cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-07-2016
Ran by mahmoud (2016-07-10 17:44:09)
Running from C:\Users\mahmoud\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2014-09-05 19:53:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-453311672-2777936180-2027923614-500 - Administrator - Disabled)
Guest (S-1-5-21-453311672-2777936180-2027923614-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-453311672-2777936180-2027923614-1002 - Limited - Enabled)
mahmoud (S-1-5-21-453311672-2777936180-2027923614-1000 - Administrator - Enabled) => C:\Users\mahmoud

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) - Arabic (HKLM\...\{AC76BA86-7AD7-1025-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{DC07522A-FA33-C098-E885-2FFA362097FC}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
GOM Player (HKLM\...\GOM Player) (Version: 2.2.64.5211 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc‎.‎)
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
HydraVision (Version: 4.2.220.0 - Advanced Micro Devices, Inc.) Hidden
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
LINE (HKLM\...\LINE) (Version: 4.1.2.525 - LINE Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MKV Player 2.1.20 (HKLM\...\MKV Player_is1) (Version: - )
Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
WinRAR 5.00 بيتا 3 (32-بت) (HKLM\...\WinRAR archiver) (Version: 5.00.3 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14FBD0AB-0E53-4999-A035-B0EB9548E484} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {42E1817F-9191-4EDC-BFE0-117DC360922A} - System32\Tasks\{711D9B26-F53A-428D-A424-FF955A52F3F2} => pcalua.exe -a "C:\Program Files\RelevantKnowledge\rlvknlg.exe" -c -bootremove -uninst:RelevantKnowledge
Task: {4D94AC88-99C7-4D21-B657-51400ED6F540} - System32\Tasks\{9C40F32F-5533-432E-B6EB-227D887A8BC9} => pcalua.exe -a "E:\العاب\Need For Speed Undercover\setup.exe" -d "E:\العاب\Need For Speed Undercover"
Task: {576E59AC-1F61-40F9-BA39-D58654BB39B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-10] (Adobe Systems Incorporated)
Task: {970E3461-5E31-4F89-B4E1-A1164D5958CC} - System32\Tasks\{3FCACB8A-4B25-469B-BC19-57467CC59E67} => pcalua.exe -a C:\Users\mahmoud\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=cornl
Task: {F610FAF9-E5D0-4B87-AB9B-6E2C235F848F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\mahmoud\AppData\Local\Microsoft\Windows\GameExplorer\{E7BC9481-474A-4DDC-B6AA-F0106B660926}\SupportTasks\0\Support.lnk -> hxxp://support.microsoft.com/support/ (No File)
Shortcut: C:\Users\mahmoud\AppData\Local\Microsoft\Windows\GameExplorer\{CAB31127-0B29-4100-A936-C6A16D47E31F}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.rockstargames.com/vicecity/ (No File)
Shortcut: C:\Users\mahmoud\AppData\Local\Microsoft\Windows\GameExplorer\{68F02EEC-A0B1-427E-82EE-49D27F5B73F3}\SupportTasks\1\Support.lnk -> hxxp://techsupport.ea.com/ (No File)
Shortcut: C:\Users\mahmoud\AppData\Local\Microsoft\Windows\GameExplorer\{68F02EEC-A0B1-427E-82EE-49D27F5B73F3}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.needforspeed.com/ (No File)
Shortcut: C:\Users\mahmoud\AppData\Local\Microsoft\Windows\GameExplorer\{508A4CDB-3809-418E-8278-98DC515C37EF}\SupportTasks\1\Support.lnk -> hxxp://support.ea.com/ (No File)
Shortcut: C:\Users\mahmoud\AppData\Local\Microsoft\Windows\GameExplorer\{508A4CDB-3809-418E-8278-98DC515C37EF}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.fifa07.ea.com/ (No File)

==================== Loaded Modules (Whitelisted) ==============

2011-11-09 22:10 - 2011-11-09 22:10 - 00369152 ____N () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:04 - 2016-07-10 05:27 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-453311672-2777936180-2027923614-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mahmoud\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{A401759B-A268-4D8F-986C-D8D484398AB6}F:\games\رامبو\prism3d.exe] => (Block) F:\games\رامبو\prism3d.exe
FirewallRules: [UDP Query User{1A58A4AF-46C7-4F5B-9693-9467AEF0D07A}F:\games\رامبو\prism3d.exe] => (Block) F:\games\رامبو\prism3d.exe
FirewallRules: [TCP Query User{E14EB530-8461-4A51-A948-4431820CE476}C:\program files\charles\charles.exe] => (Block) C:\program files\charles\charles.exe
FirewallRules: [UDP Query User{C62DCF70-210F-4F9E-A1E9-5A0DB6B49874}C:\program files\charles\charles.exe] => (Block) C:\program files\charles\charles.exe
FirewallRules: [{68BF6377-1B88-4C7F-9C7C-C60BC49CD7E4}] => (Allow) C:\Program Files\GoForFiles\GoforFiles.exe
FirewallRules: [{6C3312F5-18DA-4983-A097-466A1A96B70F}] => (Allow) C:\Program Files\GoForFiles\GoforFiles.exe
FirewallRules: [TCP Query User{146B1EB1-1E21-4D56-B89A-3D6F9D5BCD38}F:\games\رامبو\prism3d.exe] => (Block) F:\games\رامبو\prism3d.exe
FirewallRules: [UDP Query User{4C1C534D-D46D-4EF1-80E6-37ECBF007342}F:\games\رامبو\prism3d.exe] => (Block) F:\games\رامبو\prism3d.exe
FirewallRules: [{AE964D85-225E-48ED-B369-474FAB167526}] => (Allow) C:\Program Files\LINE\LINE.exe
FirewallRules: [{545EDBEA-975A-482F-8A5E-86E0DC9DFB07}] => (Allow) C:\Program Files\LINE\LINE.exe
FirewallRules: [{2461F72E-1237-4FBF-A3CA-79602EE2D90D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{DA93E46D-0FD4-45D5-9153-0A3F6E48508D}C:\users\mahmoud\downloads\programs\conquer_v6075_p2p.exe] => (Block) C:\users\mahmoud\downloads\programs\conquer_v6075_p2p.exe
FirewallRules: [UDP Query User{BC86A831-880D-4B58-B12F-D1FAEC71B6FA}C:\users\mahmoud\downloads\programs\conquer_v6075_p2p.exe] => (Block) C:\users\mahmoud\downloads\programs\conquer_v6075_p2p.exe
FirewallRules: [TCP Query User{801748DE-C963-460C-B4A1-D824239BC6FB}E:\العاب\كلاو\claw.exe] => (Block) E:\العاب\كلاو\claw.exe
FirewallRules: [UDP Query User{8BA7F7F9-5C7A-45C6-8266-9EAA0CD1A131}E:\العاب\كلاو\claw.exe] => (Block) E:\العاب\كلاو\claw.exe
FirewallRules: [TCP Query User{581400F7-20CD-4D7F-B930-9D18D2CCEEF0}F:\games\gta7\gta7.exe] => (Block) F:\games\gta7\gta7.exe
FirewallRules: [UDP Query User{8E89796E-A9F4-40EA-8F9E-98F49940B538}F:\games\gta7\gta7.exe] => (Block) F:\games\gta7\gta7.exe
FirewallRules: [TCP Query User{613BE0CB-C996-41FD-A643-8ABEB55307E0}C:\windows\system32\dwm.exe] => (Block) C:\windows\system32\dwm.exe
FirewallRules: [UDP Query User{AB327B03-F8C2-459B-BBB6-F20D3B41E525}C:\windows\system32\dwm.exe] => (Block) C:\windows\system32\dwm.exe
FirewallRules: [TCP Query User{6513B7BB-C695-4E4D-8FBE-88B11AA455E5}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{18D27D2D-ABA6-45B9-915C-2D7D9D523F36}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{DAF49E19-7B26-4353-9CB7-F8FDCDE33E30}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{173B40D2-63DD-43C1-9FBF-9EDEF9092070}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{A9945FE4-974C-4526-A179-9976D0868B48}] => (Allow) C:\Program Files\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{48CCCE42-6919-469E-A4F9-A1F9B338AB90}] => (Allow) C:\Program Files\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{3BD0CA9E-FA94-4322-A861-E4AFC94EA53F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2016 05:42:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2016 05:32:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2016 02:58:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2016 10:32:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/09/2016 10:32:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/09/2016 10:13:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2016 05:57:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2016 01:07:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2016 12:51:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2016 06:05:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/10/2016 05:41:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (07/10/2016 05:41:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (07/10/2016 05:41:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (07/10/2016 05:41:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (07/10/2016 05:41:32 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/10/2016 05:41:32 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/10/2016 05:41:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (07/10/2016 05:41:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (07/10/2016 05:41:21 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/10/2016 05:41:18 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) D CPU 3.06GHz
Percentage of memory in use: 42%
Total physical RAM: 2037.49 MB
Available physical RAM: 1171.79 MB
Total Virtual: 4074.98 MB
Available Virtual: 2984.12 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:19.53 GB) (Free:3.11 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (عربى) (Fixed) (Total:97.65 GB) (Free:5.85 GB) NTFS
Drive e: (اجنبى) (Fixed) (Total:97.65 GB) (Free:6.42 GB) NTFS
Drive f: (prog) (Fixed) (Total:83.24 GB) (Free:8.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1B681B67)
Partition 1: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=278.5 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité