Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-03-2017
Ran by منير (01-04-2017 21:38:07)
Running from C:\Users\منير\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2017-01-09 16:57:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4218572008-491887988-1106255587-500 - Administrator - Disabled)
Guest (S-1-5-21-4218572008-491887988-1106255587-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4218572008-491887988-1106255587-1002 - Limited - Enabled)
منير (S-1-5-21-4218572008-491887988-1106255587-1000 - Administrator - Enabled) => C:\Users\منير
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ashampoo Photo Commander 14 v.14.0.0 (HKLM\...\{C92AB6F1-616B-A905-B3D2-3B7C238851DC}_is1) (Version: 14.0.0 - Ashampoo GmbH & Co. KG)
Avira Internet Security (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Cela.C.M (HKLM\...\Cela.C.M) (Version: 100.001.010.016 - Huawei Technologies Co.,Ltd)
FormatFactory 3.7.5.0 (HKLM\...\FormatFactory) (Version: 3.7.5.0 - Free Time)
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
K-Lite Mega Codec Pack 11.5.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
Malwarebytes Anti-Malware النسخة 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxthon Cloud Browser (HKLM\...\Maxthon3) (Version: 4.9.4.3000 - Maxthon International Limited)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.6.01055 - Microsoft Corporation)
PicosmosTools 1.8.0.0 (HKLM\...\PicosmosTools) (Version: 1.8.0.0 - Free Time)
PS TO PC CONVERTER (HKLM\...\{A483F88A-41E9-45B2-AAC9-A823DD9B4873}) (Version: 2007.01.01 - )
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Twin USB Gamepad (HKLM\...\{0AD1F05D-15F6-476D-A3BE-E3D5E3E0E023}) (Version: 1.00.0000 - yanglx)
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
WinRAR 5.30 (32-بت) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4218572008-491887988-1106255587-1000_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05C45442-B42F-4967-8287-276784D3923A} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon\Bin\MxStart.exe [2017-01-06] (Maxthon International ltd.)
Task: {0630B25C-BBBA-4FE8-BBC7-5D570139BFE0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-09] (Google Inc.)
Task: {1A3460E8-D31A-42E5-BA87-C9DED0540C86} - System32\Tasks\{1F6757B9-3ED4-49F3-BE35-CC91BF519F58} => pcalua.exe -a D:\pes06\pro-evolution-soccer-6----by------Algerian4orever-----\Konami_PES6_PC_DEMO.exe -d D:\pes06\pro-evolution-soccer-6----by------Algerian4orever-----
Task: {2B04B2AF-9AB5-4192-8DDA-452611CB1A81} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {3BE1572D-5508-4055-8D28-25A8F44E3BCA} - System32\Tasks\{FABDF878-50E5-4970-A1A2-71E9D3D11988} => pcalua.exe -a "C:\Pro Evolution Soccer 6 RIP HAMZA MEBARKI®\Install\kitserver\setup.exe" -d "C:\Pro Evolution Soccer 6 RIP HAMZA MEBARKI®\Install\kitserver"
Task: {886A8560-E523-421F-9C54-2BBB4B3DB2C1} - System32\Tasks\{8F5667CB-5196-47CF-9340-5A3D9E11995E} => pcalua.exe -a "D:\PES 2016\[PES16] PTE PATCH 6.0 Final Version\Setup 1.exe" -d "D:\PES 2016\[PES16] PTE PATCH 6.0 Final Version"
Task: {EB6ED3F9-DFC0-444D-88D1-DB389E9DB43D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-09] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-07-05 00:32 - 2010-07-05 00:32 - 00004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll
2010-07-05 00:32 - 2010-07-05 00:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2010-07-04 22:51 - 2010-07-04 22:51 - 00017408 _____ () C:\Program Files\Unlocker\UnlockerAssistant.exe
2017-01-09 20:00 - 2007-09-30 09:29 - 00014848 _____ () C:\Program Files\Cela.C.M_HW\isaputrace.dll
2017-03-27 19:12 - 2007-11-15 07:01 - 00098304 _____ () C:\Program Files\Cela.C.M_HW\DeviceMgrPlugin.dll
2017-03-27 19:12 - 2009-08-05 15:14 - 00131072 _____ () C:\Program Files\Cela.C.M_HW\DetectDev.dll
2017-03-27 19:12 - 2009-08-05 15:14 - 00466944 _____ () C:\Program Files\Cela.C.M_HW\atcomm.dll
2017-03-27 19:12 - 2009-08-05 15:14 - 00053248 _____ () C:\Program Files\Cela.C.M_HW\XCodec.dll
2017-03-27 19:12 - 2007-11-15 07:02 - 00057344 _____ () C:\Program Files\Cela.C.M_HW\ConfigFilePlugin.dll
2017-03-27 19:12 - 2007-11-15 07:05 - 00126976 _____ () C:\Program Files\Cela.C.M_HW\LocaleMgrPlugin.dll
2017-03-27 19:12 - 2010-06-18 11:07 - 00311296 _____ () C:\Program Files\Cela.C.M_HW\libxvi010.dll
2017-03-27 19:12 - 2010-10-29 18:36 - 01109504 _____ () C:\Program Files\Cela.C.M_HW\eap_supplicant.dll
2017-03-27 19:12 - 2009-05-05 10:13 - 00023552 _____ () C:\Program Files\Cela.C.M_HW\NotifyServicePlugin.dll
2017-01-10 11:33 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\منير\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2017-01-10 11:33 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\منير\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 05:04 - 2009-06-11 00:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4218572008-491887988-1106255587-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\منير\AppData\Local\Ashampoo\Ashampoo Photo Commander 14\APCWallpaper.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{89D51991-33F2-4357-8F74-B7D5955067FD}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{BE1DE10D-746B-43BD-A8D8-DE39189419E8}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{5CCC8F90-5639-4B7A-8CDF-3184112DFA7C}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe
FirewallRules: [{302B4EBE-8A92-4664-B111-C3B668DEDD5A}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe
FirewallRules: [{52318E19-6A22-4CD7-BDAB-98AD93FB35CF}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{72B00809-7D4D-47AD-AA00-5D341F47ED5F}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{0F531460-93DC-4DCB-9A1F-4646D59AD0E7}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PFInstOnline.exe
FirewallRules: [{6E9BBC0D-7F4A-4CB0-9EB3-3AD4B38EDC0A}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{438C131F-7D40-4D00-AEAA-1972E77271FA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
10-01-2006 01:05:56 عملية الاستعادة
26-03-2017 14:21:10 Windows Update
28-03-2017 19:57:19 ComboFix created restore point
31-03-2017 14:22:43 Windows Update
31-03-2017 23:35:55 Windows Update
01-04-2017 00:00:50 Windows Update
01-04-2017 11:13:51 Windows Update
==================== Faulty Device Manager Devices =============
Name: وحدة تحكم التخزين كبير السعة
Description: وحدة تحكم التخزين كبير السعة
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/01/2017 07:16:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: اسم التطبيق الذي يحتوي على أخطاء: pes6.exe، الإصدار: 1.0.0.1، الطابع الزمني: 0x4502a65a
اسم الوحدة النمطية التي تحتوي على أخطاء: pes6.exe، الإصدار: 1.0.0.1، الطابع الزمني: 0x4502a65a
رمز الاستثناء: 0xc0000005
إزاحة الخطأ: 0x004d160c
معرّف العملية التي تحتوي على خطأ: 0x93c
وقت بدء تشغيل التطبيق الذي يحتوي على خطأ: 0x01d2ab00872d14f3
مسار التطبيق الذي يحتوي على خطأ: D:\Pro Evolution Soccer 6 RIP\Install\pes6.exe
مسار الوحدة النمطية التي تحتوي على خطأ: D:\Pro Evolution Soccer 6 RIP\Install\pes6.exe
معرف التقرير: 944b3e18-16f6-11e7-9903-001d722bff12
System errors:
=============
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU 550 @ 2.00GHz
Percentage of memory in use: 90%
Total physical RAM: 1014.43 MB
Available physical RAM: 93.68 MB
Total Virtual: 2304 MB
Available Virtual: 269.97 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:120.37 GB) (Free:100.45 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (برامج منوعه) (Fixed) (Total:177.62 GB) (Free:128.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8530BB91)
Partition 1: (Not Active) - (Size=86 MB) - (Type=05)
Partition 2: (Active) - (Size=120.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=177.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================