Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2016
Ran by Rick (27-11-2016 17:33:59)
Running from C:\Users\Rick\Downloads
Windows 8.1 (Update) (X64) (2014-01-13 04:26:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3431173695-69639140-411144729-500 - Administrator - Disabled)
Guest (S-1-5-21-3431173695-69639140-411144729-501 - Limited - Enabled) => C:\Users\Guest
Rick (S-1-5-21-3431173695-69639140-411144729-1002 - Administrator - Enabled) => C:\Users\Rick
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: Norton Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AccelerateTab (HKLM-x32\...\AccelerateTab_is1) (Version: 2.6 - AccelerateTab)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adult Emoticons and Avatars (HKLM-x32\...\Adult Emoticons and Avatars) (Version: - Sherv.NET)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.4.0 - IObit)
AMD Catalyst Install Manager (HKLM\...\{19CB64EB-ACFE-681D-B571-A8A3398F1943}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4220.52 - CyberLink Corp.)
Driver Booster 3.5 (HKLM-x32\...\Driver Booster_is1) (Version: 3.5 - IObit)
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Gateway Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Gateway Incorporated)
Gateway Power Management (HKLM\...\{E438A632-CADC-49E4-9492-C9F50F9AE37F}) (Version: 7.01.3001 - Gateway Incorporated)
Gateway Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Gateway Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3001 - Gateway Incorporated)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Gateway Incorporated)
IObit Apps Toolbar v9.1 (HKLM-x32\...\{BAADB485-50A5-4E37-AE32-04F35DCEC14B}) (Version: 9.1 - Spigot, Inc.) <==== ATTENTION
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.3.0.142 - IObit)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3003 - Gateway Incorporated)
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 en-US)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
Nero 12 Essentials OEM.a01 (HKLM-x32\...\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}) (Version: 12.5.00000 - Nero AG)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}) (Version: 12.5.00000 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
Norton Security (HKLM-x32\...\NSBU) (Version: 22.8.0.50 - Symantec Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7930 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.2 - IObit)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 3.1.0.2 - IObit)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.16 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02FEF945-7458-4F7A-8E08-3412A2818F3A} - System32\Tasks\Uninstaller_SkipUac_Rick => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-05-12] (IObit)
Task: {045FA648-CAC6-4B8B-9F7C-8A69BB6B29E8} - System32\Tasks\Norton Security with Backup\Norton Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\SymErr.exe [2016-09-23] (Symantec Corporation)
Task: {04CB1795-04AD-46BA-A86B-8D0D96BCA903} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {0FA782CD-4A18-49D5-A0BA-4F66E518C2BA} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-03] (IObit)
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {1C4757F5-CC5C-4D04-A584-ADEE7401AAC9} - System32\Tasks\Norton Security with Backup\Norton Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\SymErr.exe [2016-09-23] (Symantec Corporation)
Task: {30A684AF-3445-4816-9CD6-EAC2D9ABC406} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-05-12] (IObit)
Task: {38320A16-69CF-4FB4-8132-212CC2BC19D4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => C:\WINDOWS\system32\GWX\GWXConfigManager.exe
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {48CF1E55-8C35-4806-8361-69AF4B249DF9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-26] (Adobe Systems Incorporated)
Task: {4B0224BB-A1FD-417B-B68D-9DD36B3A3C55} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Gateway\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {4B305338-B260-4DC3-8386-3B20A442F2E9} - System32\Tasks\ALU => C:\Program Files (x86)\Gateway\Live Updater\updater.exe [2012-08-24] ()
Task: {4C8EA03D-ADF3-4D8D-99F1-3EF5E1823347} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-07-02] (IObit)
Task: {52F1803B-E997-47F1-9809-556C6F895176} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2014-03-20] ()
Task: {5F3932DA-63A4-4957-A8D6-8C52E3818DD2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {74D4216A-2AF4-4993-955A-8FC7DF47528D} - System32\Tasks\ASC9_SkipUac_Rick => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-07-28] (IObit)
Task: {9E2CBA8F-D033-4C49-990D-603B947AA023} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-09-23] (Symantec Corporation)
Task: {9EE109CB-DE88-4556-B754-318F6444D61B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\WINDOWS\system32\GWX\GWXUXWorker.exe
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {C273A462-4CFB-4AA0-8467-47FE55DF4155} - System32\Tasks\Power Management => C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [2012-12-13] (Acer Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {D814DFA0-0D39-4717-8588-C75BB62A16B1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\WINDOWS\system32\GWX\GWXUXWorker.exe
Task: {DB8B83BA-107E-46E0-A6A5-25E516880E85} - \Driver Booster SkipUAC (SYSTEM) -> No File <==== ATTENTION
Task: {E516DB0D-4C41-4AD7-9803-F6A00A573726} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\WSCStub.exe [2016-09-23] (Symantec Corporation)
Task: {E77C213F-FF82-47FA-812F-3B8CFFF4F3E4} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [2012-07-05] (Acer Incorporated)
Task: {F33561DD-4E6F-43F4-9980-2508F40D6328} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-07-20] (IObit)
Task: {F5E57724-7FF5-4110-8300-2587F13DF56F} - System32\Tasks\Driver Booster SkipUAC (Rick) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-07-28] (IObit)
Task: {FF2B9F35-C569-4BF0-8431-350AEAEC9650} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-07-28] (IObit)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Rick.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Rick.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Rick\Favorites\Gateway\Gateway.lnk -> hxxp://www.gateway.com/
==================== Loaded Modules (Whitelisted) ==============
2016-10-24 23:07 - 2016-10-20 03:56 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
2016-10-24 23:07 - 2016-10-20 03:56 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll
2016-11-08 15:14 - 2016-11-08 15:14 - 31067840 _____ () C:\Users\Rick\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3431173695-69639140-411144729-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Rick\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\10924721_846524365397807_6267246092458262385_n.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "SearchSettings"
HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\StartupApproved\Run: => "Advanced SystemCare 8"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{88DC0B4A-8DAA-4E99-873E-86CC8CAEB68A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{74B44DF6-AA11-411A-BB22-2916A49541CE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{20C6A0BE-B768-43E3-9CE3-34667EC258A3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{9366FACF-BB72-4C31-99BA-7C5A1FBD72A9}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{5B498646-29BA-4BAC-8561-4693EB1F74FB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{BFE7A909-9F92-4024-BBB1-6E580E58B6F7}] => (Allow) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
FirewallRules: [{CFA4E105-EA7C-467A-8B4C-C585732AC972}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5C05799A-6948-43D4-BDA6-E5177D828E6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EF64259A-7933-4C09-B486-40DF487ACFE6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4DF57E0-AD3D-41C1-B760-2426DF39A632}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F8683892-3081-473C-8AF6-7763F65993E6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{56A5F014-4744-43D8-973C-4F861743EF9C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{F2337D0C-518A-4B93-A9B2-7DFE0A791775}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{5BEC645E-8DB1-4295-9396-7DA7CFAC5514}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{BC9935E8-AC1A-4BF4-8DBD-539F79B3B6E3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{6E224C9C-B355-43C4-984B-3DAEDD2214F3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{91660A02-7643-4BF4-8AA2-D94B9255ECFB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
10-11-2016 04:44:32 Scheduled Checkpoint
20-11-2016 12:12:28 Scheduled Checkpoint
27-11-2016 14:47:12 Restore Operation
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/27/2016 05:01:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\uistub.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 05:01:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\IObit\Advanced SystemCare\IU5Setup.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 05:01:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\IObit\Advanced SystemCare\PatchSetup_A9.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 05:01:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\IObit\Advanced SystemCare\Dashlane_Launcher.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 05:00:00 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (1304) SRUJet: Database recovery/restore failed with unexpected error -539.
Error: (11/27/2016 04:00:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1420) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU0046A.log.
Error: (11/27/2016 02:45:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\uistub.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 02:45:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\uistub.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 02:45:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\uistub.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 02:35:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\uistub.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (11/27/2016 05:20:31 PM) (Source: DCOM) (EventID: 10000) (User: HOME)
Description: Unable to start a DCOM Server: {06622D85-6856-4460-8DE1-A81921B41C4B}. The error:
"14001"
Happened while starting this command:
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
Error: (11/27/2016 05:02:42 PM) (Source: DCOM) (EventID: 10016) (User: HOME)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user Home\Rick SID (S-1-5-21-3431173695-69639140-411144729-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.BingWeather_3.0.4.344_x64__8wekyb3d8bbwe SID (S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330). This security permission can be modified using the Component Services administrative tool.
Error: (11/27/2016 05:02:15 PM) (Source: DCOM) (EventID: 10000) (User: HOME)
Description: Unable to start a DCOM Server: {06622D85-6856-4460-8DE1-A81921B41C4B}. The error:
"14001"
Happened while starting this command:
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
Error: (11/27/2016 04:50:46 PM) (Source: DCOM) (EventID: 10000) (User: HOME)
Description: Unable to start a DCOM Server: {06622D85-6856-4460-8DE1-A81921B41C4B}. The error:
"14001"
Happened while starting this command:
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
Error: (11/27/2016 04:42:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
Error: (11/27/2016 04:39:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SMService service failed to start due to the following error:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
Error: (11/27/2016 04:39:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Security with Backup service failed to start due to the following error:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
Error: (11/27/2016 04:39:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
Error: (11/27/2016 04:39:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
Error: (11/27/2016 04:39:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LiveUpdate service failed to start due to the following error:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
CodeIntegrity:
===================================
Date: 2016-11-27 17:32:28.232
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 17:32:22.744
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 17:32:12.758
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:43.029
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:38.623
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:34.076
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:29.685
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:25.294
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:20.919
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:16.529
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 60%
Total physical RAM: 3800.02 MB
Available physical RAM: 1502.84 MB
Total Virtual: 4568.02 MB
Available Virtual: 1225.48 MB
==================== Drives ================================
Drive c: (Gateway) (Fixed) (Total:439.61 GB) (Free:387.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2AD815CD)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Rick (27-11-2016 17:33:59)
Running from C:\Users\Rick\Downloads
Windows 8.1 (Update) (X64) (2014-01-13 04:26:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3431173695-69639140-411144729-500 - Administrator - Disabled)
Guest (S-1-5-21-3431173695-69639140-411144729-501 - Limited - Enabled) => C:\Users\Guest
Rick (S-1-5-21-3431173695-69639140-411144729-1002 - Administrator - Enabled) => C:\Users\Rick
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: Norton Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AccelerateTab (HKLM-x32\...\AccelerateTab_is1) (Version: 2.6 - AccelerateTab)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adult Emoticons and Avatars (HKLM-x32\...\Adult Emoticons and Avatars) (Version: - Sherv.NET)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.4.0 - IObit)
AMD Catalyst Install Manager (HKLM\...\{19CB64EB-ACFE-681D-B571-A8A3398F1943}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4220.52 - CyberLink Corp.)
Driver Booster 3.5 (HKLM-x32\...\Driver Booster_is1) (Version: 3.5 - IObit)
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Gateway Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Gateway Incorporated)
Gateway Power Management (HKLM\...\{E438A632-CADC-49E4-9492-C9F50F9AE37F}) (Version: 7.01.3001 - Gateway Incorporated)
Gateway Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Gateway Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3001 - Gateway Incorporated)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Gateway Incorporated)
IObit Apps Toolbar v9.1 (HKLM-x32\...\{BAADB485-50A5-4E37-AE32-04F35DCEC14B}) (Version: 9.1 - Spigot, Inc.) <==== ATTENTION
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.3.0.142 - IObit)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3003 - Gateway Incorporated)
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 en-US)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
Nero 12 Essentials OEM.a01 (HKLM-x32\...\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}) (Version: 12.5.00000 - Nero AG)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}) (Version: 12.5.00000 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
Norton Security (HKLM-x32\...\NSBU) (Version: 22.8.0.50 - Symantec Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7930 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.2 - IObit)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 3.1.0.2 - IObit)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.16 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02FEF945-7458-4F7A-8E08-3412A2818F3A} - System32\Tasks\Uninstaller_SkipUac_Rick => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-05-12] (IObit)
Task: {045FA648-CAC6-4B8B-9F7C-8A69BB6B29E8} - System32\Tasks\Norton Security with Backup\Norton Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\SymErr.exe [2016-09-23] (Symantec Corporation)
Task: {04CB1795-04AD-46BA-A86B-8D0D96BCA903} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {0FA782CD-4A18-49D5-A0BA-4F66E518C2BA} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-03] (IObit)
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {1C4757F5-CC5C-4D04-A584-ADEE7401AAC9} - System32\Tasks\Norton Security with Backup\Norton Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\SymErr.exe [2016-09-23] (Symantec Corporation)
Task: {30A684AF-3445-4816-9CD6-EAC2D9ABC406} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-05-12] (IObit)
Task: {38320A16-69CF-4FB4-8132-212CC2BC19D4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => C:\WINDOWS\system32\GWX\GWXConfigManager.exe
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {48CF1E55-8C35-4806-8361-69AF4B249DF9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-26] (Adobe Systems Incorporated)
Task: {4B0224BB-A1FD-417B-B68D-9DD36B3A3C55} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Gateway\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {4B305338-B260-4DC3-8386-3B20A442F2E9} - System32\Tasks\ALU => C:\Program Files (x86)\Gateway\Live Updater\updater.exe [2012-08-24] ()
Task: {4C8EA03D-ADF3-4D8D-99F1-3EF5E1823347} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-07-02] (IObit)
Task: {52F1803B-E997-47F1-9809-556C6F895176} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2014-03-20] ()
Task: {5F3932DA-63A4-4957-A8D6-8C52E3818DD2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {74D4216A-2AF4-4993-955A-8FC7DF47528D} - System32\Tasks\ASC9_SkipUac_Rick => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-07-28] (IObit)
Task: {9E2CBA8F-D033-4C49-990D-603B947AA023} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-09-23] (Symantec Corporation)
Task: {9EE109CB-DE88-4556-B754-318F6444D61B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\WINDOWS\system32\GWX\GWXUXWorker.exe
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {C273A462-4CFB-4AA0-8467-47FE55DF4155} - System32\Tasks\Power Management => C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [2012-12-13] (Acer Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {D814DFA0-0D39-4717-8588-C75BB62A16B1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\WINDOWS\system32\GWX\GWXUXWorker.exe
Task: {DB8B83BA-107E-46E0-A6A5-25E516880E85} - \Driver Booster SkipUAC (SYSTEM) -> No File <==== ATTENTION
Task: {E516DB0D-4C41-4AD7-9803-F6A00A573726} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\WSCStub.exe [2016-09-23] (Symantec Corporation)
Task: {E77C213F-FF82-47FA-812F-3B8CFFF4F3E4} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [2012-07-05] (Acer Incorporated)
Task: {F33561DD-4E6F-43F4-9980-2508F40D6328} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-07-20] (IObit)
Task: {F5E57724-7FF5-4110-8300-2587F13DF56F} - System32\Tasks\Driver Booster SkipUAC (Rick) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-07-28] (IObit)
Task: {FF2B9F35-C569-4BF0-8431-350AEAEC9650} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-07-28] (IObit)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Rick.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Rick.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Rick\Favorites\Gateway\Gateway.lnk -> hxxp://www.gateway.com/
==================== Loaded Modules (Whitelisted) ==============
2016-10-24 23:07 - 2016-10-20 03:56 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
2016-10-24 23:07 - 2016-10-20 03:56 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll
2016-11-08 15:14 - 2016-11-08 15:14 - 31067840 _____ () C:\Users\Rick\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3431173695-69639140-411144729-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Rick\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\10924721_846524365397807_6267246092458262385_n.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "SearchSettings"
HKU\S-1-5-21-3431173695-69639140-411144729-1002\...\StartupApproved\Run: => "Advanced SystemCare 8"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{88DC0B4A-8DAA-4E99-873E-86CC8CAEB68A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{74B44DF6-AA11-411A-BB22-2916A49541CE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{20C6A0BE-B768-43E3-9CE3-34667EC258A3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{9366FACF-BB72-4C31-99BA-7C5A1FBD72A9}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{5B498646-29BA-4BAC-8561-4693EB1F74FB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{BFE7A909-9F92-4024-BBB1-6E580E58B6F7}] => (Allow) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
FirewallRules: [{CFA4E105-EA7C-467A-8B4C-C585732AC972}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5C05799A-6948-43D4-BDA6-E5177D828E6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EF64259A-7933-4C09-B486-40DF487ACFE6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4DF57E0-AD3D-41C1-B760-2426DF39A632}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F8683892-3081-473C-8AF6-7763F65993E6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{56A5F014-4744-43D8-973C-4F861743EF9C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{F2337D0C-518A-4B93-A9B2-7DFE0A791775}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{5BEC645E-8DB1-4295-9396-7DA7CFAC5514}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{BC9935E8-AC1A-4BF4-8DBD-539F79B3B6E3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{6E224C9C-B355-43C4-984B-3DAEDD2214F3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{91660A02-7643-4BF4-8AA2-D94B9255ECFB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
10-11-2016 04:44:32 Scheduled Checkpoint
20-11-2016 12:12:28 Scheduled Checkpoint
27-11-2016 14:47:12 Restore Operation
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/27/2016 05:01:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\uistub.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 05:01:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\IObit\Advanced SystemCare\IU5Setup.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 05:01:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\IObit\Advanced SystemCare\PatchSetup_A9.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 05:01:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\IObit\Advanced SystemCare\Dashlane_Launcher.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 05:00:00 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (1304) SRUJet: Database recovery/restore failed with unexpected error -539.
Error: (11/27/2016 04:00:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1420) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU0046A.log.
Error: (11/27/2016 02:45:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\uistub.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 02:45:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\uistub.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 02:45:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\uistub.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2016 02:35:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Norton Security with Backup\Engine64\22.8.0.50\uistub.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (11/27/2016 05:20:31 PM) (Source: DCOM) (EventID: 10000) (User: HOME)
Description: Unable to start a DCOM Server: {06622D85-6856-4460-8DE1-A81921B41C4B}. The error:
"14001"
Happened while starting this command:
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
Error: (11/27/2016 05:02:42 PM) (Source: DCOM) (EventID: 10016) (User: HOME)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user Home\Rick SID (S-1-5-21-3431173695-69639140-411144729-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.BingWeather_3.0.4.344_x64__8wekyb3d8bbwe SID (S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330). This security permission can be modified using the Component Services administrative tool.
Error: (11/27/2016 05:02:15 PM) (Source: DCOM) (EventID: 10000) (User: HOME)
Description: Unable to start a DCOM Server: {06622D85-6856-4460-8DE1-A81921B41C4B}. The error:
"14001"
Happened while starting this command:
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
Error: (11/27/2016 04:50:46 PM) (Source: DCOM) (EventID: 10000) (User: HOME)
Description: Unable to start a DCOM Server: {06622D85-6856-4460-8DE1-A81921B41C4B}. The error:
"14001"
Happened while starting this command:
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
Error: (11/27/2016 04:42:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
Error: (11/27/2016 04:39:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SMService service failed to start due to the following error:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
Error: (11/27/2016 04:39:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Security with Backup service failed to start due to the following error:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
Error: (11/27/2016 04:39:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
Error: (11/27/2016 04:39:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
Error: (11/27/2016 04:39:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LiveUpdate service failed to start due to the following error:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
CodeIntegrity:
===================================
Date: 2016-11-27 17:32:28.232
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 17:32:22.744
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 17:32:12.758
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:43.029
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:38.623
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:34.076
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:29.685
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:25.294
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:20.919
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-27 16:02:16.529
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 60%
Total physical RAM: 3800.02 MB
Available physical RAM: 1502.84 MB
Total Virtual: 4568.02 MB
Available Virtual: 1225.48 MB
==================== Drives ================================
Drive c: (Gateway) (Fixed) (Total:439.61 GB) (Free:387.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2AD815CD)
Partition: GPT.
==================== End of Addition.txt ============================