Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-09-2015 Ran by Ihab (2015-09-26 07:34:33) Running from C:\Users\Ihab.owner-PC\Downloads Windows 10 Home (X64) (2015-08-04 19:24:59) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3441355507-501977229-3566188338-500 - Administrator - Disabled) Daniel (S-1-5-21-3441355507-501977229-3566188338-1007 - Limited - Enabled) => C:\Users\Daniel DefaultAccount (S-1-5-21-3441355507-501977229-3566188338-503 - Limited - Disabled) Guest (S-1-5-21-3441355507-501977229-3566188338-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3441355507-501977229-3566188338-1002 - Limited - Enabled) Ihab (S-1-5-21-3441355507-501977229-3566188338-1006 - Administrator - Enabled) => C:\Users\Ihab.owner-PC owner (S-1-5-21-3441355507-501977229-3566188338-1000 - Limited - Enabled) => C:\Users\owner ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation) Boardmaker (HKLM-x32\...\Boardmaker) (Version: - ) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BSF v6 Supplemental Installer (HKLM-x32\...\Supplemental Installer) (Version: - ) Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.100.14 - Citrix Systems, Inc.) Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden doPDF 6.2 printer (HKLM\...\doPDF 6 printer_is1) (Version: - Softland) Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.6 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden DVDFab Passkey 8.0.7.7 (09/10/2012) (HKLM-x32\...\DVDFab Passkey 8_is1) (Version: - Fengtao Software Inc.) DynaVox Editing Software (HKLM-x32\...\DynaVox Systems Editing Software) (Version: 1.07.2.6523 - DynaVox Systems) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION) Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION) Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2) Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION) EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON SX535WD Series Printer Uninstall (HKLM\...\EPSON SX535WD Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.) Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation) Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation) iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Kobo (HKLM-x32\...\Kobo) (Version: 3.17.0 - Rakuten Kobo Inc.) MGTEK dopisp 6.1 (HKLM-x32\...\{C25D3574-3136-4B33-9D32-8F0F5E81F349}) (Version: 6.1.3574 - MGTEK) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 15.0.4745.1002 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft OneDrive for Business 2013 - en-us (HKLM\...\GrooveRetail - en-us) (Version: 15.0.4745.1002 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 40.0.3 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-GB)) (Version: 40.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Network Guide EPSON SX535WD Series (HKLM-x32\...\EPSON SX535WD Series Netg) (Version: - ) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden Online Plug-in (x32 Version: 14.2.100.14 - Citrix Systems, Inc.) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.) Pin It (HKLM-x32\...\Pin It_is1) (Version: 0.0.4 - Pinterest) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.) Raptr (HKLM-x32\...\Raptr) (Version: - ) Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.13.112.2010 - Realtek) Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.) Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.) RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - ) Self-service Plug-in (x32 Version: 4.2.100.5943 - Citrix Systems, Inc.) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype Web Plugin (HKLM-x32\...\{69F300CB-D6BF-41DD-B7CC-983BAFF4EE15}) (Version: 3.1.15602.22612 - Skype Technologies S.A.) Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) SoulseekQt (HKLM-x32\...\SoulseekQt) (Version: - ) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated) TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION) TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation) TOSHIBA ConfigFree (HKLM-x32\...\{607BE7BF-7C28-4ADB-A4A0-385962B901C3}) (Version: 8.0.28 - TOSHIBA Corporation) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation) TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation) TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation) TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.6C - TOSHIBA CORPORATION) TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.22C - TOSHIBA CORPORATION) TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation) TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION) TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.10 - TOSHIBA CORPORATION) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation) TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation) TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation) TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA) TOSHIBA Speech System Applications (HKLM-x32\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: 1.00.2518 - ) TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM-x32\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - ) TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM-x32\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - ) TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION) TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.3.64 - TOSHIBA Corporation) TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation) User's Guide EPSON SX535WD Series (HKLM-x32\...\EPSON SX535WD Series Useg) (Version: - ) Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Watchtower Library 2014 - English (HKLM-x32\...\{DB6F2EEA-CEEA-4096-8BD7-ABF100A90820}) (Version: 16.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.) Watchtower Library 2014 - العربية (HKLM-x32\...\{662E130D-7A09-49CC-9EBA-2FB2C5623A86}) (Version: 16.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3441355507-501977229-3566188338-1006_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Ihab.owner-PC\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3441355507-501977229-3566188338-1006_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Ihab.owner-PC\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3441355507-501977229-3566188338-1006_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ihab.owner-PC\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3441355507-501977229-3566188338-1006_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Ihab.owner-PC\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3441355507-501977229-3566188338-1006_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Ihab.owner-PC\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3441355507-501977229-3566188338-1006_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Ihab.owner-PC\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3441355507-501977229-3566188338-1006_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Ihab.owner-PC\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3441355507-501977229-3566188338-1006_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Ihab.owner-PC\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3441355507-501977229-3566188338-1006_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ihab.owner-PC\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) ==================== Restore Points ========================= 17-09-2015 08:22:07 Scheduled Checkpoint 21-09-2015 21:24:55 Windows Update 25-09-2015 15:54:47 Windows Backup ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0089FCA5-6887-4AE0-A06E-BE299255C7F4} - System32\Tasks\PinItAutoUpdate => C:\Program Files (x86)\Pinterest\Pin It\AutoUpdater.exe [2013-10-17] () Task: {061624F6-A96C-4A1D-BDAD-7290834016F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {0A4D29EC-B661-424A-9CE3-1D0C02084722} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {0E531911-7029-470D-B89B-E9171CEDE511} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {12C2AAB4-B6E9-4DC7-9BEE-34357F669DF5} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe Task: {1A5180A3-04F5-4851-9917-C0155360A178} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {1A84E346-4FBF-4E54-A41B-27FBC7022439} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {1ACFF7B0-C3A3-4C46-A3FB-1FF6D25C3A21} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-23] (Adobe Systems Incorporated) Task: {2B5F0E78-F66E-45D9-BDDE-88EAE060042E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {329ED25B-478D-47CA-8AB9-34D6B86291DC} - System32\Tasks\{5267E67B-5E1C-4277-9ABA-B7D87260255A} => Firefox.exe http://ui.skype.com/ui/0/7.7.0.103/en/abandoninstall?source=lightinstaller&page=tsMain Task: {36F8D6AF-19BD-4694-BBD3-7ED1F027CB34} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {38850254-4B1F-4E3D-8028-795FAA26A394} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {39460968-1294-4C23-8BA9-C32963DA046E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {3E096025-F6AF-419B-9F40-2A9105CF32C3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {3E3102D3-CA25-4EE2-865A-32EFE7778346} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {49905CA4-EDEC-4EAD-869B-F03664F56EF9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {571B5908-063D-429C-AE97-CA4B339E7F60} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.) Task: {5E02118A-B4D2-4F0F-9283-BE00A0B79766} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {62CF3482-60C7-47A5-9058-52417F038021} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation) Task: {65B8DF53-C7AF-493E-8776-59CB2FF9424E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {6918FF6F-C9FE-41D1-832F-F348F1B66976} - \ConfigFree Startup Programs -> No File <==== ATTENTION Task: {696B664D-54E6-47EC-A7FD-D330A5EB2019} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {6A273EC8-FD24-4943-AC4D-1D327D654109} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {713E6352-31CF-4159-ACC7-68BDF0B2CC14} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {7684E4B6-C806-4C80-B955-32911BAB76DD} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {78418099-B2CA-4A6D-80A6-5265641E8A6E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3441355507-501977229-3566188338-1006UA => C:\Users\Ihab.owner-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.) Task: {78717EBF-9950-412C-9496-86852F3AAD38} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {79048A46-4002-446C-A846-8D89BFBAA85F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.) Task: {7BAC184D-6CAA-4B38-8FAA-8845E51C1167} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3441355507-501977229-3566188338-1004Core => C:\Users\Ihab\AppData\Local\Google\Update\GoogleUpdate.exe Task: {837088B6-8EA1-4843-8140-49993D8EAD5A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {8487E952-83DD-4B55-AC87-67AF026F5D6A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {86F008F4-8C18-47DA-B474-8826C8C5D4C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {8BA2DB5C-3A02-4045-A2DD-210D57CBC12A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {8C8E6FD2-54DA-4517-A628-71750E71D3B0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-04] (Dropbox, Inc.) Task: {9DFB6CA9-100D-4EEA-A803-7A668E5DA4C6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3441355507-501977229-3566188338-1006Core => C:\Users\Ihab.owner-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.) Task: {A0D073E0-F761-478B-899B-D9B57186F45C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {A546F8CA-3E2C-4F09-A35A-08C9DD69747C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {A7C79990-6ABC-4739-ABCD-4232DD56C962} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation) Task: {AE1B5BCA-F53B-4B93-8A75-6B9AFDCCA666} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {AFABFCEE-0A57-4C0D-BC5D-7115BFAD5170} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {B5B2B63B-53FF-4E2B-B6D9-82BF2BC692FF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {B940E784-2CDD-496B-A6CD-3C56CCF72409} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {BB533E02-BFF2-4077-AC55-5C8121C6FB0A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {BBF89FC2-8457-4E5A-948F-2E7D67A5E983} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {BC2B17DC-E01C-485A-A7BA-4FFC9002703D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3441355507-501977229-3566188338-1004UA => C:\Users\Ihab\AppData\Local\Google\Update\GoogleUpdate.exe Task: {BF4BC98D-726D-476C-BE7C-7F526F70BADF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-07-14] (Microsoft Corporation) Task: {C562AE4F-B13C-4D42-BEE0-97D0467AE7FF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {C9384580-4A24-485F-802F-EA12DE8ADFE7} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {C9DEF3F5-AA17-4112-991C-75F7F0B9D6DF} - System32\Tasks\{112F1C57-56A1-4835-8EB8-8B0328D73F17} => pcalua.exe -a "C:\Users\Ihab.owner-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UFYDEMO4\wlsetup-web.exe" -d C:\Users\Ihab.owner-PC\Desktop Task: {D2541B59-1109-4E98-98FD-6DF88AF37935} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {D2A17FC1-CA07-4A3D-9B21-E2AB82069A13} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {D48D730A-B9C7-4E05-AB50-96C9792062B0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {D58B2FFC-1C20-4F3B-8954-A0050DBC554F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-04] (Dropbox, Inc.) Task: {DED420AE-3783-472C-BAFD-3F2F573801D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.) Task: {ED3C54AD-729F-46CA-9404-282C08226665} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {EE5BDBB8-54D8-4F1F-AEA4-5004321EDDE1} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {EFC1FCBD-36DA-437A-A57D-C0B1560DE6F1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation) Task: {F8024380-830C-4E87-A924-6F7D420B95A5} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {FB49553D-950E-401D-8132-6E913B100678} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {FD2C2A9C-8786-4B30-8130-BC44E97D0052} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {FF4FB6F0-5811-4D08-A088-BA5F92A60930} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3441355507-501977229-3566188338-1004Core.job => C:\Users\Ihab\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3441355507-501977229-3566188338-1004UA.job => C:\Users\Ihab\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3441355507-501977229-3566188338-1006Core.job => C:\Users\Ihab.owner-PC\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3441355507-501977229-3566188338-1006UA.job => C:\Users\Ihab.owner-PC\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-08-05 02:44 - 2015-08-05 02:44 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2011-12-28 19:48 - 2009-11-04 14:18 - 00189440 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\lxecdrpp.dll 2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-05-24 08:12 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-08-20 10:51 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-09-04 17:06 - 2015-08-18 08:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-09-04 17:06 - 2015-08-18 08:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-05-24 08:20 - 2015-05-24 08:20 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-07-10 11:59 - 2015-07-10 11:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll 2015-08-12 20:54 - 2015-08-03 02:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-07-10 12:00 - 2015-07-10 14:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-08-20 10:51 - 2015-08-11 09:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-08-12 20:54 - 2015-08-03 02:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 12:00 - 2015-07-10 14:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2010-03-03 22:15 - 2010-03-03 22:15 - 08762680 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll 2009-11-03 21:26 - 2009-11-03 21:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll 2010-03-03 22:15 - 2010-03-03 22:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll 2010-03-03 22:15 - 2010-03-03 22:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll 2010-03-27 00:19 - 2009-06-22 23:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll 2009-03-13 03:08 - 2009-03-13 03:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll 2009-07-26 01:38 - 2009-07-26 01:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll 2010-02-06 01:44 - 2010-02-06 01:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll 2015-09-15 14:25 - 2015-09-15 14:25 - 00306960 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll 2015-09-15 14:25 - 2015-09-15 14:25 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-24 08:13 - 2015-05-24 08:13 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2015-05-24 08:14 - 2015-05-24 08:20 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\office15\1033\GrooveIntlResource.dll 2015-09-21 21:40 - 2015-09-21 21:40 - 00098816 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\win32api.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00110080 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\pywintypes27.dll 2015-09-21 21:40 - 2015-09-21 21:40 - 00364544 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\pythoncom27.dll 2015-09-21 21:40 - 2015-09-21 21:40 - 00045568 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\_socket.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 01161216 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\_ssl.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00320512 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\win32com.shell.shell.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00713216 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\_hashlib.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 01176576 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\wx._core_.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00806400 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\wx._gdi_.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00816128 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\wx._windows_.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 01067008 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\wx._controls_.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00733184 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\wx._misc_.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00682496 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\pysqlite2._sqlite.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00087552 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\_ctypes.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00119808 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\win32file.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00108544 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\win32security.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00007168 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\hashobjs_ext.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00068096 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\usb_ext.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00167936 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\win32gui.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00018432 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\win32event.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00128512 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\_elementtree.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00127488 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\pyexpat.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00013824 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\common.time34.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00036864 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\_psutil_windows.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00038912 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\win32inet.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00011264 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\win32crypt.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00077312 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\wx._html2.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00027136 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\_multiprocessing.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00020480 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\_yappi.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00035840 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\win32process.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00686080 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\unicodedata.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00123392 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\wx._wizard.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00024064 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\win32pipe.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00010240 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\select.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00025600 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\win32pdh.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00525640 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\windows._lib_cacheinvalidation.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00017408 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\win32profile.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00022528 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\win32ts.pyd 2015-09-21 21:40 - 2015-09-21 21:40 - 00078848 _____ () C:\Users\IHAB~1.OWN\AppData\Local\Temp\_MEI66082\wx._animate.pyd 2015-05-24 08:13 - 2015-05-24 08:13 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll 2015-05-24 08:14 - 2015-05-24 08:20 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2015-09-23 16:05 - 2015-09-25 21:44 - 00166416 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2015-09-25 23:56 - 2015-09-25 23:56 - 00071168 _____ () c:\users\ihab~1.own\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnp2d0p.dll 2015-09-25 23:56 - 2015-09-03 00:03 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll 2015-09-25 23:56 - 2015-09-03 00:03 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-09-25 23:56 - 2015-09-03 00:03 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-09-25 23:56 - 2015-09-03 00:03 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll 2015-09-09 16:39 - 2015-09-09 16:39 - 00022528 _____ () C:\Users\Ihab.owner-PC\AppData\Local\Packages\c27eb4ba.dropbox_xbfy0k16fey96\AC\Microsoft\CLR_v4.0_32\NativeImages\DropboxCame0fb79d1a#\a6b85c5a8e8bc581d22568f0f456d859\DropboxCameraUploadAgent.ni.dll 2015-08-16 19:23 - 2015-08-16 19:23 - 02791424 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\5ad06a6c4f46314970c17fffa77c2400\Windows.ApplicationModel.ni.dll 2015-09-11 15:00 - 2015-09-11 15:00 - 01326592 _____ () C:\Users\Ihab.owner-PC\AppData\Local\Packages\c27eb4ba.dropbox_xbfy0k16fey96\AC\Microsoft\CLR_v4.0_32\NativeImages\Dropbox.Wincfec8ddc#\37ae323237168ef1643e5b7a9398385a\Dropbox.WindowsApp.Core.ni.dll 2015-09-11 15:01 - 2015-09-11 15:01 - 00742400 _____ () C:\Users\Ihab.owner-PC\AppData\Local\Packages\c27eb4ba.dropbox_xbfy0k16fey96\AC\Microsoft\CLR_v4.0_32\NativeImages\Dropbox.Services\50952d359b16f7a830c0a5aa9bbc4e7d\Dropbox.Services.ni.dll 2015-08-16 19:24 - 2015-08-16 19:24 - 00656384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\b8da460da05d49cb1614b5d64c332bc8\Windows.Security.ni.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3441355507-501977229-3566188338-1006\...\sharepoint.com -> hxxps://happycamelservices.sharepoint.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3441355507-501977229-3566188338-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{6612F54E-BCDB-461A-9FB5-3B3B8DF8E1E1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E0E5B637-8CBD-4C54-857F-0DCEBC73DB43}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EDC2D9E6-BB4E-41BC-AC0B-8533E6DBC9A4}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [UDP Query User{B55D2263-C732-4CBF-95DA-7964E7DBA7D8}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe FirewallRules: [TCP Query User{365BD425-FC7F-40AC-BEFF-7CBC6E129753}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe FirewallRules: [UDP Query User{62ADF54E-79C5-474D-B6B9-525371E247F3}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe FirewallRules: [TCP Query User{015C1EF9-21A5-4134-8222-39DC37D63F6D}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe FirewallRules: [{071177A9-650C-4E0F-9CC5-A4222C826288}] => (Allow) LPort=1900 FirewallRules: [{D538BAA5-7319-43FE-966F-0E1D73562212}] => (Allow) LPort=2869 FirewallRules: [{383C04CE-321A-4E5A-9347-C05E2C859816}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{8E333D29-FBF8-4D45-B85A-0810940B1F81}] => (Allow) C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\SkypeWebPlugin.exe FirewallRules: [UDP Query User{E7A9ACDE-1973-4991-99B7-E7EA19520500}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe FirewallRules: [TCP Query User{EAD75792-6CAA-4525-894C-49B331EF1C7E}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe FirewallRules: [UDP Query User{3E087FB8-5022-44A3-AAB8-D32FB7E9AD28}C:\users\ihab.owner-pc\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ihab.owner-pc\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{D903AD5A-91FD-443B-AA5A-2B643FA98141}C:\users\ihab.owner-pc\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ihab.owner-pc\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{C18B2D06-7987-47BA-8DB8-8A9C15264AA2}] => (Allow) C:\Users\Ihab.owner-PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{A2AA8ADE-40C4-4095-9887-4FBEC866680A}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe FirewallRules: [{3AFB411D-D9A4-4589-989C-62455864DBDC}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe FirewallRules: [UDP Query User{D3E4363B-82C6-441D-96E5-02605869D4D9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [TCP Query User{CEE91289-FAAD-461A-97B0-C694643D571B}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [{F91BA885-813D-4285-9D90-FC4DE682D611}] => (Allow) svchost.exe FirewallRules: [{E6D6D8FD-1CF7-4CE0-8D64-4F89E32B4711}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [UDP Query User{4C41FEC5-EED3-416A-B894-B14C87EB67DA}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe FirewallRules: [TCP Query User{45EEDAD6-90D4-44F6-83AA-99768E24A648}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe FirewallRules: [{B7005BDB-2A53-419A-9E18-0214EE5BF032}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe FirewallRules: [{826937E5-75C4-46FF-8BBF-2F09F425BFA1}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe FirewallRules: [{407F6483-3F3D-44F1-9F5A-D8DB727B1D9A}] => (Allow) C:\windows\system32\lxeccoms.exe FirewallRules: [UDP Query User{6C4649C5-4C3C-4980-BFE0-5D4E42375446}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{06E39F49-DD1E-4177-A297-26E924625DF3}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{AD7CFDD1-EC70-407D-AD2A-F5BA47320E8A}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{5A77CF47-1736-4A3E-BBE9-6BDC1E71870C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{C0C6BDF1-BF4C-447C-B80C-9CD32FC05875}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{B498198E-06B9-4604-B49B-94182722C2CC}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{6B801CB0-47C1-49CE-9472-131D03A8DCD3}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe FirewallRules: [{5F44DF87-08D4-42FA-8C89-7C795FFE97EE}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe FirewallRules: [{711F8D70-F7D3-44FF-BFA0-194F48E34D0D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{A3826A3B-BA38-4C6B-B603-B003B707DAB6}] => (Block) D:\tl-wa830re\easysetupassistant.exe FirewallRules: [{B9608874-7FFE-4184-8A3E-B66411176672}] => (Block) D:\tl-wa830re\easysetupassistant.exe FirewallRules: [UDP Query User{575EE813-88C8-4D32-8CEF-23AAD6BD3DEE}D:\tl-wa830re\easysetupassistant.exe] => (Allow) D:\tl-wa830re\easysetupassistant.exe FirewallRules: [TCP Query User{393444D5-036F-4824-8B6E-AA9B1ACA86AD}D:\tl-wa830re\easysetupassistant.exe] => (Allow) D:\tl-wa830re\easysetupassistant.exe FirewallRules: [{B86D68AF-865F-42C4-B0E4-6DD5F988A531}] => (Allow) C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe FirewallRules: [{1195412B-E0FA-487A-A552-DE89D0BB0B94}] => (Allow) C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe FirewallRules: [UDP Query User{4310FAF1-8158-4D29-B480-09DD358AABB4}C:\users\owner\appdata\local\temp\lmi3cc3.tmp\lmi_rescue.exe] => (Allow) C:\users\owner\appdata\local\temp\lmi3cc3.tmp\lmi_rescue.exe FirewallRules: [TCP Query User{FB5CCA9A-1C21-4E62-939F-0499A7FC0C5E}C:\users\owner\appdata\local\temp\lmi3cc3.tmp\lmi_rescue.exe] => (Allow) C:\users\owner\appdata\local\temp\lmi3cc3.tmp\lmi_rescue.exe FirewallRules: [{0FE5F238-A63D-47C6-BCAE-780CA3C30477}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{28F4A62D-A4FE-4A38-8DDD-19F0B433383D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{920AACA3-2DD6-4BEA-8196-0EFB6E0801D7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{615605E2-3EDF-4826-9F0D-3C51FDBBE06C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{5FB3EB52-5A06-4DDB-BE25-3074A26434C0}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{779B43C3-2AB7-4315-B6DA-045BF71B7FEE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{60E1F7EF-47F1-4796-ABAB-A9327681ED67}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{ECB4A79B-D5A2-463A-AD5E-C5FCD4A1DE28}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{36E00F32-3F68-44FE-90BD-A25D1966E0B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{1B149E2A-5549-4C0A-820E-7A074D917EBF}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{E9FE00A6-B4AA-45F9-BB52-BC464D78DEE7}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{11BF6A60-828D-4DD9-A40E-CBEA3F0FF129}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/26/2015 12:00:08 AM) (Source: THSA) (EventID: 100) (User: ) Description: %1 Error: (09/25/2015 03:54:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (09/25/2015 03:54:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (09/25/2015 03:53:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (09/25/2015 01:32:42 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6036875 Error: (09/25/2015 01:32:42 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6036875 Error: (09/25/2015 01:32:42 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/25/2015 11:52:07 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1187 Error: (09/25/2015 11:52:07 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1187 Error: (09/25/2015 11:52:07 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (09/25/2015 11:52:08 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (09/24/2015 07:45:50 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (09/23/2015 07:08:30 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (09/22/2015 06:43:01 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (09/22/2015 05:33:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service. Error: (09/22/2015 05:32:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service. Error: (09/21/2015 11:40:44 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (09/21/2015 09:40:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (09/21/2015 09:34:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error: %%1058 Error: (09/21/2015 09:34:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Bing Desktop Update service service to connect. CodeIntegrity: =================================== Date: 2015-09-26 03:23:03.789 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-26 03:23:01.088 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-26 03:23:00.000 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-26 03:22:15.913 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-26 03:22:15.878 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-26 03:22:15.762 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-26 02:46:17.631 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-26 02:46:16.201 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-24 05:23:34.863 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-24 05:23:34.766 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz Percentage of memory in use: 77% Total physical RAM: 3954.67 MB Available physical RAM: 878.86 MB Total Virtual: 8306.67 MB Available Virtual: 2532.33 MB ==================== Drives ================================ Drive c: (S3A9506D003) (Fixed) (Total:582.21 GB) (Free:134.88 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive e: (1TB Passport) (Fixed) (Total:931.48 GB) (Free:756.44 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: DB99C923) Partition 1: (Active) - (Size=1.5 GB) - (Type=27) Partition 2: (Not Active) - (Size=582.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=784 MB) - (Type=27) Partition 4: (Not Active) - (Size=11.7 GB) - (Type=17) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00023F15) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================