Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PC seems infected

Started by wjosephson , Oct 01 2015 11:16 PM

  • Please log in to reply

#1
wjosephson
Posted 01 October 2015 - 11:16 PM

wjosephson

    New Member

  • Member
  • Pip
  • 1 posts

My Windows 8.1 has been acting poorly since my many failed attempts at installing Windows 10.  I get the "Something Happened.  Windows 10 Installation has Failed" error message when the installation first attempts to restart the machine.  This is not the blue-screen version but a popup window with the error message.  I have been installing many possible solutions and think I have introduced malware.

 

Browsing in both Chrome and Firefox is poor with many failed connections due to SSL errors and many times the website is poorly rendered.

 

Here is the FRST first logs: ( I see that boot components were fixed on the C: drive which may help my Windows 10 installation).

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
Ran by bill josephson (administrator) on IDEA (02-10-2015 00:46:46)
Running from C:\Users\bill josephson\Downloads
Loaded Profiles: bill josephson (Available Profiles: bill josephson & BillTest)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
() C:\Program Files (x86)\xampp\mysql\bin\mysqld.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\NAV.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Data Perceptions / PowerProgrammer) C:\Windows\SysWOW64\WebUpdateSvc4.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Tomas Koutny) C:\Program Files (x86)\XDTK\Skinny Clock\SkinnyClock.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TomTom) C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(© 2015 Microsoft Corporation) C:\Users\bill josephson\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe
(Firetrust) C:\Program Files (x86)\Firetrust\MailWasher\MailWasher.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(CANON INC.) C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask.exe
(CTdeveloping, LLC) C:\Program Files\PDFtypewriter\Printer\PDFtypewriter_Printer_Monitor.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagPriv.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\TscHelp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\NAV.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagitEditor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-09-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-09-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [WrtMon.exe] => C:\windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-26] (CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ROC_roc_ssl_v12] => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
HKLM-x32\...\Run: [PDFtypewriterPrinterMonitor] => C:\Program Files (x86)\PDFtypewriter\Printer\PDFtypewriterMonitorStart.exe [25384 2010-06-22] (CTdeveloping, LLC)
HKLM-x32\...\Run: [iolo Startup] => C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe [4538680 2015-08-15] (iolo technologies, LLC)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Canon Toner Status] => C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask.exe [1821240 2014-04-10] (CANON INC.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe [773120 2014-09-03] (Oracle Corporation)
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\Run: [SkinnyClock] => C:\Program Files (x86)\XDTK\Skinny Clock\SkinnyClock.exe [1769472 2013-01-18] (Tomas Koutny)
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [3810816 2015-09-21] (TomTom)
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57872912 2015-09-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\Run: [BingSvc] => C:\Users\bill josephson\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\RunOnce: [Uninstall C:\Users\bill josephson\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bill josephson\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\RunOnce: [Uninstall C:\Users\bill josephson\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bill josephson\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811"
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\RunOnce: [Uninstall C:\Users\bill josephson\AppData\Local\Microsoft\OneDrive\17.3.4726.0226] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bill josephson\AppData\Local\Microsoft\OneDrive\17.3.4726.0226"
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\RunOnce: [Uninstall C:\Users\bill josephson\AppData\Local\Microsoft\OneDrive\17.3.5930.0814] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bill josephson\AppData\Local\Microsoft\OneDrive\17.3.5930.0814"
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\MountPoints2: {fd8ef888-7cf4-11e4-bf3e-806e6f6e6963} - "E:\Start_Here.exe" 
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [11776 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403192 2015-09-11] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-03-08]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnk [2015-03-21]
ShortcutTarget: Snagit 12.lnk -> C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe (TechSmith Corporation)
Startup: C:\Users\bill josephson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasher.lnk [2015-03-07]
ShortcutTarget: MailWasher.lnk -> C:\Program Files (x86)\Firetrust\MailWasher\MailWasher.exe (Firetrust)
Startup: C:\Users\bill josephson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PDFtypewriterMonitorStart.exe - Shortcut.lnk [2015-09-17]
ShortcutTarget: PDFtypewriterMonitorStart.exe - Shortcut.lnk -> C:\Program Files\PDFtypewriter\Printer\PDFtypewriterMonitorStart.exe (CTdeveloping, LLC)
Startup: C:\Users\bill josephson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.exe - Shortcut.lnk [2015-09-03]
ShortcutTarget: thunderbird.exe - Shortcut.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
BootExecute: autocheck autochk * 
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{37CECF00-3DD5-415F-BA7F-7FDE7B4C5249}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2D&ocid=SK2DDHP&osmkt=en-us
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/SK2M_FRPage
SearchScopes: HKLM -> DefaultScope {71C2BE2F-73E3-47FD-AF28-602699E1B85B} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_dnldkng_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAzzyCtB0EyB0B0FyCtBtCtN0D0Tzu0StCtDyBtCtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtD0AtC0E0DyByBtGzytB0A0DtGyE0EtBzztGzy0DyDzytGtB0A0A0BzzyDtD0D0ByE0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtByBtBtB0ByD0CtG0C0EtByEtGyEyDtAyDtGzy0AzzyEtG0CtC0Bzy0EtB0C0C0CyDyBzz2Q&cr=806601497&ir=
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKLM -> {71C2BE2F-73E3-47FD-AF28-602699E1B85B} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_dnldkng_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAzzyCtB0EyB0B0FyCtBtCtN0D0Tzu0StCtDyBtCtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtD0AtC0E0DyByBtGzytB0A0DtGyE0EtBzztGzy0DyDzytGtB0A0A0BzzyDtD0D0ByE0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtByBtBtB0ByD0CtG0C0EtByEtGyEyDtAyDtGzy0AzzyEtG0CtC0Bzy0EtB0C0C0CyDyBzz2Q&cr=806601497&ir=
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2338279475-2459000132-1606305099-1001 -> DefaultScope {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_bimmed_15_39_ssg02&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAzzyCtB0EyB0B0FyCtBtCtN0D0Tzu0StCtAyDzytN1L2XzutAtFtCtBtFzyzytFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StAzytC0DtC0E0C0BtGtC0Azz0AtGyE0F0EyDtGzztC0A0BtG0CtByCyC0AtDyDzz0F0F0D0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtByBtBtB0ByD0CtG0C0EtByEtGyEyDtAyDtGzy0AzzyEtG0CtC0Bzy0EtB0C0C0CyDyBzz2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDtByC%26cr%3D1442740220%26a%3Dwncy_bimmed_15_39_ssg02%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2338279475-2459000132-1606305099-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2DDF&PC=SK2D&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2338279475-2459000132-1606305099-1001 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_bimmed_15_39_ssg02&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAzzyCtB0EyB0B0FyCtBtCtN0D0Tzu0StCtAyDzytN1L2XzutAtFtCtBtFzyzytFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StAzytC0DtC0E0C0BtGtC0Azz0AtGyE0F0EyDtGzztC0A0BtG0CtByCyC0AtDyDzz0F0F0D0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtByBtBtB0ByD0CtG0C0EtByEtGyEyDtAyDtGzy0AzzyEtG0CtC0Bzy0EtB0C0C0CyDyBzz2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDtByC%26cr%3D1442740220%26a%3Dwncy_bimmed_15_39_ssg02%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2338279475-2459000132-1606305099-1001 -> {71C2BE2F-73E3-47FD-AF28-602699E1B85B} URL = 
SearchScopes: HKU\S-1-5-21-2338279475-2459000132-1606305099-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NS&chn=retail&geo=US&ver=22&locale=en_US&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2338279475-2459000132-1606305099-1001 -> {B526B305-2B92-4F09-9683-516C3CA13338} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} ->  No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: No Name -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} ->  No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-15] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-15] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2338279475-2459000132-1606305099-1001 -> No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
Toolbar: HKU\S-1-5-21-2338279475-2459000132-1606305099-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024
FF DefaultSearchEngine.US: Search Provided by Yahoo
FF SelectedSearchEngine: Bing 
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-27] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-27] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-15] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4092550\npmathplugin.dll [2013-02-07] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2338279475-2459000132-1606305099-1001: @citrixonline.com/appdetectorplugin -> C:\Users\bill josephson\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-10-14] (Citrix Online)
FF user.js: detected! => C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024\user.js [2014-12-07]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-12-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-12-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-12-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-12-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-12-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\bill josephson\AppData\Roaming\mozilla\plugins\npatgpc.dll [2011-06-09] (Cisco WebEx LLC)
FF SearchPlugin: C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024\searchplugins\safesearch.xml [2015-09-14]
FF SearchPlugin: C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024\searchplugins\search-provided-by-yahoo.xml [2015-09-22]
FF SearchPlugin: C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024\searchplugins\Vosteran.xml [2015-02-02]
FF Extension: Bing Search - C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024\Extensions\[email protected] [2015-09-30]
FF Extension: ZoneAlarm Do Not Track - C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024\Extensions\[email protected] [2013-02-08]
FF Extension: zonealarm.com - C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024\Extensions\[email protected] [2013-02-08]
FF Extension: Low Quality Flash - C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024\Extensions\[email protected] [2015-07-14]
FF Extension: Flashblock - C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-07-13]
FF Extension: Universal Downloader - C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024\Extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d} [2013-06-05]
FF Extension: Flash Killer - C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024\Extensions\[email protected] [2014-08-30]
FF Extension: Flash Control - C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024\Extensions\[email protected] [2014-08-30]
FF Extension: Flash Block - C:\Users\bill josephson\AppData\Roaming\Mozilla\Firefox\Profiles\5k242l0e.default-1355389885024\Extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi [2014-08-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-07-15]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.2.15\coFFPlgn [2015-10-01]
FF HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-06-19]
FF HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://fftime.com/basketball/universe/","file:///C:/Users/bill%20josephson/Desktop/","hxxps://my.snhu.edu/CookieAuth.dll?GetLogon?curl=Z2F&reason=0&formdir=5","hxxps://mail.google.com/mail/u/1/#inbox","hxxp://www.ultimateknicks.com/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\bill josephson\AppData\Roaming\Mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Wolfram Mathematica) - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4092550\npmathplugin.dll (Wolfram Research, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.600.19) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java™ Platform SE 7 U60) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Harmony Firefox Plugin) - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll => No File
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.104) - C:\Users\bill josephson\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File
CHR Profile: C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-21]
CHR Extension: (Google Docs) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-12]
CHR Extension: (Google Drive) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-19]
CHR Extension: (Desmos Graphing Calculator) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhdheahnajobgndecdbggfmcojekgdko [2014-06-12]
CHR Extension: (YouTube) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-19]
CHR Extension: (MapsGalaxy) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfmglngfjjacekhjbfdemgdkklojnnh [2015-09-17]
CHR Extension: (Norton Security Toolbar) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-09-16]
CHR Extension: (Google Search) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-19]
CHR Extension: (Daum Equation Editor) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe [2014-06-12]
CHR Extension: (Clock for Google Chrome™) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg [2014-11-03]
CHR Extension: (Google Sheets) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-21]
CHR Extension: (Chrome Remote Desktop) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-08-12]
CHR Extension: (Math Anywhere) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebhifiddmaaeecbaiemfpejghjdjmhc [2014-06-12]
CHR Extension: (Google Docs Offline) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (FlashBlock) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2014-10-25]
CHR Extension: (CloudConvert) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpmbfgodkfcebpgheiedaddoikmljkk [2014-11-21]
CHR Extension: (Norton Identity Safe) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Flashcontrol) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe [2014-09-18]
CHR Extension: (Norton Safe) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-09-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-11]
CHR Extension: (XFINITY® TV Go Stream Live TV Online) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbefpbidnpmpfbkledpohpejdcgfnfif [2014-08-12]
CHR Extension: (Gmail) - C:\Users\bill josephson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-19]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\Exts\Chrome.crx [2015-09-14]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\Exts\Chrome.crx [2015-09-14]
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2012-11-23]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S4 FreeSSHDService; C:\Program Files (x86)\freeSSHd\FreeSSHDService.exe [1360072 2009-09-10] ()
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [762272 2015-09-11] (Garmin Ltd. or its subsidiaries)
R3 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4682552 2015-08-15] (iolo technologies, LLC)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.149\McCHSvc.exe [235696 2015-06-26] (McAfee, Inc.)
S4 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
R2 mysql; C:\program files (x86)\xampp\mysql\bin\mysqld.exe [8158720 2011-09-09] () [File not signed]
S4 MySQL56; C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe [13031424 2014-09-11] () [File not signed]
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\NAV.exe [282016 2015-07-16] (Symantec Corporation)
S4 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 SPAMfighter Update Service; C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe [216608 2014-04-30] (SPAMfighter ApS)
S4 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [1282592 2014-03-14] (SPAMfighter ApS)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-04-25] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WebUpdate4; C:\WINDOWS\SysWOW64\WebUpdateSvc4.exe [293992 2013-03-07] (Data Perceptions / PowerProgrammer)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [92176 2014-04-09] (Check Point Software Technologies, Ltd.)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 Achernar; C:\Windows\System32\Drivers\Achernar.sys [34104 2012-12-11] (NewSoft Technology Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\BASHDefs\20150928.001\BHDrvx64.sys [1650936 2015-09-04] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-09-14] (Symantec Corporation)
R1 ElRawDisk; C:\windows\system32\drivers\ElRawDsk.sys [30752 2012-12-07] (EldoS Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-09-14] (Symantec Corporation)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [43664 2014-12-24] ()
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\IPSDefs\20150929.001\IDSvia64.sys [767216 2015-09-22] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\VirusDefs\20151001.002\ENG64.SYS [138488 2015-09-14] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\VirusDefs\20151001.002\EX64.SYS [2146040 2015-09-14] (Symantec Corporation)
R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [32912 2014-07-13] (EldoS Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NAVx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1605020.00F\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-09-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [450968 2014-04-24] (Check Point Software Technologies Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-02 00:46 - 2015-10-02 00:48 - 00043480 _____ C:\Users\bill josephson\Downloads\FRST.txt
2015-10-02 00:46 - 2015-10-02 00:46 - 02192384 _____ (Farbar) C:\Users\bill josephson\Downloads\FRST64.exe
2015-10-02 00:46 - 2015-10-02 00:46 - 00000000 ____D C:\FRST
2015-10-01 12:04 - 2015-10-01 12:04 - 00593693 _____ C:\Users\bill josephson\Downloads\Autoruns.zip
2015-09-30 18:52 - 2015-09-30 18:52 - 00000000 ____D C:\Users\bill josephson\Tracing
2015-09-30 18:49 - 2015-09-30 18:52 - 43692568 _____ (Skype Technologies S.A.) C:\Users\bill josephson\Downloads\SkypeSetupFull (1).exe
2015-09-30 18:41 - 2015-09-30 18:41 - 00686272 _____ (Swearware) C:\Users\bill josephson\Downloads\dds (1).scr
2015-09-30 17:38 - 2015-09-30 17:38 - 00688992 _____ (Swearware) C:\Users\bill josephson\Downloads\dds.scr
2015-09-30 17:34 - 2015-09-30 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-30 17:33 - 2015-09-30 17:33 - 43692568 _____ (Skype Technologies S.A.) C:\Users\bill josephson\Downloads\SkypeSetupFull.exe
2015-09-30 16:26 - 2015-09-30 16:26 - 54763328 _____ C:\Users\bill josephson\Downloads\TomTomMySportsConnectInstaller.exe
2015-09-29 23:00 - 2015-09-30 23:58 - 00002025 _____ C:\Users\bill josephson\Downloads\#Untitled-1#
2015-09-29 22:25 - 2015-09-29 22:25 - 00001265 _____ C:\Users\bill josephson\Downloads\Question_Statistics_Class_Report_09-29-15 (7).csv
2015-09-29 22:23 - 2015-09-29 22:23 - 00001512 _____ C:\Users\bill josephson\Downloads\Question_Statistics_Class_Report_09-29-15 (6).csv
2015-09-29 22:18 - 2015-09-29 22:18 - 00001887 _____ C:\Users\bill josephson\Downloads\Question_Statistics_Class_Report_09-29-15 (5).csv
2015-09-29 22:11 - 2015-09-29 22:11 - 00001929 _____ C:\Users\bill josephson\Downloads\Question_Statistics_Class_Report_09-29-15 (4).csv
2015-09-29 22:06 - 2015-09-29 22:06 - 00001572 _____ C:\Users\bill josephson\Downloads\Question_Statistics_Class_Report_09-29-15 (3).csv
2015-09-29 21:53 - 2015-09-29 21:53 - 00002211 _____ C:\Users\bill josephson\Downloads\Question_Statistics_Class_Report_09-29-15 (2).csv
2015-09-29 21:43 - 2015-09-29 21:43 - 00000854 _____ C:\Users\bill josephson\Downloads\Question_Statistics_Class_Report_09-29-15 (1).csv
2015-09-29 21:36 - 2015-09-29 21:36 - 00000869 _____ C:\Users\bill josephson\Downloads\Question_Statistics_Class_Report_09-29-15.csv
2015-09-29 21:35 - 2015-09-29 21:35 - 00002697 _____ C:\Users\bill josephson\Downloads\Question_Statistics_Student_Report_09-29-15.csv
2015-09-27 11:59 - 2015-10-02 00:13 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-27 11:59 - 2015-09-27 11:59 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-27 11:41 - 2015-09-27 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-09-27 11:41 - 2015-09-27 11:41 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2015-09-27 11:12 - 2015-09-27 11:12 - 47346280 _____ (Microsoft Corporation) C:\Users\bill josephson\Downloads\Windows-KB890830-x64-V5.28.exe
2015-09-26 19:43 - 2015-09-26 19:43 - 00006135 _____ C:\Users\bill josephson\Downloads\Question_Statistics_Student_Report_09-26-15.csv
2015-09-25 14:41 - 2015-09-25 14:41 - 00002812 _____ C:\Users\bill josephson\Downloads\Question_Statistics_Student_Report_09-25-15.csv
2015-09-25 12:59 - 2015-09-25 12:59 - 00000000 ____D C:\Users\bill josephson\AppData\Roaming\odds-calculator-desktop.71249E51277F5CE3F1C9178228D3FD8E8D6DCCCF.1
2015-09-25 12:51 - 2015-09-25 12:53 - 26187430 _____ (Kessem Holdings Limited) C:\Users\bill josephson\Downloads\MagicHoldem_4.2.2.3096.exe
2015-09-23 17:43 - 2015-09-23 17:43 - 00000000 ____D C:\Users\bill josephson\AppData\Local\TempTaskUpdateDetectionA70BA5DB-7978-4B8D-A4BD-C656B84F681D
2015-09-23 17:31 - 2015-09-23 18:51 - 00000000 ___HD C:\$Windows.~BT
2015-09-23 00:55 - 2015-09-23 00:55 - 00000000 ___HD C:\$Windows.~WS
2015-09-23 00:49 - 2015-09-23 04:19 - 00000000 ____D C:\Users\bill josephson\Downloads\produkey
2015-09-23 00:49 - 2015-09-23 00:49 - 00058799 _____ C:\Users\bill josephson\Downloads\produkey.zip
2015-09-23 00:47 - 2015-09-23 00:47 - 19733696 _____ (Microsoft Corporation) C:\Users\bill josephson\Downloads\MediaCreationToolx64.exe
2015-09-23 00:25 - 2015-09-23 00:25 - 19249329 _____ C:\Users\bill josephson\Downloads\windows10.0-kb3087040-x64_ad0f78efb7b122fa9472dbb8050c4f358aceab49.msu
2015-09-23 00:15 - 2015-09-23 11:39 - 00000460 _____ C:\WINDOWS\Tasks\TechUtilities.job
2015-09-23 00:15 - 2015-09-23 00:15 - 00003190 _____ C:\WINDOWS\System32\Tasks\TechUtilities
2015-09-23 00:15 - 2015-09-23 00:15 - 00000895 _____ C:\Users\Public\Desktop\TechUtilities.lnk
2015-09-23 00:15 - 2015-09-23 00:15 - 00000000 ____D C:\ProgramData\TechUtilities64
2015-09-23 00:15 - 2015-09-23 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechUtilities
2015-09-23 00:15 - 2015-09-23 00:15 - 00000000 ____D C:\Program Files\TechUtilities
2015-09-23 00:14 - 2015-09-23 00:14 - 02288624 _____ (Seven Servos Software Pvt Ltd. ) C:\Users\bill josephson\Downloads\TechUtilities_setup.exe
2015-09-22 12:34 - 2015-09-22 12:34 - 02012781 _____ C:\Users\bill josephson\Downloads\MAT181-UNIT-2.pptx
2015-09-22 00:23 - 2015-09-22 00:23 - 01629552 _____ ( ) C:\Users\bill josephson\Downloads\cpu-z_1.73-en.exe
2015-09-22 00:23 - 2015-09-22 00:23 - 00000896 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-09-22 00:23 - 2015-09-22 00:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-09-22 00:23 - 2015-09-22 00:23 - 00000000 ____D C:\Program Files\CPUID
2015-09-22 00:18 - 2015-09-22 00:18 - 00000000 ____D C:\Users\bill josephson\AppData\Local\Chromium
2015-09-22 00:17 - 2015-09-22 00:17 - 00003994 _____ C:\WINDOWS\System32\Tasks\LaunchPreSignup
2015-09-22 00:16 - 2015-09-22 00:16 - 00000000 ____D C:\Users\bill josephson\AppData\Local\{AF8C99D0-8B24-F568-E6BC-D080C2D42C18}
2015-09-22 00:15 - 2015-09-22 00:15 - 01200163 _____ C:\Users\bill josephson\Downloads\7zip [1].exe
2015-09-22 00:14 - 2015-09-22 00:14 - 02191992 _____ C:\Users\bill josephson\Downloads\installer.zip
2015-09-17 01:33 - 2015-09-17 01:39 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-09-15 10:12 - 2015-09-15 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-09-14 21:29 - 2015-09-20 23:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-14 13:55 - 2015-09-14 13:55 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus
2015-09-14 13:44 - 2015-09-14 13:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2015-09-14 12:22 - 2015-09-14 12:22 - 00001757 _____ C:\Users\bill josephson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup.lnk
2015-09-12 15:22 - 2015-09-12 15:22 - 00002984 _____ C:\{C65FE935-9CD2-456E-A424-20199D580CCA}
2015-09-10 22:31 - 2015-09-10 22:31 - 00001728 _____ C:\{69DD60EE-0DA0-4859-B6F0-4F2C2011DB15}
2015-09-10 00:42 - 2015-09-10 00:42 - 00002776 _____ C:\Users\bill josephson\Desktop\backup.reg
2015-09-08 19:30 - 2015-09-02 22:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-08 19:30 - 2015-09-02 22:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-08 19:30 - 2015-09-02 14:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-08 19:30 - 2015-09-02 13:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-08 19:30 - 2015-07-22 10:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-08 19:30 - 2015-07-22 09:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-08 19:30 - 2015-07-17 10:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-08 19:30 - 2015-07-17 10:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-08 19:30 - 2015-07-13 15:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-08 19:30 - 2015-07-09 12:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-08 19:30 - 2015-07-03 17:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-08 19:30 - 2015-07-03 10:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-08 19:30 - 2015-06-27 07:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-08 19:30 - 2015-06-19 13:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-08 16:41 - 2015-07-30 13:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-08 16:41 - 2015-07-30 12:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-08 16:40 - 2015-08-22 14:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-08 16:40 - 2015-08-22 13:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 16:40 - 2015-08-22 13:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 16:40 - 2015-08-22 13:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-08 16:40 - 2015-08-22 13:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 16:40 - 2015-08-22 13:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-08 16:40 - 2015-08-22 12:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 16:40 - 2015-08-22 12:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 16:40 - 2015-08-22 12:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-08 16:40 - 2015-08-22 12:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 16:40 - 2015-08-22 12:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-08 16:40 - 2015-08-22 12:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 16:40 - 2015-08-22 12:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-08 16:40 - 2015-08-22 12:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-08 16:40 - 2015-08-22 12:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-08 16:40 - 2015-08-22 12:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-08 16:40 - 2015-08-22 12:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-08 16:40 - 2015-08-22 12:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-08 16:40 - 2015-08-22 12:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-08 16:40 - 2015-08-22 12:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 16:40 - 2015-08-22 12:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-08 16:40 - 2015-08-22 12:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-08 16:40 - 2015-08-22 12:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-08 16:40 - 2015-08-22 12:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-08 16:40 - 2015-08-22 12:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-08 16:40 - 2015-08-22 12:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-08 16:40 - 2015-08-22 12:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-08 16:40 - 2015-08-22 11:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-08 16:40 - 2015-08-22 11:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-08 16:39 - 2015-09-01 22:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-08 16:39 - 2015-09-01 22:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 16:39 - 2015-09-01 22:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 16:39 - 2015-09-01 22:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 16:39 - 2015-09-01 22:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-08 16:39 - 2015-08-03 17:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-08 16:39 - 2015-08-03 17:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-08 16:39 - 2015-08-01 10:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-08 16:39 - 2015-07-31 23:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-08 16:39 - 2015-07-31 23:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-08 16:39 - 2015-07-31 23:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 16:39 - 2015-07-31 23:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-08 16:39 - 2015-07-31 23:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-08 16:39 - 2015-07-22 10:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 16:39 - 2015-07-22 10:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 16:39 - 2015-07-22 10:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 16:39 - 2015-07-22 10:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 16:39 - 2015-07-18 14:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 16:39 - 2015-07-18 14:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 16:39 - 2015-07-18 14:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 16:39 - 2015-07-18 14:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-07 18:58 - 2015-09-07 18:58 - 00000000 ____D C:\Users\bill josephson\AppData\Local\TempTaskUpdateDetection7996A44F-7F15-4CD4-99E7-54B2E31A22EF
2015-09-07 18:22 - 2015-09-07 18:22 - 00000000 _____ C:\Recovery.txt
2015-09-06 00:55 - 2015-09-06 00:55 - 00001109 _____ C:\Users\Public\Desktop\KeyFinder.lnk
2015-09-06 00:55 - 2015-09-06 00:55 - 00000000 ____D C:\Users\bill josephson\AppData\Roaming\OpenCandy
2015-09-06 00:55 - 2015-09-06 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2015-09-06 00:55 - 2015-09-06 00:55 - 00000000 ____D C:\Program Files (x86)\Magical Jelly Bean
2015-09-06 00:44 - 2014-11-17 16:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-09-06 00:44 - 2014-11-17 16:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-09-06 00:44 - 2014-11-14 02:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-09-06 00:44 - 2014-11-14 02:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-09-05 23:16 - 2015-09-05 23:16 - 00002290 _____ C:\Users\BillTest\Desktop\Google Chrome.lnk
2015-09-05 23:16 - 2015-09-05 23:16 - 00000000 ____D C:\Users\BillTest\AppData\Local\Google
2015-09-05 22:35 - 2015-04-30 21:13 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-09-05 22:35 - 2015-04-30 21:13 - 01488000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-09-05 22:35 - 2015-04-30 21:13 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2015-09-05 11:00 - 2015-01-05 23:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-09-05 11:00 - 2015-01-05 22:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-09-05 11:00 - 2015-01-05 21:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-09-05 11:00 - 2015-01-05 21:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-09-05 10:58 - 2014-11-15 15:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-09-05 10:58 - 2014-11-15 02:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-09-05 10:58 - 2014-11-14 02:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-05 10:58 - 2014-11-14 01:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-05 10:58 - 2014-11-10 14:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-09-05 10:58 - 2014-11-10 14:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-09-05 10:58 - 2014-11-09 22:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-09-05 10:58 - 2014-11-09 21:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-09-05 10:58 - 2014-11-09 21:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-09-05 10:58 - 2014-11-09 21:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-09-05 10:58 - 2014-11-09 21:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-09-05 10:58 - 2014-11-09 21:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-09-05 10:58 - 2014-11-09 21:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-09-05 10:58 - 2014-11-09 21:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-09-05 10:58 - 2014-11-09 20:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-09-05 10:58 - 2014-11-09 20:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-09-05 10:58 - 2014-11-08 00:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-09-05 10:58 - 2014-11-07 23:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-09-05 10:58 - 2014-11-07 23:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-09-05 10:58 - 2014-11-07 23:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-09-05 10:58 - 2014-11-07 23:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-09-05 10:58 - 2014-11-07 23:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-09-05 10:58 - 2014-11-07 23:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-09-05 10:58 - 2014-11-07 23:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-09-05 10:58 - 2014-11-07 23:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-09-05 10:58 - 2014-11-07 22:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-09-05 10:58 - 2014-11-07 22:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-09-05 10:58 - 2014-11-07 22:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-09-05 10:58 - 2014-11-07 22:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-09-05 10:58 - 2014-11-07 21:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-09-05 10:58 - 2014-11-07 21:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-09-05 10:58 - 2014-11-06 23:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-09-05 10:58 - 2014-11-06 23:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-09-05 10:58 - 2014-11-04 22:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-09-05 10:58 - 2014-11-04 22:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-09-05 10:58 - 2014-11-04 22:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-09-05 10:58 - 2014-11-04 21:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-09-05 10:58 - 2014-11-04 21:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-09-05 10:58 - 2014-11-04 21:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-09-05 10:58 - 2014-11-04 21:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-09-05 10:58 - 2014-11-04 21:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-09-05 10:58 - 2014-11-04 21:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-09-05 10:58 - 2014-11-04 21:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-09-05 10:58 - 2014-11-04 21:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-09-05 10:58 - 2014-11-04 21:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-09-05 10:58 - 2014-11-04 21:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-09-05 10:58 - 2014-11-04 21:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-09-05 10:58 - 2014-11-04 15:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-09-05 10:58 - 2014-11-04 02:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-09-05 10:58 - 2014-11-04 01:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-09-05 10:58 - 2014-10-28 23:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-09-05 10:58 - 2014-10-28 21:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-09-05 10:58 - 2014-10-28 21:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-09-05 10:58 - 2014-10-20 21:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-09-05 10:58 - 2014-10-20 21:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-09-05 10:58 - 2014-10-20 20:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-09-05 10:58 - 2014-10-20 20:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-09-05 10:58 - 2014-10-20 20:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-09-05 10:58 - 2014-10-20 20:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-09-05 10:58 - 2014-10-20 20:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-09-05 10:58 - 2014-10-17 00:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-09-05 10:58 - 2014-10-16 23:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-09-04 23:55 - 2015-08-26 22:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-04 23:55 - 2015-08-26 14:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-04 23:55 - 2015-08-26 14:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-04 23:55 - 2015-08-26 14:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-04 23:55 - 2015-08-26 14:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-04 23:55 - 2015-08-26 10:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-04 23:55 - 2015-08-26 10:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-04 23:55 - 2015-08-26 10:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-04 23:55 - 2015-08-26 10:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-04 23:55 - 2015-08-26 10:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-04 23:55 - 2015-08-26 10:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-04 23:55 - 2015-08-26 10:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-04 23:52 - 2015-07-13 23:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-04 15:27 - 2014-04-15 19:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-09-04 15:27 - 2014-04-15 19:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-09-02 12:32 - 2015-09-02 13:22 - 00000000 ____D C:\WINDOWS\softwaredistribution.bk
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-02 00:31 - 2014-06-17 15:30 - 00000000 ____D C:\Users\bill josephson\AppData\Roaming\Skype
2015-10-02 00:30 - 2013-11-26 16:03 - 02784256 ___SH C:\Users\bill josephson\Desktop\Thumbs.db
2015-10-02 00:27 - 2013-11-24 20:38 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FCA51F24-C746-4DBF-8E75-39EAB3A43FD4}
2015-10-02 00:18 - 2014-06-11 23:27 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-02 00:07 - 2013-11-23 20:40 - 01344732 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-02 00:00 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-01 23:17 - 2013-03-17 20:03 - 00000000 ___DO C:\Users\bill josephson\OneDrive
2015-10-01 23:17 - 2012-11-06 09:39 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2338279475-2459000132-1606305099-1001
2015-10-01 23:16 - 2013-01-01 00:07 - 00000000 ____D C:\Users\bill josephson\AppData\Local\CrashDumps
2015-10-01 23:14 - 2014-06-11 23:27 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-01 23:13 - 2014-11-05 00:28 - 18305734 _____ C:\Users\Public\CAFADEBUG.log
2015-10-01 23:13 - 2014-10-14 09:54 - 00000374 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-10-01 23:11 - 2013-08-22 10:46 - 00003312 _____ C:\WINDOWS\setupact.log
2015-10-01 23:11 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-01 23:10 - 2013-11-23 20:17 - 00000000 ____D C:\Users\bill josephson
2015-10-01 23:10 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-01 18:59 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-10-01 18:56 - 2013-09-29 23:55 - 04848040 _____ C:\WINDOWS\PFRO.log
2015-10-01 13:02 - 2012-11-29 22:45 - 00000173 _____ C:\Users\bill josephson\AppData\Local\msmathematics.qat.bill josephson
2015-10-01 11:13 - 2012-09-18 13:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-01 11:11 - 2013-06-18 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-01 10:52 - 2013-08-22 11:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-10-01 10:50 - 2014-06-11 23:27 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-01 01:42 - 2012-11-13 17:23 - 00000000 ____D C:\Users\bill josephson\AppData\Local\CUSTPDF Writer
2015-09-30 23:40 - 2012-11-06 17:13 - 00000000 ____D C:\Users\bill josephson\.jedit
2015-09-30 18:50 - 2014-06-17 15:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-30 18:50 - 2014-06-17 15:29 - 00000000 ____D C:\ProgramData\Skype
2015-09-30 16:27 - 2015-07-13 12:28 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-09-29 21:54 - 2013-03-25 12:03 - 00000000 ____D C:\Users\bill josephson\Documents\fantasy Baseball
2015-09-29 00:27 - 2013-12-08 13:07 - 00931328 ___SH C:\Users\bill josephson\Downloads\Thumbs.db
2015-09-27 12:01 - 2012-12-11 02:12 - 00000000 ____D C:\Users\bill josephson\AppData\Local\Adobe
2015-09-27 11:29 - 2012-12-17 20:24 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-09-25 12:34 - 2014-02-07 13:16 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-24 01:29 - 2014-04-04 14:57 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-24 01:26 - 2014-11-04 13:26 - 00023604 _____ C:\Users\bill josephson\AppData\Roaming\Devart Error Report.txt
2015-09-23 21:27 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-23 18:51 - 2013-11-23 20:18 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2015-09-23 18:51 - 2013-11-23 20:18 - 00001908 _____ C:\WINDOWS\diagerr.xml
2015-09-23 18:46 - 2013-11-23 23:08 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-23 18:44 - 2013-08-22 11:37 - 00022305 _____ C:\WINDOWS\DtcInstall.log
2015-09-23 18:41 - 2015-08-27 13:37 - 00037630 _____ C:\WINDOWS\comsetup.log
2015-09-23 18:41 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\Registration
2015-09-23 17:30 - 2013-08-22 10:46 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-23 10:48 - 2012-07-26 03:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-23 00:59 - 2013-09-30 00:04 - 00864460 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-20 23:21 - 2012-12-13 04:48 - 00000000 ____D C:\ProgramData\Norton
2015-09-20 23:15 - 2012-11-06 10:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-20 23:15 - 2012-07-26 04:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-09-20 13:55 - 2014-01-06 23:11 - 00000000 ____D C:\Program Files (x86)\Quicken
2015-09-20 13:55 - 2012-11-06 17:11 - 00000000 ____D C:\Program Files\jEdit
2015-09-19 18:15 - 2015-05-30 14:36 - 00000994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-16 16:17 - 2012-11-19 15:03 - 00000000 ____D C:\Users\bill josephson\AppData\Local\Google
2015-09-16 11:13 - 2014-06-11 23:27 - 00003888 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 11:13 - 2014-06-11 23:27 - 00003652 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 22:42 - 2013-01-03 19:06 - 00000000 ____D C:\Users\bill josephson\Documents\investments
2015-09-15 10:13 - 2014-11-13 22:58 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-15 10:12 - 2015-06-23 17:10 - 00003552 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2015-09-15 10:12 - 2015-06-23 17:02 - 00000000 ____D C:\Program Files (x86)\Garmin
2015-09-15 10:12 - 2015-05-13 14:55 - 00000000 ___RD C:\Users\bill josephson\SkyDrive
2015-09-15 10:12 - 2014-02-19 23:37 - 00003106 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2338279475-2459000132-1606305099-1001
2015-09-14 21:18 - 2015-08-21 12:49 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 21:18 - 2014-12-10 23:51 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-14 13:53 - 2012-12-09 05:05 - 00001716 _____ C:\Users\bill josephson\Desktop\Startup.lnk
2015-09-14 13:45 - 2012-12-13 04:50 - 00003218 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-09-14 13:45 - 2012-12-13 04:50 - 00000000 ____D C:\WINDOWS\system32\Drivers\NAVx64
2015-09-14 10:15 - 2012-12-13 04:50 - 00111344 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-09-14 10:15 - 2012-12-13 04:50 - 00008214 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2015-09-14 10:15 - 2012-12-13 04:50 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-09-14 10:12 - 2012-12-13 04:50 - 00000000 ____D C:\Program Files (x86)\Norton AntiVirus
2015-09-14 10:06 - 2015-07-31 11:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2015-09-13 23:49 - 2014-12-07 17:50 - 00000000 ____D C:\Users\bill josephson\AppData\Roaming\vlc
2015-09-13 12:33 - 2012-12-13 05:04 - 00000000 ____D C:\ProgramData\iolo
2015-09-10 22:25 - 2014-02-07 13:16 - 00000000 ____D C:\Users\bill josephson\AppData\Roaming\TeamViewer
2015-09-09 01:04 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-09 00:23 - 2013-08-22 10:44 - 00642112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 00:18 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-09 00:17 - 2013-08-13 16:27 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-08 17:11 - 2013-09-29 23:51 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-07 17:43 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2015-09-05 23:15 - 2014-06-11 00:29 - 00000258 __RSH C:\Users\BillTest\ntuser.pol
2015-09-05 23:15 - 2014-06-11 00:29 - 00000000 ____D C:\Users\BillTest
2015-09-05 11:47 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-09-05 11:47 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-09-05 00:49 - 2012-09-18 14:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-09-05 00:36 - 2012-11-06 09:32 - 00000000 ____D C:\Users\bill josephson\AppData\Local\Packages
2015-09-04 23:54 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\catroot2.bak
2015-09-02 19:39 - 2015-08-14 00:23 - 00000000 ____D C:\79f7b8c93e1ea1c3b1e9
2015-09-02 17:11 - 2015-05-31 14:57 - 00000000 ____D C:\WINDOWS\pss
 
==================== Files in the root of some directories =======
 
2014-05-04 13:18 - 2014-05-04 13:28 - 0000096 _____ () C:\Users\bill josephson\AppData\Roaming\Camdata.ini
2014-05-04 13:18 - 2014-05-04 13:28 - 0000408 _____ () C:\Users\bill josephson\AppData\Roaming\CamLayout.ini
2014-05-04 13:18 - 2014-05-04 13:28 - 0000408 _____ () C:\Users\bill josephson\AppData\Roaming\CamShapes.ini
2014-05-04 13:18 - 2014-05-04 13:28 - 0004535 _____ () C:\Users\bill josephson\AppData\Roaming\CamStudio.cfg
2014-05-04 13:25 - 2014-05-04 13:25 - 0000000 _____ () C:\Users\bill josephson\AppData\Roaming\CamStudio.Producer.Data.ini
2014-05-04 13:25 - 2014-05-04 13:25 - 0001206 _____ () C:\Users\bill josephson\AppData\Roaming\CamStudio.Producer.ini
2013-01-09 00:31 - 2015-08-28 01:14 - 0001773 _____ () C:\Users\bill josephson\AppData\Roaming\csv2qif.ini
2014-11-04 13:26 - 2015-09-24 01:26 - 0023604 _____ () C:\Users\bill josephson\AppData\Roaming\Devart Error Report.txt
2012-12-08 19:16 - 2012-12-10 17:45 - 0000553 _____ () C:\Users\bill josephson\AppData\Roaming\FreeDesktopClock.ini
2012-11-06 11:59 - 2013-07-02 12:35 - 0000116 _____ () C:\Users\bill josephson\AppData\Roaming\Statdisk.prefs
2014-03-11 18:42 - 2014-12-12 13:09 - 0000000 _____ () C:\Users\bill josephson\AppData\Roaming\WabbitEmu.exe
2012-11-10 17:41 - 2014-08-27 12:04 - 0000600 _____ () C:\Users\bill josephson\AppData\Roaming\winscp.rnd
2013-01-16 15:38 - 2013-01-16 15:38 - 0000008 _____ () C:\Users\bill josephson\AppData\Local\414CEB2D-0460-4F66-8B28-B10545424759
2015-02-01 04:12 - 2015-02-01 04:12 - 0000062 _____ () C:\Users\bill josephson\AppData\Local\DAC7648C56884308AE25AA9F113E9C6A.TeraPlot1.trp
2013-06-05 00:16 - 2013-06-13 11:53 - 0004608 _____ () C:\Users\bill josephson\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-11 22:25 - 2014-06-12 00:23 - 0010936 _____ () C:\Users\bill josephson\AppData\Local\fluidmath_error_log.bin
2015-05-16 00:19 - 2015-05-16 00:19 - 0000442 _____ () C:\Users\bill josephson\AppData\Local\LMIR0001.tmp.bat
2015-05-16 00:19 - 2015-05-16 00:19 - 0000367 _____ () C:\Users\bill josephson\AppData\Local\LMIR0001.tmp_r.bat
2012-11-29 22:45 - 2015-10-01 13:02 - 0000173 _____ () C:\Users\bill josephson\AppData\Local\msmathematics.qat.bill josephson
2013-06-05 12:26 - 2013-06-05 12:26 - 0000236 _____ () C:\Users\bill josephson\AppData\Local\poetsch.bat
2014-10-14 14:22 - 2014-10-20 20:45 - 0000600 _____ () C:\Users\bill josephson\AppData\Local\PUTTY.RND
2014-05-22 01:04 - 2015-04-22 12:34 - 0007605 _____ () C:\Users\bill josephson\AppData\Local\resmon.resmoncfg
2015-08-14 19:08 - 2015-08-14 19:08 - 0000000 _____ () C:\Users\bill josephson\AppData\Local\{047677CC-9F0F-44A5-8497-CDD8C5EC320E}
2012-09-18 14:08 - 2012-09-18 14:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-07-15 11:58 - 2015-07-17 19:17 - 0010543 _____ () C:\ProgramData\hpzinstall.log
2015-07-16 19:21 - 2015-07-16 19:21 - 0000262 _____ () C:\ProgramData\LastUpdate.xml
 
Files to move or delete:
====================
C:\Users\bill josephson\jinstall.exe
 
 
Some files in TEMP:
====================
C:\Users\bill josephson\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\bill josephson\AppData\Local\Temp\BSvcUpdater.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-01 13:37
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-09-2015
Ran by bill josephson (2015-10-02 00:49:00)
Running from C:\Users\bill josephson\Downloads
Windows 8.1 (X64) (2013-11-24 00:44:56)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2338279475-2459000132-1606305099-500 - Administrator - Disabled)
bill josephson (S-1-5-21-2338279475-2459000132-1606305099-1001 - Administrator - Enabled) => C:\Users\bill josephson
BillTest (S-1-5-21-2338279475-2459000132-1606305099-1006 - Limited - Enabled) => C:\Users\BillTest
Guest (S-1-5-21-2338279475-2459000132-1606305099-501 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton AntiVirus (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: ZoneAlarm Pro Firewall (Disabled) {E6380B7E-D4B2-19F1-083E-56486607704B}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Connect 9 Add-in (HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\Adobe Connect 9 Add-in) (Version: 11,9,966,0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AnswerWorks 5.0 English Runtime (HKLM-x32\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
AVS Audio Editor 7.3 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.3.1.493 - Online Media Technologies Ltd.)
Bootstrapper (x32 Version: 1.1.2.0 - Minitab, Inc.) Hidden
Brackets (HKLM-x32\...\{A4330D4D-ACAB-4790-A6BF-D1C9599FD93B}) (Version: 1.3 - brackets.io)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
C309g-m (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
Camtasia Studio 8 (HKLM-x32\...\{474DFABF-E55B-4905-ABAA-40791A6AC77F}) (Version: 8.4.4.1859 - TechSmith Corporation)
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\Canon Laser Printer/Scanner/Fax Extended Survey Program) (Version: 1.2.11.10002 - CANON INC.)
Canon Laser Printer/Scanner/Fax Extended Survey Program (Version: 1.2.11 - CANON INC.) Hidden
Canon MF Toolbox 4.9.1.1.mf17 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf17 - CANON INC.)
Canon MF220 Series (HKLM\...\{33A079E0-BF49-4E97-9293-3EDDA6D130A4}) (Version: 4.5.0.0 - CANON INC.)
Cisco WebEx Meetings (HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{77463C86-BB3A-426E-A6C2-06B4D28C250F}) (Version: 1.0.223 - Citrix)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ComponentSoftware Revision Control System (CS-RCS) (HKLM-x32\...\CS-RCS) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.3.53 - Conexant)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CSV2QIF (HKLM-x32\...\{723CE9E7-6594-4D08-83DA-50F976B8D325}) (Version: 2.2.4.5 - ProperSoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Devart dbForge Studio for MySQL, v6.0 Standard Edition (HKLM\...\DevartStudioMySql_is1) (Version: 6.0.151 - Devart)
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DoubleIntegralCalculatorLevel2 (HKLM-x32\...\DoubleIntegralCalculatorLevel2) (Version:  - Tvalx)
DoubleIntegralCalculatorLevel2 (x32 Version: 1.0.1.0 - Tvalx) Hidden
Elevated Installer (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
ETDWare PS/2-X64 11.4.3.3_WHQL (HKLM\...\Elantech) (Version: 11.4.3.3 - ELAN Microelectronic Corp.)
Express Burn (HKLM-x32\...\ExpressBurn) (Version: 4.68 - NCH Software)
Flash to Video Encoder Pro (HKLM-x32\...\Flash to Video Encoder Pro_is1) (Version:  - GeoVid)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.4.604 - DVDVideoSoft Ltd.)
freeSSHd 1.2.6 (HKLM-x32\...\70DBC326-7505-4913-A0C1-C6BD87C1859D_is1) (Version:  - Kresimir Petric)
FVD Converter 1.0.2 (HKLM-x32\...\FVD Converter_is1) (Version:  - flashvideodownloader.org)
Garmin Express (HKLM-x32\...\{44d9dfc0-3a4a-4439-870f-f97550a9bc8d}) (Version: 4.1.8.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HeidiSQL (HKLM\...\HeidiSQL_is1) (Version:  - Ansgar Becker)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Premium C309g-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{5A1FBC15-2DE2-4B71-809F-33E746908CE4}) (Version: 14.0 - HP)
HP Photosmart Premium C309g-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{CCD42CCF-9AFF-4BC5-862A-38CCD3C8E8F8}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{A772EA32-AE5B-4474-BFC0-4C69C04AFF6A}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 14.6.1 - iolo technologies, LLC)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
join.me (HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\JoinMe) (Version: 1.15.0.136 - LogMeIn, Inc.)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0333}) (Version: 1.12.824.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0828 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0828 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4331.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
LyX 2.0.6 (HKLM-x32\...\LyX206) (Version: 2.0.6 - LyX Team)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
MailWasher (HKLM-x32\...\{8D4426EF-E37B-4B1B-B061-546D7172C67D}) (Version: 7.5 - Firetrust)
Maple Player (32 bit) (HKLM-x32\...\Maple Player (32 bit)) (Version: 18 - Maplesoft)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
MathCast 0.9 (HKLM-x32\...\{6EFEEF24-EA6C-4A40-9E52-002E680069C5}) (Version: 0.9 - MathCast)
Mathematica Extras 9.0 (4092550) (HKLM\...\A-WIN-Extras 9.0.1 4092550_is1) (Version: 9.0.1 - Wolfram Research, Inc.)
MathType 6 (HKLM-x32\...\DSMT6) (Version: 6.9 - Design Science, Inc.)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Minitab 16 (HKLM-x32\...\Minitab16) (Version: 16.2.4 - Minitab, Inc.)
Minitab Software Update Manager (HKLM-x32\...\MinitabSoftwareManager) (Version: 1.1.0.0 - Minitab, Inc.)
Minitab16 (x32 Version: 16.2.4.0 - Minitab Inc) Hidden
Minitab16 (x32 Version: 16.2.4.0 - Minitab, Inc.) Hidden
Movavi Video Converter 15 (HKLM-x32\...\Movavi Video Converter 15) (Version: 15.2.3 - Movavi)
Moyea Free Flash Downloader version  1.3.0.0 (HKLM\...\{8ED5BF38-B9BF-4F2D-AF42-9037574A254F}_is1) (Version:  - )
Moyea SWF to MPEG Converter version  4.0.0.0 (HKLM\...\{30C7F6E8-D7DF-4162-BFE0-72796148D589}_is1) (Version:  - )
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 en-US)) (Version: 38.2.0 - Mozilla)
MySQL Connector C++ 1.1.4 (HKLM-x32\...\{DEF0D0C1-511C-4F89-BCF7-75F421DDE591}) (Version: 1.1.4 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{9779CE68-28F8-4E19-A70C-48BEA184C656}) (Version: 5.1.33 - Oracle Corporation)
MySQL Connector Net 6.9.4 (HKLM-x32\...\{7FE04B43-4187-46F5-A9DE-9ECB5177B8C1}) (Version: 6.9.4 - Oracle)
MySQL Connector/C 6.1 (HKLM-x32\...\{97FEF94D-9E6D-4778-AFF1-77C53C933634}) (Version: 6.1.5 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM-x32\...\{4C6A664C-DCA0-4CC6-8752-ED0850E3135A}) (Version: 5.3.4 - Oracle Corporation)
MySQL Documents 5.6 (HKLM-x32\...\{A28A3025-2B78-4E6F-AB69-F8886C920817}) (Version: 5.6.21 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{9619274B-02D7-491C-A6A2-0FA915129985}) (Version: 5.6.21 - Oracle Corporation)
MySQL Installer - Community (HKLM-x32\...\{854E11AD-BE2D-4897-BA72-9C3A3DEA5798}) (Version: 1.4.2.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
MySQL Server 5.6 (HKLM\...\{73F1E510-FC76-4E6D-A020-472DBD0A3207}) (Version: 5.6.21 - Oracle Corporation)
MySQL Utilities (HKLM-x32\...\{0B18AA75-6A44-4950-A0A2-A486C2D839A0}) (Version: 1.4.4 - Oracle Corporation)
Nalpeiron Service Update to 7.3.5 (HKLM-x32\...\Nalpeiron Service Update to 7.3.5) (Version: 7.3.5 - Nalpeiron)
Nalpeiron Service Update to 7.3.5 (x32 Version: 7.3.5 - Nalpeiron) Hidden
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 22.5.2.15 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
PaperPort 7.01 (HKLM-x32\...\PaperPort 7.01) (Version:  - )
PDFtypewriter Printer Driver (HKLM\...\PDFtypewriter Printer Driver) (Version:  - )
PDFtypewriter with PDF Printer Driver (HKLM-x32\...\{7D336C6B-1C91-4AD4-B168-F1E1AC08D737}) (Version: 6.3.1374.0 - CTdeveloping, LLC)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
PS_AIO_06_C309g-m_SW_Min (x32 Version: 140.0.863.000 - Hewlett-Packard) Hidden
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
QED Poker Simulator (HKLM-x32\...\QED Poker Simulator) (Version:  - )
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Quicken 2007 (HKLM-x32\...\{0D2E80C8-0875-43EB-9623-47118E2DFBCA}) (Version: 16.1.1.27 - Intuit)
Quicken 2010 (HKLM-x32\...\{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}) (Version: 19.1.9.16 - Intuit)
Quicken 2013 (HKLM-x32\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.12.7 - Intuit)
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.8.8 - Intuit)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Screencast.com Desktop Uploader (HKLM-x32\...\{0CCA1733-33F7-4F18-A3C6-C09517FD0253}) (Version: 1.4.0 - TechSmith Corporation)
Skinny Clock v1.17 R2 (HKLM-x32\...\Skinny Clock_is1) (Version:  - Ing. Tomas Koutny)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.11 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.11.102 - Skype Technologies S.A.)
Smart PDF Converter 6.3.0.510 (HKLM\...\Smart PDF Converter_is1) (Version: 6.3.0.510 - Smart Soft)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Snagit 12 (HKLM-x32\...\{e8720e7e-08a2-4a30-9bce-70aa27c2a3dc}) (Version: 12.2.2.2107 - TechSmith Corporation)
Snagit 12 (x32 Version: 12.2.2 - TechSmith Corporation) Hidden
Software Update Wizard (Redist) 4.5 (HKLM-x32\...\Software Update Wizard (Redist)) (Version: 4.5 - PowerProgrammer)
SoftwareManager (x32 Version: 1.1.0.0 - Minitab, Inc.) Hidden
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SPAMfighter (HKLM-x32\...\SPAMfighter) (Version: 7.6.104 - Spamfighter ApS)
SPAMfighter (x32 Version: 7.6.104 - Spamfighter ApS) Hidden
Stat/Transfer 13 (64-Bit) (HKLM\...\StatTransfer13) (Version: 13 (64-Bit) - Circle Systems)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
SuperMemo (HKLM-x32\...\SuperMemo) (Version: 14.05 - SuperMemo World)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TechUtilities (HKLM\...\TechUtilities_is1) (Version: 1.1.1.7 - Seven Servos Software Pvt Ltd.)
TeraPlot (HKLM-x32\...\{A5F55AFF-80D6-4E7B-AFBB-CB293E4E0B9E}) (Version: 1.30.0100 - Kylebank Software Ltd)
TestGen (HKLM-x32\...\TestGen) (Version:  - )
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
TI-83 Plus Flash Debugger (HKLM-x32\...\TI-83 Plus Flash Debugger) (Version:  - )
TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.)
TI-Nspire™ Teacher Software (HKLM-x32\...\{3D32D7F2-07C6-4E95-BC21-A515D82292A8}) (Version: 3.9.0.463 - Texas Instruments Inc.)
TI-SmartView™ for the TI-30X Pro MultiView™  (HKLM-x32\...\{8654BF3B-46F2-4FA6-A19C-60D6ECD4719F}) (Version: 1.0.1.175 - Texas Instruments Incorporated.)
Toner Status (HKLM-x32\...\{6E9A516A-6189-4502-80FD-51BE28989CEB}) (Version: 1.0.0.0 - CANON INC.)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Uninstall Helper (HKLM-x32\...\Uninstall Helper 2.0.0.0) (Version: 2.0.0.0 - W3i, LLC)
Uninstall Helper (x32 Version: 2.0.0.0 - W3i, LLC) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.36 - NCH Software)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinX Free MOV to WMV Converter 5.0.7 (HKLM-x32\...\WinX Free MOV to WMV Converter_is1) (Version:  - Digiarty Software, Inc.)
Wolfram CDF Player (M-WIN-D 9.0.1 4092685) (HKLM-x32\...\M-WIN-D 9.0.1 4092685_is1) (Version: 9.0.1 - Wolfram Research, Inc.)
XAMPP 1.8.1 (HKLM-x32\...\xampp) (Version:  - )
ZipBackup Version 4.1 (HKLM-x32\...\ZipBackup_is1) (Version: 4.1 - ZipBackup, Inc.)
ZoneAlarm Do Not Track Add-on 2.2.5.1213 (HKLM-x32\...\ZoneAlarm Do Not Track Add-on_is1) (Version: 2.2.5.1213 - Abine)
ZoneAlarm Firewall (x32 Version: 13.1.211.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Pro (HKLM-x32\...\ZoneAlarm Pro) (Version: 13.1.211.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.1.211.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKLM-x32\...\ZoneAlarm Security Toolbar) (Version:  - Check Point Software Technologies LTD)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
15-09-2015 10:10:35 Garmin Express
22-09-2015 20:17:14 Scheduled Checkpoint
27-09-2015 23:40:34 Removed Odds calculator
01-10-2015 10:50:11 Removed Chrome Remote Desktop Host
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2014-12-24 16:11 - 00000860 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {180950BE-7CC2-46FF-B5AE-6FFA0FBB05FD} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {240960DE-CEB0-4538-9FE1-2757062B5AD9} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2338279475-2459000132-1606305099-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {2F620C9D-4177-431E-B34A-C8BAF4778825} - System32\Tasks\iolo DelOnReboot => cmd.exe /c IF EXIST C:\ProgramData\iolo\ops\smrr.dll del /f C:\ProgramData\iolo\ops\smrr.dll
Task: {45BE7F40-D2F5-4BBD-9270-C071D76462AF} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2015-08-15] (iolo technologies, LLC)
Task: {45EB429B-3D60-4464-A0EF-B49613945BC4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {46CF8358-0B3C-406E-A959-F153485C2F07} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {5E291CC1-93B9-434F-8A4D-47B31D5D05F1} - System32\Tasks\TechUtilities => C:\Program Files\TechUtilities\TechUtilities.exe [2015-08-28] (Seven Servos Software, Pvt Ltd.)
Task: {6B9FF5F0-D2F3-4F25-8788-9B03DDC810A3} - System32\Tasks\MySQL\Installer\ManifestUpdate => c:\program files (x86)\mysql\mysql installer for windows\mysqlinstallerconsole.exe [2014-09-18] (Oracle Corporation)
Task: {6F06D1BF-4097-4756-9950-C1511FC632BB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {7B84D64E-0600-4716-95B7-2B0FBC75F699} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {91779AE2-C009-43E7-B4CF-0DA162F033C5} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [2013-08-30] (CANON INC.)
Task: {9E229A6D-1E87-4618-90AA-99C5298A548A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {A8578267-20F3-4156-8DFA-6A66526035EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {AE48AA4A-5F8D-4B6A-93CC-87AB3E874A8F} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {B138CB20-986E-47A4-9786-2F99655F59E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B52E5CA9-8A2D-4355-A7DA-548CD9622877} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [2010-11-05] (Minitab)
Task: {B6C9E562-6761-4A22-9B8B-22FD9D953D48} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2338279475-2459000132-1606305099-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {B7983E8B-B244-4447-AAB9-F950BD0875FF} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-09-11] ()
Task: {B8B9A770-C1E9-49E6-BBD3-0E2F9E10775C} - System32\Tasks\{92446188-B644-4949-B2F5-839EBB7D9E52} => pcalua.exe -a E:\setup.exe -d E:\
Task: {BD93C867-F1F8-4775-B4AE-1DDED47F19C6} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)
Task: {C0DF8F6E-5AE4-4F59-A3D4-0FDC9B55C2E5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-27] (Adobe Systems Incorporated)
Task: {CD9EF672-55DB-4280-9F8F-3E7BAF576E79} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {CEB2A325-8912-4D31-8DD1-A39864EFD2B7} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {CF1CD1E6-2582-4DC3-9621-F197DAC890A6} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
Task: {D3D66B98-13A3-42F1-B93E-397851565F15} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {E10478E5-B7A5-48B5-B098-48A4E9013D5D} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2338279475-2459000132-1606305099-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {E13DF72F-BD6E-430A-A64A-9AA30F0300CF} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
Task: {E56FC6F0-A985-4C6D-A54A-24BC36BE875E} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {F05A86DD-F70A-4F47-8CDA-AE20050AB145} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\TechUtilities.job => C:\Program Files\TechUtilities\TechUtilities.exe-t1C:\Program Files\TechUtilities\TechUtilities.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2012-11-13 17:20 - 2006-11-30 21:41 - 00087040 _____ () C:\WINDOWS\System32\custmon64.dll
2014-04-04 14:58 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-22 12:35 - 2015-08-11 23:15 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-07-20 14:08 - 2011-09-09 13:46 - 08158720 _____ () C:\program files (x86)\xampp\mysql\bin\mysqld.exe
2013-11-07 02:52 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-09-21 09:48 - 2015-09-21 09:48 - 00016896 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\DeviceDetection.dll
2015-09-21 09:51 - 2015-09-21 09:51 - 00720896 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\ContentManager.dll
2015-09-21 09:49 - 2015-09-21 09:49 - 00019968 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\TomTomSupporterBase.dll
2015-09-21 09:51 - 2015-09-21 09:51 - 00028672 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\QtSolutions_SingleApplication.dll
2015-09-21 09:48 - 2015-09-21 09:48 - 00109568 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\kqoauth.dll
2015-09-21 09:48 - 2015-09-21 09:48 - 00017920 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\TimeParse.dll
2014-10-28 11:38 - 2014-10-28 11:38 - 02099200 _____ () C:\Program Files (x86)\TechSmith\Snagit 12\opencv_core249.dll
2014-10-28 11:38 - 2014-10-28 11:38 - 00050688 _____ () C:\Program Files (x86)\TechSmith\Snagit 12\ScrollingCapture.dll
2014-10-28 11:38 - 2014-10-28 11:38 - 01914368 _____ () C:\Program Files (x86)\TechSmith\Snagit 12\opencv_imgproc249.dll
2015-02-18 16:19 - 2015-02-18 16:19 - 00061952 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPBridgeDLL.dll
2015-02-18 16:19 - 2015-02-18 16:19 - 04647424 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPappDLL.dll
2014-10-12 03:41 - 2014-10-12 03:41 - 00061952 _____ () C:\Program Files (x86)\Firetrust\MailWasher\FTBridge.dll
2014-10-12 03:41 - 2014-10-12 03:41 - 00272384 _____ () C:\Program Files (x86)\Firetrust\MailWasher\FTClientNode.dll
2015-08-20 22:12 - 2015-08-20 22:12 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-08-20 22:12 - 2015-08-20 22:12 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-09-25 23:19 - 2015-09-23 22:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-25 23:19 - 2015-09-23 22:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2014-11-21 10:35 - 2014-11-21 10:35 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-11-21 10:34 - 2014-11-21 10:34 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2013-02-05 11:25 - 2013-02-05 11:25 - 01235024 _____ () C:\Program Files (x86)\MathType\MathPage\32\MathPage.WLL
2015-09-25 23:19 - 2015-09-23 22:34 - 16487752 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:AstInfo
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Temp:4829695F
AlternateDataStreams: C:\Users\bill josephson\OneDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\Software\Classes\.exe: exefile =>  <===== ATTENTION
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\Software\Classes\exefile:  <===== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2338279475-2459000132-1606305099-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bill josephson\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv Firewall Service is not running.
MpsSvc Firewall Service is not running.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 2
MSCONFIG\Services: chromoting => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: FreeSSHDService => 3
MSCONFIG\Services: Garmin Device Interaction Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: ioloSystemService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: mysql => 2
MSCONFIG\Services: MySQL56 => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Snagit 11.lnk"
HKLM\...\StartupApproved\Run32: => "ROC_roc_ssl_v12"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2981B409-F845-4DB0-B0F7-F3C8B36D2600}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{0D9A89A4-92BD-4EE2-993D-5E382733DBC8}] => (Allow) LPort=53
FirewallRules: [{EDB19AD0-B3C8-4062-A521-8EF87FD77EAC}] => (Allow) LPort=1542
FirewallRules: [{A5260C25-D7AE-4431-B246-10C1BC815C80}] => (Allow) LPort=1542
FirewallRules: [{F3F5EAA6-FC91-4936-9572-FDCBA930A5E5}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{0646B62E-0C0B-44BE-8C02-95831B4AB48C}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{B26B5F5F-F09C-4B15-8DBB-DE60F6239028}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{6255D275-820D-423C-94BD-0AC3209FD2C8}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{8D673ACD-A2D2-4BF1-A1ED-B641E93F234A}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{387CD456-4F99-414E-BA23-724093127EDF}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{F5AACCFE-7121-486F-AE7C-9CAEC6A5A037}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{EC3F3BD8-DEBA-46D5-B229-27EBFEAAF4A9}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{A803F26C-FD38-4645-824F-7694D51CB70E}] => (Allow) C:\Users\bill josephson\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{8F618276-1298-494D-B2BC-F84C14BD62C2}] => (Allow) LPort=1900
FirewallRules: [{B2B31CF9-50C8-4668-B488-33658A0A67A9}] => (Allow) LPort=2869
FirewallRules: [{8F707BB8-4268-49B7-827E-9CCF94CCF2A4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0470534B-DE41-432B-AA4D-97339E68647F}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{0553C3CE-C24B-4BAC-A189-192762C21AB3}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [UDP Query User{DC3E7208-29A7-408E-B471-9D7D83241033}C:\users\bill josephson\desktop\winscp.exe] => (Allow) C:\users\bill josephson\desktop\winscp.exe
FirewallRules: [TCP Query User{A8C2F399-223C-4023-B85F-AB1E8050B1BD}C:\users\bill josephson\desktop\winscp.exe] => (Allow) C:\users\bill josephson\desktop\winscp.exe
FirewallRules: [{D6C552CB-C1A2-4166-9150-D3F563E17636}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{88229A2C-866F-4C79-96F8-C677399DF2A5}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{433B5006-035E-4165-81CF-869CBC6A03DB}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{B37A1E1C-7E4C-4948-B962-87C006BC5CE5}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [UDP Query User{BCAEBB14-5A57-4B88-A277-B3B22F08DD0A}C:\users\bill josephson\desktop\winscp.exe] => (Allow) C:\users\bill josephson\desktop\winscp.exe
FirewallRules: [TCP Query User{75249BEC-860D-4343-8B9C-C79AD0BCB1A0}C:\users\bill josephson\desktop\winscp.exe] => (Allow) C:\users\bill josephson\desktop\winscp.exe
FirewallRules: [UDP Query User{3598DA8F-F8E0-4A2E-82CD-D5D3B67133F5}C:\program files (x86)\xampp\mysql\bin\mysqld.exe] => (Allow) C:\program files (x86)\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{6F17D00E-7EE4-4CD2-A943-FAD39A90DA0C}C:\program files (x86)\xampp\mysql\bin\mysqld.exe] => (Allow) C:\program files (x86)\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{DBDB75D4-5B27-4A26-8BA4-D996DE99983A}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{1615FCD4-D338-4FCD-ABBC-1F84936C719C}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{8AD780F0-DB99-418B-BFC1-E35544A15078}F:\xampp\mysql\bin\mysqld.exe] => (Block) F:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{AD204D3A-4BAE-4BD5-8DB0-2805A73DE0F5}F:\xampp\mysql\bin\mysqld.exe] => (Block) F:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{A7FFB7A5-59BF-4BDB-8953-AF27341355C4}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{6A110D99-EA39-480A-939F-4EF02B9C0F89}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{F06D8CE3-0179-4695-BF13-D952F38A6F3B}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{7705842A-9BA2-4654-9226-6B1E66BF3075}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{1DB1CEB9-AD6F-450B-9A0D-0579E3A0F5CF}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{A5705202-EFFE-43E3-8D2E-EFD994A210A6}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{07DFE2DB-3BD8-4B6B-9DB7-74CBE2D249CF}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{2A12A212-F269-4B01-981D-E321660C8BAF}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{5A4F08CC-6C3F-44AF-A337-F9F3DBC71A8D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F215362C-74BA-4D60-9CA4-00577108FAD6}] => (Allow) LPort=3307
FirewallRules: [{9C67DF0F-1A31-465D-945D-CF117FF3DB5D}] => (Allow) LPort=3307
FirewallRules: [{CCDF1FCA-9B75-4640-AEAA-1111880DEE30}] => (Allow) LPort=8317
FirewallRules: [{60500DC8-E6DA-4572-BA42-52F86E541470}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BB66FD8A-3B37-4332-AB76-782209238C7A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A53A41DA-F57A-40E8-A154-D763A38AC881}] => (Allow) C:\Program Files (x86)\TI Education\TI-SmartViewTI-30XProMV\TI-SmartView_30X_Pro_MV.exe
FirewallRules: [{5F3DDF02-6388-4B5A-9C18-5CE9A9CC012E}] => (Allow) C:\Program Files (x86)\TI Education\TI-SmartViewTI-30XProMV\TI-SmartView_30X_Pro_MV.exe
FirewallRules: [{08C4A2CA-BDB3-46A8-BB9E-B2BEF7F31C14}] => (Allow) C:\Program Files (x86)\TI Education\TI-SmartViewTI-30XProMV\Activator.exe
FirewallRules: [{B7676D60-F7B6-49AE-BD7D-035983A50B0A}] => (Allow) C:\Program Files (x86)\TI Education\TI-SmartViewTI-30XProMV\Activator.exe
FirewallRules: [{4AF0B3FB-A519-401F-8FC8-84BFFB85ACDB}] => (Allow) C:\Program Files (x86)\TI Education\TI-SmartViewTI-30XProMV\jre\bin\java.exe
FirewallRules: [{94EB1CBE-7C76-4A87-BF26-4B3C08001FE5}] => (Allow) C:\Program Files (x86)\TI Education\TI-SmartViewTI-30XProMV\jre\bin\java.exe
FirewallRules: [{EEC015D8-86CC-4FC0-9EFE-04426FA217E0}] => (Allow) E:\setup\hpznui40.exe
FirewallRules: [{3011ECC2-F6A6-4C62-8111-83FC4528B13D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{835E48E4-373A-4359-834D-AD34714B170C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{32BD8B8A-7939-4F67-8370-A696F3521808}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{F1417006-B961-45A3-9A63-94B943DCE22C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{E28C6888-290F-4E9B-917C-6432748F7847}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{B629FE43-D181-475D-BFF6-F5E76EA686D4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{0443791E-7C15-4FDC-879B-47046549543F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{56DAFC28-E992-4AF0-B5F7-C56213C62542}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A0B5F435-392A-4E57-A5B2-DDCB26A6EBD7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{17A6D5C9-817F-43EA-B546-1E9A04861A5E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{E9FB00D9-39E7-4B70-AA66-0FE64FDCC21D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{061A6BF4-71F8-49A5-974F-1F5EC9B2BFAD}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{7DF8955F-CAE9-4364-92E4-86533B0C9B54}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{AE3A420F-ACA0-4007-A867-5D39BA5E8B8D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{376AE605-D0A5-473F-89FC-C9537D778164}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4ED22E06-3664-4D60-BEF7-40AF1D5C6E58}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CA8D7928-7E74-44F8-859F-DD5940D8114B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{79E21397-66F6-454E-8FD7-5B20940E342F}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\45.0.2454.17\remoting_host.exe
FirewallRules: [{C7A51E2B-2E19-4DF4-B162-ABF6F3236303}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Photosmart Premium C309g-m
Description: Photosmart Premium C309g-m
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Photosmart Premium C309g-m
Description: Photosmart Premium C309g-m
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Could not list Devices. Check "winmgmt" service or repair WMI.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/01/2015 11:17:29 PM) (Source: TechSmith Updater) (EventID: 0) (User: )
Description: Could not find file 'C:\ProgramData\TechSmith\Updater\Snagit-12.2.2.xml'.
 
Error: (10/01/2015 11:17:29 PM) (Source: TechSmith Updater) (EventID: 0) (User: )
Description: Could not find file 'C:\ProgramData\TechSmith\Updater\Snagit-12.2.2.xml'.
 
Error: (10/01/2015 11:17:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: a9c
 
Start Time: 01d0fcc020b39ae7
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 145ee2d4-68b4-11e5-bfe3-b888e3862e7b
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (10/01/2015 11:17:12 PM) (Source: TechSmith Updater) (EventID: 0) (User: )
Description: Could not find file 'C:\ProgramData\TechSmith\Updater\Snagit-12.2.2.xml'.
 
Error: (10/01/2015 11:17:11 PM) (Source: TechSmith Updater) (EventID: 0) (User: )
Description: Could not find file 'C:\ProgramData\TechSmith\Updater\Snagit-12.2.2.xml'.
 
Error: (10/01/2015 11:15:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
Error: (10/01/2015 11:15:33 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
Error: (10/01/2015 11:15:32 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (10/01/2015 11:15:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
 
Error: (10/01/2015 11:15:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
 
 
System errors:
=============
Error: (10/01/2015 11:19:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.
 
Error: (10/01/2015 11:17:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Background Intelligent Transfer Service service hung on starting.
 
Error: (10/01/2015 11:14:10 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HomeGroup Listener service terminated with the following service-specific error: 
%%2147944153
 
Error: (10/01/2015 11:11:54 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HomeGroup Listener service terminated with the following service-specific error: 
%%2147944153
 
Error: (10/01/2015 11:11:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The sbapifs service failed to start due to the following error: 
%%2
 
Error: (10/01/2015 07:04:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error: 
%%1053
 
Error: (10/01/2015 07:04:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
 
Error: (10/01/2015 07:04:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.
 
Error: (10/01/2015 07:00:25 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HomeGroup Listener service terminated with the following service-specific error: 
%%2147944153
 
Error: (10/01/2015 06:58:04 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HomeGroup Listener service terminated with the following service-specific error: 
%%2147944153
 
 
CodeIntegrity:
===================================
  Date: 2013-03-19 17:18:45.060
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-19 16:58:33.452
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-19 16:25:39.672
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-19 15:37:47.860
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-19 13:26:29.434
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-19 13:07:17.520
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-19 12:56:37.020
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-19 12:49:36.235
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-19 12:41:11.897
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-19 12:34:49.373
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® CPU B960 @ 2.20GHz
Percentage of memory in use: 33%
Total physical RAM: 12151.77 MB
Available physical RAM: 8110.58 MB
Total Virtual: 14007.77 MB
Available Virtual: 9499.04 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:250.42 GB) (Free:141.65 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.51 GB) NTFS
Drive e: (Kerin5e_IRCD) (CDROM) (Total:0.67 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: AC30EF2F)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

Edited by wjosephson, 01 October 2015 - 11:25 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP