Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015 Ran by TonyO (2016-01-03 12:33:37) Running from C:\Users\TonyO\Desktop Windows 10 Home (X64) (2015-09-08 20:44:27) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-664253536-2428268681-3679085427-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-664253536-2428268681-3679085427-503 - Limited - Disabled) Guest (S-1-5-21-664253536-2428268681-3679085427-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-664253536-2428268681-3679085427-1002 - Limited - Enabled) test (S-1-5-21-664253536-2428268681-3679085427-1003 - Administrator - Enabled) => C:\Users\test TonyO (S-1-5-21-664253536-2428268681-3679085427-1001 - Administrator - Enabled) => C:\Users\TonyO ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated) Adobe Reader 9.3.4 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A93000000001}) (Version: 9.3.4 - Adobe Systems Incorporated) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.) Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.9.00 - ) Best Buy pc app (HKU\S-1-5-21-664253536-2428268681-3679085427-1001\...\48e4cff94f039634) (Version: 3.0.0.0 - Best Buy) Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.60 - Conexant) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAZ Content Management Service (HKLM-x32\...\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D) DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.41) (Version: 1.1.0.41 - DAZ 3D) DJ2540FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden Free Webcam Recorder (HKLM-x32\...\{EDA2F047-79B6-46E2-8323-28086E1BA51D}) (Version: 1.0.0 - freepicturesolutions) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden HiDef Media Player 1.1.12 (HKLM-x32\...\HiDef Media Player) (Version: 1.1.12 - HiDefMedia) HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.1.1001 - Intel Corporation) IP Camera Viewer 3 (HKLM-x32\...\IP Camera Viewer_is1) (Version: - DeskShare Inc.) Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden Java(TM) 6 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) OpenPilot GCS (HKU\S-1-5-21-664253536-2428268681-3679085427-1001\...\OpenPilot) (Version: Ragin' Cajun - OpenPilot Team) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{DF34643B-A745-430C-B27B-A48F853C81E4}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.) Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0011 - Realtek) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation) Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer) Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba) TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA) TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION) Toshiba Book Place (HKLM-x32\...\{39187A4B-7538-4BE7-8BAD-9E83303793AA}) (Version: 2.0.5271 - K-NFB Reading Technology, Inc.) TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.06.64 - TOSHIBA Corporation) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation) TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.7.64 - TOSHIBA Corporation) TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation) TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.03.02.00 - ) TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation) TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION) TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.4.9 - TOSHIBA CORPORATION) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation) TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA) TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation) TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.05.64 - TOSHIBA Corporation) TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA) TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.03.02.00 - ) TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation) TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation) ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba) USB Optical Mouse (HKLM-x32\...\{EEAE45EB-C1E3-4CCD-930D-D7B40F810063}) (Version: 1.00.0000 - ) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Web Companion (HKLM-x32\...\{0d8ca27b-7cc0-43ae-a4c4-9dc05366f53e}) (Version: 2.1.1265.2535 - Lavasoft) Windows Driver Package - OpenPilot (usbser) Ports (11/21/2014 3.0.0.0) (HKLM\...\BD9150BF7DFF447F2F59CE296CC81C0AABAD7C01) (Version: 11/21/2014 3.0.0.0 - OpenPilot) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-664253536-2428268681-3679085427-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\TonyO\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-664253536-2428268681-3679085427-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00587E0A-B427-4039-AFB5-ED935B394474} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {04F60D68-6982-4F03-857D-579EDEE82575} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {0FEE87F8-E544-43DC-9726-E51861951602} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {172CA3FB-B0DC-42ED-97E5-4516FA314F80} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {1F0E0A3D-4259-4490-ADB6-A4DCFC7AD7EE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {2AA7971F-F55D-4699-804F-237C73DC9881} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {2CB1F480-DF99-44B5-8F54-E564E55C48E8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {2F38C0F2-5722-4EA4-832E-1F5717F9386A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {35412628-4F67-4A57-B223-599D0BE76CED} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {3723FEF5-CD62-4963-A6B2-7835E642D861} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {3A38E59F-9FF3-47A9-B365-A579F3BB1070} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {3D2F5963-51BA-4E44-9659-86DF2EABEECE} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {4523BEC8-7B44-4888-838A-05E9A37DBBDD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-17] (Google Inc.) Task: {49E83B22-0546-4B77-95A2-4D0F11DE969D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {4CE5C1CB-37A5-4B91-99A0-FEB7D2EA4436} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {52B21D49-508D-4604-A2F8-0AE6CB515F85} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {597F47DA-2168-44CE-B730-EBEA2715303D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {5CCED494-B483-4570-AF0F-30AA913F149E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {6A52A3F9-7C02-4870-AF35-CC02101C0B44} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {6D4C642B-E4D8-474A-A9FA-E444CC2DBAA7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {724F9B7A-8825-40A9-9688-466524C4BE10} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-23] (Microsoft Corporation) Task: {735B73AB-8DB0-4CA9-8913-924F3D335883} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {74A826EC-9EAC-4E2C-8D92-30DEDFCA6DD8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {79EEDC9B-6588-4EA2-8C25-871994D33ADD} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {831A1875-61B7-4152-8A12-5C23E246119D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {878C2013-8137-4349-BC8E-838BD191AC64} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {8D7883C1-4F5D-47EE-8B8D-315D19D125D0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {8E238CDF-C79C-4160-97B0-947F8371DBDB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {967661B8-3D8A-4DF2-B5EC-8D1205899A83} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {9971CC89-286A-4324-AD9A-FA219E9A4536} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {A20B2CAE-96B0-4388-B8C9-A8AC43E1FEAA} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {A83C152A-2D0B-4CF4-B1EB-0BCC0EEE8BE3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {A9D3E051-5EA0-49E7-A856-56785DB1C5DB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {B727E2A3-FFF7-477A-84A0-C6E8A65ECA94} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {BCC85FF3-112C-43ED-976B-C139178E0DCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-17] (Google Inc.) Task: {C07CEB1F-907F-4688-8CF6-0FF1685C122E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {C2E9F6AB-9B3F-4EEE-93DA-BC9EA5626C6F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {C85F8ECF-D4AF-4623-B41C-FB24F42DA664} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {E014B3F8-52E2-4816-9CE1-7D7DB676B842} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {E36F1FA9-D943-4284-A023-255DEE85FE3F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {FC3AC038-777C-4661-82F0-BCACEEC6B8A5} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-01] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-07-10 06:00 - 2015-07-10 06:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll 2015-09-08 10:13 - 2015-09-08 10:13 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-04-08 20:38 - 2011-05-05 15:36 - 00022528 _____ () C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe 2015-04-08 20:38 - 2011-05-05 15:36 - 01479680 _____ () C:\Program Files\DAZ 3D\Content Management Service\ace_x64.dll 2015-04-08 20:38 - 2011-05-05 15:36 - 00977408 _____ () C:\Program Files\DAZ 3D\Content Management Service\VServer_x64.dll 2015-04-08 20:38 - 2011-05-05 15:36 - 01053696 _____ () C:\Program Files\DAZ 3D\Content Management Service\ace_ssl_x64.dll 2015-04-08 20:38 - 2011-05-05 15:36 - 00155136 _____ () C:\Program Files\DAZ 3D\Content Management Service\asnmp_x64.dll 2015-09-08 10:13 - 2015-09-08 10:13 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-10-01 00:23 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-10-01 00:23 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-10-01 00:22 - 2015-09-17 00:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2012-11-26 22:54 - 2012-11-26 22:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2010-04-07 19:07 - 2010-04-07 19:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll 2009-11-03 16:26 - 2009-11-03 16:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll 2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll 2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll 2010-10-14 22:53 - 2009-06-22 17:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll 2009-03-12 22:08 - 2009-03-12 22:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll 2009-07-25 19:38 - 2009-07-25 19:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll 2015-05-26 18:56 - 2010-03-30 09:37 - 00245248 _____ () C:\Program Files (x86)\USB Optical Mouse\USB Optical Mouse\MouseHid.exe 2010-02-05 19:44 - 2010-02-05 19:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll 2015-12-09 02:13 - 2015-11-24 23:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-12-09 02:13 - 2015-11-24 23:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-12-09 02:13 - 2015-11-24 23:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-01 00:23 - 2015-09-17 00:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-10-02 17:05 - 2015-12-22 18:59 - 00113424 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll 2015-12-22 18:59 - 2015-12-22 18:59 - 00044304 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Common.Platform.dll 2015-12-22 18:59 - 2015-12-22 18:59 - 00010000 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.UpdateComponents.dll 2015-10-02 17:05 - 2015-12-22 18:59 - 00272656 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll 2015-12-22 18:59 - 2015-12-22 18:59 - 00022288 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AvastWrapper.dll 2015-10-02 17:05 - 2015-12-22 18:59 - 00046864 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll 2015-10-02 17:05 - 2015-12-22 18:59 - 00012560 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll 2015-10-02 17:05 - 2015-12-22 18:59 - 00120080 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll 2015-10-02 17:05 - 2015-12-22 18:59 - 00036112 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-664253536-2428268681-3679085427-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-664253536-2428268681-3679085427-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-664253536-2428268681-3679085427-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 75.114.81.1 - 75.114.81.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Best Buy pc app => C:\Users\TonyO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms MSCONFIG\startupreg: Camfrog => "C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe" MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [UDP Query User{32736152-4A55-4A6F-A77B-C7608F1E936C}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [TCP Query User{A80275D3-674D-4954-93E2-091D5CA02A23}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{6171399B-4582-43B5-9542-61BCF8CB7B13}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [TCP Query User{58DB85A1-7C0E-4F80-8DA2-8B2E3519A13E}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [{D2B697A6-890C-4F5F-B939-6CD8E127E380}] => (Allow) C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe FirewallRules: [{CE54B74F-87C7-41C0-A88D-BAF23E586F09}] => (Allow) C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe FirewallRules: [{74E30010-EA57-41F5-BE69-14BFC1270174}] => (Allow) C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe FirewallRules: [{90930C83-BC7F-459C-9491-B9F89540C43D}] => (Allow) C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe FirewallRules: [{6F070A97-4F22-4E6D-B08E-02ACFCE5C390}] => (Allow) C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe FirewallRules: [{F5B60093-12E4-4FF2-AFFE-2731916E92EA}] => (Allow) C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe FirewallRules: [{A11111B5-9A4A-4210-B6D8-7BFFFE0502E4}] => (Allow) C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe FirewallRules: [{8154EA15-D13E-4B3F-B9E6-BED1838088B1}] => (Allow) C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe FirewallRules: [{CA42D759-A5E4-4028-8A11-8F70501511C4}] => (Allow) C:\Users\TonyO\AppData\Local\Temp\nstBDD3.tmp\Installer-75984393.exe FirewallRules: [{F3FCC906-4262-4A61-998F-A37608ABB867}] => (Allow) C:\Users\TonyO\AppData\Local\Temp\nstBDD3.tmp\Installer-75984393.exe FirewallRules: [UDP Query User{67FFB805-375B-49A4-8190-3491CE752916}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{866554E7-4F92-471A-9B4C-C63296587AE9}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [{B7ADCC96-4012-4370-AD0D-C64303062749}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{C368FE78-D2AD-4BED-8B8B-27116FB96935}] => (Allow) LPort=1900 FirewallRules: [{BC25BAB6-5584-4C0C-A58B-49394ED35B3B}] => (Allow) LPort=2869 FirewallRules: [{83BA76C9-24F8-4F28-8FF6-8BE053CFCB59}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{EDC92F61-C222-436A-A269-D6291FC880F8}] => (Allow) C:\Users\TonyO\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{88322D5A-1AEB-4524-B95E-569E57DA7F20}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{DA272F8D-9E36-44EF-8C24-42D80D148F8F}] => (Allow) LPort=5357 FirewallRules: [{1924F313-4283-40D7-B5AD-291A21BCAC20}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [UDP Query User{E691CA09-F97D-4ABE-9BFB-3444A09F16B8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{1F3CF644-03B1-41B4-B314-1F244C912AC1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{F9D12FCB-CDBE-40CB-BCD9-1CF4F47B2120}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{350D9DF6-F5DE-4D8A-A29B-BB250FD0EB0B}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{C5D84BB8-A892-493E-B161-9350EEB92A71}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{9CF7BEFC-B57B-4342-BD3D-781C87AB2B60}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3B2FF266-BEE6-4118-AAC9-D4B169A03399}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0E92EFD3-49F0-4705-BEAD-B295F56311C7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D766AFB4-3277-45B6-96C5-D1A7F96EE639}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{B37FF483-C971-46BF-A787-F26ED09B1DF6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{74AF5DD6-80E8-4F1D-899F-9AD40B508DFF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{0B18738B-9B09-4005-A8D4-471D4A6490FE}] => (Allow) C:\Program Files (x86)\Deskshare\IP Camera Viewer 3\IP Camera Viewer.exe FirewallRules: [{1A9864D9-D9DD-4FE6-A530-65E3F4A2ED1D}] => (Allow) C:\Program Files (x86)\Deskshare\IP Camera Viewer 3\IP Camera Viewer.exe FirewallRules: [{95873FCF-A306-4608-ABE6-A9351EF1363E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F3DD8FC4-074A-47B2-880A-88F8EDDB0B85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Restore Points ========================= 16-11-2015 05:28:52 Windows Backup 22-11-2015 19:00:13 Windows Backup 01-12-2015 05:55:23 Windows Update 22-12-2015 19:01:44 Windows Update 01-01-2016 10:39:01 Windows Backup ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/03/2016 12:03:05 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (6992) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. Error: (01/03/2016 12:03:05 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (6992) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8). Error: (01/03/2016 12:02:54 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (6992) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. Error: (01/03/2016 12:02:54 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (6992) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8). Error: (01/03/2016 12:02:44 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (6992) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. Error: (01/03/2016 12:02:44 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (6992) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8). Error: (01/03/2016 12:02:34 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (6992) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. Error: (01/03/2016 12:02:34 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (6992) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8). Error: (01/03/2016 12:02:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program SearchUI.exe version 10.0.10240.16603 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 18f0 Start Time: 01d146481aa1529f Termination Time: 4294967295 Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Report Id: bf8f1408-b23b-11e5-9bd7-e89a8f0b20c9 Faulting package full name: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: CortanaUI Error: (01/03/2016 12:02:23 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (6992) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. System errors: ============= Error: (01/03/2016 11:59:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (01/03/2016 11:58:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The IE Search Set service failed to start due to the following error: %%1053 Error: (01/03/2016 11:58:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the IE Search Set service to connect. Error: (01/03/2016 11:58:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The HP Support Solutions Framework Service service failed to start due to the following error: %%1053 Error: (01/03/2016 11:58:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect. Error: (01/03/2016 11:57:47 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error: %%1058 Error: (01/03/2016 11:56:43 AM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY) Description: The system watchdog timer was triggered. Error: (01/03/2016 11:57:25 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 11:33:16 AM on ‎1/‎3/‎2016 was unexpected. Error: (01/02/2016 12:41:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Upgrade to Windows 10 Home, version 1511, 10586. Error: (01/01/2016 11:04:42 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service. CodeIntegrity: =================================== Date: 2016-01-03 08:30:32.917 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-03 08:30:32.893 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-03 08:30:32.064 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-03 08:30:30.891 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-01 11:21:17.863 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-01 11:21:17.752 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-01 11:21:17.128 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-01 11:21:15.670 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-01 06:11:52.236 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-01 06:11:52.052 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz Percentage of memory in use: 51% Total physical RAM: 3893.86 MB Available physical RAM: 1891.7 MB Total Virtual: 7861.86 MB Available Virtual: 5791.71 MB ==================== Drives ================================ Drive c: (TI106033W0C) (Fixed) (Total:284.14 GB) (Free:41.75 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 32E4A823) Partition 1: (Active) - (Size=1.5 GB) - (Type=27) Partition 2: (Not Active) - (Size=284.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=783 MB) - (Type=27) Partition 4: (Not Active) - (Size=11.7 GB) - (Type=17) ==================== End of Addition.txt ============================