Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01 Ran by ameni_000 (2016-04-04 22:19:26) Running from C:\Users\ameni_000\Desktop Windows 8.1 Enterprise (X64) (2013-10-30 19:58:51) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3863790764-1960184451-4274845908-500 - Administrator - Disabled) ameni_000 (S-1-5-21-3863790764-1960184451-4274845908-1003 - Administrator - Enabled) => C:\Users\ameni_000 Guest (S-1-5-21-3863790764-1960184451-4274845908-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated) Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated) Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0 - Adobe Systems Incorporated) Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.0.0 - Auslogics Labs Pty Ltd) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software) AzureTools.Notifications (x32 Version: 2.2.11003.1601 - Microsoft Corporation) Hidden Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden Bing Bureau (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation) Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.30924.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden Build Tools - amd64 (Version: 12.0.30110 - Microsoft Corporation) Hidden Build Tools - x86 (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden Build Tools Language Resources - amd64 (Version: 12.0.30110 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform) Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden Dropbox (HKU\S-1-5-21-3863790764-1960184451-4274845908-1003\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.) Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation) eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden FileZilla Client 3.7.4.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) Integrated Camera Driver Installer Package Ver.1.0.0.30 (HKLM-x32\...\{F8754583-7893-4CD8-9E51-1A08F3D4C1A9}) (Version: 1.0.0.30 - RICOH) Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.1.5 - Intel) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Network Connections 18.7.28.0 (HKLM\...\PROSetDX) (Version: 18.7.28.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{d5572863-793c-4ec8-872a-43cccc68b948}) (Version: 18.40.0 - Intel Corporation) JavaScript Tooling (Version: 12.0.30110 - Microsoft Corporation) Hidden JetBrains ReSharper 8.1 (HKLM-x32\...\{AAF5434A-5006-48FA-95C2-A833D4E4ADDF}) (Version: 8.1.23.546 - JetBrains Inc) Kobo (HKLM-x32\...\Kobo) (Version: 3.10.0 - Rakuten Kobo Inc.) Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.10 - ) Lenovo On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.72.10 - Lenovo) Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.04 - ) Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.1.7.100 - Lenovo Corporation) Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 1.3.0.22 - Lenovo Group Limited) Lenovo Solution Center (HKLM\...\{4386A5EF-BD23-49F4-9DAD-CD76B4F6A8BF}) (Version: 2.8.006.00 - Lenovo Group Limited) Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0022 - Lenovo) LiveSupport (HKLM-x32\...\LiveSupport_is1) (Version: 1.2.8.0 - PC Utilities Software Limited) <==== ATTENTION LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech) Ma-Config.com (64 bits) (HKLM\...\{D1EFA0BF-0069-410B-B7EA-92AEEC4DD18F}) (Version: 7.1.2.4 - Cybelsoft) Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft ASP.NET and Web Tools 2013.1 - Visual Studio 2013 (HKLM-x32\...\{FFE80EFF-EDAB-4E36-9A35-76A9EA1561FB}) (Version: 2.1.41009.0 - Microsoft Corporation) Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation) Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Office 365 ProPlus - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 15.0.4805.1003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3863790764-1960184451-4274845908-1003\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation) Microsoft SharePoint Designer 2013 - fr-fr (HKLM\...\SPDRetail - fr-fr) (Version: 15.0.4805.1003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation) Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{cd09eea6-d0b3-4246-bb80-e047ceadf61f}) (Version: 12.0.21005.13 - Microsoft Corporation) Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation) Microsoft Web Platform Installer 4.6 (HKLM\...\{16C7D2AD-20CA-491E-80BC-8607A9AACED9}) (Version: 4.0.40719.0 - Microsoft Corporation) Microsoft WebMatrix 3 (HKLM-x32\...\{4C1CB8FA-89A5-476A-89B6-C69BDC668A9F}) (Version: 2.0.1932 - Microsoft Corporation) Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.2.5.4 - Ericsson AB) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.4 - Notepad++ Team) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Popcorn Time (HKU\S-1-5-21-3863790764-1960184451-4274845908-1003\...\Popcorn Time) (Version: - Popcorn Official) PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation) Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.) SafeZone Stable 1.48.2066.95 (x32 Version: 1.48.2066.95 - Avast Software) Hidden Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION Sharegate Migration (HKLM-x32\...\{5D5CC563-5FED-49FB-83CA-5C4B8CE21967}) (Version: 4.5.2.0 - Sharegate) SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.) Système de protection active ThinkVantage (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.78.0.09 - Lenovo) Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.6850 - Broadcom Corporation) ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.13 - ) ThinkVantage Fingerprint Software (HKLM\...\{68D50088-CE92-4FF0-A220-D875E2E73151}) (Version: 6.0.0.8102 - Authentec Inc.) Uninstall Finalizer (x32 Version: 2.2.11003.1601 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden VCE Exam Simulator Demo (HKLM-x32\...\VCE Exam Simulator Demo_is1) (Version: - Avanset) Viber (HKU\S-1-5-21-3863790764-1960184451-4274845908-1003\...\{b44f5a1f-ca34-4def-9c69-9aabd288bcb6}) (Version: 5.9.1.1 - Viber Media Inc.) Viber (x32 Version: 5.9.1.1 - Viber Media Inc.) Hidden Visual CertExam Suite (HKLM-x32\...\Visual CertExam Suite_is1) (Version: - Avanset) Visual Studio 2013 Update 1 (KB2829760) (HKLM-x32\...\{2f6f0fc4-5f66-4635-a4d2-1dd8d9481c63}) (Version: 12.0.30110 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN) Vs2012 Verification SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation) Windows Azure Authoring Tools - v2.2 (HKLM\...\{863C94A6-E432-4C88-9C68-FB668AE66621}) (Version: 2.2.6492.2 - Microsoft Corporation) Windows Azure Emulator - v2.2 (HKLM\...\Windows Azure Emulator - v2.2) (Version: 2.2.6492.2 - Microsoft Corporation) Windows Azure Libraries for .NET – v2.2 (HKLM\...\{0DCF275C-3D88-48CC-B374-ACA7365EF966}) (Version: 2.2.0924.200 - Microsoft Corporation) Windows Azure Storage Tools - v2.2 (HKLM-x32\...\{E7FCA9E4-CDCB-472B-B168-567B16088E89}) (Version: 2.2.0.0 - Microsoft Corporation) Windows Azure Tools for Microsoft LightSwitch for Visual Studio 2013 - v2.2 (HKLM-x32\...\{8f2e7a13-dcdb-42eb-a707-e0e7dac5ad5c}) (Version: 2.2.11002.1601 - Microsoft Corporation) Windows Azure Tools for Microsoft Visual Studio 2013 - v2.2 (HKLM-x32\...\{1775e863-fea5-4931-9399-58f5247d0e99}) (Version: 2.2.11003.1601 - Microsoft Corporation) Windows Phone SDK 8.0 - ENU (HKLM-x32\...\{529db2e0-c334-4058-8ef0-9a214edbd1fa}) (Version: 11.0.50727.61 - Microsoft Corporation) WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software) WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3863790764-1960184451-4274845908-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ameni_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3863790764-1960184451-4274845908-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ameni_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3863790764-1960184451-4274845908-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ameni_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3863790764-1960184451-4274845908-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ameni_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3863790764-1960184451-4274845908-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ameni_000\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {052765AC-0608-4B25-AB39-85DA761BD860} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-11-01] (Microsoft Corporation) Task: {08C92642-A2A9-4CC7-B866-7EA458ACBDAC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-12-10] (Lenovo) Task: {0E4C9F2A-AA0C-4610-A205-27D2175A03DD} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-12-10] (Lenovo) Task: {1B8419D1-1268-40A4-A3FD-94CE158AE386} - System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 => C:\Users\AMENI_~1\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATTENTION Task: {237FD1F7-F4CC-48AA-B663-E191A030272E} - System32\Tasks\AllmyappsUpdateTask => c:\users\mathi_000\appdata\roaming\allmyapps\allmyappsupdater.exe [2014-01-09] (Allmyapps) Task: {2C244BCE-38E9-48AB-A2E9-437C4CF34FFF} - System32\Tasks\avastBCLRestartS-1-5-21-3863790764-1960184451-4274845908-1003 => Chrome.exe Task: {424F15D9-B637-4A7B-B611-B9714B7E7F13} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe Task: {462A15FE-8D01-4F1B-A3A2-68DE5AFD586D} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-01-13] () Task: {46EEB800-8952-43F6-B93D-B0D7DF45E960} - System32\Tasks\Run_Bobby_Browser => C:\Users\ameni_000\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION Task: {59961F87-49B0-4B0C-BD3F-BB6A3E85E351} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-03-20] (Microsoft Corporation) Task: {5D26D1F3-AD58-4B98-9FC5-B7C2DD2F9EBD} - System32\Tasks\SafeZone scheduled Autoupdate 1459758559 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-03-08] (Avast Software) Task: {6E37EEDB-A54D-4480-953F-0AF1BF07C7A0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {71C88123-094B-4CC5-BA08-21A8E16F980C} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe Task: {7970C49B-F790-467E-B358-2E1E90C436DC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {8D4C54A5-D475-446B-A876-6CCAB00B9006} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo) Task: {8FAD1A1E-0984-43CA-BF1D-D46C6727DCFA} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3863790764-1960184451-4274845908-1003 => C:\Users\ameni_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-16] (Microsoft Corporation) Task: {9140DADE-CAB8-4707-B74F-80F8156F0675} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-04] (Google Inc.) Task: {9577E8E0-F022-4D0D-B554-C0DCD2118A9A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-12-10] (Lenovo) Task: {A549E424-3C63-49C9-BD7D-27978130F5DD} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: {A774F000-39B0-4538-A5AD-37846F694817} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation) Task: {A7B77D59-F3BC-4D8F-9052-9A540EBD964F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd) Task: {AE2A5562-AF1F-4A44-8FD2-FB1BD3446F0C} - System32\Tasks\crash_service => C:\Users\ameni_000\AppData\Local\BoBrowser\Application\crash_service.exe <==== ATTENTION Task: {B7623E20-029A-4CA6-A5B5-2702810FE0AF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-17] (Microsoft Corporation) Task: {D04A3B43-5F08-4F70-9F35-5959BA36B001} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-04] (Google Inc.) Task: {DD90028C-4A85-43E3-B581-5615552C8469} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo) Task: {E37B1AA5-3D7A-40F1-8FBF-19125483A6AA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation) Task: {E68FC81E-A73C-4E32-9FAD-85E67F66C57B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-16] (AVAST Software) Task: {E8A769FE-2ADF-4B6F-9A3B-243C04986F78} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: {ECB3C4AF-BE6D-4D8D-82FC-BA6E1468331C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo) Task: {EF0B5D13-BEF8-4273-A90C-749954DC1F06} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-24] (AVAST Software) Task: {F3A9F3E1-ACE6-4F38-8397-A318BA2391EB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-11-01] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2013-11-05 22:22 - 2013-09-13 08:43 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\FR\PWMRT64V.dll 2013-04-30 10:09 - 2013-04-30 10:09 - 00049368 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btwleapi.dll 2014-03-10 10:40 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-06-21 16:42 - 2013-06-21 16:42 - 00465912 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe 2013-06-21 16:42 - 2013-06-21 16:42 - 00014328 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe 2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll 2013-10-04 00:42 - 2013-10-04 00:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-03-03 18:41 - 2016-03-03 18:41 - 59171920 _____ () C:\Users\ameni_000\AppData\Local\Viber\Viber.exe 2013-11-05 22:22 - 2013-09-13 08:43 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\FR\PWMRT64V.DLL 2013-08-22 09:19 - 2013-08-22 08:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd 2013-10-30 22:12 - 2013-10-30 22:12 - 00033280 _____ () C:\Windows\System32\ActivationVDev.dll 2016-02-24 01:48 - 2016-02-24 01:48 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-02-24 01:48 - 2016-02-24 01:48 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-04-04 10:29 - 2016-04-04 10:29 - 02850816 _____ () C:\Program Files\AVAST Software\Avast\defs\16040400\algo.dll 2016-02-24 01:48 - 2016-02-24 01:48 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2013-01-01 20:01 - 2013-01-01 20:01 - 00228264 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbPc.DLL 2013-11-05 22:42 - 2011-07-13 11:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll 2013-11-05 22:13 - 2013-09-16 13:19 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-02-24 01:58 - 2016-02-24 01:58 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2016-03-03 18:39 - 2016-03-03 18:39 - 00095312 _____ () C:\Users\ameni_000\AppData\Local\Viber\qfacebook.dll 2016-03-03 18:39 - 2016-03-03 18:39 - 00042064 _____ () C:\Users\ameni_000\AppData\Local\Viber\qrencode.dll 2016-03-03 18:40 - 2016-03-03 18:40 - 00398416 _____ () C:\Users\ameni_000\AppData\Local\Viber\imageformats\qsvg.dll 2016-03-03 18:40 - 2016-03-03 18:40 - 00695888 _____ () C:\Users\ameni_000\AppData\Local\Viber\QtQuick\Controls\qtquickcontrolsplugin.dll 2016-02-24 01:57 - 2016-02-24 01:57 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2016-02-24 01:48 - 2016-02-24 01:48 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-11-05 22:22 - 2013-07-25 17:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll 2013-11-05 22:22 - 2013-07-25 17:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll 2015-08-05 23:17 - 2015-08-05 23:17 - 00122024 _____ () C:\Program Files\Microsoft Office 15\root\Office15\JitV.dll 2016-02-24 01:57 - 2016-02-24 01:57 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [118] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\ma-config.com -> hxxp://ma-config.com IE trusted site: HKU\.DEFAULT\...\ma-config.com -> hxxps://ma-config.com IE trusted site: HKU\.DEFAULT\...\touslesdrivers.com -> hxxp://touslesdrivers.com IE trusted site: HKU\S-1-5-21-3863790764-1960184451-4274845908-1003\...\sharepoint.com -> hxxps://vnext1.sharepoint.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3863790764-1960184451-4274845908-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\ameni_000\AppData\Local\Microsoft\BingDesktop\themes\2014-12-14.jpg DNS Servers: 89.2.0.10 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "Zune Launcher" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe FirewallRules: [{F17B8C41-C163-4E50-999C-A02DB01D6137}] => (Allow) LPort=48113 FirewallRules: [{02F8F8E7-F613-4B99-8C6D-64FC9BDE73C2}] => (Allow) LPort=48114 FirewallRules: [{4D315459-63C6-42D5-B017-0C26AECA9505}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{6770FA2E-DC0F-4B7E-85E5-C5D4C71D1D88}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{F3BF5108-0B11-4A5B-B4C2-DE5026BD59E2}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe FirewallRules: [{28B3A220-5153-435C-9E9E-274B10ABFE71}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe FirewallRules: [{CCF58FED-063D-48A4-89B0-BFD70E767FAA}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe FirewallRules: [{3A942557-9C30-46C6-9388-898C0BDAC2D3}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe FirewallRules: [{073ED006-FD18-4618-A82D-6C1DB7BF69D8}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe FirewallRules: [{3D0B9CF4-742D-495D-9491-2DC946EB49D4}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe FirewallRules: [{B42F4E93-5987-47B8-84AE-8E47A7EE2D5D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe FirewallRules: [{A83CA8E2-F65F-431B-9BB8-84C31C47346A}] => (Allow) LPort=12292 FirewallRules: [{08FF3FEE-F590-4C35-883C-A84B0E2EE670}] => (Allow) c:\users\mathi_000\appdata\roaming\allmyapps\allmyapps.exe FirewallRules: [{69229FCF-0651-4E3A-A604-52DAE02E2D77}] => (Allow) LPort=48113 FirewallRules: [{12CBA1BE-F208-4F8A-A762-91DD6A36F967}] => (Allow) LPort=48114 FirewallRules: [{F1174CF0-BFF2-40E2-84F2-8946D210C20D}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{B68326AF-D1F3-4BEA-8F16-CD7579858BF8}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe FirewallRules: [{92723DC1-DEED-4622-B634-8055E7E28CFF}] => (Allow) %ProgramFiles%\Zune\Zune.exe FirewallRules: [{352EA6B2-731C-49AC-948A-0FC568209BFA}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{96D5761F-3572-48B7-9B80-65E41844ABFE}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{3640DF83-585E-47AA-BC11-17B20F6B66BB}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{892F9EFF-A9E6-46B8-A42F-987D4A2DD169}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{C66127FC-167E-4D6A-9B31-E92810D18261}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{23CFBC10-96B1-4876-923C-D717AD2BE7F3}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{701249A1-602D-41FB-BDB5-174E1B018C95}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{97EE1356-5B37-474B-AA54-C2594A4A8057}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{6FF52719-327D-4710-AAC5-570DAFC00220}] => (Allow) C:\Users\ameni_000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [TCP Query User{FA974F63-1510-455E-B517-ECD7B91045AC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{890FE4DB-6750-4618-B435-C59B021A1942}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{D3831E06-5012-4AB9-B28F-5BB4C72F0991}C:\users\ameni_000\appdata\local\temp\7zs5c34.tmp\trnt_egg.exe] => (Block) C:\users\ameni_000\appdata\local\temp\7zs5c34.tmp\trnt_egg.exe FirewallRules: [UDP Query User{E41E4A9C-7109-410A-A93A-A399C1DACF16}C:\users\ameni_000\appdata\local\temp\7zs5c34.tmp\trnt_egg.exe] => (Block) C:\users\ameni_000\appdata\local\temp\7zs5c34.tmp\trnt_egg.exe FirewallRules: [{238465A4-D7DF-497E-8E15-D8C8D3246E57}] => (Allow) C:\Users\ameni_000\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{116315CD-68DA-44F1-BCC8-09E36BA3351C}] => (Allow) C:\Users\ameni_000\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{1078DE12-D53C-4051-8570-9051701590A7}C:\users\ameni_000\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\ameni_000\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [UDP Query User{0A0B57D2-95EB-4651-9362-2E9AF0A8A0F4}C:\users\ameni_000\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\ameni_000\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [{EDDBBFF3-3E24-4B6C-904B-8D174E1B578C}] => (Block) C:\users\ameni_000\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [{6D3CEAC9-48E1-4115-B271-2D11D1A4CFA2}] => (Block) C:\users\ameni_000\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [{7F606B66-00EB-4953-A72E-7CD1772927DF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{045CB0D1-32B0-4AAC-9913-C4F7ACB495F5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{003DEEE4-7EF2-468A-B61E-BB97AB0CC70A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{C4A848B1-F97C-4E80-B682-125AB12889C0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{044BFB46-2825-46D2-BBD7-281D185A7FD7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{72E5F25E-23F0-433F-B69C-AF24CCF468A0}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{CD6B2D74-6198-468E-8398-6EB2BE595D0C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{5831EC6E-31F1-46D2-A711-C52D12B3A508}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{A4A2C919-3BDB-4406-BC61-15CCDD1EBB23}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{EA347EC4-EC8E-40D2-ADBD-90FD63EB04DC}C:\program files\microsoft office 15\root\office15\lync.exe] => (Allow) C:\program files\microsoft office 15\root\office15\lync.exe FirewallRules: [UDP Query User{9AA69916-B30C-40DF-8E8A-647872DFF2D6}C:\program files\microsoft office 15\root\office15\lync.exe] => (Allow) C:\program files\microsoft office 15\root\office15\lync.exe ==================== Restore Points ========================= 19-03-2016 12:59:35 Intel® PROSet/Wireless Software 04-04-2016 10:31:42 Chrome Cleanup Tool ==================== Faulty Device Manager Devices ============= Name: H5321 gw Mobile Broadband Driver Description: H5321 gw Mobile Broadband Driver Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Ericsson AB Service: WwanUsbServ Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Hyper-V Virtual Ethernet Adapter #5 Description: Hyper-V Virtual Ethernet Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: VMSMP Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (04/04/2016 10:08:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VLP-AKI) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/04/2016 10:08:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VLP-AKI) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/04/2016 09:48:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VLP-AKI) Description: Activation of app Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/04/2016 09:48:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: VLP-AKI) Description: Package Microsoft.Reader_6.4.9926.18228_x64__8wekyb3d8bbwe+Microsoft.Reader was terminated because it took too long to suspend. Error: (04/04/2016 04:34:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VLP-AKI) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/04/2016 02:50:10 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (04/04/2016 12:04:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: ) Description: The volume System Reserved was not optimized because an error was encountered: The parameter is incorrect. (0x80070057) Error: (04/04/2016 11:37:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ngen.exe, version: 4.0.30319.33440, time stamp: 0x52003c72 Faulting module name: ntdll.dll, version: 6.3.9600.18202, time stamp: 0x569e72c5 Exception code: 0xc0000018 Fault offset: 0x0009d3c2 Faulting process id: 0xac4 Faulting application start time: 0xngen.exe0 Faulting application path: ngen.exe1 Faulting module path: ngen.exe2 Report Id: ngen.exe3 Faulting package full name: ngen.exe4 Faulting package-relative application ID: ngen.exe5 Error: (04/04/2016 11:12:08 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY) Description: There was an error with the Windows Location Provider database Error: (04/04/2016 11:12:07 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MustangSer57.exe, version: 1.0.0.5, time stamp: 0x56173d89 Faulting module name: MustangSer57.exe, version: 1.0.0.5, time stamp: 0x56173d89 Exception code: 0xc0000409 Fault offset: 0x00013015 Faulting process id: 0xb7c Faulting application start time: 0xMustangSer57.exe0 Faulting application path: MustangSer57.exe1 Faulting module path: MustangSer57.exe2 Report Id: MustangSer57.exe3 Faulting package full name: MustangSer57.exe4 Faulting package-relative application ID: MustangSer57.exe5 System errors: ============= Error: (04/04/2016 11:57:42 AM) (Source: BROWSER) (EventID: 8009) (User: ) Description: The browser was unable to promote itself to master browser. The computer that currently believes it is the master browser is VLP-CI-HHE. Error: (04/04/2016 11:42:12 AM) (Source: NetBT) (EventID: 4321) (User: ) Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.33. The computer with the IP address 192.168.1.83 did not allow the name to be claimed by this computer. Error: (04/04/2016 11:37:02 AM) (Source: NetBT) (EventID: 4321) (User: ) Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.33. The computer with the IP address 192.168.1.83 did not allow the name to be claimed by this computer. Error: (04/04/2016 11:12:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The globalUpdate Update Service (globalUpdate) service failed to start due to the following error: %%2 Error: (04/04/2016 11:12:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Be sure to use the latest version of Mustang Service. service terminated unexpectedly. It has done this 1 time(s). Error: (04/04/2016 11:09:35 AM) (Source: DCOM) (EventID: 10010) (User: VLP-AKI) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (04/04/2016 10:31:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The globalUpdate Update Service (globalUpdate) service failed to start due to the following error: %%2 Error: (04/04/2016 10:31:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Be sure to use the latest version of Mustang Service. service terminated unexpectedly. It has done this 1 time(s). Error: (04/04/2016 10:29:38 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT AUTHORITY) Description: The event logging service encountered an error (5) while enabling publisher {0BF2FB94-7B60-4B4D-9766-E82F658DF540} to channel Microsoft-Windows-Kernel-ShimEngine/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity. Error: (04/04/2016 10:29:34 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT AUTHORITY) Description: The event logging service encountered an error (5) while enabling publisher {0BF2FB94-7B60-4B4D-9766-E82F658DF540} to channel Microsoft-Windows-Kernel-ShimEngine/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity. CodeIntegrity: =================================== Date: 2016-04-04 11:37:49.695 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-04 11:10:42.866 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-04 10:30:46.399 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-20 01:23:08.497 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-20 01:23:07.254 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-19 23:24:40.137 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-19 23:11:57.546 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-19 23:09:17.637 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-24 00:42:43.477 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-20 00:57:03.441 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz Percentage of memory in use: 71% Total physical RAM: 16080.79 MB Available physical RAM: 4569.09 MB Total Virtual: 18512.79 MB Available Virtual: 6472.62 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:167.34 GB) (Free:54.61 GB) NTFS Drive d: () (Fixed) (Total:238.47 GB) (Free:79.95 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: C4F12878) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=167.3 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 238.5 GB) (Disk ID: A1BC8A50) Partition 1: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================