2A840EB2)
Partition 1: (Not Active) - (Size=78.5 GB) - (Type=0C)
Partition 2: (Not Active) - (Size=70.6 GB) - (Type=OF Extended)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)
==================== End of Addition.txt ============================
Is there a problem with my computer that I can repair with your help?