Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-05-2017
Ran by منير (15-05-2017 00:48:29)
Running from C:\Users\منير\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2017-04-17 19:32:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3139794459-3927556288-4145378674-500 - Administrator - Disabled)
Guest (S-1-5-21-3139794459-3927556288-4145378674-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3139794459-3927556288-4145378674-1002 - Limited - Enabled)
منير (S-1-5-21-3139794459-3927556288-4145378674-1000 - Administrator - Enabled) => C:\Users\منير
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: جدار الحماية الشخصي ESET (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.02 (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
Antirun 2.4 (HKLM\...\Antirun) (Version: 2.4 - Antirun Labs)
Any Data Recovery Pro (HKLM\...\Any Data Recovery Pro) (Version: - Tenorshare, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Cela.C.M (HKLM\...\Cela.C.M) (Version: 100.001.010.016 - Huawei Technologies Co.,Ltd)
ESET Smart Security (HKLM\...\{F0947421-BAE4-4B7D-AE30-7FE45945845B}) (Version: 10.1.204.2 - ESET, spol. s r.o.)
Google Chrome (HKLM\...\{ABB67988-B698-39BE-99E3-E41B2027AC1F}) (Version: 57.0.2987.133 - Google, Inc.)
Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.6.01055 - Microsoft Corporation)
MPC-HC 1.7.11 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.11 - MPC-HC Team)
Notepad++ (32-bit x86) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Opera Stable 44.0.2510.1218 (HKLM\...\Opera 44.0.2510.1218) (Version: 44.0.2510.1218 - Opera Software)
Snagit 12 (Version: 12.2.0 - TechSmith Corporation) Hidden
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{11CD84A3-A5E0-43CB-B3DF-92C623C0E0E0}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{22756E83-8EBC-4B16-A4A4-0AA73BE497B1}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{2A235D7E-0358-40E2-B51A-DE22F8F5C50D}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{56C94D6A-7370-4885-A04E-7097FE4E0BAF}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{672CDBDB-0270-4EB9-83EC-216377522D21}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{841BFDCA-6A9A-4EBC-BC7E-194AA5DCE428}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{94330D48-EB33-49BB-87F1-AD8C0352C010}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{F7CA46A9-ACA5-45A6-967E-03FF5A282D01}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1A227524-246D-4C8F-8B53-F331D7B20E71} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {42024E14-1F3F-452B-ADEB-061381E2E339} - \{006766D1-F9C6-41B2-B5D2-F897F220001E} -> No File <==== ATTENTION
Task: {45513716-478B-4EFA-999E-35015D386516} - System32\Tasks\TechSmith Updater => C:\Program Files\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2014-07-31] (TechSmith Corporation)
Task: {4CDE1B96-8B98-4529-8FA8-A80E4C60699B} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {F235064F-E51F-493F-82A2-3C32375859AD} - \Opera scheduled Autoupdate 1492456237 -> No File <==== ATTENTION
Task: {FBD37A32-4EC4-45B1-9530-27434FD9F0DE} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-05-08 18:19 - 2017-03-22 10:24 - 01736992 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2010-07-04 23:32 - 2010-07-04 23:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2017-03-08 04:42 - 2017-03-08 04:42 - 00267952 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2015-08-26 09:44 - 2015-08-26 09:44 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2017-04-11 00:57 - 2017-04-11 00:57 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1025.dll
2017-05-12 17:40 - 2007-09-30 08:29 - 00014848 _____ () C:\Program Files\Cela.C.M_HW\isaputrace.dll
2017-05-12 17:40 - 2007-11-15 06:01 - 00098304 _____ () C:\Program Files\Cela.C.M_HW\DeviceMgrPlugin.dll
2017-05-12 17:40 - 2009-08-05 14:14 - 00131072 _____ () C:\Program Files\Cela.C.M_HW\DetectDev.dll
2017-05-12 17:40 - 2009-08-05 14:14 - 00466944 _____ () C:\Program Files\Cela.C.M_HW\atcomm.dll
2017-05-12 17:40 - 2009-08-05 14:14 - 00053248 _____ () C:\Program Files\Cela.C.M_HW\XCodec.dll
2017-05-12 17:40 - 2007-11-15 06:02 - 00057344 _____ () C:\Program Files\Cela.C.M_HW\ConfigFilePlugin.dll
2017-05-12 17:40 - 2007-11-15 06:05 - 00126976 _____ () C:\Program Files\Cela.C.M_HW\LocaleMgrPlugin.dll
2017-05-12 17:40 - 2010-06-18 10:07 - 00311296 _____ () C:\Program Files\Cela.C.M_HW\libxvi010.dll
2017-05-12 17:40 - 2010-10-29 17:36 - 01109504 _____ () C:\Program Files\Cela.C.M_HW\eap_supplicant.dll
2017-05-12 17:40 - 2009-05-05 09:13 - 00023552 _____ () C:\Program Files\Cela.C.M_HW\NotifyServicePlugin.dll
2017-04-19 01:24 - 2016-09-06 11:00 - 05197312 _____ () C:\Users\منير\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2017-04-19 01:24 - 2016-09-06 11:00 - 00147456 _____ () C:\Users\منير\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\64856750.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\88772306.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\64856750.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\88772306.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3139794459-3927556288-4145378674-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\منير\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.240.32.5 - 62.68.42.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: DLLSuite2016 => C:\Program Files\DLL Suite\DLLSuite.exe
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C512830C-4D13-4D2A-B9DF-DADA05B8D399}] => (Allow) C:\Program Files\Opera\44.0.2510.1218\opera.exe
FirewallRules: [{8CB3832E-4A0F-4854-A928-2C6E377E9B50}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{CD0CC579-CAB0-417D-B832-0CC59C15D2DC}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{DBA41EBA-DDA0-452E-BAA8-C3EB339887D9}] => (Allow) LPort=8298
==================== Restore Points =========================
08-05-2017 15:50:53 تثبيت حزمة برنامج تشغيل الأجهزة: Connectify Network Service
08-05-2017 15:54:42 تثبيت حزمة برنامج تشغيل الأجهزة: Connectify Network Service
08-05-2017 19:13:32 Snagit 12
08-05-2017 19:50:37 Snagit 12
09-05-2017 21:50:30 Windows Update
10-05-2017 01:28:07 Windows Update
11-05-2017 11:15:30 Windows Update
11-05-2017 16:12:56 Windows Update
11-05-2017 17:32:13 Windows Update
==================== Faulty Device Manager Devices =============
Name: وحدة تحكم التخزين كبير السعة
Description: وحدة تحكم التخزين كبير السعة
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/15/2017 12:00:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/10/2006 12:02:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/14/2017 08:24:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/14/2017 06:42:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/14/2017 06:28:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/14/2017 05:28:32 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhost (2768) An attempt to open the file "C:\Users\منير\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "يتعذر على العملية الوصول إلى الملف لأنه قيد الاستخدام من قبل عملية أخرى. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (05/14/2017 05:23:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: توقف البرنامج Cela.C.M.exe الإصدار 1.0.0.1 عن التفاعل مع Windows وتم إغلاقه. لمعرفة ما إذا كان يتوفر مزيد من المعلومات حول المشكلة، قم بالاطلاع على محفوظات المشكلة في "مركز الصيانة" من لوحة التحكم.
معرّف العملية: 758
وقت بدء التشغيل: 01d2ccc4910a3b48
وقت الإنهاء: 803
مسار التطبيق: C:\Program Files\Cela.C.M_HW\Cela.C.M.exe
معرف التقرير: 2a436167-38b9-11e7-a64c-f83dffbb844d
Error: (05/14/2017 05:10:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/14/2017 02:23:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/14/2017 01:12:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (05/15/2017 12:02:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة خدمة Google Update (gupdate) بسبب الخطأ التالي:
لم تستجب الخدمة لبدء التشغيل أو لطلب عنصر التحكم في الوقت المناسب.
Error: (05/15/2017 12:02:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة خدمة Google Update (gupdate).
Error: (05/14/2017 11:16:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: لم يتم تسجيل الخادم {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} مع DCOM خلال المهلة المطلوبة.
Error: (05/14/2017 11:16:21 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: لم يتم تسجيل الخادم {F9717507-6651-4EDB-BFF7-AE615179BCCF} مع DCOM خلال المهلة المطلوبة.
Error: (05/07/2017 09:04:02 PM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT AUTHORITY)
Description: لقد اكتشفت خدمة الوقت أنه يتعين تغيير وقت النظام في غضون 606984 ثانية. ولن تقوم خدمة الوقت بتغيير وقت النظام في غضون أكثر من 54000 ثانية. تحقق من صحة كلاً من الوقت والمنطقة الزمنية، ثم تحقق من أن مصدر الوقت time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->51.140.127.197:123) يعمل بشكل صحيح.
Error: (05/07/2017 09:02:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة خدمة Google Update (gupdate) بسبب الخطأ التالي:
لم تستجب الخدمة لبدء التشغيل أو لطلب عنصر التحكم في الوقت المناسب.
Error: (05/07/2017 09:02:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة خدمة Google Update (gupdate).
Error: (01/10/2006 12:00:49 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 08:57:56 م on 14/05/2017 was unexpected.
Error: (05/14/2017 08:26:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة خدمة Google Update (gupdate) بسبب الخطأ التالي:
لم تستجب الخدمة لبدء التشغيل أو لطلب عنصر التحكم في الوقت المناسب.
Error: (05/14/2017 08:26:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة خدمة Google Update (gupdate).
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU 550 @ 2.00GHz
Percentage of memory in use: 91%
Total physical RAM: 1014.43 MB
Available physical RAM: 87.74 MB
Total Virtual: 2038.43 MB
Available Virtual: 684.54 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:120.37 GB) (Free:99.94 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (برامج منوعه) (Fixed) (Total:177.62 GB) (Free:127.8 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8530BB91)
Partition 1: (Not Active) - (Size=86 MB) - (Type=05)
Partition 2: (Active) - (Size=120.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=177.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by منير (15-05-2017 00:48:29)
Running from C:\Users\منير\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2017-04-17 19:32:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3139794459-3927556288-4145378674-500 - Administrator - Disabled)
Guest (S-1-5-21-3139794459-3927556288-4145378674-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3139794459-3927556288-4145378674-1002 - Limited - Enabled)
منير (S-1-5-21-3139794459-3927556288-4145378674-1000 - Administrator - Enabled) => C:\Users\منير
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: جدار الحماية الشخصي ESET (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.02 (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
Antirun 2.4 (HKLM\...\Antirun) (Version: 2.4 - Antirun Labs)
Any Data Recovery Pro (HKLM\...\Any Data Recovery Pro) (Version: - Tenorshare, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Cela.C.M (HKLM\...\Cela.C.M) (Version: 100.001.010.016 - Huawei Technologies Co.,Ltd)
ESET Smart Security (HKLM\...\{F0947421-BAE4-4B7D-AE30-7FE45945845B}) (Version: 10.1.204.2 - ESET, spol. s r.o.)
Google Chrome (HKLM\...\{ABB67988-B698-39BE-99E3-E41B2027AC1F}) (Version: 57.0.2987.133 - Google, Inc.)
Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.6.01055 - Microsoft Corporation)
MPC-HC 1.7.11 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.11 - MPC-HC Team)
Notepad++ (32-bit x86) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Opera Stable 44.0.2510.1218 (HKLM\...\Opera 44.0.2510.1218) (Version: 44.0.2510.1218 - Opera Software)
Snagit 12 (Version: 12.2.0 - TechSmith Corporation) Hidden
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{11CD84A3-A5E0-43CB-B3DF-92C623C0E0E0}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{22756E83-8EBC-4B16-A4A4-0AA73BE497B1}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{2A235D7E-0358-40E2-B51A-DE22F8F5C50D}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{56C94D6A-7370-4885-A04E-7097FE4E0BAF}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{672CDBDB-0270-4EB9-83EC-216377522D21}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{841BFDCA-6A9A-4EBC-BC7E-194AA5DCE428}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{94330D48-EB33-49BB-87F1-AD8C0352C010}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139794459-3927556288-4145378674-1000_Classes\CLSID\{F7CA46A9-ACA5-45A6-967E-03FF5A282D01}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1A227524-246D-4C8F-8B53-F331D7B20E71} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {42024E14-1F3F-452B-ADEB-061381E2E339} - \{006766D1-F9C6-41B2-B5D2-F897F220001E} -> No File <==== ATTENTION
Task: {45513716-478B-4EFA-999E-35015D386516} - System32\Tasks\TechSmith Updater => C:\Program Files\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2014-07-31] (TechSmith Corporation)
Task: {4CDE1B96-8B98-4529-8FA8-A80E4C60699B} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {F235064F-E51F-493F-82A2-3C32375859AD} - \Opera scheduled Autoupdate 1492456237 -> No File <==== ATTENTION
Task: {FBD37A32-4EC4-45B1-9530-27434FD9F0DE} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-05-08 18:19 - 2017-03-22 10:24 - 01736992 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2010-07-04 23:32 - 2010-07-04 23:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2017-03-08 04:42 - 2017-03-08 04:42 - 00267952 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2015-08-26 09:44 - 2015-08-26 09:44 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2017-04-11 00:57 - 2017-04-11 00:57 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1025.dll
2017-05-12 17:40 - 2007-09-30 08:29 - 00014848 _____ () C:\Program Files\Cela.C.M_HW\isaputrace.dll
2017-05-12 17:40 - 2007-11-15 06:01 - 00098304 _____ () C:\Program Files\Cela.C.M_HW\DeviceMgrPlugin.dll
2017-05-12 17:40 - 2009-08-05 14:14 - 00131072 _____ () C:\Program Files\Cela.C.M_HW\DetectDev.dll
2017-05-12 17:40 - 2009-08-05 14:14 - 00466944 _____ () C:\Program Files\Cela.C.M_HW\atcomm.dll
2017-05-12 17:40 - 2009-08-05 14:14 - 00053248 _____ () C:\Program Files\Cela.C.M_HW\XCodec.dll
2017-05-12 17:40 - 2007-11-15 06:02 - 00057344 _____ () C:\Program Files\Cela.C.M_HW\ConfigFilePlugin.dll
2017-05-12 17:40 - 2007-11-15 06:05 - 00126976 _____ () C:\Program Files\Cela.C.M_HW\LocaleMgrPlugin.dll
2017-05-12 17:40 - 2010-06-18 10:07 - 00311296 _____ () C:\Program Files\Cela.C.M_HW\libxvi010.dll
2017-05-12 17:40 - 2010-10-29 17:36 - 01109504 _____ () C:\Program Files\Cela.C.M_HW\eap_supplicant.dll
2017-05-12 17:40 - 2009-05-05 09:13 - 00023552 _____ () C:\Program Files\Cela.C.M_HW\NotifyServicePlugin.dll
2017-04-19 01:24 - 2016-09-06 11:00 - 05197312 _____ () C:\Users\منير\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2017-04-19 01:24 - 2016-09-06 11:00 - 00147456 _____ () C:\Users\منير\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\64856750.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\88772306.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\64856750.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\88772306.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3139794459-3927556288-4145378674-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\منير\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.240.32.5 - 62.68.42.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: DLLSuite2016 => C:\Program Files\DLL Suite\DLLSuite.exe
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C512830C-4D13-4D2A-B9DF-DADA05B8D399}] => (Allow) C:\Program Files\Opera\44.0.2510.1218\opera.exe
FirewallRules: [{8CB3832E-4A0F-4854-A928-2C6E377E9B50}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{CD0CC579-CAB0-417D-B832-0CC59C15D2DC}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{DBA41EBA-DDA0-452E-BAA8-C3EB339887D9}] => (Allow) LPort=8298
==================== Restore Points =========================
08-05-2017 15:50:53 تثبيت حزمة برنامج تشغيل الأجهزة: Connectify Network Service
08-05-2017 15:54:42 تثبيت حزمة برنامج تشغيل الأجهزة: Connectify Network Service
08-05-2017 19:13:32 Snagit 12
08-05-2017 19:50:37 Snagit 12
09-05-2017 21:50:30 Windows Update
10-05-2017 01:28:07 Windows Update
11-05-2017 11:15:30 Windows Update
11-05-2017 16:12:56 Windows Update
11-05-2017 17:32:13 Windows Update
==================== Faulty Device Manager Devices =============
Name: وحدة تحكم التخزين كبير السعة
Description: وحدة تحكم التخزين كبير السعة
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/15/2017 12:00:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/10/2006 12:02:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/14/2017 08:24:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/14/2017 06:42:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/14/2017 06:28:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/14/2017 05:28:32 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhost (2768) An attempt to open the file "C:\Users\منير\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "يتعذر على العملية الوصول إلى الملف لأنه قيد الاستخدام من قبل عملية أخرى. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (05/14/2017 05:23:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: توقف البرنامج Cela.C.M.exe الإصدار 1.0.0.1 عن التفاعل مع Windows وتم إغلاقه. لمعرفة ما إذا كان يتوفر مزيد من المعلومات حول المشكلة، قم بالاطلاع على محفوظات المشكلة في "مركز الصيانة" من لوحة التحكم.
معرّف العملية: 758
وقت بدء التشغيل: 01d2ccc4910a3b48
وقت الإنهاء: 803
مسار التطبيق: C:\Program Files\Cela.C.M_HW\Cela.C.M.exe
معرف التقرير: 2a436167-38b9-11e7-a64c-f83dffbb844d
Error: (05/14/2017 05:10:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/14/2017 02:23:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/14/2017 01:12:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (05/15/2017 12:02:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة خدمة Google Update (gupdate) بسبب الخطأ التالي:
لم تستجب الخدمة لبدء التشغيل أو لطلب عنصر التحكم في الوقت المناسب.
Error: (05/15/2017 12:02:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة خدمة Google Update (gupdate).
Error: (05/14/2017 11:16:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: لم يتم تسجيل الخادم {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} مع DCOM خلال المهلة المطلوبة.
Error: (05/14/2017 11:16:21 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: لم يتم تسجيل الخادم {F9717507-6651-4EDB-BFF7-AE615179BCCF} مع DCOM خلال المهلة المطلوبة.
Error: (05/07/2017 09:04:02 PM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT AUTHORITY)
Description: لقد اكتشفت خدمة الوقت أنه يتعين تغيير وقت النظام في غضون 606984 ثانية. ولن تقوم خدمة الوقت بتغيير وقت النظام في غضون أكثر من 54000 ثانية. تحقق من صحة كلاً من الوقت والمنطقة الزمنية، ثم تحقق من أن مصدر الوقت time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->51.140.127.197:123) يعمل بشكل صحيح.
Error: (05/07/2017 09:02:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة خدمة Google Update (gupdate) بسبب الخطأ التالي:
لم تستجب الخدمة لبدء التشغيل أو لطلب عنصر التحكم في الوقت المناسب.
Error: (05/07/2017 09:02:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة خدمة Google Update (gupdate).
Error: (01/10/2006 12:00:49 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 08:57:56 م on 14/05/2017 was unexpected.
Error: (05/14/2017 08:26:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة خدمة Google Update (gupdate) بسبب الخطأ التالي:
لم تستجب الخدمة لبدء التشغيل أو لطلب عنصر التحكم في الوقت المناسب.
Error: (05/14/2017 08:26:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة خدمة Google Update (gupdate).
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU 550 @ 2.00GHz
Percentage of memory in use: 91%
Total physical RAM: 1014.43 MB
Available physical RAM: 87.74 MB
Total Virtual: 2038.43 MB
Available Virtual: 684.54 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:120.37 GB) (Free:99.94 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (برامج منوعه) (Fixed) (Total:177.62 GB) (Free:127.8 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8530BB91)
Partition 1: (Not Active) - (Size=86 MB) - (Type=05)
Partition 2: (Active) - (Size=120.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=177.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================