Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Jason (2015-09-02 14:04:36)
Running from C:\Users\Jason\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2563996265-3980964405-695694909-500 - Administrator - Disabled)
Guest (S-1-5-21-2563996265-3980964405-695694909-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2563996265-3980964405-695694909-1003 - Limited - Enabled)
Jason (S-1-5-21-2563996265-3980964405-695694909-1001 - Administrator - Enabled) => C:\Users\Jason

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Antivirus Pro 2016 (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Antivirus Pro 2016 (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Panda Firewall (Enabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.03)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{893CB813-4179-4BFE-8D33-ABCC38816B48}) (Version: 1.0.6 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{99213849-249E-7726-EBA7-ADFCA48E2246}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
bestadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version:  - ) <==== ATTENTION
ChromecastApp (HKU\S-1-5-21-2563996265-3980964405-695694909-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.06079 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.06079 - Cisco Systems, Inc.) Hidden
Cortex (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - ) <==== ATTENTION
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CutThePrice (HKLM-x32\...\{A2C98B47-B5F4-94AA-281D-4135416774CF}) (Version:  - )
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3920.05 - CyberLink Corp.)
Dragons of Atlantis (HKU\S-1-5-21-2563996265-3980964405-695694909-1001\...\Pokki_cfada041afdc4a11092a096cac66ab6a0945d92b) (Version: v1.1.7 - Pokki)
Edgeworld (HKU\S-1-5-21-2563996265-3980964405-695694909-1001\...\Pokki_2e9d53cc2b402b6e65aa9551308ca17a19c4721a) (Version: v1.1.8 - Pokki)
FarmVille 2 (HKU\S-1-5-21-2563996265-3980964405-695694909-1001\...\Pokki_34e8f5c0c9e5744bf2cdb514283762dd0524776b) (Version: 1.0.4.55785 - Pokki)
Goodgame Empire (HKU\S-1-5-21-2563996265-3980964405-695694909-1001\...\Pokki_149b46d4a102c0304583931ceaa3f0bf19785ee3) (Version: v1.1.7 - Pokki)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Groupon (HKU\S-1-5-21-2563996265-3980964405-695694909-1001\...\Pokki_893e2a8f4b240ed6d7def79e56791067c96f41be) (Version: 1.0.2.55621 - Pokki)
Host App Service (HKU\S-1-5-21-2563996265-3980964405-695694909-1001\...\Pokki) (Version: 0.269.7.768 - Pokki)
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Lync Basic 2013 (HKLM\...\Office15.LYNCENTRY) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Lync Web App Plug-in (HKLM\...\{DD3A1267-1A98-4332-BE1A-1D415C2CC1D8}) (Version: 15.8.8308.815 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 22.5.2.15 - Symantec Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outlook on the Desktop 1.6.0 (HKLM-x32\...\{6D9785D9-FF53-4C06-9C2A-E4173D41A2FD}_is1) (Version:  - Michael Scrivo)
Panda Antivirus Pro 2016 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.00.01.0000 - Panda Security)
Panda Antivirus Pro 2016 (Version: 8.03.00.0000 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.03.05 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-2563996265-3980964405-695694909-1001\...\Pokki_Start_Menu) (Version: 0.269.7.768 - Pokki)
PSP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29077 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7173 - Realtek Semiconductor Corp.)
RSW Solutions All Comms Diagnostic Software Tool (HKLM-x32\...\{CC9B4735-689E-4B4F-9A0B-C82FA05B0DF6}) (Version: 2.0.0.0 - RSW Solutions LLC)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012D-0000-1000-0000000FF1CE}_Office15.LYNCENTRY_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Silicon Laboratories USBXpress Device (Driver Removal) (HKLM-x32\...\SIUSBXP&10C4&EA61) (Version:  - Silicon Laboratories)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.20.9.4533 - Enigma Software Group, LLC)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.2 - Synaptics Incorporated)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.6 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.18.0 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{484A4296-6F3D-4182-8CFA-D664F7DA34AA}) (Version: 1.1.17.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.3.6405 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{2DB90351-FBAA-472B-9F12-6E1EBBB354DE}) (Version: v2.1.0.22 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start (HKLM-x32\...\{4F0F44AF-90E9-4A6E-9E82-354A3AB79F22}) (Version: 1.0.0.2 - TOSHIBA America Information Systems, Inc)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.LYNCENTRY_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.LYNCENTRY_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.LYNCENTRY_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012D-0000-1000-0000000FF1CE}_Office15.LYNCENTRY_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.20 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2563996265-3980964405-695694909-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2563996265-3980964405-695694909-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2563996265-3980964405-695694909-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2563996265-3980964405-695694909-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2563996265-3980964405-695694909-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)

==================== Restore Points =========================

09-07-2015 09:20:15 Windows Update
10-08-2015 10:03:22 Norton_Power_Eraser_20150810100321766
18-08-2015 23:25:23 Scheduled Checkpoint
27-08-2015 00:35:26 Norton_Power_Eraser_20150827003505864

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11C7322F-679D-47DE-A032-556E47AF445B} - \GoogleUpdateTaskUserS-1-5-21-2563996265-3980964405-695694909-1001UA -> No File <==== ATTENTION
Task: {143A4252-3E5D-4040-8660-5BB8A776217B} - \Optimize Start Menu Cache Files-S-1-5-21-2563996265-3980964405-695694909-500 -> No File <==== ATTENTION
Task: {154BC634-A715-408B-8F99-3C3CB096C5A5} - \GoogleUpdateTaskUserS-1-5-21-2563996265-3980964405-695694909-1001Core -> No File <==== ATTENTION
Task: {221B319D-26F3-411E-BAE9-67AB1C627B95} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {24C27D97-68DD-4032-A646-8108088E01B2} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {279516FD-D384-407C-AD64-D71C6CCAB9EF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {58A96FEA-4E07-4FA2-A099-149BCAE9288D} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-08-27] (Enigma Software Group USA, LLC.)
Task: {701E61DB-B532-4EE3-9C92-37BBB9283A5B} - \Pokki -> No File <==== ATTENTION
Task: {7A10FF25-0ABE-43A5-900A-7D6AE912344C} - \Norton WSC Integration -> No File <==== ATTENTION
Task: {D06F8168-A753-45DB-B672-47A893898EB2} - \bvxvyxvec -> No File <==== ATTENTION
Task: {D9335FCA-AB79-4E18-8107-F7A5E022AE25} - \Synaptics TouchPad Enhancements -> No File <==== ATTENTION
Task: {FB8AC966-E56F-460F-B340-FA7C4D4CC853} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2563996265-3980964405-695694909-1001Core.job => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2563996265-3980964405-695694909-1001UA.job => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-04-23 00:48 - 2014-04-23 00:48 - 00140288 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2012-07-18 20:38 - 2012-07-18 20:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-09-25 14:33 - 2014-09-25 14:33 - 02210480 _____ () C:\Program Files\Microsoft Office\Office15\tmpod.dll
2013-10-17 12:25 - 2013-10-17 12:25 - 00027304 _____ () C:\Program Files\Microsoft Office\Office15\lynchtmlconvpxy.dll
2015-07-04 13:50 - 2015-07-04 13:50 - 01459712 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\4bd80968bf666252841ca7792faaff11\Windows.UI.ni.dll
2015-07-04 13:50 - 2015-07-04 13:50 - 00521216 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\fae2b750f87849ca11806d20b2504bf2\Windows.Data.ni.dll
2013-08-22 02:19 - 2013-08-22 01:54 - 00030208 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2014-04-23 00:48 - 2014-04-23 00:48 - 00016896 _____ () C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2015-01-28 15:08 - 2015-01-28 15:08 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-04-12 12:23 - 2013-04-12 12:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-07-30 10:32 - 2015-07-25 03:46 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-07-30 10:32 - 2015-07-25 03:46 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Jason\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2563996265-3980964405-695694909-1001\...\csgsupport.com -> hxxps://odcvpn.csgsupport.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2563996265-3980964405-695694909-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Innovation\String Lake - Grand Tetons.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{03F63DFD-0A24-4434-8FEA-2A4963AAD26E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{72C6EA08-B54A-4F20-88F6-58EBED65BFB4}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C706C3C7-744A-40DA-922E-D1C27AFF18C0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B93224D7-C27B-4720-8BD0-37BEF6E31C30}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{ED44D4AF-3478-49D6-A91C-C94222D74AA6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BFF3C037-7EC3-46DE-8277-C8A31884B058}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F438542A-B72A-4092-A2FD-582B745CEF99}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2B22E1AC-3F84-4E83-A046-A921218BB198}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{50251DE9-6FF5-42AD-9F56-12F7E2B2D43A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{EF02957D-EC38-491D-8508-BC5A72987523}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/02/2015 02:00:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 31.8.2015.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 19bc

Start Time: 01d0e5b17b8134af

Termination Time: 312

Application Path: C:\Users\Jason\Downloads\FRST64.exe

Report Id: d5cead25-51a4-11e5-8281-008cfa860c5a

Faulting package full name: 

Faulting package-relative application ID:

Error: (09/02/2015 01:55:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/02/2015 01:37:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (09/02/2015 01:25:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/02/2015 12:52:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/02/2015 12:25:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/02/2015 11:55:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/02/2015 11:25:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/02/2015 10:55:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (09/02/2015 10:25:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (09/02/2015 01:55:03 PM) (Source: DCOM) (EventID: 10001) (User: JMB-TOSHIBA)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (09/02/2015 01:25:03 PM) (Source: DCOM) (EventID: 10001) (User: JMB-TOSHIBA)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (09/02/2015 12:52:38 PM) (Source: DCOM) (EventID: 10001) (User: JMB-TOSHIBA)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (09/02/2015 12:25:05 PM) (Source: DCOM) (EventID: 10001) (User: JMB-TOSHIBA)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (09/02/2015 11:55:05 AM) (Source: DCOM) (EventID: 10001) (User: JMB-TOSHIBA)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (09/02/2015 11:25:05 AM) (Source: DCOM) (EventID: 10001) (User: JMB-TOSHIBA)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (09/02/2015 10:55:05 AM) (Source: DCOM) (EventID: 10001) (User: JMB-TOSHIBA)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (09/02/2015 10:25:05 AM) (Source: DCOM) (EventID: 10001) (User: JMB-TOSHIBA)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (09/02/2015 09:55:05 AM) (Source: DCOM) (EventID: 10001) (User: JMB-TOSHIBA)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (09/02/2015 09:25:05 AM) (Source: DCOM) (EventID: 10001) (User: JMB-TOSHIBA)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable


Microsoft Office:
=========================
Error: (09/02/2015 02:00:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe31.8.2015.019bc01d0e5b17b8134af312C:\Users\Jason\Downloads\FRST64.exed5cead25-51a4-11e5-8281-008cfa860c5a

Error: (09/02/2015 01:55:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147024891

Error: (09/02/2015 01:37:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (09/02/2015 01:25:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147024891

Error: (09/02/2015 12:52:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147024891

Error: (09/02/2015 12:25:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147024891

Error: (09/02/2015 11:55:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147024891

Error: (09/02/2015 11:25:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147024891

Error: (09/02/2015 10:55:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147024891

Error: (09/02/2015 10:25:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JMB-TOSHIBA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147024891


==================== Memory info =========================== 

Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics 
Percentage of memory in use: 66%
Total physical RAM: 5081.23 MB
Available physical RAM: 1705.62 MB
Total Virtual: 10201.23 MB
Available Virtual: 6174.98 MB

==================== Drives ================================

Drive c: (TI10700500A) (Fixed) (Total:688.14 GB) (Free:639.55 GB) NTFS

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================