Google Chrome seems to have disappeared after running terribly slow and sometimes not opening altogether.. And now Explorer is running slow and often times won't open. I've only had the pc for about a year. I'm not sure if anyone can help, but I've attached the logs below. And any help would be so greatly appreciated. Thank you.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
Ran by Alan (administrator) on CASSELMAN (18-12-2015 14:58:04)
Running from C:\Users\Alan\Desktop
Loaded Profiles: Alan (Available Profiles: Alan)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Maxthon\bin\maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\jmesoft\Service.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\n360.exe
(Pokki) C:\Users\Alan\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Pokki) C:\Users\Alan\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Pokki) C:\Users\Alan\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\Alan\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.)
HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013200 2015-12-10] (Valve Corporation)
HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\RunOnce: [Application Restart #3] => C:\Users\Alan\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-clie (the data entry has 547 more characters).
HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\RunOnce: [Application Restart #2] => C:\Users\Alan\AppData\Local\Pokki\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-clie (the data entry has 547 more characters).
HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\MountPoints2: {b1ee5544-39b9-11e4-825f-c03fd57e9d21} - "D:\LaunchU3.exe" -a
AppInit_DLLs: C:\PROGRA~2\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64Loader.dll => C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64Loader.dll [206152 2014-08-25] (ClientConnect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll => C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll [173896 2014-08-25] (ClientConnect LTD)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk [2014-09-02]
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Fast Connect.lnk [2015-10-17]
ShortcutTarget: Fast Connect.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D404DF7B-B4FF-441F-8D9D-E6F7362FCA00}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://home.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1305158405-1857925567-3099767685-1001 -> DefaultScope {E2155B58-9709-48CD-96C7-502E27EA7A3F} URL = hxxp://search.whiteskyservices.com/?wstoken=55C5D325-23F3-43B5-8651-6DEC1E2B9F62&dtid=1&pid=21&src=sgsearch&v=1.14.1126.5&searchparam={SearchTerms}
SearchScopes: HKU\S-1-5-21-1305158405-1857925567-3099767685-1001 -> {086A4A44-FF44-4451-8103-CEAB832594B6} URL = hxxp://www.bing.com/search?pc=conduit&ptag=A41171EDFAF7747F7B2F&form=CONADR&conlogo=CT3210127&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1305158405-1857925567-3099767685-1001 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://search.coupons.com/search.asp?p=df&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1305158405-1857925567-3099767685-1001 -> {A935D83E-CFFC-11E4-827D-C03FD57E9D21} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=lenovo&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1305158405-1857925567-3099767685-1001 -> {E2155B58-9709-48CD-96C7-502E27EA7A3F} URL = hxxp://search.whiteskyservices.com/?wstoken=55C5D325-23F3-43B5-8651-6DEC1E2B9F62&dtid=1&pid=21&src=sgsearch&v=1.14.1126.5&searchparam={SearchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-17] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-17] (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2013-08-07] (Yahoo! Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-01-29] (Oracle Corporation)
BHO-x32: Fast Connect -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.15.929.1\NativeBHO.dll [2015-09-29] (WhiteSky)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2013-08-07] (Yahoo! Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-04] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1305158405-1857925567-3099767685-1001: @nsroblox.roblox.com/launcher -> C:\Users\Alan\AppData\Local\Roblox\Versions\version-957ce0cc47814d39\\NPRobloxProxy.dll [2012-12-31] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1305158405-1857925567-3099767685-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Alan\AppData\Local\Roblox\Versions\version-957ce0cc47814d39\\NPRobloxProxy64.dll [2012-12-31] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1305158405-1857925567-3099767685-1001: hopster.com/CouponPrinterPlugin -> C:\Users\Alan\AppData\Roaming\Hopster\CouponPrinterPlugin\2.0.2.0\npCouponPrinterPlugin.dll [2013-02-21] (Hopster)
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2015-12-17]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3323027&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=55&CUI=&UM=6&UP=SP9937CDEA-5E5E-4DC1-A041-A511492873F0&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3323027&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=55&CUI=&UM=6&UP=SP9937CDEA-5E5E-4DC1-A041-A511492873F0&SSPV="
CHR Profile: C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03]
CHR Extension: (PriceBlink) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoiidodopnnhiflaflbfeblnojefhigh [2015-08-16]
CHR Extension: (Google Drive) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Google Docs Offline) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (AdBlock) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-23]
CHR Extension: (Norton Identity Safe) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-09-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (SpongeBob) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcbomkndjdboeecgicmjobgeldinpngi [2015-08-25]
CHR Extension: (Gmail) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\Exts\Chrome.crx [2015-12-01]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\Exts\Chrome.crx [2015-12-01]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [1413736 2015-09-18] (Coupons.com Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-16] () [File not signed]
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] ()
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-11-26] (Maxthon)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\N360.exe [282016 2015-11-20] (Symantec Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2013-05-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 0304051409696504mcinstcleanup; C:\Users\Alan\AppData\Local\Temp\030405~1.EXE -cleanup -nolog [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\BASHDefs\20151207.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-17] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\IPSDefs\20151217.001\IDSvia64.sys [767224 2015-12-04] (Symantec Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20151217.033\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20151217.033\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-20] (Realtek Semiconductor Corporation )
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [928496 2015-11-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605050.00F\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [577768 2015-11-11] (Symantec Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S1 AntiLog32; \??\C:\windows\system32\drivers\AntiLog64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-18 14:58 - 2015-12-18 14:58 - 00026047 _____ C:\Users\Alan\Desktop\FRST.txt
2015-12-18 14:57 - 2015-12-18 14:58 - 00000000 ____D C:\FRST
2015-12-18 14:56 - 2015-12-18 14:56 - 02370048 _____ (Farbar) C:\Users\Alan\Desktop\FRST64.exe
2015-12-17 14:44 - 2015-12-17 14:44 - 00001123 _____ C:\Users\Alan\Desktop\nativelog.txt
2015-12-12 18:35 - 2015-12-12 18:35 - 00000219 _____ C:\Users\Alan\Desktop\Counter-Strike Global Offensive.url
2015-12-08 18:28 - 2015-11-11 11:21 - 25837568 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-12-08 18:28 - 2015-11-09 19:13 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-12-08 18:28 - 2015-11-09 19:02 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-12-08 18:28 - 2015-11-09 18:46 - 04514816 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-12-08 18:28 - 2015-11-09 18:41 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-12-08 18:28 - 2015-11-09 18:17 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-12-08 18:28 - 2015-11-09 18:12 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-12-08 18:28 - 2015-11-08 17:15 - 02887168 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-12-08 18:28 - 2015-11-08 17:15 - 00571392 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-12-08 18:28 - 2015-11-08 17:04 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-12-08 18:28 - 2015-11-08 17:01 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-12-08 18:28 - 2015-11-08 16:25 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-12-08 18:28 - 2015-11-08 15:53 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-12-08 18:28 - 2015-11-08 15:30 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-12-08 18:28 - 2015-11-05 03:59 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2015-12-08 18:27 - 2015-11-22 01:59 - 07455064 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-12-08 18:27 - 2015-11-22 01:59 - 01735000 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-12-08 18:27 - 2015-11-22 01:59 - 01659568 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-12-08 18:27 - 2015-11-22 01:59 - 01519592 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-12-08 18:27 - 2015-11-22 01:59 - 01487008 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-12-08 18:27 - 2015-11-22 01:59 - 01355848 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-12-08 18:27 - 2015-11-22 01:58 - 01499920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-12-08 18:27 - 2015-11-21 13:32 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-12-08 18:27 - 2015-11-21 12:50 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-12-08 18:27 - 2015-11-21 11:59 - 01706496 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2015-12-08 18:27 - 2015-11-21 11:49 - 01344000 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2015-12-08 18:27 - 2015-11-21 11:47 - 00522240 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2015-12-08 18:27 - 2015-11-21 11:40 - 00414208 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2015-12-08 18:27 - 2015-11-11 11:00 - 12856832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-12-08 18:27 - 2015-11-11 10:44 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-12-08 18:27 - 2015-11-11 10:44 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-12-08 18:27 - 2015-11-11 10:41 - 20366848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-12-08 18:27 - 2015-11-11 10:12 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-12-08 18:27 - 2015-11-09 19:11 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-12-08 18:27 - 2015-11-09 19:08 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-12-08 18:27 - 2015-11-09 19:04 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-12-08 18:27 - 2015-11-09 18:37 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-12-08 18:27 - 2015-11-09 18:36 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-12-08 18:27 - 2015-11-09 18:36 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-12-08 18:27 - 2015-11-09 18:36 - 00325632 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-12-08 18:27 - 2015-11-09 18:25 - 01048576 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2015-12-08 18:27 - 2015-11-09 18:14 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-12-08 18:27 - 2015-11-08 19:41 - 01540728 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2015-12-08 18:27 - 2015-11-08 17:30 - 04176384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-12-08 18:27 - 2015-11-08 17:02 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-12-08 18:27 - 2015-11-08 16:32 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-12-08 18:27 - 2015-11-08 16:32 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-12-08 18:27 - 2015-11-08 16:23 - 01994752 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-12-08 18:27 - 2015-11-08 16:18 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-12-08 18:27 - 2015-11-08 16:16 - 00372224 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-12-08 18:27 - 2015-11-08 16:15 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-12-08 18:27 - 2015-11-08 16:15 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-12-08 18:27 - 2015-11-08 16:14 - 14456832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-12-08 18:27 - 2015-11-08 16:13 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-12-08 18:27 - 2015-11-08 16:13 - 01383936 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-12-08 18:27 - 2015-11-08 16:01 - 01753600 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2015-12-08 18:27 - 2015-11-08 15:53 - 02880000 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2015-12-08 18:27 - 2015-11-08 15:52 - 01559552 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-12-08 18:27 - 2015-11-08 15:48 - 01376256 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2015-12-08 18:27 - 2015-11-08 15:42 - 01490944 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2015-12-08 18:27 - 2015-11-08 15:41 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-12-08 18:27 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
2015-12-08 18:27 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZST.DLL
2015-12-08 18:27 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
2015-12-08 18:27 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
2015-12-08 18:27 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdgeoqw.dll
2015-12-08 18:27 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZST.DLL
2015-12-08 18:27 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZEL.DLL
2015-12-08 18:27 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZE.DLL
2015-12-08 18:27 - 2015-10-22 11:21 - 01200128 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2015-12-08 18:27 - 2015-10-22 11:21 - 00323072 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2015-12-08 18:27 - 2015-10-22 10:58 - 00868864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2015-12-08 18:27 - 2015-10-22 10:58 - 00200704 _____ (Microsoft Corporation) C:\windows\SysWOW64\GlobCollationHost.dll
2015-12-08 18:27 - 2015-10-22 09:08 - 00513456 _____ C:\windows\SysWOW64\locale.nls
2015-12-08 18:27 - 2015-10-22 09:08 - 00513456 _____ C:\windows\system32\locale.nls
2015-12-08 18:27 - 2015-10-10 12:20 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2015-12-08 18:27 - 2015-10-03 14:41 - 01385280 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-12-08 18:27 - 2015-10-03 14:41 - 01124384 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-12-08 18:26 - 2015-11-20 17:47 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-12-08 18:26 - 2015-11-20 13:18 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-12-08 18:26 - 2015-11-20 11:58 - 03706880 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-12-08 18:26 - 2015-11-20 11:47 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-12-08 18:26 - 2015-11-20 11:46 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-12-08 18:26 - 2015-11-20 11:44 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-12-08 18:26 - 2015-11-20 11:44 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-12-08 18:26 - 2015-11-20 11:43 - 00897024 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-12-08 18:26 - 2015-11-20 11:42 - 02243584 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-12-08 18:26 - 2015-11-20 11:30 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-12-08 18:26 - 2015-11-20 11:29 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-12-08 18:26 - 2015-11-20 11:28 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-12-08 18:26 - 2015-11-20 11:27 - 00726528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-12-08 18:26 - 2015-10-28 10:49 - 02775552 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-12-08 18:26 - 2015-10-28 10:29 - 02462720 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-12-08 18:26 - 2015-10-11 01:34 - 00468824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2015-12-08 18:26 - 2015-10-11 01:34 - 00462168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2015-12-08 18:26 - 2015-10-11 01:34 - 00443224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2015-12-08 18:26 - 2015-10-11 01:34 - 00092504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2015-12-08 18:26 - 2015-10-11 01:34 - 00027992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2015-12-08 18:26 - 2015-10-10 13:41 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2015-12-08 18:26 - 2015-10-10 13:41 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2015-12-08 18:26 - 2015-10-08 11:11 - 00060928 _____ (Microsoft Corporation) C:\windows\system32\PCPKsp.dll
2015-12-08 18:26 - 2015-10-08 10:50 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\PCPKsp.dll
2015-12-08 18:26 - 2015-10-05 13:28 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\wininit.exe
2015-12-08 18:26 - 2015-10-05 13:25 - 00572928 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2015-12-05 18:00 - 2015-12-06 21:40 - 00121168 _____ C:\Users\Alan\Documents\Presentation1.pptx
2015-12-01 18:44 - 2015-12-01 18:44 - 00000000 ____D C:\windows\System32\Tasks\Norton 360
2015-12-01 18:38 - 2015-12-01 18:38 - 00003228 _____ C:\windows\System32\Tasks\Norton WSC Integration
2015-12-01 18:30 - 2015-12-01 18:30 - 00271589 _____ C:\Users\Alan\Documents\frozen_power_point.pptx
2015-11-22 18:45 - 2015-11-22 18:45 - 00061059 _____ C:\Users\Alan\Downloads\35AD.tmp
2015-11-22 18:45 - 2015-11-22 18:45 - 00061059 _____ C:\Users\Alan\Downloads\33D9.tmp
2015-11-22 18:45 - 2015-11-22 18:45 - 00061059 _____ C:\Users\Alan\Downloads\335B.tmp
2015-11-22 18:45 - 2015-11-22 18:45 - 00061059 _____ C:\Users\Alan\Downloads\331C.tmp
2015-11-22 18:45 - 2015-11-22 18:45 - 00061059 _____ C:\Users\Alan\Downloads\329E.tmp
2015-11-22 18:45 - 2015-11-22 18:45 - 00061059 _____ C:\Users\Alan\Downloads\31A3.tmp
2015-11-18 13:45 - 2015-11-18 13:45 - 00868320 _____ C:\Users\Alan\Downloads\proposal.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-18 14:57 - 2013-08-22 08:36 - 00000000 ____D C:\Windows
2015-12-18 14:52 - 2014-08-04 20:56 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-12-18 14:38 - 2013-08-22 10:36 - 00000000 ____D C:\windows\rescache
2015-12-18 14:32 - 2014-09-02 15:07 - 00000000 ____D C:\Program Files (x86)\Constant Guard Protection Suite
2015-12-18 14:31 - 2014-08-03 18:54 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1305158405-1857925567-3099767685-1001
2015-12-18 14:26 - 2014-09-02 15:07 - 00000000 ____D C:\Users\Alan\AppData\Roaming\ID Vault
2015-12-18 14:25 - 2014-08-18 16:40 - 00000926 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-18 14:24 - 2014-08-03 18:56 - 00003926 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{DE19AB62-3E84-43C7-86C1-8A2913B34B13}
2015-12-17 21:07 - 2013-08-22 10:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-17 21:06 - 2014-08-03 19:16 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-12-17 20:58 - 2013-08-31 10:40 - 00865408 _____ C:\windows\system32\PerfStringBackup.INI
2015-12-17 20:58 - 2013-08-22 08:36 - 00000000 ____D C:\windows\Inf
2015-12-17 20:56 - 2015-07-31 11:46 - 00000000 ____D C:\windows\System32\Tasks\Remediation
2015-12-17 20:56 - 2014-08-03 18:48 - 00000000 ____D C:\Users\Alan\AppData\Local\SweetLabs App Platform
2015-12-17 20:55 - 2015-04-08 16:06 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-17 20:54 - 2014-08-18 16:40 - 00000922 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-17 20:54 - 2014-08-03 18:51 - 00000000 ___DO C:\Users\Alan\SkyDrive
2015-12-17 20:53 - 2013-08-22 08:25 - 00262144 ___SH C:\windows\system32\config\ELAM
2015-12-17 20:52 - 2013-08-22 09:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-12-17 20:52 - 2013-08-22 09:44 - 00502456 _____ C:\windows\system32\FNTCACHE.DAT
2015-12-17 20:51 - 2014-08-30 19:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-17 20:51 - 2014-08-30 19:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-17 20:50 - 2013-08-22 08:25 - 00262144 ___SH C:\windows\system32\config\BBI
2015-12-17 16:25 - 2015-05-08 16:30 - 00000000 ____D C:\Users\Alan\AppData\Roaming\.minecraft
2015-12-17 14:43 - 2015-05-08 16:27 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-12-13 15:31 - 2013-08-22 10:36 - 00000000 ____D C:\windows\system32\NDF
2015-12-12 19:17 - 2015-02-22 19:34 - 00000000 ____D C:\Users\Alan\AppData\Local\CrashDumps
2015-12-08 20:44 - 2013-08-22 10:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-08 20:44 - 2013-08-22 10:36 - 00000000 ____D C:\windows\AppReadiness
2015-12-08 18:59 - 2014-09-14 12:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-08 18:59 - 2014-08-30 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-08 18:59 - 2013-08-22 10:20 - 00000000 ____D C:\windows\CbsTemp
2015-12-08 18:54 - 2014-08-03 19:31 - 00000000 ____D C:\windows\system32\MRT
2015-12-08 18:52 - 2014-08-04 20:56 - 00003718 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-12-08 18:50 - 2014-08-03 19:31 - 140158008 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-12-08 18:14 - 2014-08-03 18:48 - 00000000 ____D C:\Users\Alan
2015-12-05 04:11 - 2013-08-31 11:36 - 00000000 ____D C:\windows\Panther
2015-12-04 16:20 - 2014-08-18 16:40 - 00003898 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 16:20 - 2014-08-18 16:40 - 00003662 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 16:09 - 2015-10-30 04:42 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-03 18:36 - 2013-08-22 10:36 - 00000000 ___HD C:\windows\ELAMBKUP
2015-12-01 18:39 - 2014-09-02 15:08 - 00000000 ____D C:\Users\Alan\AppData\Local\ID Vault
2015-12-01 18:38 - 2015-08-16 03:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2015-12-01 18:38 - 2014-09-02 17:26 - 00002389 _____ C:\Users\Public\Desktop\Norton Security Suite.LNK
2015-12-01 18:38 - 2014-09-02 17:26 - 00000000 ____D C:\windows\system32\Drivers\N360x64
2015-12-01 12:19 - 2015-03-11 09:14 - 00826872 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-12-01 12:19 - 2015-03-11 09:14 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-01 00:52 - 2014-04-21 18:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-01 00:52 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-29 23:13 - 2015-11-14 20:22 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-20 12:37 - 2015-09-11 09:23 - 00000994 _____ C:\Users\Alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk
2015-11-20 12:37 - 2015-09-11 09:23 - 00000986 _____ C:\Users\Alan\Desktop\join.me.lnk
2015-11-20 12:37 - 2015-09-11 09:23 - 00000000 ____D C:\Users\Alan\AppData\Local\join.me
2015-11-18 03:38 - 2013-08-22 10:36 - 00000000 ___RD C:\windows\ToastData
==================== Files in the root of some directories =======
2014-04-21 18:35 - 2014-04-21 18:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-26 18:20 - 2015-01-26 18:21 - 0000319 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-12-15 02:59
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-12-2015
Ran by Alan (2015-12-18 14:58:42)
Running from C:\Users\Alan\Desktop
Windows 8.1 (X64) (2014-08-03 23:48:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1305158405-1857925567-3099767685-500 - Administrator - Disabled)
Alan (S-1-5-21-1305158405-1857925567-3099767685-1001 - Administrator - Enabled) => C:\Users\Alan
Guest (S-1-5-21-1305158405-1857925567-3099767685-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security Suite (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon) <==== ATTENTION
Apple Application Support (32-bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.6) (Version: 5.0.1.6 - Coupons.com Incorporated)
CouponPrinterPlugin (HKLM-x32\...\{8AC6566B-131F-4987-82DF-932CED9FCA23}) (Version: 2.0.2.0 - Hopster) <==== ATTENTION
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
Fast Connect (HKLM-x32\...\ID Vault) (Version: 1.15.929.1 - White Sky)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Groupon (HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\Pokki_893e2a8f4b240ed6d7def79e56791067c96f41be) (Version: 1.0.2.55621 - Pokki)
Gyazo 3.1.6 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Host App Service (HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\SweetLabs_AP) (Version: 0.269.7.800 - Pokki)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
join.me (HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\JoinMe) (Version: 2.10.0.1636 - LogMeIn, Inc.)
Lenovo Assistant (HKLM-x32\...\{B2DE4F30-B8C7-49C0-85B9-2F37A5290F00}) (Version: 2.0.0.29 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.16.50.5 - ClientConnect LTD) <==== ATTENTION
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.16.0 - Lenovo)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.7408 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo Reach (HKLM-x32\...\{3245D8C8-7FE0-4FD4-B04B-2720A333D592}) (Version: 1.1.0.197 - Stoneware, Inc.)
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)
Lenovo Rescue System (Version: 4.0.0.1901 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{2F45A217-E9C7-4984-B0AC-5BE31FF4712B}) (Version: 2.4.003.00 - Lenovo Group Limited)
Lenovo Web Start (HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Marble Blast Gold (HKLM-x32\...\Marble Blast Gold) (Version: - )
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.2.1.1000 - Maxthon International Limited)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4779.1002 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Nitro Pro 9 (HKLM\...\{70B831B7-A8EE-4C5F-8F34-F383D24B3A04}) (Version: 9.0.5.9 - Nitro)
Norton Security Suite (HKLM-x32\...\N360) (Version: 22.5.5.15 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
P@H-Protocol (HKLM-x32\...\{14F936AB-5D31-410E-A4E2-70AE504712F2}) (Version: 3.0.8.6 - Valassis)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7005 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0227 - REALTEK Semiconductor Corp.)
ROBLOX Player for Alan (HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
ROBLOX Studio for Alan (HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Spotify (HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\Pokki_c84ed94178c62e6b7accc5a222a50f54957768f2) (Version: 1.1.0.48487 - Pokki)
Start Menu (HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\...\SweetLabs_Start_Menu) (Version: 0.269.7.800 - Pokki)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1305158405-1857925567-3099767685-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Alan\AppData\Local\Roblox\Versions\version-957ce0cc47814d39\RobloxProxy64.dll (ROBLOX Corporation)
==================== Restore Points =========================
27-11-2015 06:23:04 Scheduled Checkpoint
04-12-2015 15:44:20 Scheduled Checkpoint
08-12-2015 18:46:50 Windows Update
16-12-2015 08:29:59 Scheduled Checkpoint
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {010D4E7D-A9F3-4C1E-9F9B-ED7DB36AC9F2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-12-17] (Microsoft Corporation)
Task: {02AF8016-C938-41E8-BA86-929F08E863C5} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1305158405-1857925567-3099767685-1001 => C:\Users\Alan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-14] (Microsoft Corporation)
Task: {0BBE95E8-BF25-4E9A-97C4-9DD41FBFAA19} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {1B9AA0CE-B46F-4515-B994-F8618E6CC58A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1C6523D4-240B-49CC-86D4-A6F0FB4FD072} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-11-21] (Maxthon International ltd.)
Task: {1FCCC5E7-614B-4A69-B1DC-4D4DF8143244} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] ()
Task: {2023826E-2058-4ABA-BAF7-0DE431001284} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-12-08] (Microsoft Corporation)
Task: {236C0C95-6668-4206-8FF9-37332E074449} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {2C9B8124-22E7-4CA7-9D55-6957C801D95F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {338A7E65-F195-4AF2-A639-686AAC180B1B} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] ()
Task: {351876A8-982B-4EB2-9CBA-661F5A17B549} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {3BFCBC21-E7AD-4A31-9064-34801CE929A5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {3D0D5E7F-9174-4FA5-BF5C-1B84EA7A2D62} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-05-06] ()
Task: {738CAE93-4A08-4DBB-B55B-4E66590FD6EB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {86A53A86-A2B4-479E-8719-45CE99607E89} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-05-06] (Lenovo)
Task: {9E1B6788-2785-4649-8A33-E6368353DF7B} - System32\Tasks\SweetLabs App Platform => C:\Users\Alan\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2015-10-30] (Pokki)
Task: {A47E4D25-F661-4C1E-8080-D8042B3430D3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {AD68966F-294C-4EAE-A5FF-5A876DAA993E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {AFC7AE72-451C-4163-8076-CF4DBF814E6E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08] (Adobe Systems Incorporated)
Task: {B7113429-E989-4A96-AAEC-57774F2492F1} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {C96873E4-F289-4C4D-9323-D92F1011C857} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {E4088686-D5B0-4214-A18A-32D12E85BFBB} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Suite\Upgrade.exe [2015-11-23] (Symantec Corporation)
Task: {F499A0C8-E6A8-456C-B835-9F8770EC2164} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-05-06] (Lenovo)
Task: {F7E82A2A-A103-43D9-9C5A-9D5EAB1C386C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.5.15\WSCStub.exe [2015-11-23] (Symantec Corporation)
Task: {FCE61AF5-E7C3-49F6-9897-C3260674B7F9} - System32\Tasks\Lenovo\Experience Improvement => C:\Users\Alan\AppData\Local\Temp\LenovoExperienceImprovement.exe <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-21 18:36 - 2011-08-16 22:46 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2014-04-21 18:49 - 2013-05-14 13:53 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-10-27 01:51 - 2015-09-01 11:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-04-21 18:36 - 2011-08-16 22:46 - 00024576 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2014-08-07 15:10 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-10-25 01:49 - 2015-10-25 01:49 - 03530752 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\0b2afd93fc0545b7b94339e8a4a7af97\Windows.UI.Xaml.ni.dll
2015-10-25 01:49 - 2015-10-25 01:49 - 00228864 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\16c3eb7650767d95d002c998d0c73eb5\Windows.Foundation.ni.dll
2015-09-29 18:25 - 2015-09-29 18:25 - 00548152 _____ () C:\Program Files (x86)\Constant Guard Protection Suite\sqlite3.DLL
2014-04-21 18:36 - 2011-05-17 15:27 - 00028672 _____ () C:\Windows\jmesoft\hidhook.dll
2009-12-04 18:59 - 2009-12-04 18:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-04 19:04 - 2009-12-04 19:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2014-08-08 18:48 - 2012-05-25 03:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2014-04-21 18:36 - 2013-12-03 00:37 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-04-28 15:15 - 2015-04-28 15:15 - 00569856 _____ () C:\Users\Alan\AppData\Local\SweetLabs App Platform\Engine\ppGoogleNaClPluginChrome.dll
2015-04-28 15:15 - 2015-04-28 15:15 - 01400846 _____ () C:\Users\Alan\AppData\Local\SweetLabs App Platform\Engine\avcodec-54.dll
2015-04-28 15:15 - 2015-04-28 15:15 - 00151054 _____ () C:\Users\Alan\AppData\Local\SweetLabs App Platform\Engine\avutil-51.dll
2015-04-28 15:15 - 2015-04-28 15:15 - 00222734 _____ () C:\Users\Alan\AppData\Local\SweetLabs App Platform\Engine\avformat-54.dll
2015-10-23 16:27 - 2015-10-23 16:27 - 21344952 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00322208 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2015-09-30 15:47 - 2015-09-30 15:47 - 45080248 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1305158405-1857925567-3099767685-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{656DCDCC-B5F0-4C79-9E35-1A67A750185D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{D52C89A4-E487-46B0-B33F-91666005BD7E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{97A4841D-9A03-49AC-9B66-942C79F98DFD}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{8BCAB4B2-A03A-4B43-B33B-D8F60F0C4914}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{F0AE0F23-3DE3-4E5F-B8F1-E45271C966F2}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{034C92CB-1025-4A7A-8D4A-5E721EFC7D41}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{4F42DF0E-034C-4934-9F95-E3F1DAB25C36}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{575C533A-A7DC-4DD0-BECC-AD7124350422}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{A42F97A4-8C8F-4855-8D2E-78B19968D44C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{7BA8727F-3B5B-40FE-B202-AD6B46AEC04F}] => (Allow) C:\Users\Alan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{2E5F8B46-924D-4544-B665-643ED9B28907}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{FEBAAC19-30A5-42DF-89BB-90A1786D2FF8}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3DEAEDD7-E3A5-429B-A56D-D7FE208509FB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{F92125B7-693C-475F-9A7A-074C42996083}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{377AE85C-217B-4569-A746-19E97C5284BF}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{CCB08CC8-7630-4F2E-8967-3733D541892B}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{B06E54F9-EF55-472F-B0C6-10FBFC498775}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{6A4E7566-6EEB-4BB1-835B-5BEC4AC09D61}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{12B71BB5-121E-490D-9A6D-F05B62D654C8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CE48F51D-2C85-4659-81C3-CAFDE3AA4C34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F5BD134E-A7D8-455C-8E2F-BE24AD144CA9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{04BA2FC7-DE35-4F6D-8358-F000152C5C6F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{888F5271-51FB-480F-9346-155B59121AAE}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{A8538F59-63FC-42D2-ADB2-F37A7470D053}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{2EA926FC-168D-4029-9323-AEFFFD1A0DA4}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{3F4B13F6-B13D-4B79-837E-DE5C964AF653}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{4C2295B0-4B47-4FF5-9E26-E3E32B5F8AD1}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{33914FF9-0A07-43A1-9002-FC7139198991}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{72ED7A12-ADF3-4A98-85AD-DD5EB38A1CA4}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{5E130B04-0A65-4052-932F-2C7E5079F836}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{246B02B6-DE75-4F1E-BCAE-6DBFAF440DF7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0FB3359F-BEEB-410B-A990-CAC023DF114F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{56B3EF96-E1E8-431F-BD84-2732D7314683}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{986CFCE0-F181-4581-A5F9-29C7533D7B49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{11E88703-3532-4209-9EA7-EC4C0C452419}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E0B0ECE1-3637-40BE-A3F3-EE102ED37741}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{F20706E3-33FC-4C76-8102-9CCFE033BEE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{59A085BB-E89E-4F5A-BF4C-51897783A4D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{48257AE3-5FED-4B64-8510-399C04763CCF}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{FBDB23DE-0A5E-4BEC-960D-5664C35AEBFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D5ADF009-249A-4732-BB8A-68A50FC9F39C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BFF97AB9-1A0F-415D-B3ED-267F7FB9CD51}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{665BF454-135B-414F-8AEE-BE2B96FBDA96}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{71993C03-AEB2-4372-B156-27F8633A9610}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1E850B5F-00C7-40D9-8568-D1307DCC07B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{59D09EB2-8845-4814-B0F7-268DAED120E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{450BA8A0-C303-4B9C-9810-7784F29B0357}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D9868B56-D9E4-4CCE-885C-67244D0B16C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3D15FBB8-527D-43E4-9E88-948C696D2ADB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/18/2015 02:36:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1aa8
Start Time: 01d139cab6fb2284
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Report Id: aa78c02b-a5be-11e5-82b4-c03fd57e9d21
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (12/18/2015 02:31:31 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (12/18/2015 02:26:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1a68
Start Time: 01d139c94b295b38
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Report Id: 3eb1376b-a5bd-11e5-82b4-c03fd57e9d21
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (12/18/2015 02:21:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 60465437
Error: (12/18/2015 02:21:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 60465437
Error: (12/18/2015 02:21:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/18/2015 02:21:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 60464312
Error: (12/18/2015 02:21:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 60464312
Error: (12/18/2015 02:21:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/18/2015 02:21:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 60463172
System errors:
=============
Error: (12/17/2015 08:47:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Group Policy Client service failed to start due to the following error:
%%1053
Error: (12/17/2015 08:47:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Group Policy Client service failed to start due to the following error:
%%1053
Error: (12/17/2015 08:47:48 PM) (Source: DCOM) (EventID: 10010) (User: CASSELMAN)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (12/17/2015 08:47:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053
Error: (12/17/2015 08:47:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053
Error: (12/17/2015 08:47:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053
Error: (12/17/2015 08:47:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053
Error: (12/17/2015 08:43:41 PM) (Source: DCOM) (EventID: 10010) (User: CASSELMAN)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (12/17/2015 08:42:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053
Error: (12/17/2015 08:42:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053
==================== Memory info ===========================
Processor: Intel® Core i3-4150 CPU @ 3.50GHz
Percentage of memory in use: 39%
Total physical RAM: 6058.37 MB
Available physical RAM: 3648.31 MB
Total Virtual: 7658.37 MB
Available Virtual: 4708.16 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:905.25 GB) (Free:787.18 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 249F60AE)
Partition: GPT.
==================== End of Addition.txt ============================