Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2016 01 Ran by mourad (16-08-2016 14:05:21) Running from C:\Users\mourad\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2014-10-04 20:06:33) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-454156101-2345760694-676353058-500 - Administrator - Disabled) Invitado (S-1-5-21-454156101-2345760694-676353058-501 - Limited - Disabled) mourad (S-1-5-21-454156101-2345760694-676353058-1000 - Administrator - Enabled) => C:\Users\mourad ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-454156101-2345760694-676353058-1000\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.) Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Photoshop CS6 patch by zaxo7 1.00 (HKLM-x32\...\Adobe Photoshop CS6 patch by zaxo7 1.00) (Version: - ) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.) BlueStacks App Player (HKLM-x32\...\{EFA0FC40-7D96-4515-9715-7C0C5D872326}) (Version: 2.0.2.5623 - BlueStack Systems, Inc.) Bluetooth Monitor 4 (HKLM-x32\...\{61539202-097E-487E-9237-B291AB56D54C}) (Version: 4.04.000 - TOSHIBA) CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform) CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.) DFX (HKLM-x32\...\DFX) (Version: 12.017.0.0 - Power Technology) FastStone Capture 7.4 (HKLM-x32\...\FastStone Capture) (Version: 7.4 - FastStone Soft) GameRanger (HKU\S-1-5-21-454156101-2345760694-676353058-1000\...\GameRanger) (Version: - GameRanger Technologies) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.) Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google) Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.) Hotspot Shield 5.4.6 (HKLM-x32\...\HotspotShield) (Version: 5.4.6 - AnchorFree Inc.) Hotspot Shield 5.4.6 Embedded (x32 Version: 5.4.6.9728 - Buildbot) Hidden Intel(R) Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1872 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation) Kaspersky Total Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab) Kaspersky Total Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden Lagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version: - ) Mediatek RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.39.173 - MediatekWiFi) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Mozilla Firefox 48.0 (x64 en-US) (HKLM\...\Mozilla Firefox 48.0 (x64 en-US)) (Version: 48.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team) NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation) Paquete de idioma de Microsoft .NET Framework 4.5 ESN (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50709 - Microsoft Corporation) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - ) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 5.5 - Power Software Ltd) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6622 - Realtek Semiconductor Corp.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - ) UNetbootin (HKLM-x32\...\UNetbootin) (Version: - ) Unity Web Player (HKU\S-1-5-21-454156101-2345760694-676353058-1000\...\UnityWebPlayer) (Version: 5.3.4f1 - Unity Technologies ApS) UnLock Root Pro 3.36 (HKLM-x32\...\UnLock Root Pro) (Version: 3.36 - Unlcokroot) WhatsApp (HKU\S-1-5-21-454156101-2345760694-676353058-1000\...\WhatsApp) (Version: 0.2.1455 - WhatsApp) WiFi HotSpot Creator (HKLM-x32\...\{C37344E7-A9A9-4E1F-993C-73AEF17BFDC0}) (Version: 2.0.0 - DanuSoft) Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.) WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.16 - ZTE Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-454156101-2345760694-676353058-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\mourad\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-454156101-2345760694-676353058-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\mourad\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-454156101-2345760694-676353058-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\mourad\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-454156101-2345760694-676353058-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\mourad\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1CCF6035-FC92-40EE-8BD0-6968AF14C7BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-454156101-2345760694-676353058-1000UA => C:\Users\mourad\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-16] (Google Inc.) Task: {26934864-BF81-4C32-BE45-1A6DDB3D16FD} - System32\Tasks\{D4781FD3-A603-4E15-B425-8F25D2C8C373} => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe Task: {35EBECD6-8429-4388-82C0-57959CA41412} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {44FCB82A-03EB-4D19-83A4-814343E5BFB4} - System32\Tasks\{2740A58F-D379-4F3D-9C49-C696BD190B98} => C:\Users\mourad\Downloads\Programs\HSS-3.42-install-plain-716-plain.exe Task: {4733ABEC-828E-445B-9F1D-0FE23AA8661E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd) Task: {4C96F8D9-1D5F-4FD9-A3FB-09EC0E6DC9FB} - System32\Tasks\{FAFEAF7F-330C-491F-8845-F3288ECC8AE2} => pcalua.exe -a C:\ProgramData\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe -d C:\ProgramData\LGMOBILEAX\B2C_Client Task: {4DBD7DA3-9808-4068-B2FA-79FA4EB53D37} - System32\Tasks\{EF12F270-2B88-4BDD-A80B-77CC924AD0CB} => pcalua.exe -a C:\Users\mourad\Downloads\Programs\flashplayer22ppau_ha_install.exe -d C:\Users\mourad\AppData\Roaming\IDM Task: {5488A214-FF83-4F2F-B004-26B8508C30A4} - System32\Tasks\{B2AD88CA-82C1-489D-AB85-09999791D202} => Firefox.exe hxxp://ui.skype.com/ui/0/7.25.0.106/en/abandoninstall?source=lightinstaller&page=tsInstall Task: {5AE8B3B6-7379-47E5-BC7E-1B8D4B7A22AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.) Task: {6310A953-A381-4668-A726-1C3C53D5D80F} - System32\Tasks\Driver Booster SkipUAC (mourad) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {692F378F-5C05-4DEA-88DD-07B13C9DFD34} - System32\Tasks\{7FE46690-A6F3-453A-8D6B-FC4059BDCAF1} => pcalua.exe -a "C:\Program Files (x86)\Internet Download Manager\Uninstall.exe" -d C:\Windows\system32 -c -instdriv Task: {6AC0DE5E-8738-4458-94DB-15BE967043E0} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs" Task: {7CE344EA-A7B4-450E-8D51-0018382F2B5E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-13] (Adobe Systems Incorporated) Task: {7CEFB938-9BE8-47CD-B255-0C16EC02F374} - System32\Tasks\{471B9AC8-7D42-4F40-A4ED-A6E3117044AF} => pcalua.exe -a C:\Users\mourad\Downloads\Programs\Opera_NI_stable.exe -d C:\Users\mourad\AppData\Roaming\IDM Task: {857FC389-2523-48E7-9C41-0152C5CF8839} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {96FA7594-DDF7-4B55-B585-D91FA6C83B17} - System32\Tasks\Opera scheduled Autoupdate 1451476791 => C:\Program Files (x86)\Opera\launcher.exe Task: {A86382A6-0F07-4CFE-9461-AF19CE8A8032} - System32\Tasks\{0F1583E5-B82C-4C36-898A-42A1F0F9BFC7} => pcalua.exe -a "C:\Users\mourad\Desktop\برنامج المزورجي سخة مفعلة اخر اصدار.exe" -d C:\Users\mourad\Desktop Task: {B0B5CF95-E046-483E-B999-503A95A4EC76} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-09] (Adobe Systems Incorporated) Task: {BDF853DD-8B72-4088-B3D2-2AD7655C6BB5} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe Task: {C6015332-AA4A-472D-8457-D5C4F59AA2E0} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-03-22] () Task: {D4BC370F-750F-496D-8BF6-8167E376618E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-454156101-2345760694-676353058-1000Core => C:\Users\mourad\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-16] (Google Inc.) Task: {D9051D34-1967-4CEC-BAE2-1D461026FE2E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-454156101-2345760694-676353058-1000 Task: {E1AA9854-5E26-4456-A4CB-B2C2F46C0BAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-454156101-2345760694-676353058-1000Core.job => C:\Users\mourad\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-454156101-2345760694-676353058-1000UA.job => C:\Users\mourad\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm ShortcutWithArgument: C:\Users\mourad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\fac70992fbb0efa4\Yandex.lnk -> C:\Users\Default\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (YANDEX LLC) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============== 2016-06-02 21:13 - 2015-02-27 14:38 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll 2016-05-17 22:42 - 2016-05-17 22:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2016-06-22 16:04 - 2016-06-22 16:04 - 01595384 _____ () C:\Program Files (x86)\DFX\DFX.exe 2015-12-04 22:37 - 2016-06-22 15:52 - 00161784 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe 2015-12-04 22:43 - 2016-06-22 15:59 - 00176120 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe 2015-12-04 23:16 - 2016-06-22 16:57 - 00098296 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared64.dll 2015-11-20 22:39 - 2015-09-14 12:57 - 00458904 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe 2015-11-20 22:39 - 2015-09-14 13:07 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll 2015-11-20 22:39 - 2015-09-14 13:06 - 00185496 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll 2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\kpcengine.2.3.dll 2016-07-19 05:06 - 2016-07-19 05:06 - 00166520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll 2015-12-04 23:11 - 2016-06-22 16:49 - 00083960 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared32.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [169] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-454156101-2345760694-676353058-1000\...\hola.org -> hxxp://hola.org IE trusted site: HKU\S-1-5-21-454156101-2345760694-676353058-1000\...\localhost -> localhost ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 02:34 - 2016-08-12 15:47 - 00000147 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-454156101-2345760694-676353058-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{786CFD61-7BA2-40F4-8A0F-E4B69772EEAB}] => (Allow) LPort=1542 FirewallRules: [{03ABCA4E-E7ED-4117-BBBE-4CE759C8C3AF}] => (Allow) LPort=1542 FirewallRules: [{F61E76C9-7F19-4BB5-A0BB-E4D5E3786744}] => (Allow) LPort=53 FirewallRules: [TCP Query User{14513514-DB67-47F1-A9FB-14CB2EB06E9B}C:\program files (x86)\leapftp 3.0\leapftp.exe] => (Allow) C:\program files (x86)\leapftp 3.0\leapftp.exe FirewallRules: [UDP Query User{67DF69CF-E8F0-41A9-9C1A-22A956FD04CF}C:\program files (x86)\leapftp 3.0\leapftp.exe] => (Allow) C:\program files (x86)\leapftp 3.0\leapftp.exe FirewallRules: [TCP Query User{28982004-5234-455F-B04E-AF270B9C7926}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_65\bin\jmc.exe FirewallRules: [UDP Query User{431B7C57-BC55-45C9-8DAB-E0FDE04B9474}C:\program files\java\jdk1.8.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_65\bin\jmc.exe FirewallRules: [{BB65EF5A-1E96-4D81-9A95-0177D83BBF0D}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{C869DF0B-FBFD-4468-8E63-D3F94069C092}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{EE59AAB1-925C-4BCC-B527-C1A6D92A782E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{2A51AB99-A301-4698-A3BF-F0C26E98BB6E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{3F60AAE4-E5C2-49A4-91B4-CD614BB76ACC}] => (Allow) C:\Users\Default\AppData\Local\Yandex\YandexBrowser\Application\browser.exe FirewallRules: [{059783CE-233F-4E84-8795-F2EFFEF26A00}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe FirewallRules: [{AF773E70-F1F1-42F6-A626-39E5461962A2}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe FirewallRules: [{FAE24459-DE89-4E98-B2F2-D8706D738A08}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe FirewallRules: [{DDF51CE9-D1D5-4734-98D6-7B139C8B27A4}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe FirewallRules: [{9D701706-A8B8-4AF9-9A68-DA048704CC45}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{CB75E071-0C50-45DD-88B3-AE3EDD71DEE7}] => (Allow) C:\Users\mourad\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{924A7807-3DA5-43FB-89EF-EF632E582E44}] => (Allow) C:\Users\mourad\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FB254470-6B50-43C2-A58E-0E120BF5D920}] => (Allow) C:\Users\mourad\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2B6CB241-FDBE-433A-B82E-A958D8CFDBF6}] => (Allow) C:\Users\mourad\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0DC8B984-B8E0-4C92-9E4F-90F421F867DB}] => (Allow) C:\Users\mourad\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B64C5FF3-F960-47CC-A3AA-97946BA3392C}] => (Allow) C:\Users\mourad\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3D3D6A94-108C-4713-9B93-493618D8F571}] => (Allow) C:\Program Files (x86)\DanuSoft\WiFi HotSpot Creator\WiFi HotSpot Creator.exe FirewallRules: [{5E65C17B-9E81-4686-A6C9-D6BC878BD009}] => (Allow) C:\Program Files (x86)\DanuSoft\WiFi HotSpot Creator\WiFi HotSpot Creator.exe FirewallRules: [{C0E650A0-9B9A-459F-85B6-167DD1F76736}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{00F5886E-D67E-4D4C-8F37-EF377BF07F08}] => (Allow) C:\Program Files (x86)\Money Robot\Money Robot Submitter\MoneyRobot.exe FirewallRules: [{09AB1AF0-0937-4232-B7EB-75F0FC57D721}] => (Allow) C:\Program Files (x86)\Money Robot\Money Robot Submitter\MoneyRobot.exe FirewallRules: [{42DDF6FF-5743-4774-9AD2-807F187ABF02}] => (Allow) C:\Program Files (x86)\Money Robot\Money Robot Bot\MRb.exe FirewallRules: [{CEBDEC0F-CDCD-4510-ADE9-4DA86C2DF2D1}] => (Allow) C:\Program Files (x86)\Money Robot\Money Robot Bot\MRb.exe FirewallRules: [{EF2D45E5-EEEA-41F3-BB25-8DC7E5134862}] => (Allow) C:\Program Files (x86)\Money Robot\Seo Backlink Monitor\SeoBacklinkMonitor.exe FirewallRules: [{0FFBE45A-4EE4-44CE-B313-DE22E9CC8FA6}] => (Allow) C:\Program Files (x86)\Money Robot\Seo Backlink Monitor\SeoBacklinkMonitor.exe FirewallRules: [{D01DF9D4-5DFE-4FAC-AF21-441CD758135F}] => (Allow) LPort=8317 FirewallRules: [{CBED086C-EA3C-4274-B06E-129ECF90136E}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe FirewallRules: [{0A076725-CA8E-461B-B123-7E70975157A2}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe FirewallRules: [{75E4D337-A7CE-4BB3-9224-9DD65658A7C6}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013Game.exe FirewallRules: [{4945C72B-E08C-4D3E-8124-259209A93966}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013Game.exe FirewallRules: [{D7639C2C-76EE-4D05-AF0C-7CDBA6CC01FE}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\x64\FarmingSimulator2013Game.exe FirewallRules: [{B42A201C-E8D9-4810-BE67-F24C6AE90887}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\x64\FarmingSimulator2013Game.exe FirewallRules: [{F07131A4-210C-444D-BEB1-1E502F9F6D46}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\x86\FarmingSimulator2013Game.exe FirewallRules: [{60680540-4D08-40B0-BA1E-360F9744AC63}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\x86\FarmingSimulator2013Game.exe FirewallRules: [{C8F08C41-DEA5-4EEE-8B0D-26FB102BD62E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{754F532B-EF08-4571-93C6-F9D34A136C4F}] => (Allow) C:\Program Files (x86)\DanuSoft\WiFi HotSpot Creator\WiFi HotSpot Creator.exe FirewallRules: [{9DA22E26-ACF3-4157-945D-033641E66C33}] => (Allow) C:\Program Files (x86)\DanuSoft\WiFi HotSpot Creator\WiFi HotSpot Creator.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\LeapFTP 3.0\LeapFTP.exe] => Enabled:LeapFTP 3.0 ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= Name: USB Device(VID_1f3a_PID_efe8) Description: USB Device(VID_1f3a_PID_efe8) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: USB Devices Service: usbUDisc Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Intel(R) 82567V Gigabit Network Connection Description: Intel(R) 82567V Gigabit Network Connection Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Service: e1yexpress Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Intel(R) WiFi Link 5100 AGN Description: Intel(R) WiFi Link 5100 AGN Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Corporation Service: NETwNs64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (08/13/2016 03:16:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: eurotrucks2.exe, version: 1.18.0.10, time stamp: 0x555f419b Faulting module name: eurotrucks2.exe, version: 1.18.0.10, time stamp: 0x555f419b Exception code: 0xc0000005 Fault offset: 0x0042c6bd Faulting process id: 0x580 Faulting application start time: 0xeurotrucks2.exe0 Faulting application path: eurotrucks2.exe1 Faulting module path: eurotrucks2.exe2 Report Id: eurotrucks2.exe3 Error: (08/13/2016 12:27:07 PM) (Source: Avira Service Host) (EventID: 0) (User: ) Description: Service cannot be started. The service process could not connect to the service controller Error: (08/13/2016 08:56:01 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: Product: Avira Launcher -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2761. The arguments are: , , Error: (08/13/2016 08:54:47 AM) (Source: MsiInstaller) (EventID: 1041) (User: NT AUTHORITY) Description: Failed to begin a Windows Installer transaction {C1578C4F-5453-44FE-A172-01331906BF18}. Error 1618 occurred while beginning the transaction. Error: (08/12/2016 05:34:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program WiFi HotSpot Creator.exe version 2.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: b54 Start Time: 01d1f4bde999b029 Termination Time: 92 Application Path: C:\Program Files (x86)\DanuSoft\WiFi HotSpot Creator\WiFi HotSpot Creator.exe Report Id: c6942bc2-60b2-11e6-81a6-a8ddcdbfccf2 Error: (08/12/2016 02:38:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: esrv_svc.exe, version: 1.2.1.1097, time stamp: 0x55f69b0f Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c8f9 Exception code: 0xc0000374 Fault offset: 0x00000000000c40f2 Faulting process id: 0xd00 Faulting application start time: 0xesrv_svc.exe0 Faulting application path: esrv_svc.exe1 Faulting module path: esrv_svc.exe2 Report Id: esrv_svc.exe3 Error: (08/11/2016 09:57:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: WiFi HotSpot Creator.exe, version: 2.0.0.0, time stamp: 0x503ee4c1 Faulting module name: KERNELBASE.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c78c Exception code: 0xe0434352 Fault offset: 0x000000000000a49d Faulting process id: 0xd2c Faulting application start time: 0xWiFi HotSpot Creator.exe0 Faulting application path: WiFi HotSpot Creator.exe1 Faulting module path: WiFi HotSpot Creator.exe2 Report Id: WiFi HotSpot Creator.exe3 Error: (08/11/2016 09:57:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: WiFi HotSpot Creator.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Runtime.InteropServices.COMException Stack: at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr) at System.Management.ManagementScope.InitializeGuts(System.Object) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize() at System.Management.ManagementObjectSearcher.Get() at MyRouter.FrmMainForm.DetectNetworkCardIssues() at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (08/11/2016 11:46:57 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: dismhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc390 Faulting module name: drvstore.dll_unloaded, version: 0.0.0.0, time stamp: 0x4da00205 Exception code: 0xc0000005 Fault offset: 0x000007fef2a305e8 Faulting process id: 0x17d8 Faulting application start time: 0xdismhost.exe0 Faulting application path: dismhost.exe1 Faulting module path: dismhost.exe2 Report Id: dismhost.exe3 Error: (08/10/2016 07:11:45 PM) (Source: Wininit) (EventID: 1015) (User: ) Description: A critical system process, C:\Windows\system32\lsass.exe, failed with status code 1. The machine must now be restarted. System errors: ============= Error: (08/16/2016 12:38:45 PM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Error: (08/16/2016 12:36:38 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (08/16/2016 12:36:26 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (08/16/2016 12:33:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Servicio de Google Update (gupdate) service terminated unexpectedly. It has done this 1 time(s). Error: (08/16/2016 12:29:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: VBoxNetAdp Error: (08/16/2016 12:29:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The WebcamMax, WDM Video Capture service failed to start due to the following error: %%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Error: (08/16/2016 12:29:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE service failed to start due to the following error: %%1053 = The service did not respond to the start or control request in a timely fashion. Error: (08/16/2016 12:29:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (200000 milliseconds) while waiting for the Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE service to connect. Error: (08/16/2016 11:05:28 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{7ee0fcd4-639d-11e6-9d8f-aca21365ea49} cannot be read. Error: (08/16/2016 10:56:40 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{7ccb6fac-b3af-11e5-bad8-806e6f6e6963} cannot be read. CodeIntegrity: =================================== Date: 2016-07-16 02:31:16.595 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cnnctfy3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-16 02:31:16.557 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cnnctfy3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-16 02:25:44.514 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cfywlan1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-16 02:25:44.514 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cfywlan1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-16 02:25:44.467 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cnnctfy3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-16 02:25:44.420 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cnnctfy3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-16 02:21:20.153 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cfywlan1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-16 02:21:20.137 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cfywlan1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-16 02:20:14.621 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cnnctfy3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-16 02:20:14.543 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cnnctfy3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T6570 @ 2.10GHz Percentage of memory in use: 67% Total physical RAM: 2935.18 MB Available physical RAM: 939.43 MB Total Virtual: 5868.55 MB Available Virtual: 3044.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:96.83 GB) (Free:17.68 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:52.17 GB) (Free:2.84 GB) NTFS Drive f: () (Removable) (Total:1.84 GB) (Free:0.02 GB) FAT ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: C2A75D76) Partition 1: (Not Active) - (Size=52.2 GB) - (Type=07 NTFS) Partition 2: (Active) - (Size=96.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 1.8 GB) (Disk ID: 02E075C0) Partition 1: (Not Active) - (Size=1.8 GB) - (Type=06) ==================== End of Addition.txt ============================