Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-04-2017
Ran by منير (29-04-2017 12:13:59)
Running from C:\Users\منير\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2017-04-17 19:32:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3139794459-3927556288-4145378674-500 - Administrator - Disabled)
Guest (S-1-5-21-3139794459-3927556288-4145378674-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3139794459-3927556288-4145378674-1002 - Limited - Enabled)
منير (S-1-5-21-3139794459-3927556288-4145378674-1000 - Administrator - Enabled) => C:\Users\منير
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.02 (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
Antirun 2.4 (HKLM\...\Antirun) (Version: 2.4 - Antirun Labs)
Any Data Recovery Pro (HKLM\...\Any Data Recovery Pro) (Version: - Tenorshare, Inc.)
Avira Internet Security (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.15.85 - Avira Operations GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Cela.C.M (HKLM\...\Cela.C.M) (Version: 100.001.010.016 - Huawei Technologies Co.,Ltd)
DLL Suite 9.0 (HKLM\...\{E557052E-9828-40E4-BFF6-311D3E89DB81}_is1) (Version: 9.0.0.0 - )
Google Chrome (HKLM\...\{ABB67988-B698-39BE-99E3-E41B2027AC1F}) (Version: 57.0.2987.133 - Google, Inc.)
Google Update Helper (Version: 1.3.33.3 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
Malwarebytes Anti-Malware النسخة 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.6.01055 - Microsoft Corporation)
MPC-HC 1.7.11 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.11 - MPC-HC Team)
Opera Stable 44.0.2510.1218 (HKLM\...\Opera 44.0.2510.1218) (Version: 44.0.2510.1218 - Opera Software)
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1A227524-246D-4C8F-8B53-F331D7B20E71} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {1ED8F4E9-4A6F-4A11-B342-18A7C8B2C503} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {42024E14-1F3F-452B-ADEB-061381E2E339} - \{006766D1-F9C6-41B2-B5D2-F897F220001E} -> No File <==== ATTENTION
Task: {B4CF486D-F9D0-454F-A73F-20A89A2489EF} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {F235064F-E51F-493F-82A2-3C32375859AD} - \Opera scheduled Autoupdate 1492456237 -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-07-05 00:32 - 2010-07-05 00:32 - 00004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll
2010-07-05 00:32 - 2010-07-05 00:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2010-07-04 22:51 - 2010-07-04 22:51 - 00017408 _____ () C:\Program Files\Unlocker\UnlockerAssistant.exe
2011-12-13 02:30 - 2011-12-13 02:30 - 00641024 _____ () C:\Program Files\Antirun\antirun.exe
2015-08-26 10:44 - 2015-08-26 10:44 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-09-16 22:33 - 2015-09-16 22:33 - 00043008 _____ () C:\Program Files\CCleaner\lang\lang-1025.dll
2017-04-22 23:12 - 2007-09-30 08:29 - 00014848 _____ () C:\Program Files\Cela.C.M_HW\isaputrace.dll
2017-04-22 23:12 - 2007-11-15 06:01 - 00098304 _____ () C:\Program Files\Cela.C.M_HW\DeviceMgrPlugin.dll
2017-04-22 23:12 - 2009-08-05 14:14 - 00131072 _____ () C:\Program Files\Cela.C.M_HW\DetectDev.dll
2017-04-22 23:12 - 2009-08-05 14:14 - 00466944 _____ () C:\Program Files\Cela.C.M_HW\atcomm.dll
2017-04-22 23:12 - 2009-08-05 14:14 - 00053248 _____ () C:\Program Files\Cela.C.M_HW\XCodec.dll
2017-04-22 23:12 - 2007-11-15 06:02 - 00057344 _____ () C:\Program Files\Cela.C.M_HW\ConfigFilePlugin.dll
2017-04-22 23:12 - 2007-11-15 06:05 - 00126976 _____ () C:\Program Files\Cela.C.M_HW\LocaleMgrPlugin.dll
2017-04-22 23:12 - 2010-06-18 10:07 - 00311296 _____ () C:\Program Files\Cela.C.M_HW\libxvi010.dll
2017-04-22 23:12 - 2010-10-29 17:36 - 01109504 _____ () C:\Program Files\Cela.C.M_HW\eap_supplicant.dll
2017-04-22 23:12 - 2009-05-05 09:13 - 00023552 _____ () C:\Program Files\Cela.C.M_HW\NotifyServicePlugin.dll
2017-04-19 02:24 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\منير\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2017-04-19 02:24 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\منير\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 05:04 - 2009-06-11 00:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3139794459-3927556288-4145378674-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\منير\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C512830C-4D13-4D2A-B9DF-DADA05B8D399}] => (Allow) C:\Program Files\Opera\44.0.2510.1218\opera.exe
FirewallRules: [{8CB3832E-4A0F-4854-A928-2C6E377E9B50}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{CD0CC579-CAB0-417D-B832-0CC59C15D2DC}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
==================== Restore Points =========================
25-04-2017 12:35:46 Windows Update
==================== Faulty Device Manager Devices =============
Name: وحدة تحكم التخزين كبير السعة
Description: وحدة تحكم التخزين كبير السعة
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/29/2017 11:47:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/27/2017 08:59:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/27/2017 08:01:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/27/2017 05:39:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/27/2017 02:54:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: اسم التطبيق الذي يحتوي على أخطاء: GoogleUpdate.exe، الإصدار: 1.3.31.5، الطابع الزمني: 0x578890c8
اسم الوحدة النمطية التي تحتوي على أخطاء: ntdll.dll، الإصدار: 6.1.7601.23714، الطابع الزمني: 0x58bf8774
رمز الاستثناء: 0xc0000374
إزاحة الخطأ: 0x000c3b9b
معرّف العملية التي تحتوي على خطأ: 0x97c
وقت بدء تشغيل التطبيق الذي يحتوي على خطأ: 0x01d2bf4c843837af
مسار التطبيق الذي يحتوي على خطأ: C:\Program Files\Google\Update\GoogleUpdate.exe
مسار الوحدة النمطية التي تحتوي على خطأ: C:\Windows\SYSTEM32\ntdll.dll
معرف التقرير: 40fe1c11-2b40-11e7-82c1-001d722bff12
Error: (04/27/2017 02:51:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/27/2017 12:29:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/27/2017 10:34:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/26/2017 11:06:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/26/2017 10:35:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (04/29/2017 11:51:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/29/2017 11:46:47 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 09:59:47 م on 27/04/2017 was unexpected.
Error: (04/27/2017 09:03:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/27/2017 08:05:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/27/2017 07:09:08 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: لم يتم تسجيل الخادم {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} مع DCOM خلال المهلة المطلوبة.
Error: (04/27/2017 05:43:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/27/2017 02:55:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/27/2017 12:33:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/27/2017 10:37:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/26/2017 11:11:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU 550 @ 2.00GHz
Percentage of memory in use: 88%
Total physical RAM: 1014.43 MB
Available physical RAM: 115.61 MB
Total Virtual: 2038.43 MB
Available Virtual: 536.9 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:120.37 GB) (Free:104.06 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (برامج منوعه) (Fixed) (Total:177.62 GB) (Free:128.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8530BB91)
Partition 1: (Not Active) - (Size=86 MB) - (Type=05)
Partition 2: (Active) - (Size=120.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=177.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by منير (29-04-2017 12:13:59)
Running from C:\Users\منير\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2017-04-17 19:32:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3139794459-3927556288-4145378674-500 - Administrator - Disabled)
Guest (S-1-5-21-3139794459-3927556288-4145378674-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3139794459-3927556288-4145378674-1002 - Limited - Enabled)
منير (S-1-5-21-3139794459-3927556288-4145378674-1000 - Administrator - Enabled) => C:\Users\منير
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.02 (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
Antirun 2.4 (HKLM\...\Antirun) (Version: 2.4 - Antirun Labs)
Any Data Recovery Pro (HKLM\...\Any Data Recovery Pro) (Version: - Tenorshare, Inc.)
Avira Internet Security (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.15.85 - Avira Operations GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Cela.C.M (HKLM\...\Cela.C.M) (Version: 100.001.010.016 - Huawei Technologies Co.,Ltd)
DLL Suite 9.0 (HKLM\...\{E557052E-9828-40E4-BFF6-311D3E89DB81}_is1) (Version: 9.0.0.0 - )
Google Chrome (HKLM\...\{ABB67988-B698-39BE-99E3-E41B2027AC1F}) (Version: 57.0.2987.133 - Google, Inc.)
Google Update Helper (Version: 1.3.33.3 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
Malwarebytes Anti-Malware النسخة 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.6.01055 - Microsoft Corporation)
MPC-HC 1.7.11 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.11 - MPC-HC Team)
Opera Stable 44.0.2510.1218 (HKLM\...\Opera 44.0.2510.1218) (Version: 44.0.2510.1218 - Opera Software)
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1A227524-246D-4C8F-8B53-F331D7B20E71} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {1ED8F4E9-4A6F-4A11-B342-18A7C8B2C503} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {42024E14-1F3F-452B-ADEB-061381E2E339} - \{006766D1-F9C6-41B2-B5D2-F897F220001E} -> No File <==== ATTENTION
Task: {B4CF486D-F9D0-454F-A73F-20A89A2489EF} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {F235064F-E51F-493F-82A2-3C32375859AD} - \Opera scheduled Autoupdate 1492456237 -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-07-05 00:32 - 2010-07-05 00:32 - 00004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll
2010-07-05 00:32 - 2010-07-05 00:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2010-07-04 22:51 - 2010-07-04 22:51 - 00017408 _____ () C:\Program Files\Unlocker\UnlockerAssistant.exe
2011-12-13 02:30 - 2011-12-13 02:30 - 00641024 _____ () C:\Program Files\Antirun\antirun.exe
2015-08-26 10:44 - 2015-08-26 10:44 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-09-16 22:33 - 2015-09-16 22:33 - 00043008 _____ () C:\Program Files\CCleaner\lang\lang-1025.dll
2017-04-22 23:12 - 2007-09-30 08:29 - 00014848 _____ () C:\Program Files\Cela.C.M_HW\isaputrace.dll
2017-04-22 23:12 - 2007-11-15 06:01 - 00098304 _____ () C:\Program Files\Cela.C.M_HW\DeviceMgrPlugin.dll
2017-04-22 23:12 - 2009-08-05 14:14 - 00131072 _____ () C:\Program Files\Cela.C.M_HW\DetectDev.dll
2017-04-22 23:12 - 2009-08-05 14:14 - 00466944 _____ () C:\Program Files\Cela.C.M_HW\atcomm.dll
2017-04-22 23:12 - 2009-08-05 14:14 - 00053248 _____ () C:\Program Files\Cela.C.M_HW\XCodec.dll
2017-04-22 23:12 - 2007-11-15 06:02 - 00057344 _____ () C:\Program Files\Cela.C.M_HW\ConfigFilePlugin.dll
2017-04-22 23:12 - 2007-11-15 06:05 - 00126976 _____ () C:\Program Files\Cela.C.M_HW\LocaleMgrPlugin.dll
2017-04-22 23:12 - 2010-06-18 10:07 - 00311296 _____ () C:\Program Files\Cela.C.M_HW\libxvi010.dll
2017-04-22 23:12 - 2010-10-29 17:36 - 01109504 _____ () C:\Program Files\Cela.C.M_HW\eap_supplicant.dll
2017-04-22 23:12 - 2009-05-05 09:13 - 00023552 _____ () C:\Program Files\Cela.C.M_HW\NotifyServicePlugin.dll
2017-04-19 02:24 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\منير\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2017-04-19 02:24 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\منير\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 05:04 - 2009-06-11 00:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3139794459-3927556288-4145378674-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\منير\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C512830C-4D13-4D2A-B9DF-DADA05B8D399}] => (Allow) C:\Program Files\Opera\44.0.2510.1218\opera.exe
FirewallRules: [{8CB3832E-4A0F-4854-A928-2C6E377E9B50}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{CD0CC579-CAB0-417D-B832-0CC59C15D2DC}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
==================== Restore Points =========================
25-04-2017 12:35:46 Windows Update
==================== Faulty Device Manager Devices =============
Name: وحدة تحكم التخزين كبير السعة
Description: وحدة تحكم التخزين كبير السعة
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/29/2017 11:47:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/27/2017 08:59:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/27/2017 08:01:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/27/2017 05:39:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/27/2017 02:54:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: اسم التطبيق الذي يحتوي على أخطاء: GoogleUpdate.exe، الإصدار: 1.3.31.5، الطابع الزمني: 0x578890c8
اسم الوحدة النمطية التي تحتوي على أخطاء: ntdll.dll، الإصدار: 6.1.7601.23714، الطابع الزمني: 0x58bf8774
رمز الاستثناء: 0xc0000374
إزاحة الخطأ: 0x000c3b9b
معرّف العملية التي تحتوي على خطأ: 0x97c
وقت بدء تشغيل التطبيق الذي يحتوي على خطأ: 0x01d2bf4c843837af
مسار التطبيق الذي يحتوي على خطأ: C:\Program Files\Google\Update\GoogleUpdate.exe
مسار الوحدة النمطية التي تحتوي على خطأ: C:\Windows\SYSTEM32\ntdll.dll
معرف التقرير: 40fe1c11-2b40-11e7-82c1-001d722bff12
Error: (04/27/2017 02:51:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/27/2017 12:29:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/27/2017 10:34:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/26/2017 11:06:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/26/2017 10:35:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (04/29/2017 11:51:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/29/2017 11:46:47 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 09:59:47 م on 27/04/2017 was unexpected.
Error: (04/27/2017 09:03:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/27/2017 08:05:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/27/2017 07:09:08 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: لم يتم تسجيل الخادم {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} مع DCOM خلال المهلة المطلوبة.
Error: (04/27/2017 05:43:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/27/2017 02:55:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/27/2017 12:33:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/27/2017 10:37:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
Error: (04/26/2017 11:11:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: تم إنهاء الخدمة Avira Scheduler بشكل غير متوقع. حدث هذا 1 مرة. سيتم اتخاذ الإجراء التصحيحي التالي في غضون 0 مللي ثانية: أعد تشغيل الخدمة.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU 550 @ 2.00GHz
Percentage of memory in use: 88%
Total physical RAM: 1014.43 MB
Available physical RAM: 115.61 MB
Total Virtual: 2038.43 MB
Available Virtual: 536.9 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:120.37 GB) (Free:104.06 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (برامج منوعه) (Fixed) (Total:177.62 GB) (Free:128.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8530BB91)
Partition 1: (Not Active) - (Size=86 MB) - (Type=05)
Partition 2: (Active) - (Size=120.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=177.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================