Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21.01.2018
Ran by BARAA (25-01-2018 07:38:47)
Running from C:\Users\BARAA\Downloads\Programs
þþMicrosoft Windows 10 Enterprise Version 1709 16299.192 (X86) (2017-12-28 07:15:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3670302237-3725136352-3398788399-500 - Administrator - Disabled)
BARAA (S-1-5-21-3670302237-3725136352-3398788399-1001 - Administrator - Enabled) => C:\Users\BARAA
DefaultAccount (S-1-5-21-3670302237-3725136352-3398788399-503 - Limited - Disabled)
Guest (S-1-5-21-3670302237-3725136352-3398788399-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3670302237-3725136352-3398788399-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 28 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AVG Driver Updater (HKLM\...\{BAAB946F-7E00-41F4-BEC7-B8CCF758E012}) (Version: 2.3.0 - AVG Netherlands B.V) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform)
FMW 1 (HKLM\...\{A2B92392-DC17-416B-88F6-A6A55E053E32}) (Version: 1.143.3 - AVG Technologies) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 63.0.3239.132 - Google Incý.ý)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
Kaspersky Internet Security (HKLM\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3670302237-3725136352-3398788399-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation)
NirSoft Wireless Network Watcher (HKLM\...\NirSoft Wireless Network Watcher) (Version: - )
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8248 - Realtek Semiconductor Corp.)
Registry Trash Keys Finder (Freeware) (HKLM\...\Registry Trash Keys Finder) (Version: 3.9.3.0 - SNC)
SHAREit (HKLM\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)
Update for Skype for Business 2016 (KB4011623) 32-Bit Edition (HKLM\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{EFA705B6-E8ED-4E9A-9C21-78622E54A2B6}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4011623) 32-Bit Edition (HKLM\...\{90160000-012B-0401-0000-0000000FF1CE}_Office16.PROPLUS_{EFA705B6-E8ED-4E9A-9C21-78622E54A2B6}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Windows 10 Update Assistant (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinUtilities Professional Edition 14.5 (HKLM\...\{FC274982-5AAD-4C20-848D-4424A5043009}_is1) (Version: 14.5 - YL Computing, Inc)
Wise Folder Hider 3.38 (HKLM\...\Wise Folder Hider_is1) (Version: 3.38 - WiseCleaner.com, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2017-06-23] (Tonec Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\shellex.dll [2018-01-17] (AO Kaspersky Lab)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\shellex.dll [2018-01-17] (AO Kaspersky Lab)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\shellex.dll [2018-01-17] (AO Kaspersky Lab)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-07-02] (Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\shellex.dll [2018-01-17] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1FF7E95E-8B39-47AF-A59D-B4B8C104D7EC} - System32\Tasks\WinUtilities_Disk_Cleaner_D81CDF27E9284401 => C:\Program Files\WinUtilities\ToolDiskCleaner.exe [2017-02-21] (YL Software)
Task: {22DE7BCB-ED07-4416-BDE7-1DDC8E1568E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-12-16] (Google Inc.)
Task: {2816D135-1994-4148-9FA6-B94487E392AB} - System32\Tasks\WinUtilities_DiskDefrag_D81CDF27E9284404 => C:\Program Files\WinUtilities\ToolDiskDefrag.exe [2017-02-21] (YL Software)
Task: {70CEC673-982C-4B50-8E73-93E3029543AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {79F886B3-76C9-4AA4-A68E-C40C439E63D7} - System32\Tasks\WinUtilities_History_Cleaner_D81CDF27E9284403 => C:\Program Files\WinUtilities\ToolHistoryCleaner.exe [2017-02-21] (YL Software)
Task: {7C6DAA6B-E56B-4909-B95A-4D33797A469B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-12-16] (Google Inc.)
Task: {87ECFAEA-62C5-4898-81D3-799D1183C4F2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {A2ADC703-79D5-4D86-A185-331BCD0B55F4} - \WiseCleaner\WFHFreeSkipUAC -> No File <==== ATTENTION
Task: {A71CF34E-1672-499E-A84B-2390E949CD5A} - System32\Tasks\WinUtilities_Registry_Cleaner_D81CDF27E9284402 => C:\Program Files\WinUtilities\ToolRegistryCleaner.exe [2017-02-21] (YL Software)
Task: {C38D6199-A2A3-4DB0-A9FB-1BCDBAFF0DAD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {CBA71D68-9307-4B2A-AF89-53FCDA203413} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Task: {D45CB18F-502E-4B43-88F5-54C8D7249F5B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-09] (Adobe Systems Incorporated)
Task: {D72698D4-4A4C-4F13-BBD3-CE069AC5946B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {EA384435-662B-4343-82FA-AABD6F0DD532} - System32\Tasks\S-1-5-21-3670302237-3725136352-3398788399-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {ED5ECD7E-FC44-42C0-ACF8-98C5FEEF5291} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd)
Task: {F6F945C7-8817-44C6-920E-F2CF944284AD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd)
Task: {FE299927-C978-4B40-BF9F-9CA772D9BD00} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-11] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\WinUtilities_DiskDefrag_D81CDF27E9284404.job => C:\Program Files\WinUtilities\ToolDiskDefrag.exe
Task: C:\WINDOWS\Tasks\WinUtilities_Disk_Cleaner_D81CDF27E9284401.job => C:\Program Files\WinUtilities\ToolDiskCleaner.exe
Task: C:\WINDOWS\Tasks\WinUtilities_History_Cleaner_D81CDF27E9284403.job => C:\Program Files\WinUtilities\ToolHistoryCleaner.exe
Task: C:\WINDOWS\Tasks\WinUtilities_Registry_Cleaner_D81CDF27E9284402.job => C:\Program Files\WinUtilities\ToolRegistryCleaner.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-01-17 20:40 - 2018-01-18 12:50 - 001934792 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-17 23:19 - 2018-01-17 23:19 - 000836968 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\kpcengine.2.3.dll
2017-09-29 12:49 - 2017-09-29 12:49 - 000149840 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-12-28 05:40 - 2017-12-28 05:40 - 007817728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-28 05:40 - 2017-12-28 05:40 - 001518592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-04 23:50 - 2018-01-03 09:56 - 003062104 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-04 23:50 - 2018-01-03 09:56 - 000085848 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.132\libegl.dll
2017-12-13 08:53 - 2017-12-13 08:53 - 000102088 _____ () C:\Users\BARAA\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2018-01-03 14:33 - 2018-01-03 14:33 - 000061920 _____ () C:\Program Files\CCleaner\branding.dll
2018-01-09 15:21 - 2018-01-09 15:21 - 000074384 _____ () C:\Program Files\CCleaner\lang\lang-1025.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 09:28 - 2017-12-18 11:06 - 000000828 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3670302237-3725136352-3398788399-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\BARAA\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_20171116_103639.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{43BC5EE6-5B97-42E9-A5C4-0AD2733B0A2F}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{9C8002FC-037C-4A4A-84FD-684D5D38E20E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{4D2CA91A-42E8-4E97-8DB3-72AF76B9F041}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{10FC5D36-C36B-4FD5-B018-01E35052CC12}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{60A2AF26-80BA-4EE3-ACEF-206DB36F9A6C}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{E99A62D9-9B58-46A8-8A0E-21BA48D781B2}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{CF127575-3647-4739-8AE2-1CB05D96E0D2}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{775E8804-1053-4F9E-A931-B93575F050F2}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{D4B0E084-AE6A-4B6F-8AC5-934E43B9DC3D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{38B7813D-C8DE-47AA-922E-76C3B0AE3B6B}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{4B5EB22A-8FCA-4DF8-A726-3B3FA300DCFD}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{1EFE2161-F182-43A4-8A39-3FA5D584035D}] => (Allow) LPort=1688
FirewallRules: [{0089BCBF-64E4-438B-BB52-0EF0A22670E3}] => (Allow) E:\ÇáÊäÒíáÇÊ\ÇáÊäÒíáÇÊ\Compressed\EmbratoriaG6.5.1\EmbratoriaG6.5.2\libs.exe
FirewallRules: [{8803C2F0-09BF-460B-B285-B68A4BD72599}] => (Allow) E:\ÇáÊäÒíáÇÊ\ÇáÊäÒíáÇÊ\Compressed\EmbratoriaG6.5.1\EmbratoriaG6.5.2\libs.exe
FirewallRules: [{8AA83E61-A7C0-4888-B07A-E6C58B06CE71}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{DFA85DBA-A573-4CA7-8DE8-94EC66C55327}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{AB9F9D15-9476-40F7-ADB7-354B046DA7DA}] => (Allow) LPort=5000
FirewallRules: [{2E9BAB52-9CB2-469D-900D-25E38BC5F59E}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{07221503-BF81-42E6-93AB-59CE50D30BDF}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{8FA21383-55D9-45C8-950D-89EB1B72E8F6}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{F49C102B-8452-4CC1-BA49-822DED1261AE}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{F4CC84E7-0A55-4D30-A714-4421510A8776}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2018 07:23:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkQuarantineRetry

Error: (01/25/2018 07:21:20 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=5

Error: (01/25/2018 07:21:16 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/24/2018 05:30:29 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/24/2018 05:30:19 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=4

Error: (01/24/2018 04:40:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/24/2018 04:40:03 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (01/24/2018 10:13:02 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/24/2018 10:12:55 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=3

Error: (01/23/2018 09:12:46 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkQuarantineRetry


System errors:
=============
Error: (01/25/2018 07:18:37 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-F6CHQDU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-F6CHQDU\BARAA SID (S-1-5-21-3670302237-3725136352-3398788399-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 07:17:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 07:17:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 07:17:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2018 07:17:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/24/2018 06:50:22 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-F6CHQDU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-F6CHQDU\BARAA SID (S-1-5-21-3670302237-3725136352-3398788399-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/24/2018 06:02:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-F6CHQDU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-F6CHQDU\BARAA SID (S-1-5-21-3670302237-3725136352-3398788399-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/24/2018 05:54:16 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-F6CHQDU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-F6CHQDU\BARAA SID (S-1-5-21-3670302237-3725136352-3398788399-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/24/2018 05:42:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-F6CHQDU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-F6CHQDU\BARAA SID (S-1-5-21-3670302237-3725136352-3398788399-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/24/2018 05:29:56 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-F6CHQDU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-F6CHQDU\BARAA SID (S-1-5-21-3670302237-3725136352-3398788399-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 92%
Total physical RAM: 1744.89 MB
Available physical RAM: 136.94 MB
Total Virtual: 4432.89 MB
Available Virtual: 2370.43 MB

==================== Drives ================================

Drive c: (DRIVE_C) (Fixed) (Total:116.75 GB) (Free:40.82 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:117.19 GB) (Free:85.07 GB) NTFS
Drive e: () (Fixed) (Total:63.7 GB) (Free:33.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: F265F265)
Partition 1: (Active) - (Size=116.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=180.9 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================sMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-20 19:17:54.450
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-20 18:58:19.040
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-19 22:02:08.043
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-19 21:35:47.695
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-19 15:02:20.627
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-18 12:51:05.237
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-18 12:01:32.374
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-18 11:43:14.035
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 91%
Total physical RAM: 1744.89 MB
Available physical RAM: 144.57 MB
Total Virtual: 4432.89 MB
Available Virtual: 2383.11 MB

==================== Drives ================================

Drive c: (DRIVE_C) (Fixed) (Total:116.75 GB) (Free:40.82 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:117.19 GB) (Free:85.07 GB) NTFS
Drive e: () (Fixed) (Total:63.7 GB) (Free:33.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: F265F265)
Partition 1: (Active) - (Size=116.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=180.9 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================