Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015 Ran by Ted at 2015-07-16 10:09:06 Running from C:\Users\Ted\AppData\Local\Microsoft\Windows\INetCache\IE\05S0SMZL Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3465484515-3630676411-2978537619-500 - Administrator - Disabled) bille_000 (S-1-5-21-3465484515-3630676411-2978537619-1002 - Limited - Enabled) => C:\Users\bille_000 Guest (S-1-5-21-3465484515-3630676411-2978537619-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3465484515-3630676411-2978537619-1004 - Limited - Enabled) Ted (S-1-5-21-3465484515-3630676411-2978537619-1001 - Administrator - Enabled) => C:\Users\Ted ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton 360 Premier (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton 360 Premier (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton 360 Premier (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 3670704.1637756.4759644.48 - Audible, Inc.) Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.3.53 - Conexant) Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo) Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.) Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.5.1080 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.) Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited) Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.5.13 - Lenovo EasyCamera) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 1.4.2.25 - Lenovo) Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3465484515-3630676411-2978537619-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Motion Control (HKLM\...\Motion Control) (Version: 1.1.2.43 - Lenovo) Movie Master (HKLM-x32\...\MovieMaster) (Version: 2.7.22 - Green Fire Software) Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0 - Mozilla) Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro) Norton 360 Premier (HKLM-x32\...\N360) (Version: 22.5.0.124 - Symantec Corporation) Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.) REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{B6322D12-A133-4128-8306-DAFFF7231152}) (Version: 1.03.0199 - REALTEK Semiconductor Corp.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.21.4 - Synaptics Incorporated) UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo) UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo) Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3465484515-3630676411-2978537619-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ted\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 05-07-2015 13:48:29 Scheduled Checkpoint 10-07-2015 03:51:30 Windows Update 15-07-2015 03:31:09 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {04845625-971B-4733-A742-CC8B334CEFC7} - System32\Tasks\Microsoft Office 15 Sync Maintenance for IMAGINE-PC-Ted imagine-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-28] (Microsoft Corporation) Task: {0BE71B6B-E084-4371-9505-9C37DF92C22F} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.) Task: {17151653-E9BD-4472-836A-511A96F2467D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation) Task: {20CD7558-EAF2-4F67-951C-9E81879FC107} - System32\Tasks\{3A809339-EAE8-41C3-A2AD-16C29190A959} => pcalua.exe -a C:\Users\Ted\AppData\Roaming\VOPackage\uninstall.exe Task: {224801BE-059C-4D9C-8638-0BA121265C7C} - System32\Tasks\TidyNetwork Update => C:\Users\Ted\AppData\Local\TidyNetwork\petnupdate.exe Task: {2A77D451-74DF-43DB-BC76-2F6544076CFB} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {3EEDDAA4-E561-4E39-99F4-8B5BC1BFA5B2} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] () Task: {48F9BA19-7A70-42AA-95B2-9B2A46A0D70B} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-11-23] (Synaptics Incorporated) Task: {55D0D828-494F-4DD6-8B43-F0D75FFF0B99} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {588C10DD-6766-4A33-8005-4A0BAD973198} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {6763DCB5-8D15-4CB0-918B-26DB2C4EC442} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-03-06] (Lenovo) Task: {6DB35143-78F4-48C5-BE72-58DCBADFE821} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated) Task: {6FE296AA-0358-4FE0-A711-E5BD9C62B2AC} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.0.124\SymErr.exe [2015-05-19] (Symantec Corporation) Task: {7672F4A2-642B-47C2-95B0-434AE7F98720} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-12] (Google Inc.) Task: {79A5BADD-6164-4A31-9993-7960E6D45318} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation) Task: {B708E52C-09E2-4E5D-A015-9A1E08967BF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-12] (Google Inc.) Task: {C6193ABE-ECB4-4D92-8066-962CE250D2AE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation) Task: {C794E19E-BFF3-445A-B746-C7B5F221BB29} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3465484515-3630676411-2978537619-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe Task: {D399200F-4710-41BA-B8B3-4C458B4D6358} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.0.124\SymErr.exe [2015-05-19] (Symantec Corporation) Task: {E08BE18F-4945-432B-9076-B4041906A28D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation) Task: {FA3E4E34-4D4F-42DB-907D-C44B0EEF45C8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {FD6FC9DB-896C-4055-B798-52F14FD5AC1D} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.0.124\WSCStub.exe [2015-06-17] (Symantec Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-07-15 14:10 - 2013-01-28 17:35 - 00039936 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe 2014-03-21 10:33 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-07-15 14:18 - 2013-07-15 14:18 - 00059472 _____ () C:\ProgramData\YogaSmartSwicth\Server\x64\dptf.dll 2014-10-29 12:32 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-12-21 01:02 - 2013-12-21 01:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-07-15 14:18 - 2013-07-15 14:18 - 00209416 _____ () C:\ProgramData\YogaSmartSwicth\yogaserver.exe 2014-11-21 20:47 - 2010-10-26 13:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2015-07-15 22:36 - 2015-07-15 22:36 - 01382256 _____ () C:\ProgramData\PHpFXbUZId\dat\sjZgZJe.dll 2013-07-15 14:07 - 2012-06-24 22:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2014-10-29 12:32 - 2014-11-21 19:55 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2014-10-29 12:30 - 2014-11-21 19:45 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2013-07-15 14:13 - 2012-07-12 08:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll 2013-07-15 14:13 - 2012-07-12 08:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll 2013-07-15 14:13 - 2012-07-12 08:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll 2013-07-15 14:13 - 2012-07-12 08:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll 2013-07-15 14:13 - 2012-07-12 08:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll 2013-07-15 14:13 - 2012-07-12 08:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll 2013-07-15 14:13 - 2012-07-12 08:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll 2013-07-15 14:13 - 2012-07-12 08:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll 2013-07-15 14:13 - 2012-07-12 08:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll 2013-07-15 14:13 - 2012-07-12 08:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll 2013-07-15 14:13 - 2012-07-12 08:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll 2013-07-15 14:13 - 2012-07-12 08:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll 2015-07-15 22:36 - 2015-07-15 22:36 - 01177968 _____ () C:\ProgramData\PHpFXbUZId\dat\fnaFkZ.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\Users\bille_000\SkyDrive:ms-properties AlternateDataStreams: C:\Users\Ted\SkyDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3465484515-3630676411-2978537619-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.254 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "Motion Control.lnk" HKLM\...\StartupApproved\Run: => "cAudioFilterAgent" HKLM\...\StartupApproved\Run: => "Energy Management" HKLM\...\StartupApproved\Run: => "Lenovo Transition" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "ConnectionCenter" HKLM\...\StartupApproved\Run32: => "YouCam Tray" HKLM\...\StartupApproved\Run32: => "BingDesktop" HKU\S-1-5-21-3465484515-3630676411-2978537619-1001\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk" HKU\S-1-5-21-3465484515-3630676411-2978537619-1001\...\StartupApproved\Run: => "Lync" HKU\S-1-5-21-3465484515-3630676411-2978537619-1001\...\StartupApproved\Run: => "iCloudServices" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{83C36564-48A3-4181-9DE4-D7CF3E2E16D0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{88768B0C-0533-4728-9332-95B4D7164510}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{76CC7190-89CA-4F34-A15B-B409064D7F78}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{5D35FBA8-10E4-4B14-B636-BF3D9C09D05C}] => (Allow) C:\Users\Ted\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{A927CD2B-7D6E-4BC0-A13A-919738B7C8C6}] => (Allow) C:\Program Files (x86)\mozilla firefox\firefox.exe FirewallRules: [{E266FD2E-0184-4F15-AB29-8E9D83D3F347}] => (Allow) C:\Program Files (x86)\mozilla firefox\firefox.exe FirewallRules: [{4951C111-0042-4A22-8127-AED7CBF341E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{AEA18EEF-CD4D-418C-8B9A-1C9E6EB2D8DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{25CCC0EE-5A76-4984-AF85-CC3F5A8A4EDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{64C01E92-E8D8-4337-907D-FD2981C87AEA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{D1971861-7D12-4174-8326-C3A74A333247}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{1D699098-9BDB-4A4A-9EED-26828131A1AF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{AB386805-9628-46C9-B4D4-88CA3EB581C9}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{E3F2E7CE-6A21-4434-80F4-7F40AB495509}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI Data Acquisition and Signal Processing Controller Description: PCI Data Acquisition and Signal Processing Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/16/2015 09:57:38 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2538 Start Time: 01d0bfcf0bccc6e3 Termination Time: 22 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 9d81c463-2bc2-11e5-bec5-24fd52147b78 Faulting package full name: Faulting package-relative application ID: Error: (07/16/2015 09:53:23 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2ae0 Start Time: 01d0bfcea618abb5 Termination Time: 13 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 05746ab5-2bc2-11e5-bec5-24fd52147b78 Faulting package full name: Faulting package-relative application ID: Error: (07/16/2015 09:52:26 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 83c Start Time: 01d0bfce9510ee31 Termination Time: 14 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: e3b76185-2bc1-11e5-bec5-24fd52147b78 Faulting package full name: Faulting package-relative application ID: Error: (07/16/2015 09:51:57 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 19b4 Start Time: 01d0bfce803c19d0 Termination Time: 14 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: d2b1bb16-2bc1-11e5-bec5-24fd52147b78 Faulting package full name: Faulting package-relative application ID: Error: (07/16/2015 09:51:22 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1fb8 Start Time: 01d0bfcd603ebd91 Termination Time: 16 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: bddaa89a-2bc1-11e5-bec5-24fd52147b78 Faulting package full name: Faulting package-relative application ID: Error: (07/16/2015 09:50:59 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 854 Start Time: 01d0bfce5bf5c47e Termination Time: 17 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: afcaa9c2-2bc1-11e5-bec5-24fd52147b78 Faulting package full name: Faulting package-relative application ID: Error: (07/16/2015 09:50:22 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2678 Start Time: 01d0bfce4d18266b Termination Time: 15 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 9996a2b1-2bc1-11e5-bec5-24fd52147b78 Faulting package full name: Faulting package-relative application ID: Error: (07/16/2015 09:49:57 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1238 Start Time: 01d0bfce29c84103 Termination Time: 19 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 8ab5f1b3-2bc1-11e5-bec5-24fd52147b78 Faulting package full name: Faulting package-relative application ID: Error: (07/16/2015 09:48:57 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2770 Start Time: 01d0bfce03feaead Termination Time: 10 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 676a4302-2bc1-11e5-bec5-24fd52147b78 Faulting package full name: Faulting package-relative application ID: Error: (07/16/2015 09:43:19 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 22d4 Start Time: 01d0bfcd0cf1a819 Termination Time: 21 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 9ddaa672-2bc0-11e5-bec5-24fd52147b78 Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (07/15/2015 11:56:16 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106. Error: (07/15/2015 11:56:16 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106. Error: (07/15/2015 11:56:16 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106. Error: (07/15/2015 11:56:16 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106. Error: (07/15/2015 11:56:06 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106. Error: (07/15/2015 11:56:06 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106. Error: (07/15/2015 11:56:06 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106. Error: (07/15/2015 11:56:06 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106. Error: (07/15/2015 11:55:56 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106. Error: (07/15/2015 11:55:56 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106. Microsoft Office: ========================= Error: (07/16/2015 09:57:38 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17840253801d0bfcf0bccc6e322C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE9d81c463-2bc2-11e5-bec5-24fd52147b78 Error: (07/16/2015 09:53:23 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.178402ae001d0bfcea618abb513C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE05746ab5-2bc2-11e5-bec5-24fd52147b78 Error: (07/16/2015 09:52:26 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.1784083c01d0bfce9510ee3114C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEe3b76185-2bc1-11e5-bec5-24fd52147b78 Error: (07/16/2015 09:51:57 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.1784019b401d0bfce803c19d014C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEd2b1bb16-2bc1-11e5-bec5-24fd52147b78 Error: (07/16/2015 09:51:22 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.178401fb801d0bfcd603ebd9116C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEbddaa89a-2bc1-11e5-bec5-24fd52147b78 Error: (07/16/2015 09:50:59 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.1784085401d0bfce5bf5c47e17C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEafcaa9c2-2bc1-11e5-bec5-24fd52147b78 Error: (07/16/2015 09:50:22 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17840267801d0bfce4d18266b15C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE9996a2b1-2bc1-11e5-bec5-24fd52147b78 Error: (07/16/2015 09:49:57 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17840123801d0bfce29c8410319C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE8ab5f1b3-2bc1-11e5-bec5-24fd52147b78 Error: (07/16/2015 09:48:57 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17840277001d0bfce03feaead10C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE676a4302-2bc1-11e5-bec5-24fd52147b78 Error: (07/16/2015 09:43:19 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.1784022d401d0bfcd0cf1a81921C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE9ddaa672-2bc0-11e5-bec5-24fd52147b78 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz Percentage of memory in use: 60% Total physical RAM: 3975.27 MB Available physical RAM: 1564.15 MB Total Virtual: 5703.27 MB Available Virtual: 2749.16 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:101.43 GB) (Free:47.77 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (LENOVO) (Fixed) (Total:4 GB) (Free:2.29 GB) NTFS Drive e: (8G_TRANSCEN) (Removable) (Total:7.46 GB) (Free:3.58 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 959179B6) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 7.5 GB) (Disk ID: 00140014) Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B) ==================== End of log ============================