Hi! My computer runs slow, google chrome would not pull up and I could not get on the internet until I did a system restore. I also need a suggestion for a free virus and malware protection.
Thank you so much!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by NTRG (administrator) on NTRG6 on 15-06-2015 16:10:31
Running from C:\Users\NTRG\Downloads
Loaded Profiles: NTRG (Available Profiles: NTRG)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(BeamYourScreen GmbH) C:\Users\NTRG\AppData\Roaming\Mikogo\Mikogo-Service.exe
(BeamYourScreen GmbH) C:\Users\NTRG\AppData\Roaming\Mikogo\Mikogo-Screen-Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2014-05-06] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2014-04-22] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKU\S-1-5-21-7598377-2462159904-1464518194-1002\...\Run: [Mikogo] => C:\Users\NTRG\AppData\Roaming\Mikogo\Mikogo-host.exe [6666568 2014-12-12] (BeamYourScreen GmbH)
HKU\S-1-5-21-7598377-2462159904-1464518194-1002\...\Run: [GoogleChromeAutoLaunch_9B45D87857908B98034224636F1C8C8A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-05] (Google Inc.)
Startup: C:\Users\NTRG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2013-03-06]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-7598377-2462159904-1464518194-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
https://www.google.com/
HKU\S-1-5-21-7598377-2462159904-1464518194-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPNOT13/1
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\NTRG\AppData\Roaming\Mozilla\Firefox\Profiles\nms6699s.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-11] ()
FF Plugin HKU\S-1-5-21-7598377-2462159904-1464518194-1002: @citrixonline.com/appdetectorplugin -> C:\Users\NTRG\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-06-03] (Citrix Online)
FF Plugin HKU\S-1-5-21-7598377-2462159904-1464518194-1002: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2015-01-27] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-7598377-2462159904-1464518194-1002: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2015-01-27] (TD Ameritrade)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn [2015-06-11]
Chrome:
=======
CHR Profile: C:\Users\NTRG\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\NTRG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-07]
CHR Extension: (YouTube) - C:\Users\NTRG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-07]
CHR Extension: (Google Search) - C:\Users\NTRG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-07]
CHR Extension: (Pin It Button) - C:\Users\NTRG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-01-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\NTRG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\NTRG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-18]
CHR Extension: (Gmail) - C:\Users\NTRG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-07]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 Mikogo-Service; C:\Users\NTRG\AppData\Roaming\Mikogo\Mikogo-Service.exe [944480 2014-12-12] (BeamYourScreen GmbH)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-10-24] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3860480 2013-08-23] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
S3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20150602.001\BHDrvx64.sys [1640152 2015-05-21] (Symantec Corporation)
S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [489776 2015-05-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-27] (Symantec Corporation)
S3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20150610.003\IDSvia64.sys [684248 2015-05-28] (Symantec Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20150610.066\ENG64.SYS [129752 2015-04-29] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20150610.066\EX64.SYS [2137304 2015-04-29] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
S3 SymDS; C:\Windows\system32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
S3 SymEFA; C:\Windows\system32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-17] (Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
S3 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-15 16:10 - 2015-06-15 16:11 - 00018648 _____ C:\Users\NTRG\Downloads\FRST.txt
2015-06-15 16:08 - 2015-06-15 16:08 - 00001134 _____ C:\Users\NTRG\Desktop\FRST64 - Shortcut.lnk
2015-06-15 16:01 - 2015-06-15 16:10 - 00000000 ____D C:\FRST
2015-06-15 16:00 - 2015-06-15 16:00 - 02109952 _____ (Farbar) C:\Users\NTRG\Downloads\FRST64.exe
2015-06-12 16:08 - 2015-06-12 16:08 - 00042755 _____ C:\Users\NTRG\Downloads\DMH-DD-abuse and neglect.html
2015-06-11 09:09 - 2015-06-15 15:46 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-06-09 16:49 - 2015-04-08 17:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-09 16:49 - 2015-04-08 17:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-09 16:49 - 2015-03-01 20:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-09 16:49 - 2015-03-01 20:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-09 16:48 - 2015-05-25 08:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-09 16:48 - 2015-05-25 08:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-09 16:48 - 2015-04-16 01:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-09 16:48 - 2015-04-13 17:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-09 16:48 - 2015-04-13 17:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-09 16:48 - 2015-04-09 19:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-09 16:48 - 2015-04-09 19:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-09 16:48 - 2015-04-01 17:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-09 16:48 - 2015-04-01 17:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-09 16:48 - 2015-03-31 23:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-09 16:48 - 2015-03-31 23:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-09 16:48 - 2015-03-31 23:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-09 16:48 - 2015-03-31 23:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-09 16:48 - 2015-03-31 22:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-09 16:48 - 2015-03-31 22:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-09 16:48 - 2015-03-31 22:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-09 16:48 - 2015-03-31 21:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-09 16:48 - 2015-03-31 21:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-09 16:48 - 2015-03-31 21:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-09 16:48 - 2015-03-31 21:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-09 16:48 - 2015-03-31 21:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-09 16:48 - 2015-03-31 21:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-09 16:48 - 2015-03-19 22:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-09 16:48 - 2015-03-19 22:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-09 16:48 - 2015-03-19 21:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-09 16:48 - 2015-03-19 21:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-09 16:01 - 2015-05-27 09:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-09 16:01 - 2015-05-27 09:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-09 16:01 - 2015-05-22 22:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-09 16:01 - 2015-05-22 22:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-09 16:01 - 2015-05-22 22:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-09 16:01 - 2015-05-22 22:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-09 16:01 - 2015-05-22 22:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-09 16:01 - 2015-05-22 21:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-09 16:01 - 2015-05-22 21:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-09 16:01 - 2015-05-22 21:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-09 16:01 - 2015-05-22 21:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-09 16:01 - 2015-05-22 21:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-09 16:01 - 2015-05-22 21:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-09 16:01 - 2015-05-22 21:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-09 16:01 - 2015-05-22 21:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-09 16:01 - 2015-05-22 21:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-09 16:01 - 2015-05-22 21:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-09 16:01 - 2015-05-22 21:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-09 16:01 - 2015-05-22 21:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-09 16:01 - 2015-05-22 21:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-09 16:01 - 2015-05-22 14:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-09 16:01 - 2015-05-22 14:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-09 16:01 - 2015-05-22 14:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-09 16:01 - 2015-05-22 13:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-09 16:01 - 2015-05-22 13:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-09 16:01 - 2015-05-22 13:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-09 16:01 - 2015-05-22 13:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-09 16:01 - 2015-05-22 13:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-09 16:01 - 2015-05-22 13:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-09 16:01 - 2015-05-22 13:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-09 16:01 - 2015-05-22 13:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-09 16:01 - 2015-05-22 13:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-09 16:01 - 2015-05-22 13:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-09 16:01 - 2015-05-22 13:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-09 16:01 - 2015-05-22 13:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-09 16:01 - 2015-05-22 12:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-09 16:01 - 2015-05-22 12:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-09 16:01 - 2015-05-22 12:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-09 16:01 - 2015-05-22 12:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-09 16:01 - 2015-05-22 12:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-09 16:01 - 2015-04-24 21:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-09 16:01 - 2015-04-24 21:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-09 16:00 - 2015-05-21 11:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-07 19:51 - 2015-05-22 08:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-07 19:51 - 2015-05-21 08:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-07 19:51 - 2015-05-21 08:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-07 19:51 - 2015-05-21 08:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-07 19:51 - 2015-05-21 08:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-07 19:51 - 2015-05-21 08:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-07 19:51 - 2015-05-21 08:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-07 19:51 - 2015-04-16 17:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-03 21:40 - 2015-06-03 21:40 - 00000000 ____D C:\Users\NTRG\AppData\Local\GWX
2015-06-01 13:03 - 2015-06-01 13:03 - 00000000 _____ C:\Users\NTRG\Downloads\f.txt
2015-05-30 14:37 - 2015-06-11 08:34 - 00000664 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-7598377-2462159904-1464518194-1002.job
2015-05-30 14:37 - 2015-05-30 14:37 - 00003656 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-7598377-2462159904-1464518194-1002
2015-05-18 18:59 - 2015-05-18 18:59 - 00123904 _____ C:\Users\NTRG\Downloads\EssentialOilComparison (1).xls
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-15 16:03 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-15 15:56 - 2013-01-07 11:14 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-7598377-2462159904-1464518194-1002
2015-06-15 15:51 - 2013-01-07 12:03 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-15 15:50 - 2014-10-23 23:16 - 00000000 ____D C:\Users\NTRG
2015-06-15 15:49 - 2013-08-22 09:46 - 00304213 _____ C:\WINDOWS\setupact.log
2015-06-15 15:49 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-15 15:46 - 2015-04-07 21:18 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-06-15 15:46 - 2015-01-27 09:29 - 00000000 ____D C:\Users\NTRG\AppData\Roaming\Mikogo
2015-06-15 15:46 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-15 15:46 - 2012-11-12 10:27 - 00000000 ____D C:\ProgramData\Norton
2015-06-15 15:28 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\registration
2015-06-15 15:24 - 2014-10-23 23:00 - 01988399 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-15 15:21 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-15 15:20 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-15 12:14 - 2013-03-06 18:39 - 04752896 ___SH C:\Users\NTRG\Downloads\Thumbs.db
2015-06-15 11:35 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-06-15 11:22 - 2014-10-27 23:19 - 00000000 __SHD C:\Users\NTRG\AppData\Local\EmieSiteList
2015-06-11 08:46 - 2013-01-07 12:03 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-11 08:36 - 2014-06-03 20:04 - 00000568 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-7598377-2462159904-1464518194-1002.job
2015-06-11 08:34 - 2013-01-21 00:46 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-11 08:19 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-10 16:41 - 2014-02-22 10:07 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-06-10 13:28 - 2014-05-15 13:43 - 00003152 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForNTRG
2015-06-10 13:28 - 2014-05-15 13:43 - 00000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForNTRG.job
2015-06-10 12:25 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-10 12:22 - 2013-08-22 09:44 - 00419192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-10 12:20 - 2014-09-24 02:03 - 00041636 _____ C:\WINDOWS\PFRO.log
2015-06-10 00:04 - 2014-12-12 00:12 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-10 00:04 - 2014-09-24 04:50 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-10 00:04 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-10 00:03 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-09 23:18 - 2014-10-23 23:48 - 00003910 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{049D013E-B3DF-4914-B8B0-F71525AEB313}
2015-06-09 22:33 - 2013-01-07 11:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-09 22:33 - 2012-07-26 02:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-09 22:29 - 2013-08-27 13:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-09 22:20 - 2013-01-11 10:30 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-09 16:34 - 2013-01-21 00:46 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-09 15:46 - 2014-04-22 13:48 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-06-03 11:18 - 2015-03-11 19:30 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 11:18 - 2015-03-11 19:30 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-30 14:37 - 2014-06-03 20:04 - 00003560 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-7598377-2462159904-1464518194-1002
2015-05-28 15:43 - 2015-04-07 21:18 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
Some files in TEMP:
====================
C:\Users\NTRG\AppData\Local\Temp\Extract.exe
C:\Users\NTRG\AppData\Local\Temp\i4jdel0.exe
C:\Users\NTRG\AppData\Local\Temp\SP58496.exe
C:\Users\NTRG\AppData\Local\Temp\SP63733.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-15 12:44
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by NTRG at 2015-06-15 16:11:45
Running from C:\Users\NTRG\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-7598377-2462159904-1464518194-500 - Administrator - Disabled)
Guest (S-1-5-21-7598377-2462159904-1464518194-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-7598377-2462159904-1464518194-1004 - Limited - Enabled)
NTRG (S-1-5-21-7598377-2462159904-1464518194-1002 - Administrator - Enabled) => C:\Users\NTRG
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{D01E0B82-7D6E-F9AC-9A7D-C6076264F419}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5712 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2110 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GoToMeeting 7.2.0.2759 (HKU\S-1-5-21-7598377-2462159904-1464518194-1002\...\GoToMeeting) (Version: 7.2.0.2759 - CitrixOnline)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{18DE31AE-70D0-43A7-9E3C-2ED7283ECE8A}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mikogo (HKU\S-1-5-21-7598377-2462159904-1464518194-1002\...\Mikogo) (Version: 5.1.0 - BeamYourScreen GmbH)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-7598377-2462159904-1464518194-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\NTRG\AppData\Local\Citrix\GoToMeeting\2331\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
==================== Restore Points =========================
26-05-2015 10:16:54 Scheduled Checkpoint
07-06-2015 19:54:25 Windows Update
11-06-2015 09:16:21 Windows Update
15-06-2015 15:22:26 Restore Operation
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {019832F7-04DA-419F-87CF-24B87D550EB4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-09] (Adobe Systems Incorporated)
Task: {0B358DA7-B073-4431-81F8-E84341AC5694} - System32\Tasks\HPCeeScheduleForNTRG => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {108B9222-0FDF-4AFA-A457-90C459522269} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {189F8756-A41A-42A8-B5CB-39EE3AF6437D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {18F2D2B7-40A6-4F57-99FE-20ED30C3A4EC} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {21E95D3E-22DB-439B-8067-5EED924EE448} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {484797E5-4983-428C-8CC0-3640BFF99A21} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {488E3A6E-BA94-4417-A26F-188AE44D611C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {4F765341-4DE4-4FC3-9E3A-4ADEBE56EB5B} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {51C40A61-363E-43DB-8744-1C9BA07DCAD7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5DA3DB7B-1C41-4C4E-96BF-B24BBFA0F094} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {6083C890-CA94-4367-9D17-337ACCB4E6AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {6118B4E9-E598-4F02-980A-D86A907A834E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: {776527FF-EE0E-4218-A214-ECB24F8B1B2C} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-15] (Microsoft Corporation)
Task: {78751CFB-3984-46B7-BC4C-55DF1FB00F0A} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-04-22] (Synaptics Incorporated)
Task: {867EEDD7-C03D-4F57-81F7-B54897DE071E} - System32\Tasks\G2MUploadTask-S-1-5-21-7598377-2462159904-1464518194-1002 => C:\Users\NTRG\AppData\Local\Citrix\GoToMeeting\2759\g2mupload.exe [2015-05-30] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {908A9EEA-6A95-45C0-9805-EA91967A9442} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {AEF7FC32-36B4-4B9C-AFA5-BFA1A76EFCB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B1BEDB8C-1306-428A-A13E-C9D8819C33A1} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {BE0DCC6B-8BD4-4E02-BC86-CF2297100CAA} - System32\Tasks\G2MUpdateTask-S-1-5-21-7598377-2462159904-1464518194-1002 => C:\Users\NTRG\AppData\Local\Citrix\GoToMeeting\2759\g2mupdate.exe [2015-05-30] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {C497EC67-7058-4825-9123-1E8851D53285} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-09] (Microsoft Corporation)
Task: {C7A697E5-904B-4EDD-925D-C88CFD6C700E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {CBC7373E-F312-4983-AA34-3D95C9884B86} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {D6D958F9-DEB4-4945-91E2-43EACDA58F09} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-7598377-2462159904-1464518194-1002.job => C:\Users\NTRG\AppData\Local\Citrix\GoToMeeting\2759\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-7598377-2462159904-1464518194-1002.job => C:\Users\NTRG\AppData\Local\Citrix\GoToMeeting\2759\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForNTRG.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (Whitelisted) ==============
2013-12-20 08:54 - 2012-09-29 14:25 - 00409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2013-12-20 08:55 - 2012-09-29 14:25 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2013-12-20 08:54 - 2012-09-29 14:26 - 03120128 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\hpm1210su.dll
2013-12-20 08:54 - 2012-09-29 14:53 - 01038336 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\HPM1210GC.dll
2014-07-04 21:33 - 2014-07-04 21:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-06 13:44 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-06-09 15:48 - 2015-06-05 13:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-09 15:48 - 2015-06-05 13:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-7598377-2462159904-1464518194-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\NTRG\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-7598377-2462159904-1464518194-1002\...\StartupApproved\Run: => "Mikogo"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FD712954-FE10-424C-93CD-9B879A373476}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8BD62A30-04A1-4679-AE0E-E3297B854351}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/15/2015 04:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1404) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU00B79.log.
Error: (06/15/2015 03:17:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 60391
Error: (06/15/2015 03:17:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 60391
Error: (06/15/2015 03:17:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/15/2015 03:17:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 45735
Error: (06/15/2015 03:17:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 45735
Error: (06/15/2015 03:17:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/15/2015 03:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15547
Error: (06/15/2015 03:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15547
Error: (06/15/2015 03:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (06/15/2015 03:49:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:
%%31
Error: (06/15/2015 03:49:25 PM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)
Error: (06/15/2015 03:24:10 PM) (Source: DCOM) (EventID: 10010) (User: NTRG6)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (06/15/2015 03:17:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.
Error: (06/15/2015 03:17:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WlanSvc service.
Error: (06/15/2015 11:25:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:
%%31
Error: (06/15/2015 11:25:41 AM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)
Error: (06/15/2015 11:25:30 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:07:07 PM on 6/14/2015 was unexpected.
Error: (06/15/2015 11:22:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053
Error: (06/15/2015 11:22:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053
Microsoft Office:
=========================
Error: (06/15/2015 04:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost1404SRUJet: C:\WINDOWS\system32\SRU\SRU00B79.log-1811 (0xfffff8ed)
Error: (06/15/2015 03:17:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 60391
Error: (06/15/2015 03:17:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 60391
Error: (06/15/2015 03:17:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/15/2015 03:17:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 45735
Error: (06/15/2015 03:17:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 45735
Error: (06/15/2015 03:17:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/15/2015 03:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15547
Error: (06/15/2015 03:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15547
Error: (06/15/2015 03:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
CodeIntegrity Errors:
===================================
Date: 2014-05-06 13:55:13.447
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-06 13:49:41.847
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-06 12:57:42.193
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-03 22:29:39.183
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-03 22:11:35.862
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-02 22:55:46.627
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-02 22:54:36.866
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-02 22:39:01.947
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-02 22:38:53.411
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-05-02 22:28:53.404
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD A8-4500M APU with Radeon HD Graphics
Percentage of memory in use: 37%
Total physical RAM: 3554.26 MB
Available physical RAM: 2221.47 MB
Total Pagefile: 4194.26 MB
Available Pagefile: 2577.85 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:569.66 GB) (Free:517.21 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:25.31 GB) (Free:3.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1EFAD293)
Partition: GPT Partition Type.
==================== End of log ============================