cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-05-2016
Ran by uthmin (2016-05-04 17:28:29)
Running from C:\Users\uthmin\Desktop
Windows 10 Pro (X64) (2016-04-27 18:06:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2791196081-3455553443-96247009-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2791196081-3455553443-96247009-503 - Limited - Disabled)
Guest (S-1-5-21-2791196081-3455553443-96247009-501 - Limited - Disabled)
uthmin (S-1-5-21-2791196081-3455553443-96247009-1001 - Administrator - Enabled) => C:\Users\uthmin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 9.0.377.1 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.377.1 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: جدار الحماية الشخصي ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe Reader X (10.1.7) - Arabic (HKLM-x32\...\{AC76BA86-7AD7-1025-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Ant Download Manager version 0.3.3.beta (HKLM-x32\...\{754CB6A3-3FE2-40DA-9FE5-2864909BD1CC}_is1) (Version: 0.3.3.beta - AntGROUP, Inc.)
Canon MF Toolbox 4.9.1.1.mf17 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf17 - CANON INC.)
Canon MF4010 Series (HKLM\...\{900A29A0-52BA-4a78-8E6C-5F4F821397CE}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Driver Talent (HKLM-x32\...\{29FE44D7-BC89-4188-8B0E-F6BA073C15A5}_is1) (Version: 6.4.42.136 - OSToto Co., Ltd.)
DriversCloud.com (64 bits) (HKLM\...\{C0B32FDA-5FB1-43F9-9273-E5DC59EE9164}) (Version: 8.0.4.0 - Cybelsoft)
ESET Smart Security (HKLM\...\{EADABD26-1163-4E63-A5CA-CB5D49FD13C7}) (Version: 9.0.377.1 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc‎.‎)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.13 - Intel(R) Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.1.126 - IObit)
Malwarebytes Anti-Malware النسخة 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEmu (HKLM-x32\...\MEmu) (Version: 2.1.1 - Microvirt)
Microsoft Office Language Pack 2013 - Arabic العربية (HKLM\...\Office15.OMUI.ar-sa) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.10.0-r112342-release - Plays.tv, LLC)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.0-r112326-release - Raptr, Inc)
Readiris Corporate 12 Middle East Edition (HKLM-x32\...\Readiris Corporate 12 Middle East Edition) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.107 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.104 - Synaptics Incorporated)
Viber (HKU\S-1-5-21-2791196081-3455553443-96247009-1001\...\Viber) (Version: 5.1.1.15 - Viber Media Inc)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wise Disk Cleaner 9.11 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 9.11 - WiseCleaner.com, Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
منبه الذاكرين (HKLM-x32\...\منبه الذاكرين) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2791196081-3455553443-96247009-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\uthmin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2DC28081-85F7-4058-A9A1-77A9EDC27FE4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {4060293D-0A03-4462-B6F7-ED9A20FA7129} - System32\Tasks\Uninstaller_SkipUac_uthmin => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-01-12] (IObit)
Task: {4748DD3C-133F-4BF0-B05E-9C380EC96825} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {60D3B8D5-F956-49F9-B4C7-78D0B6B06797} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-27] (Google Inc.)
Task: {81568D79-794E-4275-BE71-6A376F357FAA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-27] (Google Inc.)
Task: {8A70F318-A169-4326-9AE4-D175E1AD51B0} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-04-04] (Advanced Micro Devices, Inc.)
Task: {97190C4F-F30C-4317-8212-150908C9E871} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Drothman-uthmin Drothman => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {D27E9A66-9334-4540-9734-D04B004C29A3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {FADA5F13-9833-4FEE-93FA-B1FD2188AC65} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 13:00 - 2015-07-10 13:00 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-10 13:00 - 2015-07-10 13:00 - 02498296 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-07-10 13:00 - 2015-07-10 13:00 - 02498296 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-27 20:19 - 2016-04-27 20:19 - 00959176 _____ () C:\Users\uthmin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2015-07-10 13:00 - 2015-07-10 15:14 - 06579712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 15:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-10 13:00 - 2015-07-10 15:14 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 15:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2016-05-01 01:57 - 2016-05-01 02:00 - 10256384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-27 22:59 - 2016-03-09 11:35 - 00147216 _____ () c:\program files (x86)\ostotosoft\drivertalent\ldrvsvc.dll
2016-04-27 22:59 - 2016-03-09 11:35 - 00186640 _____ () c:\program files (x86)\ostotosoft\drivertalent\CrashCatch.dll
2016-04-27 22:59 - 2016-03-09 11:35 - 00254824 _____ () c:\program files (x86)\ostotosoft\drivertalent\updater\checkupdate.dll
2016-04-27 23:00 - 2016-03-09 11:35 - 00165088 _____ () c:\program files (x86)\ostotosoft\drivertalent\substat.dll
2016-04-27 22:59 - 2016-03-09 11:35 - 00103776 _____ () c:\program files (x86)\ostotosoft\drivertalent\dstudp.dll
2016-04-27 23:00 - 2016-03-09 11:35 - 00117088 _____ () c:\program files (x86)\ostotosoft\drivertalent\udp.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-05-04 02:12 - 2016-05-04 02:12 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2791196081-3455553443-96247009-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\...\StartupApproved\StartupFolder: => "Thaker.lnk"
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\...\StartupApproved\StartupFolder: => "إرسال إلى OneNote.lnk"
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\...\StartupApproved\Run: => "AntDM"
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\...\StartupApproved\Run: => "antMR"
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\...\StartupApproved\Run: => "Messenger (Yahoo!)"
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{33318A96-B2BA-4B5A-9C87-2DE26CD29556}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{5E186D54-E22F-4F30-9ED8-AD1B628EBD77}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{250531EE-8AF3-4AE9-AAF8-ACE368D28225}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{63355FE0-12E1-48C0-9262-3C8F1A382B82}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{524C17C9-A15B-441C-A87B-6DFE0DE36248}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{17D270AE-226A-4398-93AD-11D7F95CB804}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4577D8F6-0940-472D-A542-682D8439445F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{9E22532F-7D24-4B25-9416-5704B6DDD26C}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe
FirewallRules: [UDP Query User{BF6EEF03-54BE-4921-B216-2057EE4C2C72}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe
FirewallRules: [{2E68F3AE-2A6E-4AD1-AEC2-E646ED932D08}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DriverTalent.exe
FirewallRules: [{E2EDB909-077E-4848-A637-47C975A54816}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DTLService.exe
FirewallRules: [{BCADE6ED-822F-46A3-8F4A-95A2DCBF57E9}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\download\MiniThunderPlatform.exe
FirewallRules: [{F7F5B3A2-BC8D-4E74-8EAF-0207BB93AD1A}] => (Allow) C:\Program Files\Microvirt\MEmu\MEmu.exe
FirewallRules: [{5CEE10F8-228E-4DBE-95DA-104142EB0CB3}] => (Allow) C:\Program Files\Microvirt\MEmu\MEmu.exe
FirewallRules: [{CFA6D58A-4929-4E17-AA1D-B9E3A890B399}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
FirewallRules: [{97893686-2FEB-4059-A50B-9560D8F3D823}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
FirewallRules: [{FD150DF5-47B8-4D99-A879-7D335E1D601B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{5E432353-CBF5-467F-AB02-33150A8634A6}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{ED73F098-4793-4FBA-A1CD-2D47CEFBA276}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{E13C3EBF-9048-4DEE-A384-0A760FB8EA44}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{AC777494-53A7-403E-9A89-FB2B37BDCC3E}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{A8F9C707-6C69-4BF7-830E-1434F5FBE103}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

==================== Restore Points =========================

01-05-2016 02:31:00 Driver Booster : Synaptics PS/2 Port TouchPad
01-05-2016 18:25:34 Installed MF Toolbox
01-05-2016 18:35:12 Installed DriversCloud.com (64 bits)
01-05-2016 21:26:20 Installed Adobe Acrobat XI Pro.
03-05-2016 03:00:43 Removed Adobe Acrobat XI Pro.
03-05-2016 03:11:43 Installed Adobe Acrobat XI Pro.
03-05-2016 03:20:38 Installed Adobe Reader X (10.1.7) - Arabic.
04-05-2016 00:25:17 SlimDrivers Installing Drivers
04-05-2016 00:36:13 SlimDrivers Installing Drivers
04-05-2016 00:38:26 Installed Realtek Card Reader
04-05-2016 00:40:54 Removed SlimDrivers
04-05-2016 00:50:29 Created by Wise Disk Cleaner
04-05-2016 02:12:00 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/04/2016 02:17:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ShellExperienceHost.exe version 10.0.10240.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: fbc

Start Time: 01d1a5f3d7fab50a

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

Report Id: 2b5f763e-11f2-11e6-8269-2c27d7d7defd

Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: App

Error: (05/04/2016 02:17:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Drothman)
Description: تم إنهاء الحزمة Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy+App نظراً لأنها استغرقت وقتاً طويلاً لتتوقف مؤقتاً.

Error: (05/04/2016 02:36:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Drothman)
Description: فشل تنشيط التطبيق Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI مع حدوث الخطأ: -2144927141 راجع سجل Microsoft-Windows-TWinUI/Operational للحصول على معلومات إضافية.

Error: (05/04/2016 02:36:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Drothman)
Description: فشل تنشيط التطبيق Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App مع حدوث الخطأ: -2144927141 راجع سجل Microsoft-Windows-TWinUI/Operational للحصول على معلومات إضافية.

Error: (05/04/2016 02:12:07 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: فشلت "خدمات التشفير" أثناء معالجة استدعاء OnIdentity() الموجود في كائن "كاتب النظام".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/04/2016 12:50:31 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: فشلت "خدمات التشفير" أثناء معالجة استدعاء OnIdentity() الموجود في كائن "كاتب النظام".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/04/2016 12:40:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: فشلت "خدمات التشفير" أثناء معالجة استدعاء OnIdentity() الموجود في كائن "كاتب النظام".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/04/2016 12:38:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: فشلت "خدمات التشفير" أثناء معالجة استدعاء OnIdentity() الموجود في كائن "كاتب النظام".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/04/2016 12:36:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: فشلت "خدمات التشفير" أثناء معالجة استدعاء OnIdentity() الموجود في كائن "كاتب النظام".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/04/2016 12:25:23 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: فشلت "خدمات التشفير" أثناء معالجة استدعاء OnIdentity() الموجود في كائن "كاتب النظام".

Details:
AddWin32ServiceFiles: Unable to back up image of service SpyHunter 4 Service since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.


System errors:
=============
Error: (05/04/2016 01:18:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/04/2016 01:18:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/04/2016 01:18:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/04/2016 01:18:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/04/2016 01:18:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/04/2016 01:18:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/04/2016 01:18:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/04/2016 01:17:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/04/2016 01:17:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/04/2016 01:17:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 34%
Total physical RAM: 4043.86 MB
Available physical RAM: 2651.91 MB
Total Virtual: 5451.86 MB
Available Virtual: 4072.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:109.52 GB) (Free:66.89 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (كلية+برامج) (Fixed) (Total:156.74 GB) (Free:40.88 GB) NTFS
Drive f: (شخصي) (Fixed) (Total:199.16 GB) (Free:84.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0A80CABD)
Partition 1: (Active) - (Size=109.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=156.7 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=199.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité