Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-02-2017
Ran by fadi (20-02-2017 15:29:05)
Running from C:\Users\fadi\Downloads\Programs
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2017-02-05 17:08:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2843317728-1395094010-2175450331-500 - Administrator - Disabled)
fadi (S-1-5-21-2843317728-1395094010-2175450331-1001 - Administrator - Enabled) => C:\Users\fadi
Guest (S-1-5-21-2843317728-1395094010-2175450331-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2843317728-1395094010-2175450331-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Internet Security 10.0.386.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security 10.0.386.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Driver Booster 4.2 (HKLM\...\Driver Booster_is1) (Version: 4.2.0 - IObit)
ESET Internet Security (HKLM\...\{A5EC24E5-99FA-4A5D-95B4-4BAAFF8B73E5}) (Version: 10.0.386.0 - ESET, spol. s r.o.)
Foxit PhantomPDF (HKLM\...\{153C284C-CE77-11E6-8B71-000C2992F709}) (Version: 8.2.0.2192 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 8.2.0.2051 - Foxit Software Inc.)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 6.1.0.20 - IObit)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 51.0.1 (x86 en-US)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
Tactical Ops (HKLM\...\Tactical Ops) (Version: - )
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {9ED8FE32-D8E5-4407-A014-9F823B32C4EB} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\4.2.0\Scheduler.exe [2016-12-14] (IObit)
Task: {B4C3C025-78FA-4857-B0EC-D4516B128B9B} - System32\Tasks\Driver Booster SkipUAC (fadi) => C:\Program Files\IObit\Driver Booster\4.2.0\DriverBooster.exe [2017-01-10] (IObit)
Task: {EEF4AAE4-DEF6-4AA6-B2B1-CA306AC38CBB} - System32\Tasks\Uninstaller_SkipUac_fadi => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-11-01] (IObit)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-02-19 19:15 - 2016-06-21 19:30 - 00442144 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2017-02-19 19:15 - 2016-06-21 19:29 - 00210720 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2017-02-19 19:15 - 2016-06-21 19:29 - 00059680 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-02-19 19:15 - 2016-05-23 21:49 - 00899872 _____ () C:\Program Files\IObit\IObit Uninstaller\webres.dll
2017-02-19 19:15 - 2016-10-18 16:57 - 00631072 _____ () C:\Program Files\IObit\IObit Uninstaller\ProductStatistics.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:76650B61 [103]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 18:04 - 2017-02-19 19:19 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2843317728-1395094010-2175450331-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\fadi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{129DA10D-FF19-4B96-A082-674DE4F463EB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{007347CF-BFBC-41F6-B856-7CC14299F37A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E07BF102-5A8B-468B-9ED2-2C0F462CEE37}] => (Allow) C:\Program Files\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{E48F2296-D0E1-4C87-9597-661E02CB9DE2}] => (Allow) C:\Program Files\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{3D0D30B7-D1CF-4B75-8A27-C37FB4578B7D}] => (Allow) C:\Program Files\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{9173777D-8239-4DF6-BC93-6961836399D5}] => (Allow) C:\Program Files\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{89DBC50A-918B-42E2-8B49-B0C47E856E40}] => (Allow) C:\Program Files\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{4FA7A1F7-7E3F-42AD-8823-56258980BEB6}] => (Allow) C:\Program Files\IObit\Driver Booster\4.2.0\AutoUpdate.exe
==================== Restore Points =========================
05-02-2017 08:57:42 Windows Update
05-02-2017 10:21:42 تم تثبيت Microsoft Office Word Viewer 2003
05-02-2017 10:46:27 تم إزالة Microsoft Office Word Viewer 2003
05-02-2017 10:48:08 Installed Microsoft Office Enterprise 2007
15-02-2017 08:17:34 Scheduled Checkpoint
19-02-2017 14:44:53 JRT Pre-Junkware Removal
19-02-2017 17:29:34 Driver Booster : Intel(R) ICH9 Family PCI Express Root Port 1 - 2940
19-02-2017 18:01:46 zoek.exe restore point
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/20/2017 03:22:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/20/2017 06:37:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/19/2017 06:30:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/17/2017 11:57:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/15/2017 07:01:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/14/2017 09:28:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/12/2017 06:46:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\ucbrowser\application\6.0.1308.1016\Backup\UCBrowser.exe".
Dependent Assembly 6.0.1308.1016,language="*",type="win32",version="6.0.1308.1016" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (02/12/2017 06:19:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/11/2017 05:57:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/11/2017 05:22:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (02/19/2017 06:20:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/19/2017 06:20:45 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/19/2017 06:20:44 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/19/2017 06:20:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/19/2017 06:20:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/17/2017 11:55:31 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
An instance of the service is already running.
Error: (02/17/2017 11:55:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (02/17/2017 11:55:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Reason Core Security Engine Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/17/2017 11:54:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (02/17/2017 11:54:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The rscp service terminated unexpectedly. It has done this 1 time(s).
CodeIntegrity:
===================================
Date: 2017-02-19 17:57:41.836
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\Temp\NUP9316.tmp.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 17:57:39.676
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\Temp\NUP9316.tmp.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 17:57:37.522
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\Temp\NUP9316.tmp.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 17:57:35.394
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\Temp\NUP9316.tmp.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 15:32:16.966
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET Internet Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 15:32:16.966
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET Internet Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 15:32:16.951
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET Internet Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 15:32:16.935
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET Internet Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 15:32:16.920
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET Internet Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 15:32:16.904
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET Internet Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
Percentage of memory in use: 41%
Total physical RAM: 2940 MB
Available physical RAM: 1718.79 MB
Total Virtual: 5878.29 MB
Available Virtual: 4391.9 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.56 GB) (Free:75.76 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:200.43 GB) (Free:200.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 22740B6F)
Partition 1: (Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by fadi (20-02-2017 15:29:05)
Running from C:\Users\fadi\Downloads\Programs
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2017-02-05 17:08:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2843317728-1395094010-2175450331-500 - Administrator - Disabled)
fadi (S-1-5-21-2843317728-1395094010-2175450331-1001 - Administrator - Enabled) => C:\Users\fadi
Guest (S-1-5-21-2843317728-1395094010-2175450331-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2843317728-1395094010-2175450331-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Internet Security 10.0.386.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security 10.0.386.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Driver Booster 4.2 (HKLM\...\Driver Booster_is1) (Version: 4.2.0 - IObit)
ESET Internet Security (HKLM\...\{A5EC24E5-99FA-4A5D-95B4-4BAAFF8B73E5}) (Version: 10.0.386.0 - ESET, spol. s r.o.)
Foxit PhantomPDF (HKLM\...\{153C284C-CE77-11E6-8B71-000C2992F709}) (Version: 8.2.0.2192 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 8.2.0.2051 - Foxit Software Inc.)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 6.1.0.20 - IObit)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 51.0.1 (x86 en-US)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
Tactical Ops (HKLM\...\Tactical Ops) (Version: - )
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {9ED8FE32-D8E5-4407-A014-9F823B32C4EB} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\4.2.0\Scheduler.exe [2016-12-14] (IObit)
Task: {B4C3C025-78FA-4857-B0EC-D4516B128B9B} - System32\Tasks\Driver Booster SkipUAC (fadi) => C:\Program Files\IObit\Driver Booster\4.2.0\DriverBooster.exe [2017-01-10] (IObit)
Task: {EEF4AAE4-DEF6-4AA6-B2B1-CA306AC38CBB} - System32\Tasks\Uninstaller_SkipUac_fadi => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-11-01] (IObit)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-02-19 19:15 - 2016-06-21 19:30 - 00442144 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2017-02-19 19:15 - 2016-06-21 19:29 - 00210720 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2017-02-19 19:15 - 2016-06-21 19:29 - 00059680 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-02-19 19:15 - 2016-05-23 21:49 - 00899872 _____ () C:\Program Files\IObit\IObit Uninstaller\webres.dll
2017-02-19 19:15 - 2016-10-18 16:57 - 00631072 _____ () C:\Program Files\IObit\IObit Uninstaller\ProductStatistics.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:76650B61 [103]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 18:04 - 2017-02-19 19:19 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2843317728-1395094010-2175450331-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\fadi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{129DA10D-FF19-4B96-A082-674DE4F463EB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{007347CF-BFBC-41F6-B856-7CC14299F37A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E07BF102-5A8B-468B-9ED2-2C0F462CEE37}] => (Allow) C:\Program Files\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{E48F2296-D0E1-4C87-9597-661E02CB9DE2}] => (Allow) C:\Program Files\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{3D0D30B7-D1CF-4B75-8A27-C37FB4578B7D}] => (Allow) C:\Program Files\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{9173777D-8239-4DF6-BC93-6961836399D5}] => (Allow) C:\Program Files\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{89DBC50A-918B-42E2-8B49-B0C47E856E40}] => (Allow) C:\Program Files\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{4FA7A1F7-7E3F-42AD-8823-56258980BEB6}] => (Allow) C:\Program Files\IObit\Driver Booster\4.2.0\AutoUpdate.exe
==================== Restore Points =========================
05-02-2017 08:57:42 Windows Update
05-02-2017 10:21:42 تم تثبيت Microsoft Office Word Viewer 2003
05-02-2017 10:46:27 تم إزالة Microsoft Office Word Viewer 2003
05-02-2017 10:48:08 Installed Microsoft Office Enterprise 2007
15-02-2017 08:17:34 Scheduled Checkpoint
19-02-2017 14:44:53 JRT Pre-Junkware Removal
19-02-2017 17:29:34 Driver Booster : Intel(R) ICH9 Family PCI Express Root Port 1 - 2940
19-02-2017 18:01:46 zoek.exe restore point
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/20/2017 03:22:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/20/2017 06:37:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/19/2017 06:30:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/17/2017 11:57:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/15/2017 07:01:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/14/2017 09:28:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/12/2017 06:46:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files\ucbrowser\application\6.0.1308.1016\Backup\UCBrowser.exe".
Dependent Assembly 6.0.1308.1016,language="*",type="win32",version="6.0.1308.1016" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (02/12/2017 06:19:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/11/2017 05:57:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/11/2017 05:22:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (02/19/2017 06:20:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/19/2017 06:20:45 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/19/2017 06:20:44 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/19/2017 06:20:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/19/2017 06:20:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/17/2017 11:55:31 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
An instance of the service is already running.
Error: (02/17/2017 11:55:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (02/17/2017 11:55:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Reason Core Security Engine Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/17/2017 11:54:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (02/17/2017 11:54:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The rscp service terminated unexpectedly. It has done this 1 time(s).
CodeIntegrity:
===================================
Date: 2017-02-19 17:57:41.836
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\Temp\NUP9316.tmp.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 17:57:39.676
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\Temp\NUP9316.tmp.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 17:57:37.522
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\Temp\NUP9316.tmp.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 17:57:35.394
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\Temp\NUP9316.tmp.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 15:32:16.966
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET Internet Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 15:32:16.966
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET Internet Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 15:32:16.951
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET Internet Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 15:32:16.935
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET Internet Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 15:32:16.920
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET Internet Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-19 15:32:16.904
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET Internet Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
Percentage of memory in use: 41%
Total physical RAM: 2940 MB
Available physical RAM: 1718.79 MB
Total Virtual: 5878.29 MB
Available Virtual: 4391.9 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.56 GB) (Free:75.76 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:200.43 GB) (Free:200.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 22740B6F)
Partition 1: (Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================