Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2016
Ran by عبد الحميد (22-09-2016 19:22:55)
Running from C:\Users\عبد الحميد\Desktop
Windows 10 Pro Version 1607 (X64) (2016-08-05 04:58:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2279458511-3506189702-3996239974-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2279458511-3506189702-3996239974-503 - Limited - Disabled)
Guest (S-1-5-21-2279458511-3506189702-3996239974-501 - Limited - Disabled)
hvvcirrjwz (S-1-5-21-2279458511-3506189702-3996239974-1003 - Limited - Disabled)
عبد الحميد (S-1-5-21-2279458511-3506189702-3996239974-1001 - Administrator - Enabled) => C:\Users\عبد الحميد
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 9.0.402.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 9.0.402.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: جدار الحماية الشخصي ESET (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{B0B387B2-B1E4-43F2-961D-08ABFD759E1A}) (Version: 12.1.9.160 - Adobe Systems, Inc)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.4.0 - IObit)
AIDA64 Extreme v5.75 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.75 - FinalWire Ltd.)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.4.0 - Sereby Corporation)
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Any Video Converter Ultimate 5.9.2 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 16 (HKLM-x32\...\{91B33C97-A730-69CE-7A4F-4ADF378BB993}_is1) (Version: 16.0.7 - Ashampoo GmbH & Co. KG)
Assassin s Creed Syndicate v.1.12 (HKLM-x32\...\Assassin s Creed Syndicate_is1) (Version: - )
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.911.151222 - )
Batman - The Telltale Series (HKLM-x32\...\2140144872_is1) (Version: 2.0.0.3 - GOG.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
CLICKBIOSII (HKLM-x32\...\{EBCB111F-4907-4B28-BD03-F5BD901106D2}_is1) (Version: 1.0.123 - MSI)
ControlCenter (HKLM-x32\...\{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1) (Version: 2.5.060 - MSI)
CrystalDiskInfo 7.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.0 - Crystal Dew World)
CyberLink Combo MPEG-2/H.264/H.265/VC1 Video Decoder (HKLM-x32\...\clcvd) (Version: 2014/03/17, 2.0.1660 - CyberLink Corp.)
DemuxToyLite (HKLM-x32\...\{AEFA7193-9D49-41A4-BFB7-3EDD1F15D6C6}) (Version: 1.2.4 - Altais Digital)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DLL Care 1.0 (HKLM-x32\...\{3CAE913B-C6FB-43FD-B807-62829DF66173}_is1) (Version: 1.0.0.0 - )
Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
DVB Dream version 3.0 Trial (HKLM-x32\...\DVB Dream_is1) (Version: - )
DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 5.6.0 - CM&V)
EasiestSoft Movie Editor 4.8.1 (HKLM-x32\...\{8BB65DEC-BE2C-EB66-7595-ADAE2D710380}_is1) (Version: 4.8.1 - EasiestSoft International LLC.)
Elecard AVC HD Player (HKLM-x32\...\Elecard AVC HD Player 5.8.121004) (Version: 5.8.121004 - Elecard)
Elecard AVC PlugIn for MPEG Player (HKLM-x32\...\Elecard AVC PlugIn for MPEG Player 2.0.60823) (Version: 2.0.60823 - Elecard)
Elecard AVC PlugIn for ProgDVB (HKLM\...\Elecard AVC PlugIn for ProgDVB 3.2.160321 (x64)) (Version: 3.2.160321 - Elecard)
Elecard AVC PlugIn for WMP (HKLM\...\Elecard AVC PlugIn for WMP 3.3.160321 (x64)) (Version: 3.3.160321 - Elecard)
Elecard AVC PlugIn for WMP (HKLM-x32\...\Elecard AVC PlugIn for WMP 3.3.160321) (Version: 3.3.160321 - Elecard)
Elecard HEVC PlugIn (HKLM-x32\...\Elecard HEVC PlugIn 1.0.140801) (Version: 1.0.140801 - Elecard)
Elecard MPEG Player (HKLM-x32\...\Elecard MPEG Player 6.0.130902) (Version: 6.0.130902 - Elecard)
Elecard MPEG-2 Decoder&Streaming Plug-in for WMP (HKLM-x32\...\Elecard MPEG-2 Decoder&Streaming Plug-in for WMP 3.4.61129) (Version: 3.4.61129 - Elecard)
Elecard MPEG-2 PlugIn for WMP (HKLM\...\Elecard MPEG-2 PlugIn for WMP 5.3.160321 (x64)) (Version: 5.3.160321 - Elecard)
ESET Smart Security (HKLM\...\{90174CED-A8D5-44AF-A0DC-F42DCB348BE5}) (Version: 9.0.375.1 - ESET, spol. s r.o.)
Fix My Browsers (HKLM-x32\...\{D61EAB8D-2488-46C8-A0EA-54C225225B6A}) (Version: 2.0 - AE Technology)
FormatFactory 3.9.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.9.0.0 - Free Time)
Freemake Video Converter version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Chrome (HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Grand Theft Auto V version v.1.0.350.1 (HKLM-x32\...\Grand Theft Auto V_is1) (Version: v.1.0.350.1 - GMT-MAX.ORG)
HD Pack 2.7 (HKLM-x32\...\HD Pack 2.7) (Version: - )
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Hola™ 1.16.66 - Better Internet (HKLM\...\Hola) (Version: 1.16.66 - Hola Networks Ltd.) <==== ATTENTION
Hotspot Shield 6.20.5 (HKLM-x32\...\HotspotShield) (Version: 6.20.5 - AnchorFree Inc.)
Hotspot Shield 6.20.5 Embedded (x32 Version: 6.20.5.9833 - Buildbot) Hidden
Intel(R) Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.4.0.125 - IObit)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
K-Lite Codec Pack 12.3.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.3.5 - KLCP)
Kolor Eyes 1.6 (HKLM\...\Kolor Eyes 1.6) (Version: V1.6.2 - Kolor)
MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: 1.5.0.2 - MainConcept GmbH)
MainConcept MPEG Pro HD (HKLM-x32\...\MainConcept MPEG Pro HD) (Version: 4.0.0.0 - MainConcept GmbH)
Mainconcept TotalCode Studio v3.5.0 CE (HKLM\...\TotalCode Studio_is1) (Version: 3.5.0 - Team V.R)
Media Preview (HKLM\...\{C09D36CF-DA45-492C-81EE-FBAD780002B3}) (Version: 1.4.3.429 - BabelSoft)
MEGA Link Downloader version 2.0.0 (HKLM-x32\...\{FF96FE94-6FCA-4026-BA7C-C86171F621DA}_is1) (Version: 2.0.0 - Shinchiro)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x64 ar) (HKLM\...\Mozilla Firefox 48.0.2 (x64 ar)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MPEG2 Decoders (HKLM-x32\...\MPEG2_Decoders) (Version: - )
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.021 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.07 - MSI)
NVIDIA GeForce Experience 3.0.6.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.6.48 - NVIDIA Corporation)
NVIDIA برامج تشغيل 3D Vision 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation)
NVIDIA برنامج تشغيل الرسومات 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation)
NVIDIA برنامج تشغيل صوت HD 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA برنامج تشغيل مراقب 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA برنامج نظام PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.6.48 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
ONE PIECE BURNING BLOOD (HKLM-x32\...\ONE PIECE BURNING BLOOD_is1) (Version: - )
Opera developer 41.0.2349.0 (HKLM-x32\...\Opera 41.0.2349.0) (Version: 41.0.2349.0 - Opera Software)
PAYDAY 2 Demo (HKLM\...\Steam App 251040) (Version: - OVERKILL - a Starbreeze Studio.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Pro Evolution Soccer 2016 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
Pro Evolution Soccer 2017 Demo (HKLM\...\Steam App 499050) (Version: - Konami Digital Entertainment)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
Prog Finder (HKLM\...\ProgSatFinder) (Version: 1.0 - Prog)
ProgDVB Elecard edition (HKLM-x32\...\ProgDVB Elecard edition 1.0.61117) (Version: 1.0.61117 - Elecard)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7746 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
SageThumbs 2.0.0.19 (HKLM\...\SageThumbs) (Version: 2.0.0.19 - Cherubic Software)
SHIELD Streaming (Version: 7.1.0310 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.6.48 - NVIDIA Corporation) Hidden
SkyGrabber v3.2 (HKLM-x32\...\SkyGrabber_is1) (Version: - )
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SMADAV version 10.9 (HKLM-x32\...\{8B9FA5FF-3E61-4658-B0DA-E6DDB46D6BAD}_is1) (Version: 10.9 - Smadsoft)
Snagit 10 (HKLM-x32\...\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}) (Version: 10.0.0 - TechSmith Corporation)
Star(dvb) Codecs V3.7.0 (HKLM\...\{CA1B9ABE-0C40-43E0-8965-0DA206D56EBD}_is1) (Version: 3.7 - Stardvb, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Street Fighter V (HKLM\...\c3RyZWV0ZmlnaHRlcnY_is1) (Version: 1 - )
TechniSat DVB-PC TV Star (HKLM-x32\...\{D032A7F0-8B5C-4603-8B46-235025D5F9C1}) (Version: 4.7 - TechniSat)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
TotalCode Studio (HKLM-x32\...\{8DBD71B0-B612-4B5C-93A7-21ACC4250A09}) (Version: 3.2.0.0 - MainConcept GmbH)
TSReader 2.8.47c (HKLM-x32\...\TSReader_is1) (Version: 2.8.47c - COOL.STF)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
USB Disk Security (HKLM-x32\...\USB Disk Security_is1) (Version: - Zbshareware Lab)
VideoGenie (HKLM-x32\...\{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1) (Version: 1.0.0.12 - MSI)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware Workstation (HKLM\...\{F4C0A853-FA3B-4404-954B-799299EB5A98}) (Version: 12.1.1 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.7.4 - X Codec Pack team)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
تحديثات NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden
دعم تطبيق Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
لوحة تحكم NVIDIA 372.70 (Version: 372.70 - NVIDIA Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\عبد الحميد\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\عبد الحميد\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\عبد الحميد\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {038A7E88-1AB3-405C-9562-0FFD42D4BA4F} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-07-20] (IObit)
Task: {0C82FE3A-2158-4C19-9654-4D998C592BA2} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-05-18] (IObit)
Task: {19E99F05-B6C0-4495-9ED9-310FB1A42771} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-17] (NVIDIA Corporation)
Task: {1AADEAEE-1398-44A2-93F2-2A7F2B627466} - System32\Tasks\smadav => C:\Program Files (x86)\Smadav\SMΔRTP.exe [2016-07-28] (Smadsoft)
Task: {1FB6CE74-773B-48DC-A2C8-D47BC46C9149} - System32\Tasks\Opera scheduled Autoupdate 1461332282 => C:\Program Files (x86)\Opera developer\launcher.exe [2016-09-12] (Opera Software)
Task: {2D30DCB0-5476-4018-A27D-B8FBE1383BD4} - System32\Tasks\ASC9_SkipUac_عبد الحميد => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-07-28] (IObit)
Task: {48844B39-188B-45B1-BCBB-05FDEB35BCEC} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\عبد الحميد\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-26] (Microsoft Corporation)
Task: {58321E95-9882-4D5D-BA99-C3F29A85D750} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd)
Task: {594B2336-6580-4AFC-89F5-4F83770E387E} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {7034C55F-7E01-42F4-A6B0-60339397D158} - System32\Tasks\Driver Booster SkipUAC (عبد الحميد) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-05-23] (IObit)
Task: {7E6A1136-5D75-4FD5-8408-96D6BBF67702} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-17] (NVIDIA Corporation)
Task: {A02A3927-CF20-475A-8149-9C6EA1804088} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {A733EC3F-67DD-429B-A85F-E5FA6389F12B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-17] (NVIDIA Corporation)
Task: {B9619C7F-3286-4BE6-8170-E85FB762F4D6} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-17] (NVIDIA Corporation)
Task: {CE0AEC3B-F8A1-4343-BECE-35F886381A10} - System32\Tasks\Uninstaller_SkipUac_عبد_الحميد => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-06-24] (IObit)
Task: {D1B3FAB6-7145-4E08-919B-E0D02047E1E3} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
Task: {DFA149D5-F768-472B-888F-6D82A58A8ACD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-17] (NVIDIA Corporation)
Task: {F1F3EBC0-2BBB-4F21-A6AE-B72BA97CBC78} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-21] (Adobe Systems Incorporated)
Task: {F321D68A-43A4-4E65-8081-1DE5B3DD5329} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-08-15] ()
Task: {FCC26672-487F-43A7-A3D2-5D28D1441828} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-17] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_عبد الحميد.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_عبد_الحميد.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\عبد الحميد\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com/
Shortcut: C:\Users\عبد الحميد\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/forum
Shortcut: C:\Users\عبد الحميد\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com/
ShortcutWithArgument: C:\Users\عبد الحميد\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\تطبيقات Chrome\_Hotspot Shield Free VPN Proxy – Unblock Sites_.lnk -> C:\Users\عبد الحميد\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=heajfgnegopeedndeahkdjedjkjcmnpb
==================== Loaded Modules (Whitelisted) ==============
2016-09-09 16:34 - 2016-09-17 02:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-09 16:34 - 2016-09-17 02:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-09 16:34 - 2016-09-17 02:46 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-16 16:43 - 2016-09-07 06:44 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-30 20:39 - 2016-08-25 22:12 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-16 16:43 - 2016-09-07 06:44 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-16 16:43 - 2016-09-07 06:44 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-26 20:05 - 2016-08-26 20:05 - 01864384 _____ () C:\Users\عبد الحميد\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-21 19:43 - 2016-07-21 19:43 - 00592384 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-16 16:43 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-16 16:43 - 2016-09-07 05:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-16 16:43 - 2016-09-07 05:57 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-09-16 16:42 - 2016-09-07 05:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-16 16:42 - 2016-09-07 05:35 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-16 16:42 - 2016-09-07 05:35 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-16 16:42 - 2016-09-07 05:35 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-16 16:42 - 2016-09-07 05:40 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-06 17:41 - 2016-01-06 17:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-08-05 17:52 - 2016-08-05 17:52 - 00046592 _____ () C:\Program Files\CCleaner\lang\lang-1025.dll
2016-08-30 16:34 - 2016-08-30 16:35 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-30 16:34 - 2016-08-30 16:35 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-30 16:34 - 2016-08-30 16:35 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-08-16 12:59 - 2016-08-16 13:01 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-16 12:59 - 2016-08-16 13:01 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 20:10 - 2016-06-03 20:11 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-04-02 23:45 - 2016-04-02 23:47 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-04-15 00:56 - 2015-12-28 06:49 - 00629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-09-09 22:20 - 2016-09-09 22:20 - 00166520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2016-08-04 20:04 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2016-04-14 17:16 - 2016-04-14 17:16 - 01309768 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2016-09-09 16:34 - 2016-09-17 02:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-15 17:07 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2016-08-15 17:07 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2016-08-15 17:07 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2016-09-09 16:34 - 2016-09-15 19:50 - 00502328 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-09 16:34 - 2016-09-15 19:50 - 00257592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-09 16:34 - 2016-09-15 19:50 - 02799552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-09 16:34 - 2016-09-15 19:50 - 00246328 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-09 16:34 - 2016-09-15 19:50 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-09 16:34 - 2016-09-15 19:50 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-09 16:34 - 2016-09-15 19:50 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-08-26 20:05 - 2016-08-26 20:05 - 01383616 _____ () C:\Users\عبد الحميد\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-26 20:05 - 2016-08-26 20:05 - 00118976 _____ () C:\Users\عبد الحميد\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-09-09 16:34 - 2016-09-17 02:45 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-05-22 15:58 - 2011-04-08 10:36 - 00120320 _____ () C:\Program Files (x86)\TechniSat DVB\bin\LIBBZ2.dll
2016-07-21 19:43 - 2016-07-21 19:43 - 00564224 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2016-08-15 17:07 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
2016-08-15 17:07 - 2015-12-28 13:49 - 00629536 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
2016-09-19 19:21 - 2013-06-26 08:44 - 00032768 _____ () C:\Program Files (x86)\USB Disk Security\locales\arabic.dll
2016-07-21 19:42 - 2016-07-21 19:42 - 00482304 _____ () C:\ProgramData\MEGAsync\libsodium.dll
2016-08-15 17:07 - 2015-12-28 13:50 - 01293088 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\Scan.dll
2016-08-15 17:07 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-08-15 17:07 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: SageThumbsImage.scr => "%1" /S <===== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\hola.org -> hxxp://hola.org
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\...\100sexlinks.com -> 100sexlinks.com
There are 4790 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-09-20 03:27 - 2016-09-20 03:40 - 00001670 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2279458511-3506189702-3996239974-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\عبد الحميد\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "IntelTBRunOnce"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{09F0794A-8095-41F2-9DF6-75B5463A6AF5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{56F4E078-4ECA-4090-AF4B-736D2E883117}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{AC4A2639-F8F8-4E40-912B-A7DD95CE48DA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{D593750A-FB76-4025-BF3E-A2F46831E3FC}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{17CEABBA-1940-438A-B038-10403698D2D9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{6EEB937F-5370-4E66-9876-775672D83E73}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{AC67B441-5019-4AE0-ABBA-B7EA48C8D33C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{BCCD2518-2A69-4B82-BBA8-6895BF7AB960}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{88F3F5D8-7671-4AAB-87A4-0A281BA83C14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{22580251-68DE-4424-AE63-63883B404F7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C0826546-9901-4CFD-AD8D-17847DF1E99D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F018BE3E-EB4E-44AC-9F22-B4486462CDBB}] => (Allow) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
==================== Restore Points =========================
19-09-2016 22:52:29 Revo Uninstaller Pro's restore point - Oracle VM VirtualBox 5.1.6
19-09-2016 22:54:37 Installed VMware Workstation
21-09-2016 00:53:02 Driver Booster : Périphérique d’entrée USB
21-09-2016 01:46:54 Revo Uninstaller Pro's restore point - AIDA64 Extreme v5.70
==================== Faulty Device Manager Devices =============
Name: TechniSat SkyStar 2 eXpress HD
Description: TechniSat SkyStar 2 eXpress HD
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: TechniSat
Service: SkyNetNXPBDA_AMD64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/22/2016 08:31:19 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Error: (09/22/2016 08:12:30 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « WmiApRpl » dans la DLL « C:\WINDOWS\system32\wbem\wmiaprpl.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Error: (09/22/2016 08:12:29 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code d’état.
Error: (09/22/2016 08:12:29 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « MSDTC » dans la DLL « C:\WINDOWS\system32\msdtcuiu.DLL ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Error: (09/22/2016 08:12:29 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « Lsa » dans la DLL « C:\Windows\System32\Secur32.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Error: (09/22/2016 08:12:29 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « ESENT » dans la DLL « C:\WINDOWS\system32\esentprf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Error: (09/22/2016 08:12:29 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Error: (09/22/2016 06:52:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: اسم التطبيق الذي يحتوي على أخطاء: OneDrive.exe، الإصدار: 17.3.6517.809، الطابع الزمني: 0x57aa2140
اسم الوحدة النمطية التي تحتوي على أخطاء: KERNELBASE.dll، الإصدار: 10.0.14393.187، الطابع الزمني: 0x57cf98b1
رمز الاستثناء: 0x80000003
إزاحة الخطأ: 0x00154ce2
معرّف العملية التي تحتوي على أخطاء: 0x1fe8
وقت بدء تشغيل التطبيق الذي يحتوي على أخطاء: 0x01d2148ce3304259
مسار التطبيق الذي يحتوي على أخطاء: C:\Users\عبد الحميد\AppData\Local\Microsoft\OneDrive\OneDrive.exe
مسار الوحدة النمطية التي تحتوي على أخطاء: C:\WINDOWS\System32\KERNELBASE.dll
معرف التقرير: e82a4d8b-5ddb-4869-9826-eae2a3fb4fdf
الاسم الكامل للحزمة التي تحتوي على أخطاء:
معرف التطبيق المرتبط بالحزمة التي تحتوي على أخطاء:
Error: (09/22/2016 03:55:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: اسم التطبيق الذي يحتوي على أخطاء: DllHost.exe، الإصدار: 10.0.14393.0، الطابع الزمني: 0x57899b69
اسم الوحدة النمطية التي تحتوي على أخطاء: shcore.dll، الإصدار: 10.0.14393.0، الطابع الزمني: 0x57899893
رمز الاستثناء: 0xc00000fd
إزاحة الخطأ: 0x000000000001d473
معرّف العملية التي تحتوي على أخطاء: 0x257c
وقت بدء تشغيل التطبيق الذي يحتوي على أخطاء: 0x01d2147cb71d73a8
مسار التطبيق الذي يحتوي على أخطاء: C:\WINDOWS\system32\DllHost.exe
مسار الوحدة النمطية التي تحتوي على أخطاء: C:\WINDOWS\System32\shcore.dll
معرف التقرير: df8ec3ac-0d6e-4f0f-8186-8a35fa90104d
الاسم الكامل للحزمة التي تحتوي على أخطاء:
معرف التطبيق المرتبط بالحزمة التي تحتوي على أخطاء:
Error: (09/22/2016 03:53:33 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « WmiApRpl » dans la DLL « C:\WINDOWS\system32\wbem\wmiaprpl.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
System errors:
=============
Error: (09/22/2016 04:36:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: تم إنهاء خدمة CDPUserSvc_1924afc بسبب الخطأ التالي:
Erreur non spécifiée
Error: (09/22/2016 07:04:42 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: تم إنهاء خدمة CDPUserSvc_37f9b بسبب الخطأ التالي:
Erreur non spécifiée
Error: (09/22/2016 07:03:40 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\7074~1\AppData\Local\Temp\catchme.sys
Error: (09/22/2016 07:03:40 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\7074~1\AppData\Local\Temp\catchme.sys
Error: (09/22/2016 06:59:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: تم إنهاء خدمة CDPUserSvc_451f8 بسبب الخطأ التالي:
Erreur non spécifiée
Error: (09/22/2016 06:59:12 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a36\SystemRoot\System32\Config\SOFTWARE
Error: (09/22/2016 06:58:43 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N9MM99F)
Description: Le serveur {9BA05972-F6A8-11CF-A442-00A0C90A8F39} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (09/22/2016 06:56:44 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\7074~1\AppData\Local\Temp\catchme.sys
Error: (09/22/2016 05:50:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: تم إنهاء خدمة CDPUserSvc_53edb بسبب الخطأ التالي:
Erreur non spécifiée
Error: (09/22/2016 05:50:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة KMS-R@1n بسبب الخطأ التالي:
Le fichier spécifié est introuvable.
CodeIntegrity:
===================================
Date: 2016-09-22 07:03:40.144
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\عبد الحميد\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-09-22 07:03:40.139
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\عبد الحميد\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-09-22 06:56:44.420
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\عبد الحميد\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-09-18 03:13:33.702
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-09-16 17:53:40.897
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-09-15 03:10:21.161
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 27%
Total physical RAM: 8137.9 MB
Available physical RAM: 5940.02 MB
Total Virtual: 26566.9 MB
Available Virtual: 22898.07 MB
==================== Drives ================================
Drive c: (Windows 10 Pr ) (Fixed) (Total:238.03 GB) (Free:72.94 GB) NTFS
Drive d: (Hamid 4) (Fixed) (Total:976.56 GB) (Free:458.47 GB) NTFS
Drive e: (Hamid 2) (Fixed) (Total:195.31 GB) (Free:120.6 GB) NTFS
Drive f: (Hamid 7) (Fixed) (Total:194.82 GB) (Free:151.51 GB) NTFS
Drive g: (Games) (Fixed) (Total:345.57 GB) (Free:139.93 GB) NTFS
Drive h: (Hamid 3) (Fixed) (Total:390.62 GB) (Free:48.08 GB) NTFS
Drive i: (Hamid 5) (Fixed) (Total:437.23 GB) (Free:202.21 GB) NTFS
Drive j: (Hamid 6) (Fixed) (Total:449.22 GB) (Free:59.33 GB) NTFS
Drive k: (Hamid 1) (Fixed) (Total:736.2 GB) (Free:72.46 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A087556D)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=194.8 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=345.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=390.6 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: AF7FE417)
Partition 1: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=437.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449.2 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5D3EF16B)
Partition 1: (Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=736.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================