Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-09-2016
Ran by ahmed (02-10-2016 12:27:43)
Running from C:\Users\ahmed\Desktop
Microsoft Windows 10 Pro Version 1511 (X86) (2016-06-04 01:40:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1492026092-2507368824-3614128289-500 - Administrator - Disabled)
ahmed (S-1-5-21-1492026092-2507368824-3614128289-1001 - Administrator - Enabled) => C:\Users\ahmed
DefaultAccount (S-1-5-21-1492026092-2507368824-3614128289-503 - Limited - Disabled)
Guest (S-1-5-21-1492026092-2507368824-3614128289-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1492026092-2507368824-3614128289-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{DC07522A-FA33-C098-E885-2FFA362097FC}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
BlueStacks App Player (HKLM\...\{AA655366-D323-404D-AA9B-AD562CAE1DD0}) (Version: 2.2.21.6212 - BlueStack Systems, Inc.)
CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.3019 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
FormatFactory 3.8.0.0 (HKLM\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
GlassWire 1.2 (remove only) (HKLM\...\GlassWire 1.2) (Version: 1.2.64 - SecureMix LLC)
GOM Player (HKLM\...\GOM Player) (Version: 2.2.76.5239 - Gretech Corporation)
Google Chrome (HKU\S-1-5-21-1492026092-2507368824-3614128289-1001\...\Google Chrome) (Version: 53.0.2785.116 - Google Incâ.â)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
HP Deskjet 1510 series Ø¨Ø±ÙØ§ÙØ¬ Ø§ÙØ¬ÙØ§Ø² Ø§ÙØ£Ø³Ø§Ø³Ù (HKLM\...\{ED8D2CCC-1A99-4810-8503-541172774EA2}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
HP Deskjet 1510 series ØªØ¹ÙÙÙØ§Øª (HKLM\...\{CB894617-864E-4668-B012-7C46AEF6AE45}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HydraVision (Version: 4.2.220.0 - Advanced Micro Devices, Inc.) Hidden
Internet Download Manager (HKLM\...\Internet Download Manager) (Version:  - Tonec Inc.)
Le Robert CollÃ¨ge (HKLM\...\CLGCD2011) (Version:  - Le Robert)
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
LightScribe System Software  1.14.19.1 (HKLM\...\{513148E7-B7A1-48B2-B518-668701E546F5}) (Version: 1.14.19.1 - LightScribe)
LINE (HKU\S-1-5-21-1492026092-2507368824-3614128289-1001\...\LINE) (Version: 4.8.3.1130 - LINE Corporation)
Malwarebytes Anti-Malware Ø§ÙÙØ³Ø®Ø© 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 48.0.2 (x86 en-US)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{66B6D13A-9CC1-417D-B6F2-58AA539D1033}) (Version: 7.03.1303 - Nero AG)
NetWorx 5.5.4 (HKLM\...\NetWorx_is1) (Version:  - Softperfect)
NirSoft Wireless Network Watcher (HKLM\...\NirSoft Wireless Network Watcher) (Version:  - )
Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (Version: 7.1.180.94 - Nokia) Hidden
PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
PESEdit.com 2013 Patch 6.0 - Update Summer Transfers 2015 2015.09.02 (HKLM\...\PESEdit.com 2013 Patch 6.0 - Update Summer Transfers 2015 2015.09.02) (Version: 2015.09.02 - bedoedeyne)
PowerISO (HKLM\...\PowerISO) (Version: 5.8 - Power Software Ltd)
RealDownloader (Version: 17.0.6 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.6 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
SafeZone Stable 1.51.2220.62 (Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skypeâ¢ 7.28 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
SmartShare (HKLM\...\{BAB337AE-DD9E-45C3-BED6-0EE4732AEC60}) (Version: 2.2.1405.1601 - LG Electronics Inc.)
Smile With Sunflowers (HKLM\...\Smile With Sunflowers) (Version: 1.0.0.1 - Siteken Network Co., Ltd.)
UltraISO Premium V9.65 (HKLM\...\UltraISO_is1) (Version:  - )
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd âLegacyDriverâ  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSetupFromUSB (HKU\S-1-5-21-1492026092-2507368824-3614128289-1001\...\WinSetupFromUSB) (Version:  - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
Ø¯Ø±Ø§Ø³Ø© ØªØ­Ø³ÙÙ Ø§ÙÙÙØªØ¬ Ù HP Deskjet 1510 series (HKLM\...\{0E398B00-2CFA-4F53-9832-0215E8BF39F0}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
ÙØ¹Ø±Ø¶ Ø§ÙØµÙØ± (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1492026092-2507368824-3614128289-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\ahmed\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1492026092-2507368824-3614128289-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\ahmed\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-1492026092-2507368824-3614128289-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\ahmed\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-1492026092-2507368824-3614128289-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\ahmed\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-1492026092-2507368824-3614128289-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Google\Update\1.3.30.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1492026092-2507368824-3614128289-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Google\Update\1.3.29.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1492026092-2507368824-3614128289-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-1492026092-2507368824-3614128289-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-1492026092-2507368824-3614128289-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\ahmed\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-1492026092-2507368824-3614128289-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ahmed\AppData\Local\Google\Update\1.3.30.3\psuser.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {006DA235-8293-43C0-96C7-3924162B0F8D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {02B4C6E0-E922-46E6-B0A2-85D377EF0756} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {035B2445-A7DB-4167-BE1C-D863CA9EFBA2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {03BC8943-2517-42DE-86FE-34F5A7D192C9} - System32\Tasks\{9308FF39-B84B-4A38-ABF1-0D512D95C046} => pcalua.exe -a "F:\Ø¨Ø±Ø§ÙØ¬\Ø­Ø±Ù Ø§ÙÙÙÙØ¯ÙØ²\Ø­Ø±Ù 8\Win8USB\Win8USB.exe" -d "F:\Ø¨Ø±Ø§ÙØ¬\Ø­Ø±Ù Ø§ÙÙÙÙØ¯ÙØ²\Ø­Ø±Ù 8\Win8USB"
Task: {06BAA8A3-E30F-4923-9B23-42EDEC249D87} - System32\Tasks\SafeZone scheduled Autoupdate 1464733143 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {099D9B27-080B-4100-B8C6-994CB8C9E4DF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0C630DEA-1F39-43C4-90D1-77010305C08B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {14AFDA35-05D9-4D6B-8088-972DCC64D9D5} - System32\Tasks\{14109468-1D27-4539-A1AC-EAD043C3AE45} => pcalua.exe -a "C:\Program Files\ZHPFix\unins000.exe"
Task: {1A1AA128-09F0-400A-85F2-5E09FE4FD7BE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1D8088B5-80A7-410A-B4D2-3CAD960EF517} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {24E55E89-FC74-43EC-8038-E66571C57C6E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {252E11E4-FE77-4C27-87B8-C680B616B9B5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {279D6EF9-22B1-4405-8F5A-FA1EA13A4F2D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2AE8C3C1-078B-4364-B2B1-F60A00D09D87} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {2C054A13-3069-4364-B77D-0D67CA771ED8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {35EF3FE4-0CD4-454F-AE3D-70FF955D51C5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {45626CF5-1DAB-4092-A1BA-83A7738D8D7C} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {459DDF49-AFDB-4D68-8588-0714DB7B018D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {48AB1741-C0BD-4240-95A4-7AC1D2E033ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {5EF5C2F3-3D26-4D71-999F-C0790E54CFEE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {62315B23-4DB6-4E85-AF96-0F3332A763BF} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {77FC2E50-57A4-4397-A54D-C7E79890490D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {79A2E2C2-CC53-4A5B-8616-739AA12E0702} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7B616413-7AB3-4FCE-8FA2-6C2364F816FA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {84F57749-490B-454F-B4CA-00FE49809208} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1492026092-2507368824-3614128289-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-02-12] (RealNetworks, Inc.)
Task: {8A3AD3CF-8790-4A68-AA43-E0AA225E4234} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8C71F75F-357B-4039-B671-76BA6E2FCA93} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9603C310-704B-48BE-8F4D-08AE66224F94} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {962AC91F-B602-4641-9249-6D82EAEF9DD5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {97451D9B-ECF5-4257-93C2-12FF67DD322A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9ADF3BC6-6CDA-4F34-B0BD-5D082C3BAE01} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\ahmed\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-23] (Microsoft Corporation)
Task: {9DAAA90E-4A80-4985-85F1-222497B1DBB3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-07] (AVAST Software)
Task: {9EA5544C-2CA4-422E-9763-6C07914F638D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {9FB48F85-214D-495F-93D2-07E242E86964} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1492026092-2507368824-3614128289-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-02-12] (RealNetworks, Inc.)
Task: {A1221D32-0BED-4E3B-B416-1DCD03219D5E} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {A41F01CB-A778-43D7-BE6F-8CD237A057A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-22] (Google Inc.)
Task: {A639EBD9-3C88-496B-956D-13DEE8FC5214} - System32\Tasks\{1A9806CB-2646-499D-810E-A92B173225DF} => pcalua.exe -a "F:\Ø§Ø­ÙØ¯ Ø¹ØµØ§Ù\ÙØ¬ÙØ¯ Ø¬Ø¯ÙØ¯ â«â¬\myEGY.TO.5763P876E2943.CRAZY\myEGY.TO.5763P876E2943.CRAZY\Redist\vcredist_x86.exe" -d "F:\Ø§Ø­ÙØ¯ Ø¹ØµØ§Ù\ÙØ¬ÙØ¯ Ø¬Ø¯ÙØ¯ â«â¬\myEGY.TO.5763P876E2943.CRAZY\myEGY.TO.5763P876E2943.CRAZY\Redist"
Task: {A68D0F0B-CAB0-48C9-89BC-DF8FBA360BD9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A75AE5DD-318C-4F41-8678-8172FD525565} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1492026092-2507368824-3614128289-1001UA => C:\Users\ahmed\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-24] (Google Inc.)
Task: {B0B060BB-9B0A-4378-A77F-551D6CF79210} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-22] (Google Inc.)
Task: {B2C8E5C7-2270-4ED3-99A0-19D01EC9C6DC} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B4CC1661-0C0E-40FE-9131-C9B3249C2437} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BB364D1D-4478-4D71-8C28-3A6DFA5A7A00} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BCB9F0D5-6B4C-4867-91FD-7FD1765DE114} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {C8727CEC-9C58-4F0D-B6C3-BF1F07C20888} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {CBB1CF12-F750-475C-9FC3-0D2ACA3F153F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE26B749-3FC9-4F98-9219-3094217A9E15} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {D0109DFD-4284-456A-B1E6-8B9E98393212} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DAA3FEAD-2860-4576-AFE9-02F251F43FCA} - System32\Tasks\SmartShare => C:\Program Files\LG Software\LG Smart Share\SmartShareStart.exe [2014-03-13] (LG Electronics Inc.)
Task: {E1D631EE-12A7-4591-98B4-648C3739CFF1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {EA63D60A-DE3F-418B-BFEE-E29A85BECFDB} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2013-02-08] (Hewlett-Packard Co.)
Task: {EBDA6815-B4A4-4171-AD07-E3BA9F6EE96C} - System32\Tasks\AdobeAAMUpdater-1.0-ahmed-PC-ahmed => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {F199CAC2-094B-4039-BCA1-27FB862A0EE7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F6352732-C59B-4808-9D7B-8FF057D2134B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FC3187F7-0940-4C12-905C-B7A137E766AD} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1492026092-2507368824-3614128289-1001UA.job => C:\Users\ahmed\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\âÙØ´ØºÙ ØªØ·Ø¨ÙÙØ§Øª Chrome.lnk -> C:\Users\ahmed\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

==================== Loaded Modules (Whitelisted) ==============

2016-09-07 03:11 - 2016-09-07 03:11 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-07 03:11 - 2016-09-07 03:11 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-09-28 03:07 - 2016-09-28 03:07 - 03118360 _____ () C:\Program Files\AVAST Software\Avast\defs\16092702\algo.dll
2016-09-28 15:09 - 2016-09-28 15:09 - 03118360 _____ () C:\Program Files\AVAST Software\Avast\defs\16092801\algo.dll
2014-02-12 14:42 - 2014-02-12 14:42 - 00039568 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-02-12 16:29 - 2014-02-12 16:29 - 00023552 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
2015-10-22 18:07 - 2015-10-22 18:07 - 00867928 _____ () C:\Program Files\Real\RealPlayer\RPDS\Plugins\cldplin.dll
2015-10-30 07:44 - 2015-10-30 07:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-14 08:27 - 2016-09-07 07:39 - 01862000 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-14 08:27 - 2016-09-07 07:39 - 01862000 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-23 14:26 - 2016-08-23 14:26 - 01383616 _____ () C:\Users\ahmed\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-06-04 13:10 - 2016-06-04 13:10 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-18 02:24 - 2016-07-01 05:31 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-09-14 08:27 - 2016-09-07 06:14 - 05340160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-14 08:26 - 2016-09-07 06:10 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 08:27 - 2016-09-07 06:10 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-14 08:27 - 2016-09-07 06:14 - 02657280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-07 03:12 - 2016-09-07 03:12 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-05-23 01:04 - 2016-05-19 14:24 - 00619520 _____ () C:\Program Files\NetWorx\sqlite.dll
2007-07-12 13:55 - 2007-07-12 13:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 13:59 - 2007-08-14 13:59 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 13:55 - 2007-07-12 13:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2016-04-26 15:40 - 2016-09-08 14:18 - 03306496 _____ () C:\Program Files\BlueStacks\libGLESv2.dll
2016-06-05 01:02 - 2016-06-05 01:10 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-06-05 01:02 - 2016-06-05 01:10 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-06-05 01:02 - 2016-06-05 01:10 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-09-17 03:30 - 2016-09-14 02:38 - 01806152 _____ () C:\Users\ahmed\AppData\Local\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-17 03:30 - 2016-09-14 02:38 - 00094024 _____ () C:\Users\ahmed\AppData\Local\Google\Chrome\Application\53.0.2785.116\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1492026092-2507368824-3614128289-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ahmed\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupreg: (default) => 
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{53EEDC54-7C47-4A50-8335-F4F67F5C2815}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{F1D8A747-838D-4148-9D0B-92E46226AE57}] => (Allow) C:\Program Files\GlassWire\GWCtlSrv.exe
FirewallRules: [{3093619D-0DFE-491B-A606-22C67FCEAC73}] => (Allow) C:\Program Files\GlassWire\GWCtlSrv.exe
FirewallRules: [{8B97F3A6-3F01-4B3E-B2DC-9A88C34EF7F5}] => (Allow) C:\Users\ahmed\Desktop\Pes 13\pes2013.exe
FirewallRules: [{62043EC9-A62D-4776-9B70-E96FCE713F21}] => (Allow) C:\Users\ahmed\Desktop\Pes 13\pes2013.exe
FirewallRules: [{23054122-5B09-473E-883B-45C49C38E30C}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{61947BD3-5A65-4A6F-95D9-92C419B81BF5}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{9EC87605-EE64-4DFE-873E-B72500E11A02}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{7D1D9A02-30A8-494F-8A75-19424CF50390}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [UDP Query User{A6A53DB1-9C38-495A-86F5-F001A11D7363}C:\program files\formatfactory\formatfactory.exe] => (Allow) C:\program files\formatfactory\formatfactory.exe
FirewallRules: [TCP Query User{FC119591-3BE3-4506-B8C6-2B2E9164F050}C:\program files\formatfactory\formatfactory.exe] => (Allow) C:\program files\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{9CBA5D1C-228E-4337-A914-7D17707D5669}F:\Ø§ÙØ¹Ø§Ø¨\ahmed\Ø§ÙØ¹Ø§Ø¨\fifa 2007\fifa07.exe] => (Allow) F:\Ø§ÙØ¹Ø§Ø¨\ahmed\Ø§ÙØ¹Ø§Ø¨\fifa 2007\fifa07.exe
FirewallRules: [TCP Query User{A8BE0FFA-5022-44AA-9CCE-9A9F10399BBA}F:\Ø§ÙØ¹Ø§Ø¨\ahmed\Ø§ÙØ¹Ø§Ø¨\fifa 2007\fifa07.exe] => (Allow) F:\Ø§ÙØ¹Ø§Ø¨\ahmed\Ø§ÙØ¹Ø§Ø¨\fifa 2007\fifa07.exe
FirewallRules: [{4F9AAC3C-E9BC-4D53-B25F-A95CE019AAD8}] => (Allow) C:\Program Files\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
FirewallRules: [{AB5396DB-5D7A-4BE6-85F4-EA00CA78417E}] => (Allow) C:\Program Files\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
FirewallRules: [{69418C17-8EB3-478A-ACB2-14D7A120561F}] => (Allow) C:\Program Files\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
FirewallRules: [{35618EE8-F4A2-463E-9D03-E15CEBD30A15}] => (Allow) C:\Program Files\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
FirewallRules: [{41773553-4B6B-42AA-9949-C3BD44AB2662}] => (Allow) LPort=1900
FirewallRules: [{6603168C-D63C-4F75-B7F7-8B7AE5A2C6FB}] => (Allow) LPort=2869
FirewallRules: [{26C52652-AA57-4AFF-AA58-00E982062FA5}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1D7DCA63-EBA5-4E80-B32E-CC9404DA1A23}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{B4E2DDBD-EEC1-40E4-8B4E-87E3CF28B75E}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{56D0B98D-17DC-43D9-8366-9326B29FA478}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F877435A-58A2-48EE-AC29-90EFD8AF412B}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{3DE5CE65-F91B-4250-BA66-323A748DAB4C}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{59A01C98-5E28-424E-9DC8-9F1F7EA24BD8}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{47F2D550-31D7-4516-997A-7FFF0461151B}] => (Allow) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{7A481EA9-EC39-4510-BB36-A586BB062AF1}] => (Allow) C:\Users\ahmed\AppData\Local\LINE\bin\4.8.3.1130\LINE.exe
FirewallRules: [{9FAE8999-9FFA-43BA-9378-E805B5343065}] => (Allow) C:\Users\ahmed\AppData\Local\LINE\bin\4.8.3.1130\LINE.exe
FirewallRules: [{3C1B2E0E-A6FE-4BC6-BD2B-1E8AA1E03F07}] => (Allow) C:\Users\ahmed\AppData\Local\LINE\bin\4.8.3.1130\LineUpdater.exe
FirewallRules: [{C190A147-1455-473B-B513-550A324BCAA7}] => (Allow) C:\Users\ahmed\AppData\Local\LINE\bin\4.8.3.1130\LineUpdater.exe
FirewallRules: [{B306736D-0BC0-4D97-91A9-568BAC09920C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{525B9503-D9E9-4633-BB1D-04EC8AC5D995}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FB7CF4C8-F835-44F9-A39D-73D59BA37040}C:\program files\le robert\le robert collÃ¨ge\clgnet.exe] => (Allow) C:\program files\le robert\le robert collÃ¨ge\clgnet.exe
FirewallRules: [UDP Query User{40DE5BF8-979C-449B-9AB7-9B0F07E17501}C:\program files\le robert\le robert collÃ¨ge\clgnet.exe] => (Allow) C:\program files\le robert\le robert collÃ¨ge\clgnet.exe
FirewallRules: [TCP Query User{B8FA455F-6587-4BAF-856E-A99A83D9E0D8}C:\program files\le robert\le robert collÃ¨ge\collegeha.exe] => (Allow) C:\program files\le robert\le robert collÃ¨ge\collegeha.exe
FirewallRules: [UDP Query User{1A77C5A3-151D-4440-9203-738E4FCFDDF5}C:\program files\le robert\le robert collÃ¨ge\collegeha.exe] => (Allow) C:\program files\le robert\le robert collÃ¨ge\collegeha.exe
FirewallRules: [{97FC82A4-19AC-4FB3-B575-998DB387B5E7}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{BAEC59D9-B835-4D7C-A4B1-7376B8E34029}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [TCP Query User{3CE2D0E5-C222-4AB8-8841-E7B538046DDE}C:\program files\le robert\le robert collÃ¨ge\collegeha.exe] => (Block) C:\program files\le robert\le robert collÃ¨ge\collegeha.exe
FirewallRules: [UDP Query User{16F8A113-2B04-4CBF-9054-990C507E1377}C:\program files\le robert\le robert collÃ¨ge\collegeha.exe] => (Block) C:\program files\le robert\le robert collÃ¨ge\collegeha.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/02/2016 12:19:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST.exe version 22.5.2016.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2a88

Start Time: 01d21c9671a11bde

Termination Time: 13

Application Path: C:\Users\ahmed\Desktop\FRST.exe

Report Id: b5970b5b-8889-11e6-af41-78e7d1d02909

Faulting package full name: 

Faulting package-relative application ID:

Error: (10/02/2016 12:13:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST.exe version 22.5.2016.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1328

Start Time: 01d21c9520dfa9d0

Termination Time: 7

Application Path: C:\Users\ahmed\Desktop\FRST.exe

Report Id: c68bbb5f-8888-11e6-af41-78e7d1d02909

Faulting package full name: 

Faulting package-relative application ID:

Error: (10/02/2016 11:56:58 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (10/02/2016 11:56:50 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (10/02/2016 11:56:50 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (10/02/2016 11:56:50 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (10/02/2016 11:56:50 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ESENT" in DLL "C:\WINDOWS\system32\esentprf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (10/02/2016 11:56:50 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (09/28/2016 01:15:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.10586.589 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 15c0

Start Time: 01d21978d1153cbe

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: bce19f5f-856c-11e6-af41-78e7d1d02909

Faulting package full name: 

Faulting package-relative application ID:

Error: (09/28/2016 01:11:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.10586.589 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 27e8

Start Time: 01d21975d200919d

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: 0e53012f-856c-11e6-af41-78e7d1d02909

Faulting package full name: 

Faulting package-relative application ID:


System errors:
=============
Error: (09/29/2016 02:38:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: ââØªÙ Ø§ÙÙØµÙÙ Ø¥ÙÙ ÙÙØ§ÙØ© Ø§ÙÙÙÙØ© (30000 ÙÙÙÙ Ø«Ø§ÙÙØ©) Ø£Ø«ÙØ§Ø¡ Ø§ÙØªØ¸Ø§Ø± Ø§ØªØµØ§Ù Ø§ÙØ®Ø¯ÙØ© Sync Host_5cb7d07.

Error: (09/29/2016 02:38:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: ââØªÙ Ø§ÙÙØµÙÙ Ø¥ÙÙ ÙÙØ§ÙØ© Ø§ÙÙÙÙØ© (30000 ÙÙÙÙ Ø«Ø§ÙÙØ©) Ø£Ø«ÙØ§Ø¡ Ø§ÙØªØ¸Ø§Ø± Ø§ØªØµØ§Ù Ø§ÙØ®Ø¯ÙØ© User Data Storage_5cb7d07.

Error: (09/29/2016 02:38:24 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: ââØ­Ø§ÙÙØª "Ø¥Ø¯Ø§Ø±Ø© Ø§ÙØªØ­ÙÙ Ø¨Ø§ÙØ®Ø¯ÙØ§Øª" Ø§ØªØ®Ø§Ø° Ø¥Ø¬Ø±Ø§Ø¡ ØªØµØ­ÙØ­Ù (Restart the service) Ø¹ÙØ¨ Ø§ÙØ¥ÙÙØ§Ø¡ ØºÙØ± Ø§ÙÙØªÙÙØ¹ ÙÙØ®Ø¯ÙØ© User Data Storage_5cb7d07 ÙÙÙÙ ÙØ´Ù ÙØ°Ø§ Ø§ÙØ¥Ø¬Ø±Ø§Ø¡ Ø¨Ø³Ø¨Ø¨ Ø§ÙØ®Ø·Ø£ Ø§ÙØªØ§ÙÙ: 
An instance of the service is already running.

Error: (09/29/2016 02:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: ââØªÙ Ø¥ÙÙØ§Ø¡ Ø§ÙØ®Ø¯ÙØ© User Data Access_5cb7d07 Ø¨Ø´ÙÙ ØºÙØ± ÙØªÙÙØ¹. Ø­Ø¯Ø« ÙØ°Ø§ 1 ÙØ±Ø©. Ø³ÙØªÙ Ø§ØªØ®Ø§Ø° Ø§ÙØ¥Ø¬Ø±Ø§Ø¡ Ø§ÙØªØµØ­ÙØ­Ù Ø§ÙØªØ§ÙÙ ÙÙ ØºØ¶ÙÙ 10000 ÙÙÙÙ Ø«Ø§ÙÙØ©: Restart the service.

Error: (09/29/2016 02:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: ââØªÙ Ø¥ÙÙØ§Ø¡ Ø§ÙØ®Ø¯ÙØ© User Data Storage_5cb7d07 Ø¨Ø´ÙÙ ØºÙØ± ÙØªÙÙØ¹. Ø­Ø¯Ø« ÙØ°Ø§ 1 ÙØ±Ø©. Ø³ÙØªÙ Ø§ØªØ®Ø§Ø° Ø§ÙØ¥Ø¬Ø±Ø§Ø¡ Ø§ÙØªØµØ­ÙØ­Ù Ø§ÙØªØ§ÙÙ ÙÙ ØºØ¶ÙÙ 10000 ÙÙÙÙ Ø«Ø§ÙÙØ©: Restart the service.

Error: (09/29/2016 02:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: ââØªÙ Ø¥ÙÙØ§Ø¡ Ø§ÙØ®Ø¯ÙØ© Contact Data_5cb7d07 Ø¨Ø´ÙÙ ØºÙØ± ÙØªÙÙØ¹. Ø­Ø¯Ø« ÙØ°Ø§ 1 ÙØ±Ø©. Ø³ÙØªÙ Ø§ØªØ®Ø§Ø° Ø§ÙØ¥Ø¬Ø±Ø§Ø¡ Ø§ÙØªØµØ­ÙØ­Ù Ø§ÙØªØ§ÙÙ ÙÙ ØºØ¶ÙÙ 10000 ÙÙÙÙ Ø«Ø§ÙÙØ©: Restart the service.

Error: (09/29/2016 02:38:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: ââØªÙ Ø¥ÙÙØ§Ø¡ Ø§ÙØ®Ø¯ÙØ© Sync Host_5cb7d07 Ø¨Ø´ÙÙ ØºÙØ± ÙØªÙÙØ¹. Ø­Ø¯Ø« ÙØ°Ø§ 1 ÙØ±Ø©. Ø³ÙØªÙ Ø§ØªØ®Ø§Ø° Ø§ÙØ¥Ø¬Ø±Ø§Ø¡ Ø§ÙØªØµØ­ÙØ­Ù Ø§ÙØªØ§ÙÙ ÙÙ ØºØ¶ÙÙ 10000 ÙÙÙÙ Ø«Ø§ÙÙØ©: Restart the service.

Error: (09/28/2016 08:43:55 AM) (Source: DCOM) (EventID: 10010) (User: ahmed-PC)
Description: The server App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.

Error: (09/28/2016 08:10:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: ââØªÙ Ø§ÙÙØµÙÙ Ø¥ÙÙ ÙÙØ§ÙØ© Ø§ÙÙÙÙØ© (30000 ÙÙÙÙ Ø«Ø§ÙÙØ©) Ø£Ø«ÙØ§Ø¡ Ø§ÙØªØ¸Ø§Ø± Ø§ØªØµØ§Ù Ø§ÙØ®Ø¯ÙØ© Sync Host_419f03b.

Error: (09/28/2016 08:10:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: ââØªÙ Ø§ÙÙØµÙÙ Ø¥ÙÙ ÙÙØ§ÙØ© Ø§ÙÙÙÙØ© (30000 ÙÙÙÙ Ø«Ø§ÙÙØ©) Ø£Ø«ÙØ§Ø¡ Ø§ÙØªØ¸Ø§Ø± Ø§ØªØµØ§Ù Ø§ÙØ®Ø¯ÙØ© User Data Storage_419f03b.


CodeIntegrity:
===================================
  Date: 2016-09-17 14:58:43.612
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-16 06:52:36.922
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-09-16 06:52:36.835
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-09-16 06:52:36.737
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-09-16 06:52:36.592
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-09-16 06:52:36.476
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-09-16 06:52:36.398
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-09-16 06:52:34.141
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-09-16 06:52:33.177
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-09-15 18:23:13.544
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU E5500 @ 2.80GHz
Percentage of memory in use: 68%
Total physical RAM: 3071.24 MB
Available physical RAM: 957.51 MB
Total Virtual: 6143.24 MB
Available Virtual: 2914.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:80 GB) (Free:29.84 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:250.51 GB) (Free:187.96 GB) NTFS
Drive e: (Ø¹ØµØ§Ù) (Fixed) (Total:300.5 GB) (Free:118.02 GB) NTFS
Drive f: () (Fixed) (Total:300.5 GB) (Free:89.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B50C0E03)
Partition 1: (Active) - (Size=80 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=851.5 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================