Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015 Ran by Rayan at 2015-06-15 15:43:59 Running from C:\Users\Rayan\AppData\Local\Microsoft\Windows\INetCache\IE\WBHO2YR6 Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-113965090-4082397984-2472747820-500 - Administrator - Enabled) HomeGroupUser$ (S-1-5-21-113965090-4082397984-2472747820-1003 - Limited - Enabled) Invité (S-1-5-21-113965090-4082397984-2472747820-501 - Limited - Disabled) Rayan (S-1-5-21-113965090-4082397984-2472747820-1001 - Administrator - Enabled) => C:\Users\Rayan ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-113965090-4082397984-2472747820-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - ) Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.0.0.74 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.3.1 - IObit) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros) Autodesk 3ds Max 2015 (Version: 17.2.259.0 - Autodesk) Hidden Autodesk 3ds Max 2015 SP2 (HKLM\...\Autodesk 3ds Max 2015 SP2) (Version: 17.2.259.0 - Autodesk) Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden Blender (HKLM\...\Blender) (Version: 2.70a - Blender Foundation) Bruteforce Save Data (HKLM-x32\...\Bruteforce Save Data) (Version: - ) Color Efex Pro 4 (HKLM-x32\...\Color Efex Pro 4) (Version: 4.0.0.0 - Nik Software, Inc.) Crazybump (remove only) (HKLM-x32\...\Crazybump) (Version: - ) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) DTS Sound (HKLM-x32\...\{2C7A5AF4-1793-4B5A-89C0-021FB198EDE8}) (Version: 1.01.3900 - DTS, Inc.) FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line) FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - ) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.2.10.2466 - IObit) Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation) Ma-Config.com (64 bits) (HKLM\...\{9A3C5DC9-EEA9-4FB2-855A-26FE6DA733EA}) (Version: 7.1.3.1 - Cybelsoft) Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{7C419638-A20F-441A-8FE0-9D9724B1A793}) (Version: 11.4.3 - Red Giant Software) Magic Bullet Suite 64-bit (Version: 11.4.3 - Red Giant Software) Hidden Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{db012557-340e-4a46-adae-81a6b0f6a1e9}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{e6edaf4d-f9a1-4023-be00-d6189343feb9}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Mike Crash's Vegas Filters Uninstall (HKLM-x32\...\Mike Crash Vegas Filters) (Version: - ) Mozilla Firefox 38.0.5 (x86 fr) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 fr)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) My Program version 1.5 (HKLM-x32\...\My Program_is1) (Version: 1.5 - ) Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments) Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments) NewBlue 3D Explosions for Vegas (HKLM-x32\...\NewBlue 3D Explosions for Vegas) (Version: - ) NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version: 1.4 - NewBlue) NewBlue 3D Transformations for Windows (HKLM-x32\...\NewBlue 3D Transformations for Windows) (Version: 1.4 - NewBlue) NewBlue Art Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Art Blends 2.0 for Vegas) (Version: - ) NewBlue Art Blends for Windows (HKLM-x32\...\NewBlue Art Blends for Windows) (Version: - ) NewBlue Art Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Art Effects 2.0 for Vegas) (Version: - ) NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: - ) NewBlue Film Effects for Vegas (HKLM-x32\...\NewBlue Film Effects for Vegas) (Version: - ) NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version: - ) NewBlue Light Effects for Windows (HKLM-x32\...\NewBlue Light Effects for Windows) (Version: 1.4 - NewBlue) NewBlue Motion Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Blends 2.0 for Vegas) (Version: - ) NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: - ) NewBlue Motion Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Effects 2.0 for Vegas) (Version: - ) NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 3.0 - NewBlue) NewBlue plug-ins bundle patch build 121206 (HKLM\...\NewBlue plug-ins bundle patch build 121206_is1) (Version: 3.0.0.0 - NewBlue Inc.) NewBlue Video Essentials II for Windows (HKLM-x32\...\NewBlue Video Essentials II for Windows) (Version: - ) NewBlue Video Essentials IV for Windows (HKLM-x32\...\NewBlue Video Essentials IV for Windows) (Version: 3.0 - NewBlue) NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.1 - Notepad++ Team) NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden photoFXlab (HKLM-x32\...\photoFXlab) (Version: 1.2.8 - Topaz Labs) Pokemon Showdown (HKLM-x32\...\Pokemon Showdown) (Version: - "Pokemon Showdown") QGifer (HKLM-x32\...\819FBA20-557E-4EFB-9EF9-8040D09FAE68) (Version: 0.2.1 - ) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) R4 3DS Emulator (HKU\S-1-5-21-113965090-4082397984-2472747820-1001\...\R4 3DS Emulator) (Version: - ) RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version: - Password Unlocker Studio) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.) reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - ) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.) SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.) Sonic Foundry Preset Manager 1.0 (HKLM-x32\...\{7266C898-F9CB-4122-9452-2AA1DACE245E}) (Version: 1.0.73 - Sonic Foundry) Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated) System Requirements Lab Detection (HKLM-x32\...\{5451E1D2-108B-4B79-91CF-46BD6CE4D09F}) (Version: 6.1.4.0 - Husdawg, LLC) System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC) Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC) Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1.0 - Topaz Labs, LLC) Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC) Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.1.0 - Topaz Labs, LLC) Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC) Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC) Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC) Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs, LLC) Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC) Topaz ReMask 4 (HKLM-x32\...\Topaz ReMask 4) (Version: 4.0.0 - Topaz Labs, LLC) Topaz ReStyle (HKLM-x32\...\Topaz ReStyle) (Version: 1.0.0 - Topaz Labs, LLC) Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.1.1 - Topaz Labs, LLC) Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.1.0 - Topaz Labs, LLC) TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.01.6402 - Toshiba Corporation) TOSHIBA Display Utility (HKLM\...\{B9A67DC9-EAD3-4B87-B733-F2BA28F0D68E}) (Version: 1.2.4.0 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.1.6403 - Toshiba Corporation) TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.04.6403 - Toshiba Corporation) TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.18 - TOSHIBA) TOSHIBA Password Utility (HKLM-x32\...\{2DB90351-FBAA-472B-9F12-6E1EBBB354DE}) (Version: v2.1.0.15 - Toshiba Corporation) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.10.1.6400 - Toshiba Corporation) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation) TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation) TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation) TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.0.32003 - Toshiba Corporation) Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH) TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.29.107 - Toshiba Corporation) Transiciones Marbuendy (HKLM-x32\...\Transiciones Marbuendy) (Version: - ) Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) WinDS PRO 2014.07.26 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2014.07.26 - WinDS PRO Central) WinDS PRO Apps 3.2 (HKLM\...\{92C4C953-5CE1-4DC3-97D5-BBD1A63EF706}_is1) (Version: 3.2 - WinDS PRO Central) WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. ) Wondershare Video Converter Ultimate(Build 8.1.3.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.1.3.0 - Wondershare Software) Zenoté Glow for Vegas (HKLM-x32\...\{F3A15FE0-A67B-4E05-853A-46851EAEFBF0}) (Version: 1.0.0.1 - Zenoté) ZHPDiag 2015 (HKLM-x32\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-113965090-4082397984-2472747820-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rayan\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File CustomCLSID: HKU\S-1-5-21-113965090-4082397984-2472747820-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () CustomCLSID: HKU\S-1-5-21-113965090-4082397984-2472747820-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Restore Points ========================= 26-05-2015 03:42:18 Installed System Requirements Lab Detection 30-05-2015 18:37:03 Installed Zenoté Glow for Vegas 05-06-2015 02:20:34 Installed QuickTime 7 08-06-2015 05:04:32 LavasoftWeCompanion 13-06-2015 10:18:01 Removed Zenoté Glow for Vegas ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {015D9A92-9B52-4370-BC32-EEFE48F3577B} - System32\Tasks\TOSHIBA\HotKeysCmds => C:\Windows\system32\hkcmd.exe [2013-11-22] (Intel Corporation) Task: {15638BE7-9BC7-4282-9D34-05EECE6E63FF} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe Task: {1C15028D-4E34-4D05-B2D3-47C02F33371E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-reikoblade31@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30] (Adobe Systems Incorporated) Task: {3C194A1C-4D7D-4066-92C3-65F5ACE309AF} - System32\Tasks\TOSHIBA\IgfxTray => C:\Windows\system32\igfxtray.exe [2013-11-22] (Intel Corporation) Task: {5DC1DEF7-2102-4890-8086-01799A0A46BF} - System32\Tasks\TOSHIBA\TSVU => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2014-04-07] (TOSHIBA) Task: {5DEE7192-C73A-4DFE-AB66-BA5FEB078831} - System32\Tasks\TOSHIBA\TCrdMain => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-10-09] (TOSHIBA Corporation) Task: {5F50B4B7-E3C8-416C-B932-7CF52A85AD13} - System32\Tasks\{E1FAB7F5-033C-4D41-ACEC-5B9BA17591AC} => Firefox.exe http://ui.skype.com/ui/0/7.3.0.101/fr/abandoninstall?page=tsProgressBar Task: {6255B24C-63DA-4D83-B34D-0A15F4C2AA58} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation) Task: {67E71497-D3B6-492F-A33D-1E2ED1483E25} - System32\Tasks\TOSHIBA\Persistence => C:\Windows\system32\igfxpers.exe [2013-11-22] (Intel Corporation) Task: {85FF232C-CC2A-4827-9BD3-FBF501220015} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH) Task: {9FFEBF19-0D63-45F3-ADFD-0690AF56892F} - System32\Tasks\TOSHIBA\TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-14] (TOSHIBA Corporation) Task: {A2229677-79BE-4D2C-96DF-476379A4F75D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-12] (Adobe Systems Incorporated) Task: {AC719E01-B73C-49BB-B0AB-4ECF2B913E35} - \ProtectedSearch\Protected Search No Task File <==== ATTENTION Task: {BB03D780-8793-4397-B37E-DFB4296F96E1} - System32\Tasks\TOSHIBA\TecoResident => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-10-15] (TOSHIBA Corporation) Task: {BC6213C0-3AB8-4A50-8D90-E1DFE802B954} - \Browser Updater\Browser Updater No Task File <==== ATTENTION Task: {FD4AA986-904F-492B-B6A0-52B3B525ABA7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.) Task: {FFDA27F8-F5FB-43EE-B981-50F89D5FB82D} - System32\Tasks\{7FB9A820-06C6-4ABD-80CF-2106065A14A0} => Firefox.exe http://ui.skype.com/ui/0/7.3.0.101/fr/abandoninstall?page=tsProgressBar Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\ASC7_SkipUac_Rayan.job => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe ==================== Loaded Modules (Whitelisted) ============== 2013-11-07 00:26 - 2013-11-07 00:26 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe 2015-04-16 17:42 - 2015-04-16 17:42 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2012-07-19 04:38 - 2012-07-19 04:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll 2015-04-16 17:41 - 2015-04-16 17:41 - 05842080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2014-06-27 22:20 - 2013-10-25 21:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll 2014-07-17 05:39 - 2014-06-21 08:19 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2014-07-17 05:39 - 2014-06-21 08:19 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2014-06-27 22:17 - 2014-06-06 22:07 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl 2014-06-27 22:17 - 2014-06-06 22:07 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl 2014-06-27 22:17 - 2014-06-06 22:07 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl 2014-06-27 22:18 - 2014-06-06 22:08 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll 2015-04-20 07:16 - 2015-04-20 07:16 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2015-06-10 23:28 - 2014-10-31 16:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2015-06-10 23:28 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\Users\Rayan\SkyDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-113965090-4082397984-2472747820-1001\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-113965090-4082397984-2472747820-1001\...\aeriagames.com -> hxxp://aeriagames.com IE trusted site: HKU\S-1-5-21-113965090-4082397984-2472747820-1001\...\ma-config.com -> hxxp://ma-config.com IE trusted site: HKU\S-1-5-21-113965090-4082397984-2472747820-1001\...\ma-config.com -> hxxps://ma-config.com IE trusted site: HKU\S-1-5-21-113965090-4082397984-2472747820-1001\...\touslesdrivers.com -> hxxp://touslesdrivers.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-113965090-4082397984-2472747820-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rayan\Pictures\wolf_8-wallpaper-1920x1080.jpg DNS Servers: 192.168.1.254 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKU\S-1-5-21-113965090-4082397984-2472747820-1001\...\StartupApproved\Run: => "SUPERAntiSpyware" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{3A4ED231-8638-424B-8196-4E0FDEBA7F70}] => (Allow) LPort=48113 FirewallRules: [{A0C6418F-C0A8-4F45-A856-5BB20C9B559E}] => (Allow) LPort=48114 FirewallRules: [{CF6929A9-B82D-4561-8BBE-32127F80657E}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{065C07AD-C1D5-4801-9BA2-608C535A2FAC}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{575706A3-65FC-4BFD-A11E-404112BD3AC9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [TCP Query User{97E2D842-3365-4742-854D-9D1923B22D36}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{29FE8F9F-54D9-4084-A019-7BC9A2717882}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{90B288A5-FD38-4358-B5E5-A32C0748A3D4}C:\program files\blender foundation\blender\blender.exe] => (Allow) C:\program files\blender foundation\blender\blender.exe FirewallRules: [UDP Query User{23955009-BE1C-4C6A-84CE-7F4D4855D37E}C:\program files\blender foundation\blender\blender.exe] => (Allow) C:\program files\blender foundation\blender\blender.exe FirewallRules: [{F318C3D6-C335-4C71-89A6-C8F939E589F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CBB06AC4-13AE-49D4-BAEC-BBFA82F1AA2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{13AB93BC-F5C4-4A76-8156-1F84ABE0EFA6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{7EA767AA-8461-48C5-A225-5AB85346AB76}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{BEA252DC-9F58-48F9-B24D-11E22A3EC709}] => (Allow) C:\Users\Rayan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{79D2FF2C-7BBB-44FE-88AC-91AC2B22F60F}] => (Allow) C:\Users\Rayan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{E038DF12-1070-47CC-8E89-8FBC7287962C}C:\users\rayan\appdata\roaming\utorrent\updates\3.4.2_38656.exe] => (Allow) C:\users\rayan\appdata\roaming\utorrent\updates\3.4.2_38656.exe FirewallRules: [UDP Query User{2B16EBFF-A85C-4C91-9F87-3CDC5AC1F128}C:\users\rayan\appdata\roaming\utorrent\updates\3.4.2_38656.exe] => (Allow) C:\users\rayan\appdata\roaming\utorrent\updates\3.4.2_38656.exe FirewallRules: [TCP Query User{F423F4F4-B55D-4FD6-8D8C-EF00F508A279}C:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe FirewallRules: [UDP Query User{02B8AB00-B411-4ACA-BBB2-18F9770681DA}C:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs6 (64 bit)\photoshop.exe FirewallRules: [{87B1690F-F8ED-43F2-8E29-A6612B6A3728}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe FirewallRules: [{A5BFA9E9-15D3-4774-9035-D4B28FBFC419}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe FirewallRules: [TCP Query User{8A359579-1631-4F69-88CC-33695FECBBFA}C:\program files (x86)\looksbuilder\magic bullet photolooks.exe] => (Block) C:\program files (x86)\looksbuilder\magic bullet photolooks.exe FirewallRules: [UDP Query User{BB5ED913-7D54-4C55-BA87-D0EBC263AE77}C:\program files (x86)\looksbuilder\magic bullet photolooks.exe] => (Block) C:\program files (x86)\looksbuilder\magic bullet photolooks.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/15/2015 03:36:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAYAN) Description: Échec de l’activation de l’application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (06/15/2015 03:36:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante BackgroundTransferHost.exe, version : 6.3.9600.16384, horodatage : 0x5215dfb7 Nom du module défaillant : KERNELBASE.dll, version : 6.3.9600.17278, horodatage : 0x53eebf2e Code d’exception : 0x00000004 Décalage d’erreur : 0x000000000000606c ID du processus défaillant : 0xd34 Heure de début de l’application défaillante : 0xBackgroundTransferHost.exe0 Chemin d’accès de l’application défaillante : BackgroundTransferHost.exe1 Chemin d’accès du module défaillant: BackgroundTransferHost.exe2 ID de rapport : BackgroundTransferHost.exe3 Nom complet du package défaillant : BackgroundTransferHost.exe4 ID de l’application relative au package défaillant : BackgroundTransferHost.exe5 Error: (06/15/2015 03:35:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAYAN) Description: Échec de l’activation de l’application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (06/15/2015 03:35:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAYAN) Description: Échec de l’activation de l’application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (06/15/2015 03:35:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAYAN) Description: Échec de l’activation de l’application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (06/15/2015 03:35:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAYAN) Description: Échec de l’activation de l’application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (06/15/2015 03:35:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAYAN) Description: Échec de l’activation de l’application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (06/15/2015 03:35:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante LiveComm.exe, version : 17.5.9600.20689, horodatage : 0x54703d9a Nom du module défaillant : msvcr120_app.dll, version : 6.3.9600.17278, horodatage : 0x53eebd22 Code d’exception : 0xc0000135 Décalage d’erreur : 0x00000000000ec0b4 ID du processus défaillant : 0x924 Heure de début de l’application défaillante : 0xLiveComm.exe0 Chemin d’accès de l’application défaillante : LiveComm.exe1 Chemin d’accès du module défaillant: LiveComm.exe2 ID de rapport : LiveComm.exe3 Nom complet du package défaillant : LiveComm.exe4 ID de l’application relative au package défaillant : LiveComm.exe5 Error: (06/15/2015 03:35:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante LiveComm.exe, version : 17.5.9600.20689, horodatage : 0x54703d9a Nom du module défaillant : msvcr120_app.dll, version : 6.3.9600.17278, horodatage : 0x53eebd22 Code d’exception : 0xc0000135 Décalage d’erreur : 0x00000000000ec0b4 ID du processus défaillant : 0xc2c Heure de début de l’application défaillante : 0xLiveComm.exe0 Chemin d’accès de l’application défaillante : LiveComm.exe1 Chemin d’accès du module défaillant: LiveComm.exe2 ID de rapport : LiveComm.exe3 Nom complet du package défaillant : LiveComm.exe4 ID de l’application relative au package défaillant : LiveComm.exe5 Error: (06/15/2015 03:35:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante LiveComm.exe, version : 17.5.9600.20689, horodatage : 0x54703d9a Nom du module défaillant : msvcr120_app.dll, version : 6.3.9600.17278, horodatage : 0x53eebd22 Code d’exception : 0xc0000135 Décalage d’erreur : 0x00000000000ec0b4 ID du processus défaillant : 0xdf4 Heure de début de l’application défaillante : 0xLiveComm.exe0 Chemin d’accès de l’application défaillante : LiveComm.exe1 Chemin d’accès du module défaillant: LiveComm.exe2 ID de rapport : LiveComm.exe3 Nom complet du package défaillant : LiveComm.exe4 ID de l’application relative au package défaillant : LiveComm.exe5 System errors: ============= Error: (06/15/2015 03:35:56 PM) (Source: DCOM) (EventID: 10010) (User: RAYAN) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (06/15/2015 03:35:53 PM) (Source: DCOM) (EventID: 10010) (User: RAYAN) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (06/15/2015 03:35:49 PM) (Source: DCOM) (EventID: 10010) (User: RAYAN) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (06/15/2015 03:35:47 PM) (Source: DCOM) (EventID: 10010) (User: RAYAN) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (06/15/2015 03:35:45 PM) (Source: DCOM) (EventID: 10010) (User: RAYAN) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (06/15/2015 07:22:21 AM) (Source: DCOM) (EventID: 10010) (User: RAYAN) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (06/15/2015 07:22:20 AM) (Source: DCOM) (EventID: 10010) (User: RAYAN) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (06/15/2015 06:52:21 AM) (Source: DCOM) (EventID: 10010) (User: RAYAN) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (06/15/2015 06:52:20 AM) (Source: DCOM) (EventID: 10010) (User: RAYAN) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (06/15/2015 06:22:21 AM) (Source: DCOM) (EventID: 10010) (User: RAYAN) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Microsoft Office: ========================= Error: (06/15/2015 03:36:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAYAN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147023170 Error: (06/15/2015 03:36:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: BackgroundTransferHost.exe6.3.9600.163845215dfb7KERNELBASE.dll6.3.9600.1727853eebf2e00000004000000000000606cd3401d0a770328c625aC:\Windows\system32\BackgroundTransferHost.exeC:\Windows\system32\KERNELBASE.dll76ce8dab-1363-11e5-842a-40f02ffccdf1microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail Error: (06/15/2015 03:35:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAYAN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141 Error: (06/15/2015 03:35:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAYAN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141 Error: (06/15/2015 03:35:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAYAN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141 Error: (06/15/2015 03:35:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAYAN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141 Error: (06/15/2015 03:35:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAYAN) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141 Error: (06/15/2015 03:35:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: LiveComm.exe17.5.9600.2068954703d9amsvcr120_app.dll6.3.9600.1727853eebd22c000013500000000000ec0b492401d0a770334d815cC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exemsvcr120_app.dll70fed1eb-1363-11e5-842a-40f02ffccdf1microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (06/15/2015 03:35:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: LiveComm.exe17.5.9600.2068954703d9amsvcr120_app.dll6.3.9600.1727853eebd22c000013500000000000ec0b4c2c01d0a77032879d94C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exemsvcr120_app.dll703b5083-1363-11e5-842a-40f02ffccdf1microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (06/15/2015 03:35:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: LiveComm.exe17.5.9600.2068954703d9amsvcr120_app.dll6.3.9600.1727853eebd22c000013500000000000ec0b4df401d0a7702fedfc49C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exemsvcr120_app.dll6dad9b03-1363-11e5-842a-40f02ffccdf1microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 CodeIntegrity Errors: =================================== Date: 2015-05-26 03:54:02.437 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-26 03:54:02.068 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-26 03:54:01.718 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-26 03:54:01.378 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-26 03:54:00.868 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-26 03:54:00.512 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-26 03:54:00.123 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-26 03:53:59.691 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-26 03:50:46.081 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-26 03:50:45.751 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU N2820 @ 2.13GHz Percentage of memory in use: 35% Total physical RAM: 3979.19 MB Available physical RAM: 2585.83 MB Total Pagefile: 6027.19 MB Available Pagefile: 3684.13 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: (TI31262500A) (Fixed) (Total:687.08 GB) (Free:517.45 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End of log ============================