Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-04-2016 01 Ran by dustypink (2016-04-12 18:27:30) Running from C:\Users\dustypink\Desktop Windows 8.1 (X64) (2014-08-17 13:42:57) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3633593147-2618078388-3133234350-500 - Administrator - Disabled) dustypink (S-1-5-21-3633593147-2618078388-3133234350-1001 - Administrator - Enabled) => C:\Users\dustypink Guest (S-1-5-21-3633593147-2618078388-3133234350-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3633593147-2618078388-3133234350-1003 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2241 - AVAST Software) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC) DTS Sound (HKLM-x32\...\{2C7A5AF4-1793-4B5A-89C0-021FB198EDE8}) (Version: 1.01.3900 - DTS, Inc.) Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation) Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.) Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation) partypoker (HKLM-x32\...\PartyPoker) (Version: - PartyGaming) Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars) Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7090 - Realtek Semiconductor Corp.) Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform) Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated) TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.01.6402 - Toshiba Corporation) TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.1.6403 - Toshiba Corporation) TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.04.6403 - Toshiba Corporation) TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.18 - TOSHIBA) TOSHIBA Password Utility (HKLM-x32\...\{2DB90351-FBAA-472B-9F12-6E1EBBB354DE}) (Version: v2.1.0.15 - Toshiba Corporation) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.10.1.6400 - Toshiba Corporation) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation) TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation) TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation) TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.0.32003 - Toshiba Corporation) Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH) TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.29.107 - Toshiba Corporation) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1D62860A-2649-43A8-A147-D74774C3CCDB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-03-09] (Microsoft Corporation) Task: {31A2AEE9-C8F8-43CD-8FA2-A33408821211} - System32\Tasks\TOSHIBA\TecoResident => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-10-15] (TOSHIBA Corporation) Task: {39F14DAC-D76B-47CD-8F61-633FF48C3355} - System32\Tasks\TOSHIBA\HotKeysCmds => C:\Windows\system32\hkcmd.exe [2013-11-22] (Intel Corporation) Task: {3D8508F6-8268-47AA-9F24-41F6A25B7C01} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {4348E71F-FB9B-4DE4-92BE-304F82DB02EC} - System32\Tasks\TOSHIBA\Persistence => C:\Windows\system32\igfxpers.exe [2013-11-22] (Intel Corporation) Task: {453EF7DC-65F9-43AC-89AF-4FC29458F24F} - System32\Tasks\TOSHIBA\TCrdMain => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-10-08] (TOSHIBA Corporation) Task: {494106A8-2A79-497D-9D67-ED54E0C9BD7A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-11-07] (AVAST Software) Task: {55CAFCD1-BAE5-45E5-9CBC-D919EC10C360} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software) Task: {5A9C9905-21B5-44C6-8EEA-C093933BFF02} - System32\Tasks\TOSHIBA\TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-13] (TOSHIBA Corporation) Task: {62592AEE-03D9-45E5-9C0F-EA14668DF995} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation) Task: {68671A82-79C9-4CF7-8825-00DFEE829FD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {8813E86A-3E29-4029-A0BE-D035438E375A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd) Task: {90031724-65DB-43D1-A6F0-0BF5B65750AF} - System32\Tasks\TOSHIBA\IgfxTray => C:\Windows\system32\igfxtray.exe [2013-11-22] (Intel Corporation) Task: {9235572E-17FE-4840-AA84-BF0D5C23E05C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated) Task: {B97CF63A-2F85-47FE-B698-976C7F326446} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24] (Realtek Semiconductor) Task: {D3D3530A-76F9-421E-B135-F7B309FEC887} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-18] (Toshiba Europe GmbH) Task: {D5F990FB-DBA7-470B-84DB-B189E26CFDF0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {EEDF72A7-73C3-4256-86AE-F1C623D97F5F} - System32\Tasks\TOSHIBA\TSVU => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23] (TOSHIBA) Task: {F2038060-72A1-4F47-BF7D-842BE52EE720} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 06:45 - 2015-10-13 06:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll 2015-11-07 19:14 - 2015-11-07 19:14 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-11-07 19:14 - 2015-11-07 19:14 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-04-03 21:55 - 2016-04-03 21:55 - 02850816 _____ () C:\Program Files\AVAST Software\Avast\defs\16040300\algo.dll 2015-11-07 19:14 - 2015-11-07 19:14 - 00466448 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-04-03 22:10 - 2016-04-03 22:10 - 02850816 _____ () C:\Program Files\AVAST Software\Avast\defs\16040301\algo.dll 2016-04-10 16:54 - 2016-04-10 16:54 - 02876416 _____ () C:\Program Files\AVAST Software\Avast\defs\16041001\algo.dll 2015-03-28 20:48 - 2015-03-28 20:48 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2015-10-02 10:44 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3633593147-2618078388-3133234350-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dustypink\Pictures\magalufpool.jpg HKU\S-1-5-21-3633593147-2618078388-3133234350-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\dustypink\Pictures\magalufpool.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: AtherosSvc => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: dts_apo_service => 2 MSCONFIG\Services: GamesAppService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: SDScannerService => 2 MSCONFIG\Services: SDUpdateService => 2 MSCONFIG\Services: SDWSCService => 2 MSCONFIG\Services: TemproMonitoringService => 3 MSCONFIG\Services: TMachInfo => 3 MSCONFIG\Services: TODDSrv => 2 MSCONFIG\Services: TOSHIBA eco Utility Service => 2 MSCONFIG\Services: TPCHSrv => 3 ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{4FBA4A39-123D-40CB-933D-90E72DE9E0D0}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{C26A6613-5080-4C3F-BDC6-E9396111275E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{70C59A4A-5C9C-4939-80DE-86298AF056B0}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{DDFF29AD-E9FB-4031-80A7-A84D572A7D46}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{B6D51E58-E61D-4145-A389-5236E5875D8C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{9C0E6306-21F8-45CF-8B4E-F8D979FAF944}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{37161CF4-FC59-4954-9AF1-1B48054BFD22}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6E842BA0-1C28-468F-A4EC-A3D0F03BE150}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4EF9730A-11D8-406F-AFAE-E953F3FF20B8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{035F1B19-45C6-469C-8F49-2291E2DCA8F5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{A2698F2D-3D2A-490A-901F-1F68BD2A87BE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{6DE0D3FE-3327-4B50-9FED-DBEEBDE6F3A0}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{B3485D27-2FEF-4424-84BA-4E5305DE8DB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A0AA0594-3216-4699-993D-64E6F1E37328}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{24E9A429-8340-481C-BC65-D3E373C86A28}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6A36C846-7F1C-4BD2-832E-143E1A110256}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{49602BB4-8BFA-4B43-B858-4DD3F20412AB}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{71F4A8BC-8083-4A20-9F7A-03B91F899080}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 22-03-2016 17:51:46 Windows Update 30-03-2016 22:14:46 Scheduled Checkpoint 07-04-2016 21:56:39 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/11/2016 07:40:50 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 10234 Error: (04/11/2016 07:40:50 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 10234 Error: (04/11/2016 07:40:50 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/11/2016 07:40:46 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6234 Error: (04/11/2016 07:40:46 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6234 Error: (04/11/2016 07:40:46 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/11/2016 07:40:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2312 Error: (04/11/2016 07:40:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2312 Error: (04/11/2016 07:40:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/10/2016 05:37:00 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8390 System errors: ============= Error: (04/10/2016 10:51:09 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20. Error: (04/09/2016 07:56:36 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: 1053TrustedInstallerUnavailable{752073A1-23F2-4396-85F0-8FDB879ED0ED} Error: (04/09/2016 07:56:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Modules Installer service failed to start due to the following error: %%1053 Error: (04/09/2016 07:56:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect. Error: (04/05/2016 04:57:12 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20. Error: (04/03/2016 10:09:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The VBoxAsw Support Driver service failed to start due to the following error: %%3 Error: (04/03/2016 10:09:30 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 22:36:13 on ‎02/‎04/‎2016 was unexpected. Error: (04/03/2016 09:32:02 PM) (Source: DCOM) (EventID: 10010) (User: LASVEGAS) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (04/03/2016 09:32:01 PM) (Source: DCOM) (EventID: 10010) (User: LASVEGAS) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (03/31/2016 06:42:48 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20. CodeIntegrity: =================================== Date: 2015-09-10 15:44:39.582 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-10 15:44:37.634 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-03-28 18:35:04.207 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU N3520 @ 2.16GHz Percentage of memory in use: 72% Total physical RAM: 3979.19 MB Available physical RAM: 1078.94 MB Total Virtual: 5991.71 MB Available Virtual: 1016.12 MB ==================== Drives ================================ Drive c: (TI31262300B) (Fixed) (Total:454.75 GB) (Free:288.51 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================