Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-08-2017
Ran by نبيل (23-08-2017 14:15:07)
Running from C:\Users\نبيل\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2017-08-22 09:18:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3183927018-2194346283-209393716-500 - Administrator - Disabled)
Guest (S-1-5-21-3183927018-2194346283-209393716-501 - Limited - Disabled)
نبيل (S-1-5-21-3183927018-2194346283-209393716-1000 - Administrator - Enabled) => C:\Users\نبيل
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.39 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) - Arabic (HKLM\...\{AC76BA86-7AD7-1025-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.33 - Piriform)
Driver Booster 4.5 (HKLM\...\Driver Booster_is1) (Version: 4.5.0 - IObit)
Google Chrome (HKLM\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 5.0.3.168 - IObit)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.28.924.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6582 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TOSHIBA Assist (HKLM\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.01.00 - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.11C - TOSHIBA CORPORATION)
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
WinRAR 4.20 (32-بت) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-08-08] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-10] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-08-08] (IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-08-08] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-10] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0F386804-266D-429C-9EEC-28FEBAF30C1E} - System32\Tasks\Uninstaller_SkipUac_نبيل => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-08-08] (IObit)
Task: {34D76D10-6ABA-4586-AB7B-3CD2C9E3FF4D} - System32\Tasks\{13AC29F3-1ED2-4206-9C85-B23053436CB2} => C:\Windows\system32\pcalua.exe -a "G:\مجلد جديد \BtMon4Inst_v407.exe" -d "G:\مجلد جديد "
Task: {352196B1-2BA5-4E8D-949C-85F274BD7EA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-08-22] (Google Inc.)
Task: {760ADC44-0830-4CBB-BA8F-62278365BD5B} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\4.5.0\Scheduler.exe [2017-07-27] (IObit)
Task: {A3F9A7A5-7C75-43A0-98FB-0A57713E1B5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-08-22] (Google Inc.)
Task: {CAC9A530-5D3A-4AC0-9B31-EF4AB521367E} - System32\Tasks\{EDC681DB-09F8-4335-AF9B-65A4D9538118} => C:\Windows\system32\pcalua.exe -a C:\Users\نبيل\Downloads\chromeinstall-8u144.exe -d C:\Users\نبيل\Downloads
Task: {D18BD6DE-4730-45E4-8E44-7D581F5281EF} - System32\Tasks\Driver Booster SkipUAC (نبيل) => C:\Program Files\IObit\Driver Booster\4.5.0\DriverBooster.exe [2017-07-29] (IObit)
Task: {EBC36074-26B5-4BE5-8B4A-15575D6E965E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-22] (Adobe Systems Incorporated)
Task: {F6DF1850-35B1-4AE9-9F7F-C2AC810D7D1F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-08-03] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-08-22 12:24 - 2017-08-22 12:24 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-08-03 11:41 - 2017-08-03 11:41 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1025.dll
2017-08-22 22:35 - 2017-08-11 09:24 - 002117976 _____ () C:\Program Files\Google\Chrome\Application\60.0.3112.101\swiftshader\libglesv2.dll
2017-08-22 22:35 - 2017-08-11 09:24 - 000112472 _____ () C:\Program Files\Google\Chrome\Application\60.0.3112.101\swiftshader\libegl.dll
2017-08-22 04:23 - 2015-08-08 17:42 - 000348960 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2017-08-22 04:23 - 2015-08-08 17:42 - 000183584 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2017-08-22 04:23 - 2015-08-08 17:42 - 000050976 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 05:04 - 2009-06-11 00:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3183927018-2194346283-209393716-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\نبيل\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E8949161-C883-4743-A5F9-C961084983EE}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{8EE0D065-3DDC-47EE-86DC-1CC630E23BC8}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{16F971B9-F7CD-4EEF-B43A-998D8F9512FD}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{0F7A439F-7A49-40BE-9AA8-F0ECA81B22F3}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{12CD7008-AB17-43D7-8277-0CAF92F6AE9B}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{F1638D8A-8B89-4092-A75B-FB669BD07DCF}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{E027357A-ADC5-474A-B7E1-5E06352802A8}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/23/2017 02:11:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/23/2017 02:02:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/23/2017 01:50:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/23/2017 01:34:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/22/2017 11:25:01 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {1104b9a7-ba0e-4b92-95c6-683b96901b61}
Error: (08/22/2017 10:05:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/22/2017 09:48:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/22/2017 04:20:59 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {764b742d-6acf-4a50-973d-182ea0625d0a}
Error: (08/22/2017 04:18:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/22/2017 03:55:01 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: فشل إنشاء سياق التنشيط لـ "G:\برامج\Adobe.Flash.Player.11.2.202.228.x64\install_flash_player_11_active_x_64bit.exe".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.
System errors:
=============
Error: (08/23/2017 02:10:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: تم إنهاء خدمة Local Driver Service بسبب الخطأ التالي:
تعذر العثور على الوحدة النمطية المحددة.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 33%
Total physical RAM: 2930.67 MB
Available physical RAM: 1957.71 MB
Total Virtual: 5859.63 MB
Available Virtual: 4693.87 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:48.83 GB) (Free:27.59 GB) NTFS
Drive d: () (Fixed) (Total:183.59 GB) (Free:127.33 GB) NTFS
Drive e: () (Fixed) (Total:232.95 GB) (Free:232.76 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0A032D7D)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=183.6 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by نبيل (23-08-2017 14:15:07)
Running from C:\Users\نبيل\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2017-08-22 09:18:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3183927018-2194346283-209393716-500 - Administrator - Disabled)
Guest (S-1-5-21-3183927018-2194346283-209393716-501 - Limited - Disabled)
نبيل (S-1-5-21-3183927018-2194346283-209393716-1000 - Administrator - Enabled) => C:\Users\نبيل
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.39 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) - Arabic (HKLM\...\{AC76BA86-7AD7-1025-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.33 - Piriform)
Driver Booster 4.5 (HKLM\...\Driver Booster_is1) (Version: 4.5.0 - IObit)
Google Chrome (HKLM\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 5.0.3.168 - IObit)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.28.924.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6582 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TOSHIBA Assist (HKLM\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.01.00 - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.11C - TOSHIBA CORPORATION)
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
WinRAR 4.20 (32-بت) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-08-08] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-10] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-08-08] (IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-08-08] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-10] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0F386804-266D-429C-9EEC-28FEBAF30C1E} - System32\Tasks\Uninstaller_SkipUac_نبيل => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-08-08] (IObit)
Task: {34D76D10-6ABA-4586-AB7B-3CD2C9E3FF4D} - System32\Tasks\{13AC29F3-1ED2-4206-9C85-B23053436CB2} => C:\Windows\system32\pcalua.exe -a "G:\مجلد جديد \BtMon4Inst_v407.exe" -d "G:\مجلد جديد "
Task: {352196B1-2BA5-4E8D-949C-85F274BD7EA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-08-22] (Google Inc.)
Task: {760ADC44-0830-4CBB-BA8F-62278365BD5B} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\4.5.0\Scheduler.exe [2017-07-27] (IObit)
Task: {A3F9A7A5-7C75-43A0-98FB-0A57713E1B5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-08-22] (Google Inc.)
Task: {CAC9A530-5D3A-4AC0-9B31-EF4AB521367E} - System32\Tasks\{EDC681DB-09F8-4335-AF9B-65A4D9538118} => C:\Windows\system32\pcalua.exe -a C:\Users\نبيل\Downloads\chromeinstall-8u144.exe -d C:\Users\نبيل\Downloads
Task: {D18BD6DE-4730-45E4-8E44-7D581F5281EF} - System32\Tasks\Driver Booster SkipUAC (نبيل) => C:\Program Files\IObit\Driver Booster\4.5.0\DriverBooster.exe [2017-07-29] (IObit)
Task: {EBC36074-26B5-4BE5-8B4A-15575D6E965E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-22] (Adobe Systems Incorporated)
Task: {F6DF1850-35B1-4AE9-9F7F-C2AC810D7D1F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-08-03] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-08-22 12:24 - 2017-08-22 12:24 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-08-03 11:41 - 2017-08-03 11:41 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1025.dll
2017-08-22 22:35 - 2017-08-11 09:24 - 002117976 _____ () C:\Program Files\Google\Chrome\Application\60.0.3112.101\swiftshader\libglesv2.dll
2017-08-22 22:35 - 2017-08-11 09:24 - 000112472 _____ () C:\Program Files\Google\Chrome\Application\60.0.3112.101\swiftshader\libegl.dll
2017-08-22 04:23 - 2015-08-08 17:42 - 000348960 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2017-08-22 04:23 - 2015-08-08 17:42 - 000183584 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2017-08-22 04:23 - 2015-08-08 17:42 - 000050976 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 05:04 - 2009-06-11 00:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3183927018-2194346283-209393716-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\نبيل\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E8949161-C883-4743-A5F9-C961084983EE}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{8EE0D065-3DDC-47EE-86DC-1CC630E23BC8}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{16F971B9-F7CD-4EEF-B43A-998D8F9512FD}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{0F7A439F-7A49-40BE-9AA8-F0ECA81B22F3}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{12CD7008-AB17-43D7-8277-0CAF92F6AE9B}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{F1638D8A-8B89-4092-A75B-FB669BD07DCF}] => (Allow) C:\Program Files\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{E027357A-ADC5-474A-B7E1-5E06352802A8}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/23/2017 02:11:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/23/2017 02:02:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/23/2017 01:50:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/23/2017 01:34:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/22/2017 11:25:01 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {1104b9a7-ba0e-4b92-95c6-683b96901b61}
Error: (08/22/2017 10:05:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/22/2017 09:48:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/22/2017 04:20:59 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {764b742d-6acf-4a50-973d-182ea0625d0a}
Error: (08/22/2017 04:18:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/22/2017 03:55:01 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: فشل إنشاء سياق التنشيط لـ "G:\برامج\Adobe.Flash.Player.11.2.202.228.x64\install_flash_player_11_active_x_64bit.exe".
تعذر العثور على التجميع Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.
System errors:
=============
Error: (08/23/2017 02:10:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: تم إنهاء خدمة Local Driver Service بسبب الخطأ التالي:
تعذر العثور على الوحدة النمطية المحددة.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
Error: (08/23/2017 02:14:42 AM) (Source: atapi) (EventID: 11) (User: )
Description: كشف برنامج التشغيل عن وجود خطأ في وحدة التحكم على \Device\Ide\IdePort0.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 33%
Total physical RAM: 2930.67 MB
Available physical RAM: 1957.71 MB
Total Virtual: 5859.63 MB
Available Virtual: 4693.87 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:48.83 GB) (Free:27.59 GB) NTFS
Drive d: () (Fixed) (Total:183.59 GB) (Free:127.33 GB) NTFS
Drive e: () (Fixed) (Total:232.95 GB) (Free:232.76 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0A032D7D)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=183.6 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================