Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-10-2016
Ran by moez (14-10-2016 17:00:05)
Running from C:\Users\moez\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-07-26 12:23:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-318700280-1262799068-3410121159-500 - Administrator - Disabled)
Guest (S-1-5-21-318700280-1262799068-3410121159-501 - Limited - Disabled)
moez (S-1-5-21-318700280-1262799068-3410121159-1000 - Administrator - Enabled) => C:\Users\moez
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-318700280-1262799068-3410121159-1000\...\uTorrent) (Version: 3.4.8.42445 - BitTorrent Inc.)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition Tale of the Dragon (HKLM\...\YWdlb2ZteXRob2xvZ3lleHRlbmRlZGVkaXRpb24_is1) (Version: 1 - )
Ansel (Version: 368.81 - NVIDIA Corporation) Hidden
Arabic Rappelz (HKLM-x32\...\Arabic Rappelz) (Version: - Game Power 7)
Auslogics Driver Updater (HKLM-x32\...\{23BB1B18-3537-48F7-BEF7-42BC65DBF993}_is1) (Version: 1.9.0.0 - Auslogics Labs Pty Ltd)
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
Driver Easy 5.1.0 (HKLM\...\DriverEasy_is1) (Version: 5.1.0 - Easeware)
EagleGet version 2.0.4.15 (HKLM-x32\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.4.15 - EagleGet)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Inside (HKLM-x32\...\{9BD4503F-F711-491D-984A-AB4ABD66B8C2}_is1) (Version: - Playdead)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Driver Update Utility 2.6 (x32 Version: 2.6.0.32 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4226 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{3e714701-b89c-4cf2-bf3b-41b2c105ffdc}) (Version: 2.6.0.32 - Intel)
IP Video System Design Tool 8 VIVOTEK v.8.1.0.1347 (HKLM-x32\...\IP Video System Design Tool 8 VIVOTEK_is1) (Version: - www.jvsg.com)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
K-Lite Codec Pack 12.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.0.5 - KLCP)
mHotspot version 7.8.8.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 7.8.8.0 - 1BN Software & IT Solutions Pvt. Ltd.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 en-US)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Nmap 7.25BETA2 (HKLM-x32\...\Nmap) (Version: 7.25BETA2 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.81 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Oracle VM VirtualBox 5.0.20 (HKLM\...\{8209969B-9A31-4021-B0D8-E6F719F7F995}) (Version: 5.0.20 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PrimoPDF -- by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5.0.0.19 - Nitro PDF Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.14.31 - Synaptics Incorporated)
Tomb Raider - The Last Revelation (HKLM-x32\...\Tomb Raider - The Last Revelation) (Version: - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-318700280-1262799068-3410121159-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09936799-1755-439E-BFE1-8DBDDB8961A4} - System32\Tasks\Driver Genius Scheduler => E:\Program Files (x86)\DriverGeniusx\DriverGenius.exe
Task: {0F556F5D-CE19-4B0E-9CD2-4795D44D5E65} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {1BF2F06E-5737-474D-8156-03B11BA8698E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-27] (Google Inc.)
Task: {2CAF1455-7664-4CD3-9A09-CB7876F160E8} - System32\Tasks\Driver Genius Skip UAC => E:\Program Files (x86)\DriverGeniusx\DriverGenius.exe
Task: {354DF94F-9454-4722-BF7E-8FEC3534F846} - System32\Tasks\CCleanerSkipUAC => E:\Program Files (x86)\cc\CCleaner.exe [2016-08-05] (Piriform Ltd)
Task: {3D2AD12F-72A0-44F1-BB4E-661459492052} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-03-22] ()
Task: {3D66A5A3-4EAE-4249-8D93-939A80185460} - System32\Tasks\Driver Easy Scheduled Scan => E:\Program Files (x86)\DriverEasy\DriverEasy.exe [2016-08-10] (Easeware)
Task: {551EA2D9-7C56-4D03-B240-894661326559} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => E:\Program Files (x86)\office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {67472463-1F72-4750-B125-BBB57C5E29E2} - System32\Tasks\{F3A134A3-0A8D-46B6-86D6-9AE150D30785} => pcalua.exe -a H:\lide20lide30n670un676un1240uvst7031a_xpen\SetupSG.exe -d H:\lide20lide30n670un676un1240uvst7031a_xpen
Task: {6A644A49-1992-45AB-8557-48A83F8FA6E0} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {BA91011E-5289-463C-AD7D-831AB0137D6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-27] (Google Inc.)
Task: {CBB778B8-7168-47F1-9321-BEA87EB34B45} - System32\Tasks\Auslogics\Driver Updater\Scan => Rundll32.exe TaskSchedulerHelper.dll,RunTask "DriverUpdater.exe" "-UseTray -Schedule"
Task: {D4162A80-52DF-4674-BED0-05D0267B3AB4} - System32\Tasks\{539C7835-F3A5-4BE0-AA6F-8EC9766A8141} => pcalua.exe -a "E:\New folder (3)e\New folder (3)\New folder (2)\TSPussyhunters - Maitresse Madeline, Jesssica Fox, Eva Lin and Venus Lux [.wmv]\The.Stomping.Land.Alpha.v0.5.0.1.Online.Ready-Royalgamer06\Setup\Binaries\Redist\UE3Redist.exe" -d "E:\New folder (3)e\New folder (3)\New folder (2)\TSPussyhunters - M (the data entry has 143 more characters).
Task: {E638F957-6D8D-4BDA-83AD-EF1C1BC11C75} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => E:\Program Files (x86)\office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EFF26836-DCDF-46F6-B2AC-17F22F7466B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {F30CC47C-8137-4DF8-961B-7859B3D2E860} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => E:\Program Files (x86)\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-27 05:27 - 2016-07-11 04:13 - 00020536 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2016-07-27 05:31 - 2016-07-11 01:17 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-08-22 02:10 - 2009-07-31 03:58 - 00090624 _____ () C:\Windows\System32\Primomonnt.dll
2016-07-27 03:41 - 2016-09-13 18:15 - 00247984 _____ () E:\Program Files (x86)\EagleGet\EGMonitor.exe
2016-05-18 00:42 - 2016-05-18 00:42 - 00230064 _____ () E:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-06-08 18:04 - 2016-06-08 18:04 - 00117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-06-08 18:04 - 2016-06-08 18:04 - 00256152 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\analyzer.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-07-27 04:53 - 2016-06-08 18:07 - 00458904 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-07-27 04:53 - 2016-06-08 18:18 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-07-27 04:53 - 2016-06-08 18:17 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-07-27 04:53 - 2016-06-08 18:12 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-07-27 04:53 - 2016-06-08 18:15 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-07-27 04:53 - 2016-06-08 18:16 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-07-27 04:53 - 2016-06-08 18:16 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-07-27 04:53 - 2016-06-08 18:16 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-07-27 04:53 - 2016-06-08 18:17 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-07-27 04:53 - 2016-06-08 18:17 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-07-27 04:53 - 2016-06-08 18:16 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-07-27 04:53 - 2016-06-08 18:15 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-07-28 00:29 - 2016-03-22 12:00 - 00322048 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\libbluray.dll
2016-07-28 00:29 - 2015-10-24 19:00 - 04374528 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax
2016-07-28 00:29 - 2015-10-24 19:00 - 03966464 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffmpeg.dll
2016-09-30 22:05 - 2016-09-25 08:02 - 02279528 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-09-30 22:05 - 2016-09-25 08:02 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-07-27 03:41 - 2016-09-13 18:15 - 00998064 _____ () E:\Program Files (x86)\EagleGet\util.dll
2016-07-27 03:41 - 2014-07-17 15:13 - 00397312 _____ () E:\Program Files (x86)\EagleGet\sqlite3.dll
2016-07-27 05:27 - 2016-07-11 04:13 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-07-27 03:41 - 2016-09-13 18:15 - 00225968 _____ () E:\Program Files (x86)\EagleGet\CrashRpt.dll
2016-07-27 03:41 - 2013-09-15 10:31 - 00053760 _____ () E:\Program Files (x86)\EagleGet\zlib.dll
2016-07-27 03:41 - 2016-09-13 18:15 - 00851120 _____ () E:\Program Files (x86)\EagleGet\ssl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-318700280-1262799068-3410121159-1000\...\sharepoint.com -> hxxps://universityoftripoli.sharepoint.com
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2016-07-27 13:30 - 00000914 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 http://www.drivertoolkit.com
127.0.0.1 www.drivertoolkit.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-318700280-1262799068-3410121159-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\moez\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: CCleaner Monitoring => "E:\Program Files (x86)\cc\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GrooveMonitor => "E:\Program Files (x86)\Microsoft Office2\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: Steam => "e:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{812EA6CF-5912-443D-8F3A-7B3836BE3831}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3AD5889F-8C81-4087-AD31-F141BA5CF7FD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8A410AD7-9EB7-46A6-BAF3-97858AFD6803}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E5340127-D228-400E-8E3E-53E123B98AF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EEEF50AB-A7A9-45E0-AC2E-F31902AFAB73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{0F3E3081-97EE-48CB-9C05-F2F7E8B3CB97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ABE4F214-ADA3-45F6-B1A8-1C72ED6A234E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F395F1E3-1792-4420-AA98-33E69CAE77A9}] => (Allow) E:\Program Files (x86)\firefox\firefox.exe
FirewallRules: [{976CA5BD-A348-4DCE-9487-71C2EE4FC5A7}] => (Allow) E:\Program Files (x86)\firefox\firefox.exe
FirewallRules: [{8FF16FAA-4FA3-419D-B48B-733659EB6963}] => (Allow) H:\mHotspot[1].exe
FirewallRules: [{84BA13EA-8E65-4FF1-8536-5F4525AAE49C}] => (Allow) H:\mHotspot[1].exe
FirewallRules: [{6F6C2143-3FD6-4B1E-8877-03257E33B924}] => (Allow) E:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [{8986B0EA-2FE7-455E-9980-1171E267256F}] => (Allow) E:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [{7307422C-7755-4114-A82D-8AD66149D7AF}] => (Allow) E:\Program Files (x86)\SHAREit\SHAREit.exe
FirewallRules: [{18988754-EF32-4854-92C6-7E2040B44C9E}] => (Allow) E:\Program Files (x86)\SHAREit\SHAREit.exe
FirewallRules: [{B8DED375-95DA-4158-937F-51120C3AB130}] => (Block) e:\Program Files (x86)\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{C523FE7E-FBED-4E29-AB3A-54782163AA59}] => (Block) e:\Program Files (x86)\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{1A6A995D-F898-46A3-8EFF-EF0DA43AA429}] => (Allow) C:\Windows\System32\wuapp.exe
FirewallRules: [{2FC615F3-AE33-4E22-95A2-137A267F21D7}] => (Allow) C:\Windows\System32\wuapp.exe
FirewallRules: [{C5879CB9-A362-48C4-AB68-F1C8F306117D}] => (Allow) C:\Windows\System32\wuapp.exe
FirewallRules: [{2C075D4E-5821-4315-AE21-0487F84B3B30}] => (Allow) C:\Windows\System32\wuapp.exe
FirewallRules: [{9B69C288-C410-4BC2-8E37-A6FAD97710F2}] => (Allow) E:\game\raplz\Launcher.exe
FirewallRules: [{C2ECCE93-C573-4255-B7AA-ECEA3C198E48}] => (Allow) E:\game\raplz\Launcher.exe
FirewallRules: [{9BA5C68F-978F-4787-9212-23C74E568E8B}] => (Allow) E:\game\raplz\Launcher.exe
FirewallRules: [{9A2BE666-6F55-4D1B-A298-68EB3D439DCD}] => (Allow) E:\game\raplz\Launcher.exe
FirewallRules: [TCP Query User{F6D47A95-7FB8-448C-9155-4DED4D6E43D8}C:\users\moez\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\moez\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{49FE9B4C-2FC7-483F-9FC4-F7307ECBC66D}C:\users\moez\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\moez\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{66C6D9BE-7C82-410A-9EF6-A87A348D1B79}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B91AD09C-AFFE-43A7-9706-03206505A141}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{568602DF-B816-4F2B-BF8F-61212B07BBAB}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{735E310B-0924-40DF-A6B3-9EE5E15C2334}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A13636F4-1BC7-425E-B121-0DCD0605A613}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{950B3EC9-63C6-454D-A3C0-964E1CFA6D71}] => (Allow) E:\Program Files (x86)\office\Office15\lync.exe
FirewallRules: [{6AA1C4AA-54F6-4179-8857-AFCD1C0AE73F}] => (Allow) E:\Program Files (x86)\office\Office15\lync.exe
FirewallRules: [{42FEF501-03F1-494F-A802-97E3D2131D1A}] => (Allow) E:\Program Files (x86)\office\Office15\UcMapi.exe
FirewallRules: [{08585DD9-773D-4F7D-BA1E-9123BC57F9F1}] => (Allow) E:\Program Files (x86)\office\Office15\UcMapi.exe
FirewallRules: [{B538E4FF-88F1-4331-B8CC-481DC0A16DE5}] => (Allow) E:\Program Files (x86)\office\Office15\outlook.exe
FirewallRules: [{C7224DC9-287B-4B08-8528-E8C14F335154}] => (Allow) E:\Program Files (x86)\Microsoft Office2\Office12\outlook.exe
FirewallRules: [{EFCF3611-F32F-472C-8479-3460FD0FF576}] => (Allow) E:\Program Files (x86)\Microsoft Office2\Office12\GROOVE.EXE
FirewallRules: [{15E82A01-E1E4-4D19-9CF2-ACE64FB3B37C}] => (Allow) E:\Program Files (x86)\Microsoft Office2\Office12\GROOVE.EXE
FirewallRules: [{B48695C2-1132-4D28-973D-70B5CBA8281B}] => (Allow) E:\Program Files (x86)\Microsoft Office2\Office12\ONENOTE.EXE
FirewallRules: [{4851C370-5F31-4CE5-8039-31FA97497D96}] => (Allow) E:\Program Files (x86)\Microsoft Office2\Office12\ONENOTE.EXE
==================== Restore Points =========================
11-10-2016 19:43:22 Windows Update
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Realtek Bluetooth 4.0 Adapter
Description: Realtek Bluetooth 4.0 Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Realtek Semiconductor Corp.
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (10/14/2016 04:53:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: eagleget_setup.tmp, version: 51.1052.0.0, time stamp: 0x5707a959
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17514, time stamp: 0x4ce7bafa
Exception code: 0x0eedfade
Fault offset: 0x0000b727
Faulting process id: 0x186c
Faulting application start time: 0x01d2262ab76a074d
Faulting application path: C:\Users\moez\AppData\Local\Temp\is-LA02B.tmp\eagleget_setup.tmp
Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
Report Id: f6d3738a-921d-11e6-9308-8d5f799c8a84
Error: (10/14/2016 04:52:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: eagleget_setup.tmp, version: 51.1052.0.0, time stamp: 0x5707a959
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17514, time stamp: 0x4ce7bafa
Exception code: 0x0eedfade
Fault offset: 0x0000b727
Faulting process id: 0xee8
Faulting application start time: 0x01d2262a821a1797
Faulting application path: C:\Users\moez\AppData\Local\Temp\is-GIRUT.tmp\eagleget_setup.tmp
Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
Report Id: c6cda847-921d-11e6-9308-8d5f799c8a84
Error: (10/14/2016 03:34:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: lrio.exe, version: 2.1.28.29072, time stamp: 0x56eb23b9
Faulting module name: lrio.exe, version: 2.1.28.29072, time stamp: 0x56eb23b9
Exception code: 0x40000015
Fault offset: 0x00000000000a72be
Faulting process id: 0xa00
Faulting application start time: 0x01d2261fb82d3036
Faulting application path: C:\Program Files\Intel\Telemetry 2.0\lrio.exe
Faulting module path: C:\Program Files\Intel\Telemetry 2.0\lrio.exe
Report Id: f756fa74-9212-11e6-9308-8d5f799c8a84
Error: (10/14/2016 03:26:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/14/2016 01:04:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.2.1.0, time stamp: 0x00000004
Faulting module name: libqt4_plugin.dll, version: 2.2.1.0, time stamp: 0x00020002
Exception code: 0x40000015
Fault offset: 0x007ca10a
Faulting process id: 0x1410
Faulting application start time: 0x01d225a60e0feaa7
Faulting application path: e:\Program Files (x86)\VideoLAN\VLC\vlc.exe
Faulting module path: e:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
Report Id: 63fec93b-9199-11e6-a480-c2125f23b689
Error: (10/13/2016 07:33:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/13/2016 02:54:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: lrio.exe, version: 2.1.28.29072, time stamp: 0x56eb23b9
Faulting module name: lrio.exe, version: 2.1.28.29072, time stamp: 0x56eb23b9
Exception code: 0x40000015
Fault offset: 0x00000000000a72be
Faulting process id: 0x1994
Faulting application start time: 0x01d22550fc2112ff
Faulting application path: C:\Program Files\Intel\Telemetry 2.0\lrio.exe
Faulting module path: C:\Program Files\Intel\Telemetry 2.0\lrio.exe
Report Id: 3ae19292-9144-11e6-ac50-8c5eb59fea84
Error: (10/13/2016 02:46:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/13/2016 02:13:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/12/2016 10:00:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (10/14/2016 03:25:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
VBoxNetAdp
Error: (10/14/2016 03:24:43 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (10/13/2016 07:32:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/13/2016 07:32:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
Error: (10/13/2016 07:32:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
VBoxNetAdp
Error: (10/13/2016 07:31:50 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (10/13/2016 07:31:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 07:30:17 م on 13/10/2016 was unexpected.
Error: (10/13/2016 07:30:21 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (10/13/2016 07:30:17 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 04:39:31 م on 13/10/2016 was unexpected.
Error: (10/13/2016 02:44:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
VBoxNetAdp
CodeIntegrity:
===================================
Date: 2016-10-14 00:34:36.524
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-14 00:34:36.521
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-14 00:34:36.517
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-14 00:34:36.481
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-14 00:34:36.478
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-14 00:34:36.475
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-13 01:01:41.130
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-13 01:01:41.127
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-13 01:01:41.124
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-13 01:01:41.063
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 71%
Total physical RAM: 3990.59 MB
Available physical RAM: 1124.4 MB
Total Virtual: 7979.37 MB
Available Virtual: 4241.06 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:149.9 GB) (Free:67.58 GB) NTFS
Drive d: () (Fixed) (Total:228.15 GB) (Free:17.04 GB) NTFS
Drive e: () (Fixed) (Total:212 GB) (Free:12.8 GB) NTFS
Drive f: () (Fixed) (Total:312.49 GB) (Free:10.2 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 21577EA3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=312.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=469 GB) - (Type=OF Extended)
==================== End of Addition.txt ============================
Ran by moez (14-10-2016 17:00:05)
Running from C:\Users\moez\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-07-26 12:23:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-318700280-1262799068-3410121159-500 - Administrator - Disabled)
Guest (S-1-5-21-318700280-1262799068-3410121159-501 - Limited - Disabled)
moez (S-1-5-21-318700280-1262799068-3410121159-1000 - Administrator - Enabled) => C:\Users\moez
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-318700280-1262799068-3410121159-1000\...\uTorrent) (Version: 3.4.8.42445 - BitTorrent Inc.)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition Tale of the Dragon (HKLM\...\YWdlb2ZteXRob2xvZ3lleHRlbmRlZGVkaXRpb24_is1) (Version: 1 - )
Ansel (Version: 368.81 - NVIDIA Corporation) Hidden
Arabic Rappelz (HKLM-x32\...\Arabic Rappelz) (Version: - Game Power 7)
Auslogics Driver Updater (HKLM-x32\...\{23BB1B18-3537-48F7-BEF7-42BC65DBF993}_is1) (Version: 1.9.0.0 - Auslogics Labs Pty Ltd)
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
Driver Easy 5.1.0 (HKLM\...\DriverEasy_is1) (Version: 5.1.0 - Easeware)
EagleGet version 2.0.4.15 (HKLM-x32\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.4.15 - EagleGet)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Inside (HKLM-x32\...\{9BD4503F-F711-491D-984A-AB4ABD66B8C2}_is1) (Version: - Playdead)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Driver Update Utility 2.6 (x32 Version: 2.6.0.32 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4226 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{3e714701-b89c-4cf2-bf3b-41b2c105ffdc}) (Version: 2.6.0.32 - Intel)
IP Video System Design Tool 8 VIVOTEK v.8.1.0.1347 (HKLM-x32\...\IP Video System Design Tool 8 VIVOTEK_is1) (Version: - www.jvsg.com)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
K-Lite Codec Pack 12.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.0.5 - KLCP)
mHotspot version 7.8.8.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 7.8.8.0 - 1BN Software & IT Solutions Pvt. Ltd.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 en-US)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Nmap 7.25BETA2 (HKLM-x32\...\Nmap) (Version: 7.25BETA2 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.81 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Oracle VM VirtualBox 5.0.20 (HKLM\...\{8209969B-9A31-4021-B0D8-E6F719F7F995}) (Version: 5.0.20 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PrimoPDF -- by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5.0.0.19 - Nitro PDF Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.14.31 - Synaptics Incorporated)
Tomb Raider - The Last Revelation (HKLM-x32\...\Tomb Raider - The Last Revelation) (Version: - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-318700280-1262799068-3410121159-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09936799-1755-439E-BFE1-8DBDDB8961A4} - System32\Tasks\Driver Genius Scheduler => E:\Program Files (x86)\DriverGeniusx\DriverGenius.exe
Task: {0F556F5D-CE19-4B0E-9CD2-4795D44D5E65} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {1BF2F06E-5737-474D-8156-03B11BA8698E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-27] (Google Inc.)
Task: {2CAF1455-7664-4CD3-9A09-CB7876F160E8} - System32\Tasks\Driver Genius Skip UAC => E:\Program Files (x86)\DriverGeniusx\DriverGenius.exe
Task: {354DF94F-9454-4722-BF7E-8FEC3534F846} - System32\Tasks\CCleanerSkipUAC => E:\Program Files (x86)\cc\CCleaner.exe [2016-08-05] (Piriform Ltd)
Task: {3D2AD12F-72A0-44F1-BB4E-661459492052} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-03-22] ()
Task: {3D66A5A3-4EAE-4249-8D93-939A80185460} - System32\Tasks\Driver Easy Scheduled Scan => E:\Program Files (x86)\DriverEasy\DriverEasy.exe [2016-08-10] (Easeware)
Task: {551EA2D9-7C56-4D03-B240-894661326559} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => E:\Program Files (x86)\office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {67472463-1F72-4750-B125-BBB57C5E29E2} - System32\Tasks\{F3A134A3-0A8D-46B6-86D6-9AE150D30785} => pcalua.exe -a H:\lide20lide30n670un676un1240uvst7031a_xpen\SetupSG.exe -d H:\lide20lide30n670un676un1240uvst7031a_xpen
Task: {6A644A49-1992-45AB-8557-48A83F8FA6E0} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {BA91011E-5289-463C-AD7D-831AB0137D6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-27] (Google Inc.)
Task: {CBB778B8-7168-47F1-9321-BEA87EB34B45} - System32\Tasks\Auslogics\Driver Updater\Scan => Rundll32.exe TaskSchedulerHelper.dll,RunTask "DriverUpdater.exe" "-UseTray -Schedule"
Task: {D4162A80-52DF-4674-BED0-05D0267B3AB4} - System32\Tasks\{539C7835-F3A5-4BE0-AA6F-8EC9766A8141} => pcalua.exe -a "E:\New folder (3)e\New folder (3)\New folder (2)\TSPussyhunters - Maitresse Madeline, Jesssica Fox, Eva Lin and Venus Lux [.wmv]\The.Stomping.Land.Alpha.v0.5.0.1.Online.Ready-Royalgamer06\Setup\Binaries\Redist\UE3Redist.exe" -d "E:\New folder (3)e\New folder (3)\New folder (2)\TSPussyhunters - M (the data entry has 143 more characters).
Task: {E638F957-6D8D-4BDA-83AD-EF1C1BC11C75} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => E:\Program Files (x86)\office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EFF26836-DCDF-46F6-B2AC-17F22F7466B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {F30CC47C-8137-4DF8-961B-7859B3D2E860} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => E:\Program Files (x86)\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-27 05:27 - 2016-07-11 04:13 - 00020536 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2016-07-27 05:31 - 2016-07-11 01:17 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-08-22 02:10 - 2009-07-31 03:58 - 00090624 _____ () C:\Windows\System32\Primomonnt.dll
2016-07-27 03:41 - 2016-09-13 18:15 - 00247984 _____ () E:\Program Files (x86)\EagleGet\EGMonitor.exe
2016-05-18 00:42 - 2016-05-18 00:42 - 00230064 _____ () E:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-06-08 18:04 - 2016-06-08 18:04 - 00117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-06-08 18:04 - 2016-06-08 18:04 - 00256152 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\analyzer.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-07-27 04:53 - 2016-06-08 18:07 - 00458904 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-07-27 04:53 - 2016-06-08 18:18 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-07-27 04:53 - 2016-06-08 18:17 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-07-27 04:53 - 2016-06-08 18:12 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-07-27 04:53 - 2016-06-08 18:15 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-07-27 04:53 - 2016-06-08 18:16 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-07-27 04:53 - 2016-06-08 18:16 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-07-27 04:53 - 2016-06-08 18:16 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-07-27 04:53 - 2016-06-08 18:17 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-07-27 04:53 - 2016-06-08 18:17 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-07-27 04:53 - 2016-06-08 18:16 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-07-27 04:53 - 2016-06-08 18:15 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-07-28 00:29 - 2016-03-22 12:00 - 00322048 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\libbluray.dll
2016-07-28 00:29 - 2015-10-24 19:00 - 04374528 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax
2016-07-28 00:29 - 2015-10-24 19:00 - 03966464 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffmpeg.dll
2016-09-30 22:05 - 2016-09-25 08:02 - 02279528 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-09-30 22:05 - 2016-09-25 08:02 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-07-27 03:41 - 2016-09-13 18:15 - 00998064 _____ () E:\Program Files (x86)\EagleGet\util.dll
2016-07-27 03:41 - 2014-07-17 15:13 - 00397312 _____ () E:\Program Files (x86)\EagleGet\sqlite3.dll
2016-07-27 05:27 - 2016-07-11 04:13 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2016-07-27 05:33 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-07-27 03:41 - 2016-09-13 18:15 - 00225968 _____ () E:\Program Files (x86)\EagleGet\CrashRpt.dll
2016-07-27 03:41 - 2013-09-15 10:31 - 00053760 _____ () E:\Program Files (x86)\EagleGet\zlib.dll
2016-07-27 03:41 - 2016-09-13 18:15 - 00851120 _____ () E:\Program Files (x86)\EagleGet\ssl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-318700280-1262799068-3410121159-1000\...\sharepoint.com -> hxxps://universityoftripoli.sharepoint.com
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2016-07-27 13:30 - 00000914 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 http://www.drivertoolkit.com
127.0.0.1 www.drivertoolkit.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-318700280-1262799068-3410121159-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\moez\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: CCleaner Monitoring => "E:\Program Files (x86)\cc\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GrooveMonitor => "E:\Program Files (x86)\Microsoft Office2\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: Steam => "e:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{812EA6CF-5912-443D-8F3A-7B3836BE3831}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3AD5889F-8C81-4087-AD31-F141BA5CF7FD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8A410AD7-9EB7-46A6-BAF3-97858AFD6803}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E5340127-D228-400E-8E3E-53E123B98AF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EEEF50AB-A7A9-45E0-AC2E-F31902AFAB73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{0F3E3081-97EE-48CB-9C05-F2F7E8B3CB97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ABE4F214-ADA3-45F6-B1A8-1C72ED6A234E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F395F1E3-1792-4420-AA98-33E69CAE77A9}] => (Allow) E:\Program Files (x86)\firefox\firefox.exe
FirewallRules: [{976CA5BD-A348-4DCE-9487-71C2EE4FC5A7}] => (Allow) E:\Program Files (x86)\firefox\firefox.exe
FirewallRules: [{8FF16FAA-4FA3-419D-B48B-733659EB6963}] => (Allow) H:\mHotspot[1].exe
FirewallRules: [{84BA13EA-8E65-4FF1-8536-5F4525AAE49C}] => (Allow) H:\mHotspot[1].exe
FirewallRules: [{6F6C2143-3FD6-4B1E-8877-03257E33B924}] => (Allow) E:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [{8986B0EA-2FE7-455E-9980-1171E267256F}] => (Allow) E:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [{7307422C-7755-4114-A82D-8AD66149D7AF}] => (Allow) E:\Program Files (x86)\SHAREit\SHAREit.exe
FirewallRules: [{18988754-EF32-4854-92C6-7E2040B44C9E}] => (Allow) E:\Program Files (x86)\SHAREit\SHAREit.exe
FirewallRules: [{B8DED375-95DA-4158-937F-51120C3AB130}] => (Block) e:\Program Files (x86)\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{C523FE7E-FBED-4E29-AB3A-54782163AA59}] => (Block) e:\Program Files (x86)\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{1A6A995D-F898-46A3-8EFF-EF0DA43AA429}] => (Allow) C:\Windows\System32\wuapp.exe
FirewallRules: [{2FC615F3-AE33-4E22-95A2-137A267F21D7}] => (Allow) C:\Windows\System32\wuapp.exe
FirewallRules: [{C5879CB9-A362-48C4-AB68-F1C8F306117D}] => (Allow) C:\Windows\System32\wuapp.exe
FirewallRules: [{2C075D4E-5821-4315-AE21-0487F84B3B30}] => (Allow) C:\Windows\System32\wuapp.exe
FirewallRules: [{9B69C288-C410-4BC2-8E37-A6FAD97710F2}] => (Allow) E:\game\raplz\Launcher.exe
FirewallRules: [{C2ECCE93-C573-4255-B7AA-ECEA3C198E48}] => (Allow) E:\game\raplz\Launcher.exe
FirewallRules: [{9BA5C68F-978F-4787-9212-23C74E568E8B}] => (Allow) E:\game\raplz\Launcher.exe
FirewallRules: [{9A2BE666-6F55-4D1B-A298-68EB3D439DCD}] => (Allow) E:\game\raplz\Launcher.exe
FirewallRules: [TCP Query User{F6D47A95-7FB8-448C-9155-4DED4D6E43D8}C:\users\moez\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\moez\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{49FE9B4C-2FC7-483F-9FC4-F7307ECBC66D}C:\users\moez\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\moez\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{66C6D9BE-7C82-410A-9EF6-A87A348D1B79}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B91AD09C-AFFE-43A7-9706-03206505A141}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{568602DF-B816-4F2B-BF8F-61212B07BBAB}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{735E310B-0924-40DF-A6B3-9EE5E15C2334}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A13636F4-1BC7-425E-B121-0DCD0605A613}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{950B3EC9-63C6-454D-A3C0-964E1CFA6D71}] => (Allow) E:\Program Files (x86)\office\Office15\lync.exe
FirewallRules: [{6AA1C4AA-54F6-4179-8857-AFCD1C0AE73F}] => (Allow) E:\Program Files (x86)\office\Office15\lync.exe
FirewallRules: [{42FEF501-03F1-494F-A802-97E3D2131D1A}] => (Allow) E:\Program Files (x86)\office\Office15\UcMapi.exe
FirewallRules: [{08585DD9-773D-4F7D-BA1E-9123BC57F9F1}] => (Allow) E:\Program Files (x86)\office\Office15\UcMapi.exe
FirewallRules: [{B538E4FF-88F1-4331-B8CC-481DC0A16DE5}] => (Allow) E:\Program Files (x86)\office\Office15\outlook.exe
FirewallRules: [{C7224DC9-287B-4B08-8528-E8C14F335154}] => (Allow) E:\Program Files (x86)\Microsoft Office2\Office12\outlook.exe
FirewallRules: [{EFCF3611-F32F-472C-8479-3460FD0FF576}] => (Allow) E:\Program Files (x86)\Microsoft Office2\Office12\GROOVE.EXE
FirewallRules: [{15E82A01-E1E4-4D19-9CF2-ACE64FB3B37C}] => (Allow) E:\Program Files (x86)\Microsoft Office2\Office12\GROOVE.EXE
FirewallRules: [{B48695C2-1132-4D28-973D-70B5CBA8281B}] => (Allow) E:\Program Files (x86)\Microsoft Office2\Office12\ONENOTE.EXE
FirewallRules: [{4851C370-5F31-4CE5-8039-31FA97497D96}] => (Allow) E:\Program Files (x86)\Microsoft Office2\Office12\ONENOTE.EXE
==================== Restore Points =========================
11-10-2016 19:43:22 Windows Update
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Realtek Bluetooth 4.0 Adapter
Description: Realtek Bluetooth 4.0 Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Realtek Semiconductor Corp.
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (10/14/2016 04:53:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: eagleget_setup.tmp, version: 51.1052.0.0, time stamp: 0x5707a959
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17514, time stamp: 0x4ce7bafa
Exception code: 0x0eedfade
Fault offset: 0x0000b727
Faulting process id: 0x186c
Faulting application start time: 0x01d2262ab76a074d
Faulting application path: C:\Users\moez\AppData\Local\Temp\is-LA02B.tmp\eagleget_setup.tmp
Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
Report Id: f6d3738a-921d-11e6-9308-8d5f799c8a84
Error: (10/14/2016 04:52:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: eagleget_setup.tmp, version: 51.1052.0.0, time stamp: 0x5707a959
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17514, time stamp: 0x4ce7bafa
Exception code: 0x0eedfade
Fault offset: 0x0000b727
Faulting process id: 0xee8
Faulting application start time: 0x01d2262a821a1797
Faulting application path: C:\Users\moez\AppData\Local\Temp\is-GIRUT.tmp\eagleget_setup.tmp
Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
Report Id: c6cda847-921d-11e6-9308-8d5f799c8a84
Error: (10/14/2016 03:34:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: lrio.exe, version: 2.1.28.29072, time stamp: 0x56eb23b9
Faulting module name: lrio.exe, version: 2.1.28.29072, time stamp: 0x56eb23b9
Exception code: 0x40000015
Fault offset: 0x00000000000a72be
Faulting process id: 0xa00
Faulting application start time: 0x01d2261fb82d3036
Faulting application path: C:\Program Files\Intel\Telemetry 2.0\lrio.exe
Faulting module path: C:\Program Files\Intel\Telemetry 2.0\lrio.exe
Report Id: f756fa74-9212-11e6-9308-8d5f799c8a84
Error: (10/14/2016 03:26:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/14/2016 01:04:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.2.1.0, time stamp: 0x00000004
Faulting module name: libqt4_plugin.dll, version: 2.2.1.0, time stamp: 0x00020002
Exception code: 0x40000015
Fault offset: 0x007ca10a
Faulting process id: 0x1410
Faulting application start time: 0x01d225a60e0feaa7
Faulting application path: e:\Program Files (x86)\VideoLAN\VLC\vlc.exe
Faulting module path: e:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
Report Id: 63fec93b-9199-11e6-a480-c2125f23b689
Error: (10/13/2016 07:33:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/13/2016 02:54:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: lrio.exe, version: 2.1.28.29072, time stamp: 0x56eb23b9
Faulting module name: lrio.exe, version: 2.1.28.29072, time stamp: 0x56eb23b9
Exception code: 0x40000015
Fault offset: 0x00000000000a72be
Faulting process id: 0x1994
Faulting application start time: 0x01d22550fc2112ff
Faulting application path: C:\Program Files\Intel\Telemetry 2.0\lrio.exe
Faulting module path: C:\Program Files\Intel\Telemetry 2.0\lrio.exe
Report Id: 3ae19292-9144-11e6-ac50-8c5eb59fea84
Error: (10/13/2016 02:46:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/13/2016 02:13:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/12/2016 10:00:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (10/14/2016 03:25:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
VBoxNetAdp
Error: (10/14/2016 03:24:43 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (10/13/2016 07:32:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/13/2016 07:32:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
Error: (10/13/2016 07:32:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
VBoxNetAdp
Error: (10/13/2016 07:31:50 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (10/13/2016 07:31:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 07:30:17 م on 13/10/2016 was unexpected.
Error: (10/13/2016 07:30:21 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (10/13/2016 07:30:17 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 04:39:31 م on 13/10/2016 was unexpected.
Error: (10/13/2016 02:44:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
VBoxNetAdp
CodeIntegrity:
===================================
Date: 2016-10-14 00:34:36.524
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-14 00:34:36.521
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-14 00:34:36.517
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-14 00:34:36.481
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-14 00:34:36.478
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-14 00:34:36.475
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-13 01:01:41.130
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-13 01:01:41.127
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-13 01:01:41.124
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-10-13 01:01:41.063
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 71%
Total physical RAM: 3990.59 MB
Available physical RAM: 1124.4 MB
Total Virtual: 7979.37 MB
Available Virtual: 4241.06 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:149.9 GB) (Free:67.58 GB) NTFS
Drive d: () (Fixed) (Total:228.15 GB) (Free:17.04 GB) NTFS
Drive e: () (Fixed) (Total:212 GB) (Free:12.8 GB) NTFS
Drive f: () (Fixed) (Total:312.49 GB) (Free:10.2 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 21577EA3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=312.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=469 GB) - (Type=OF Extended)
==================== End of Addition.txt ============================