Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2017 Ran by TAHER (28-04-2017 18:54:11) Running from C:\Users\TAHER\Desktop Windows 8.1 Pro (Update) (X64) (2015-09-14 00:15:50) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2422561113-3094125170-2170945475-500 - Administrator - Disabled) Guest (S-1-5-21-2422561113-3094125170-2170945475-501 - Limited - Disabled) TAHER (S-1-5-21-2422561113-3094125170-2170945475-1001 - Administrator - Enabled) => C:\Users\TAHER ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: جدار الحماية الشخصي ESET (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 4Media Video Cutter 2 (HKLM-x32\...\4Media Video Cutter 2) (Version: 2.2.0.20120901 - 4Media) 7GIF (HKLM\...\{D27A1E28-51AD-4CB7-9AAD-11D8DDA3B619}_is1) (Version: 1.1.1.1020 - Xtreme-LAb®) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated) Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) AVG (Version: 1.181.1 - AVG Technologies) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform) Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.109 - ALPS ELECTRIC CO., LTD.) Driver Booster 4.3 (HKLM-x32\...\Driver Booster_is1) (Version: 4.3.0 - IObit) EagleGet version 2.0.4.9 (HKLM-x32\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.4.9 - EagleGet) ESET Smart Security (HKLM\...\{BB33F44D-E38B-4213-9136-858CB576A210}) (Version: 10.0.390.0 - ESET, spol. s r.o.) FMW 1 (Version: 1.182.1 - AVG Technologies) Hidden Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.2.1.6871 - Foxit Software Inc.) GiliSoft Video Editor 7.1.0 (HKLM-x32\...\{3908B421-EF03-4389-A38C-DBAF6252E312}_is1) (Version: 7.1.0 - GiliSoft International LLC.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc‎.‎) Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden ImageShack Uploader 2.2.0 (HKLM-x32\...\{8BCD7AE7-F713-4D50-BAB9-7839B9386870}) (Version: 2.2.0 - ImageShack Corp.) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.3.0.18 - IObit) KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.4.6 - PandoraTV) Malwarebytes version 3.0.6.1458 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1458 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Firefox 53.0 (x64 ar) (HKLM\...\Mozilla Firefox 53.0 (x64 ar)) (Version: 53.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla) MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team) NVIDIA برنامج نظام PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Real GIF Optimizer v3.05 (HKLM-x32\...\Real GIF Optimizer_is1) (Version: - RealMultiMedia Development) Snagit 13 (HKLM-x32\...\{f77be5ce-8cc7-4cbe-aac0-2164e844b4be}) (Version: 13.0.1.6326 - TechSmith Corporation) Snagit 13 (x32 Version: 13.0.1 - TechSmith Corporation) Hidden SnagIt 8 (HKLM-x32\...\{DA0BF7AB-88EB-4675-8FA1-531EAD938821}) (Version: 8.2.3 - TechSmith Corporation) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) WhatsApp (HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp) Winamp (remove only) (HKLM-x32\...\Winamp) (Version: - ) WinRAR 5.31 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH) لوحة تحكم NVIDIA 342.01 (Version: 342.01 - NVIDIA Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001_Classes\CLSID\{6d4c2238-c1b9-5d67-81d8-2cf6949997db}\InprocServer32 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll (EagleGet) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {069A81EA-7E2F-4819-A90A-C6927ECCB25E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-04-12] (Microsoft Corporation) Task: {209FD1F4-868D-4B58-AA00-516CD7E22726} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\Scheduler.exe [2017-03-10] (IObit) Task: {515D055E-8138-4034-A179-38FCA7ED28CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-18] (Adobe Systems Incorporated) Task: {5F722710-E970-44D1-91AE-00EEF7402125} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.) Task: {70FA23F2-84C6-45D3-BFE8-B04C3DE33996} - System32\Tasks\Opera scheduled Autoupdate 1486325203 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-27] (Opera Software) Task: {7A921398-2270-4242-BC7C-44009F7141B9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd) Task: {866BFC9B-C9B1-4212-B686-FFA2E4EA6AA4} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2016-03-28] (TechSmith Corporation) Task: {98E942D4-47D8-47B4-8E06-1AB0E6553605} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.) Task: {D6F25438-15FE-4CA5-9772-5915DC03AA9E} - System32\Tasks\Driver Booster SkipUAC (TAHER) => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe [2017-03-16] (IObit) Task: {E3988A8B-621C-43B9-85A5-4C26A75502CA} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {ED3829A0-1E5B-4095-A169-A376EE2695AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {F63CE93F-208B-4DDA-B210-E9A1F7C5F8B9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-18] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\TAHER\AppData\Local\Google\Chrome\User Data\‏مشغل تطبيقات Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\TAHER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\‏مشغل تطبيقات Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\TAHER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\1f691da8a68f8326\‪Emoji Keyboard (2016) by EmojiOne™‬.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ipdjnhgkpapgippgcgkfcbpdpcgifncb ==================== Loaded Modules (Whitelisted) ============== 2015-09-14 19:58 - 2016-11-14 13:15 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-05-01 16:13 - 2014-05-01 16:13 - 00470016 _____ () C:\Users\TAHER\AppData\Local\MEGAsync\ShellExtX64.dll 2017-04-28 04:21 - 2017-04-28 04:28 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2017-04-28 04:21 - 2017-04-28 04:28 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-04-03 09:26 - 2017-03-28 17:08 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl 2017-04-03 09:26 - 2017-03-28 17:08 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2017-04-03 09:26 - 2017-03-28 17:08 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl 2017-04-03 09:26 - 2017-03-28 17:09 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll 2017-04-03 09:26 - 2017-03-28 17:09 - 00631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences [386] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\100sexlinks.com -> 100sexlinks.com There are 4791 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-04-09 14:59 - 2017-04-28 04:16 - 00000064 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 keystone.mwbsys.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => MSCONFIG\startupreg: CCleaner Monitoring => MSCONFIG\startupreg: Malwarebytes TrayApp => c:\program files\malwarebytes\anti-malware\mbamtray.exe MSCONFIG\startupreg: ultracopier => HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run: => "AvgUi" HKLM\...\StartupApproved\Run32: => "WinampAgent" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "CCleaner Monitoring" HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DFA0042BDF6D2158D448D45A3D8E0D66" HKU\S-1-5-21-2422561113-3094125170-2170945475-1001\...\StartupApproved\Run: => "ultracopier" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{6FB3FD4C-FF67-49D3-8B47-36DAFC73F4C8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{AAA33CAB-F44C-4304-85AD-E9F1CD950BEE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{E72B3C4D-4DE9-4BA4-B165-03BA7E79B983}] => (Allow) LPort=8298 FirewallRules: [{EF0C1271-4B53-480A-8969-E4691D8DEAF7}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe FirewallRules: [{6AF50A72-0DD8-40D4-B95C-EB19E08468C0}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe FirewallRules: [{4021F736-A8F1-40F3-BC8F-B6D35026AC98}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{94D01776-3A82-4CAD-BD33-CE7F7CD8CEF9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe FirewallRules: [{95C8C549-E529-4B44-A410-491D6F336D26}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe FirewallRules: [{1A283B3A-354A-4578-AF80-0FE2C723D415}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DBDownloader.exe FirewallRules: [{0916CA25-33D9-4CBA-95CA-594A5B2540BE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DBDownloader.exe FirewallRules: [{4D27BDA0-5E58-40C5-8D40-79865BC62C6E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\AutoUpdate.exe FirewallRules: [{9067DD11-3EBE-46F0-AC2F-969D4206A81E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\AutoUpdate.exe ==================== Restore Points ========================= 26-04-2017 20:04:46 Windows Update ==================== Faulty Device Manager Devices ============= Name: Broadcom USH Description: Broadcom USH Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (04/28/2017 03:58:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: ‏‏فشل بدء تشغيل الخدمة AVG Service بسبب الخطأ التالي: ‏‏لم تستجب الخدمة لبدء التشغيل أو لطلب عنصر التحكم في الوقت المناسب. Error: (04/28/2017 03:58:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: ‏‏تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة AVG Service. Error: (04/28/2017 03:58:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: ‏‏فشل بدء تشغيل الخدمة Intel AGP Bus Filter بسبب الخطأ التالي: ‏‏يتعذر بدء تشغيل الخدمة، إما لكونها معطلة أو لعدم وجود أي أجهزة ممكّنة مرفقة بها. Error: (04/28/2017 12:27:15 PM) (Source: DCOM) (EventID: 10010) (User: TITo) Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout. Error: (04/28/2017 05:02:04 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY) Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2422561113-3094125170-2170945475-1001-04282017050203486-ntuser.dat Error: (04/28/2017 05:01:11 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY) Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2422561113-3094125170-2170945475-1001-04282017050109834-ntuser.dat Error: (04/28/2017 04:32:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: ‏‏فشل بدء تشغيل الخدمة AVG Service بسبب الخطأ التالي: ‏‏لم تستجب الخدمة لبدء التشغيل أو لطلب عنصر التحكم في الوقت المناسب. Error: (04/28/2017 04:32:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: ‏‏تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة AVG Service. Error: (04/28/2017 04:32:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: ‏‏فشل بدء تشغيل الخدمة Intel AGP Bus Filter بسبب الخطأ التالي: ‏‏يتعذر بدء تشغيل الخدمة، إما لكونها معطلة أو لعدم وجود أي أجهزة ممكّنة مرفقة بها. Error: (04/28/2017 04:09:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: ‏‏فشل بدء تشغيل الخدمة AVG Service بسبب الخطأ التالي: ‏‏لم تستجب الخدمة لبدء التشغيل أو لطلب عنصر التحكم في الوقت المناسب. CodeIntegrity: =================================== Date: 2017-04-28 15:57:44.152 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Impcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-04-28 04:32:06.853 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Impcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-04-28 04:08:53.946 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Impcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-04-28 01:57:36.743 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Impcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-04-27 10:30:36.227 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Impcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-04-27 10:28:01.524 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Impcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-04-24 16:30:19.526 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Impcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-04-24 14:59:04.573 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Impcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-04-22 23:43:01.322 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Impcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-04-22 14:28:50.494 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Impcd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz Percentage of memory in use: 27% Total physical RAM: 3957.83 MB Available physical RAM: 2869.27 MB Total Virtual: 5941.83 MB Available Virtual: 4604.19 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:48.73 GB) (Free:14.1 GB) NTFS Drive e: (New Volume) (Fixed) (Total:292.97 GB) (Free:41.38 GB) NTFS Drive f: (New Volume) (Fixed) (Total:259.18 GB) (Free:109.44 GB) NTFS Drive g: (New Volume) (Fixed) (Total:97.66 GB) (Free:45.63 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: B95575E4) Partition 1: (Active) - (Size=99 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=48.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=552.2 GB) - (Type=OF Extended) ==================== End of Addition.txt ============================