Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-09-2015 Ran by michelle cooley (2015-09-05 11:51:27) Running from C:\Users\michelle cooley\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1344420199-33566695-4287825354-500 - Administrator - Disabled) Guest (S-1-5-21-1344420199-33566695-4287825354-501 - Limited - Disabled) michelle cooley (S-1-5-21-1344420199-33566695-4287825354-1002 - Administrator - Enabled) => C:\Users\michelle cooley ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.) Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden AMD Catalyst Install Manager (HKLM\...\{05D12146-31FA-CB4C-C780-8E450FCC5F2E}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Bootstrapper (x32 Version: 1.2.2.0 - Minitab, Inc.) Hidden Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.9) (Version: 5.0.0.9 - Coupons.com Incorporated) Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4223 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.3201 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden Fishdom 3: Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP Connected Music (Meridian - player) (HKU\S-1-5-21-1344420199-33566695-4287825354-1002\...\HPConnectedMusic) (Version: 1.1 (build 128) hp - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{F5120027-B9BF-4A48-86E9-63F7F79A5263}) (Version: 1.1.0.0 - Hewlett-Packard) HP Officejet Pro 8610 Basic Device Software (HKLM\...\{39DA3F40-0B9E-4002-8E01-108FEC9EFE43}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) HP Officejet Pro 8610 Help (HKLM-x32\...\{F9569D00-4576-46C8-B6C7-207A4FD39745}) (Version: 32.0.0 - Hewlett Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7045.4591 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard) HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) IHA_MessageCenter (HKLM-x32\...\{270235CC-405E-4F9E-B8CF-A937CA0DA4A0}) (Version: 2.0.64 - Verizon) Inst5675 (Version: 8.00.57 - Softex Inc.) Hidden Inst5676 (Version: 8.00.57 - Softex Inc.) Hidden iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden Mahjongg Dimensions Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4745.1002 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-1344420199-33566695-4287825354-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Minitab 17 (HKLM-x32\...\Minitab17) (Version: 17.2.1 - Minitab, Inc.) Minitab Software Update Manager (HKLM-x32\...\MinitabSoftwareManager) (Version: 1.2.0.0 - Minitab, Inc.) Minitab17 (x32 Version: 17.2.1.0 - Minitab Inc) Hidden Minitab17 (x32 Version: 17.2.1.0 - Minitab, Inc.) Hidden Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden Norton 360 (HKLM-x32\...\N360) (Version: 22.5.2.15 - Symantec Corporation) OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden Pinger (HKLM-x32\...\Pinger 1.1.1.2) (Version: 1.1.1.2 - Pinger Inc.) Pinger (x32 Version: 1.1.1.2 - Pinger Inc.) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Product Improvement Study for HP Officejet Pro 8610 (HKLM\...\{D2064264-3162-4DB1-AFE0-167BEFBBCD9C}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.) Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.102 - Skype Technologies S.A.) SoftwareManager (x32 Version: 1.2.0.0 - Minitab, Inc.) Hidden swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated) Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden Unity Web Player (HKU\S-1-5-21-1344420199-33566695-4287825354-1002\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden Vz In-Home Agent (HKLM-x32\...\VzInHomeAgent) (Version: 9.0.67.0 - Verizon) VzDownloadManager (HKU\S-1-5-21-1344420199-33566695-4287825354-1002\...\VzDownloadManager) (Version: 2.0.0.24 - Verizon) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1344420199-33566695-4287825354-1002_Classes\CLSID\{2D349E57-23E4-4A67-9624-F1DC6B65AABF}\InprocServer32 -> C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\ieapfltr.dll ( froosMtiinrooCtopcar) <==== ATTENTION CustomCLSID: HKU\S-1-5-21-1344420199-33566695-4287825354-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\michelle cooley\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1344420199-33566695-4287825354-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\michelle cooley\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1344420199-33566695-4287825354-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\michelle cooley\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1344420199-33566695-4287825354-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\michelle cooley\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= Could not list restore points Check "winmgmt" service or repair WMI. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0C092315-E856-4ACE-A771-36F157EF3E2E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1344420199-33566695-4287825354-1002UA => C:\Users\michelle cooley\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-01] (Facebook Inc.) Task: {11267CE6-43CC-4C95-A9BC-7886082AA80F} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation) Task: {159CE19C-FB74-4862-B8B1-D539F44DB37C} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [2015-02-25] (Minitab) Task: {1B42397A-4857-41FE-BCB4-C0FA15BD3919} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP) Task: {23EA8827-5A7F-4CA8-A6BA-BF1E6D7A260E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN14Q11057 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard) Task: {2D14AB08-AD9D-4ADD-84A3-908C3BBB16C3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1344420199-33566695-4287825354-1002Core => C:\Users\michelle cooley\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-01] (Facebook Inc.) Task: {2F947AA4-0AE2-4659-BF28-C62E77986261} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard) Task: {393C5EB1-FC83-4D44-92CC-A2E330E021DC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {3ABE54BA-D67B-4B25-98AD-565BF0755CC7} - System32\Tasks\Microsoft Office 15 Sync Maintenance for COOLEYMOM-PC-michelle cooley cooleymom-pc => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-06-02] (Microsoft Corporation) Task: {46E789CA-6F10-4707-ACE9-CEF95AF78726} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation) Task: {5072C08F-13DB-409A-A6DA-655EF6F16D38} - System32\Tasks\{992AAAB8-FFAD-4952-ABD6-D9EA6E64E890} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\Setup\Setup.exe" -c /p SoftwareManager /x Task: {65D2040D-754B-447E-8D93-A30DEA2F386D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation) Task: {740C3804-E2EF-424E-8CBD-4A569C546935} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-18] (Google Inc.) Task: {84D154DB-0967-423D-9562-DA5CECC4C162} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-18] (Google Inc.) Task: {8FFA8E31-757B-4713-BDBB-EA7577D2D030} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation) Task: {A9E2CB50-529E-4CE1-BA43-FDB33E6C3596} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.) Task: {AB6380D5-8300-414D-B078-C643335027C7} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-26] (Synaptics Incorporated) Task: {AE55A6CE-0A1F-4FC4-9EB2-A1104324E8CF} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2015-07-27] (Symantec Corporation) Task: {BA739D3A-C504-42D5-9FD2-489D7E4ADE25} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation) Task: {D20C9F23-535E-42DB-B966-3813BCE1EA2F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {FA1C47ED-81BF-4C1F-9A8F-97442BB2B0FB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN516EX39G => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1344420199-33566695-4287825354-1002Core.job => C:\Users\michelle cooley\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1344420199-33566695-4287825354-1002UA.job => C:\Users\michelle cooley\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2013-10-14 11:23 - 2013-10-14 11:23 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe 2013-10-14 11:24 - 2013-10-14 11:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll 2013-10-14 11:25 - 2013-10-14 11:25 - 02541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2013-10-14 11:22 - 2013-10-14 11:22 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2013-10-14 11:22 - 2013-10-14 11:22 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2013-10-14 11:22 - 2013-10-14 11:22 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll 2013-10-14 11:35 - 2013-10-14 11:35 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll 2013-10-14 11:35 - 2013-10-14 11:35 - 01297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll 2013-08-19 16:47 - 2013-08-19 16:47 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2014-08-10 09:12 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-03-17 19:53 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-10-14 11:30 - 2013-10-14 11:30 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-01-13 16:46 - 2014-07-23 23:03 - 00866056 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll 2015-01-13 16:46 - 2014-04-17 02:35 - 01323992 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\ENU\P2GRC.dll 2015-01-13 16:46 - 2014-07-23 23:03 - 00175880 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\Users\michelle cooley\OneDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1344420199-33566695-4287825354-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\michelle cooley\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{A992A13F-3422-43F7-904D-ABF794EDED2D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{FE3D4655-FABC-427A-A463-A073D0636888}] => (Allow) LPort=2869 FirewallRules: [{CD02FAA6-18F0-444F-BA24-F1E627044DB8}] => (Allow) LPort=1900 FirewallRules: [{B272E049-AB0D-46D7-BD1E-0D445631900D}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{1F721E72-4B6D-4F75-9CFF-C40C946A3ABD}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{32A043B5-CD33-4798-8F62-24220613845C}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{AA4749F9-0BA0-484F-B71E-72F0B66708A8}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{F1A3CBA8-D80E-4843-84BB-95BECF2D607D}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe FirewallRules: [{83ADD45D-ABC0-4EFB-A9D3-35893E0CBF97}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe FirewallRules: [{9752CE11-2214-4173-9BE9-73B12A67182B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F8770CA2-BB87-4BCE-A04F-CE66486DFDE2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C422932E-6EAB-446B-8CED-183E7E5927EB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{13F9ED96-D8FB-49EF-BB9D-6693297816FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{25082DBE-8ED9-4971-9FE1-D0F48F1F854F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{580793A0-021A-46EA-9A57-AD04719573D2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{FC9C062E-7903-430B-A4A4-1B705E89A82A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{079328B4-89DE-482E-9507-28D681ABEC1A}] => (Allow) C:\Users\michelle cooley\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{7E73DC06-0488-4641-A105-E69943F6B418}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{C39685CF-DF32-43AC-BFD9-7D2F2FCB91ED}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{12C89AEC-D24A-4B91-B943-C5875CC65806}] => (Allow) C:\Users\michelle cooley\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{4E90C8C2-D8BF-4485-B7CB-F752B5C044C7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{071593F6-79D1-4696-8D00-1EF0B554003E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{E69FF252-AC69-4779-9A1C-4D9C43CACC01}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{9EF97DC2-DDE8-4D3C-90E4-D12AA5917BE6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{B77BCA3C-8196-416D-A0D0-E544A7EC53D9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{94C3F7DA-68F2-4A35-9795-2FCBEA46BBDC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{F56571B0-5B87-4158-9A49-21914F090F2C}] => (Allow) LPort=50000 FirewallRules: [{4F268503-5340-4413-8527-F7DDE60B2406}] => (Allow) LPort=50000 FirewallRules: [{CEDA0F4E-21F5-44E8-9E43-A1CE45A9F4D5}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [{E311C090-6D14-4D8D-8F22-DED1A99A446D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe FirewallRules: [{6A9BB6BB-3C8B-483B-9782-A8ECEE060398}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe FirewallRules: [{C0F64183-096E-442D-892B-B102B0E8DA41}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe FirewallRules: [{C48F02FA-1D3E-49DE-962A-D863BD79038B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe FirewallRules: [{DEAC5A30-A99B-4DD8-AD1B-F956E1E79CC3}] => (Allow) LPort=5357 FirewallRules: [{94DC4253-64F2-48E7-9B7A-E49D62ABA484}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{8BADA373-BDB0-4B87-8776-69EDCA12EEBF}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [{3A0AC20D-7311-4F59-B99A-C18BF4738B36}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (09/05/2015 12:02:08 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 173c Start Time: 01d0e7ed8773c308 Termination Time: 1421 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 73f2f5f2-53e7-11e5-82a2-a02bb853ad99 Faulting package full name: Faulting package-relative application ID: Error: (09/05/2015 11:56:36 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1970 Start Time: 01d0e7ebdab5b391 Termination Time: 5954 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: a81f31f0-53e6-11e5-82a2-a02bb853ad99 Faulting package full name: Faulting package-relative application ID: Error: (09/05/2015 11:45:01 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1c94 Start Time: 01d0e7f10f4eb341 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: 02455a74-53e5-11e5-82a2-a02bb853ad99 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (09/05/2015 11:27:25 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1ccc Start Time: 01d0e7ec8281af6f Termination Time: 0 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: 936d87ce-53e2-11e5-82a2-a02bb853ad99 Faulting package full name: Faulting package-relative application ID: Error: (09/05/2015 11:15:02 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1c34 Start Time: 01d0e7ecdb9b20b6 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: cf5efa95-53e0-11e5-82a2-a02bb853ad99 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (09/05/2015 11:14:15 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1e10 Start Time: 01d0e7ecc3d4779a Termination Time: 92 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: b36bae96-53e0-11e5-82a2-a02bb853ad99 Faulting package full name: Faulting package-relative application ID: Error: (09/05/2015 11:06:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: HPMSGSVC.exe, version: 1.1.4.0, time stamp: 0x53328331 Faulting module name: HPMSGSVC.exe, version: 1.1.4.0, time stamp: 0x53328331 Exception code: 0xc0000005 Fault offset: 0x00002469 Faulting process id: 0x1258 Faulting application start time: 0xHPMSGSVC.exe0 Faulting application path: HPMSGSVC.exe1 Faulting module path: HPMSGSVC.exe2 Report Id: HPMSGSVC.exe3 Faulting package full name: HPMSGSVC.exe4 Faulting package-relative application ID: HPMSGSVC.exe5 Error: (09/05/2015 09:14:56 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 479c Start Time: 01d0e7dc1348de4c Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: 0c80bb2e-53d0-11e5-82a1-a02bb853ad99 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (09/05/2015 08:44:29 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 5798 Start Time: 01d0e7d7e372bf4b Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: d56d541c-53cb-11e5-82a1-a02bb853ad99 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (09/05/2015 07:44:33 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 20dc Start Time: 01d0e7cf804b6477 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: 73c86c19-53c3-11e5-82a1-a02bb853ad99 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 System errors: ============= Error: (09/05/2015 12:18:16 PM) (Source: DCOM) (EventID: 10010) (User: COOLEYMOM-PC) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (09/05/2015 12:16:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (09/05/2015 12:11:35 PM) (Source: DCOM) (EventID: 10010) (User: COOLEYMOM-PC) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (09/05/2015 12:09:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (09/05/2015 12:08:13 PM) (Source: DCOM) (EventID: 10010) (User: COOLEYMOM-PC) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (09/05/2015 12:06:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (09/05/2015 12:06:13 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (09/05/2015 12:04:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Error: (09/05/2015 12:04:13 PM) (Source: DCOM) (EventID: 10010) (User: COOLEYMOM-PC) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Error: (09/05/2015 12:02:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Management Instrumentation service terminated with the following error: %%126 Microsoft Office: ========================= Error: (09/05/2015 12:02:08 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17416173c01d0e7ed8773c3081421C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE73f2f5f2-53e7-11e5-82a2-a02bb853ad99 Error: (09/05/2015 11:56:36 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.17416197001d0e7ebdab5b3915954C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEa81f31f0-53e6-11e5-82a2-a02bb853ad99 Error: (09/05/2015 11:45:01 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.209111c9401d0e7f10f4eb3414294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe02455a74-53e5-11e5-82a2-a02bb853ad99microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (09/05/2015 11:27:25 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.174161ccc01d0e7ec8281af6f0C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE936d87ce-53e2-11e5-82a2-a02bb853ad99 Error: (09/05/2015 11:15:02 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.209111c3401d0e7ecdb9b20b64294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.execf5efa95-53e0-11e5-82a2-a02bb853ad99microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (09/05/2015 11:14:15 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IEXPLORE.EXE11.0.9600.174161e1001d0e7ecc3d4779a92C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEb36bae96-53e0-11e5-82a2-a02bb853ad99 Error: (09/05/2015 11:06:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: HPMSGSVC.exe1.1.4.053328331HPMSGSVC.exe1.1.4.053328331c000000500002469125801d0e7eb00a0f51dC:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exeC:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exea36882ee-53df-11e5-82a2-a02bb853ad99 Error: (09/05/2015 09:14:56 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20911479c01d0e7dc1348de4c4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe0c80bb2e-53d0-11e5-82a1-a02bb853ad99microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (09/05/2015 08:44:29 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20911579801d0e7d7e372bf4b4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exed56d541c-53cb-11e5-82a1-a02bb853ad99microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (09/05/2015 07:44:33 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.2091120dc01d0e7cf804b64774294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe73c86c19-53c3-11e5-82a1-a02bb853ad99microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 CodeIntegrity: =================================== Date: 2015-09-05 06:35:39.169 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\ieapfltr.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== Processor: AMD A8-4500M APU with Radeon(tm) HD Graphics Percentage of memory in use: 75% Total physical RAM: 3270.26 MB Available physical RAM: 802.64 MB Total Virtual: 6393.65 MB Available Virtual: 1773.48 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:677.51 GB) (Free:619.72 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:20.35 GB) (Free:2.03 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 429EAAF4) Partition: GPT. ==================== End of Addition.txt ============================