Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x86) Version:09-05-2016
Ran by رياض (2016-05-13 06:46:44)
Running from C:\Users\رياض\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2011-07-11 08:23:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3488952640-1886036067-2608822963-500 - Administrator - Disabled)
Guest (S-1-5-21-3488952640-1886036067-2608822963-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3488952640-1886036067-2608822963-1004 - Limited - Enabled)
رياض (S-1-5-21-3488952640-1886036067-2608822963-1000 - Administrator - Enabled) => C:\Users\رياض
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
F.lux (HKU\S-1-5-21-3488952640-1886036067-2608822963-1000\...\Flux) (Version: - )
Golden Filter Premium 3.1 (HKLM\...\Golden Filter Premium) (Version: 3.1 - Gsi Technologies)
Google Chrome (HKLM\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (Version: 1.3.21.165 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 7 Update 17 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Kaspersky Internet Security (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Лаборатория Касперского)
Kaspersky Internet Security (Version: 16.0.0.614 - Лаборатория Касперского) Hidden
ManyCam 4.0.77 (HKLM\...\ManyCam) (Version: 4.0.77 - Visicom Media Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110401-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
MobiConnect (HKLM\...\MobiConnect) (Version: 23.009.09.02.216 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 6.0 (x86 ar) (HKLM\...\Mozilla Firefox 6.0 (x86 ar)) (Version: 6.0 - Mozilla)
Nitro Pro 8 (HKLM\...\{C41DBC07-C9C2-4B8C-BD85-46ED6853AD6B}) (Version: 8.5.1.10 - Nitro)
PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: - )
Ralink RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.11.0 - Ralink)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: - )
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (Version: 13.0.3020.7 - TuneUp Software) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Your Uninstaller! 7 (HKLM\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.)
حزمة التوافق لنظام Office 2007 (HKLM\...\{90120000-0020-0401-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0163AEAE-7C31-472F-BCDF-3F29AEC39A0D} - System32\Tasks\{AF16D54E-4F96-4C7F-BA20-6BFE7AFD3FB0} => C:\Users\رياض\Desktop\Wonders\Wonders.exe
Task: {033B8299-7942-4201-892C-A2353BB1EBAD} - System32\Tasks\{9A0F40E0-12B6-472C-A1B0-D6014F1DE58E} => pcalua.exe -a "C:\Users\رياض\Desktop\Advanced RAR Password Recovery 1.53\ara.exe" -d "C:\Users\رياض\Desktop\Advanced RAR Password Recovery 1.53"
Task: {0F6C9246-A962-4902-9905-72902CADD37E} - System32\Tasks\{5A31C8BC-9B44-4E3D-AE18-E620C4C7206D} => C:\Program Files\CyberGhost 5\CyberGhost.exe
Task: {18263BC2-698D-4259-892C-E1F52B10A775} - System32\Tasks\{03473F93-B3D8-41DB-807C-961C16A96BF9} => C:\Users\رياض\Desktop\URescue_v1.3.0.71.exe
Task: {1C0FBFE1-483A-40F8-8E27-D86F23398601} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3488952640-1886036067-2608822963-1000
Task: {2C3FAF1F-3CC8-44D0-BFDC-B8A80FC5E1B7} - System32\Tasks\{941D2BF0-F5F5-4B7F-B318-8CD8E53796F5} => C:\Users\رياض\Downloads\FeedingFrenzySetup-en_achrafddine.exe
Task: {3A058113-34AA-4CE6-8E9E-2B513C44DC51} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {3C2C3CE2-EBF2-4CAF-9FA7-FD098F95CB4A} - System32\Tasks\{322CDE2D-2D0F-4690-88EC-7E8229618D7F} => C:\Program Files\Adobe\Acrobat 4.0 ME\Reader\AcroRd32.exe
Task: {53947287-F61E-439B-ABC8-BD9182A0641E} - System32\Tasks\{4F9BB62C-7C66-4FCB-96BB-F6805B21C68A} => G:\PL2303\vista\PL-2303 Vista Driver Installer.exe
Task: {53CEF070-C81E-4700-92AD-819AA4BAFC3D} - System32\Tasks\{ED5BADB1-F00F-4EA3-B6F1-9B386C3291E4} => C:\Program Files\ManyCam\ManyCam.exe [2014-03-26] (Visicom Media Inc.)
Task: {54425755-34B7-4954-A563-A22D6FFB06AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-30] (Adobe Systems Incorporated)
Task: {593B0447-33BB-47BB-8127-005BA0F850D7} - System32\Tasks\{CC96062A-BA16-46B6-9444-CC764E8AEC3E} => pcalua.exe -a C:\Users\رياض\Downloads\Programs\CGWebInstall.exe -d C:\Users\رياض\AppData\Roaming\IDM
Task: {5BD47457-DFF6-413B-88FD-AD390095B8F2} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-04-29] (AO Kaspersky Lab)
Task: {5C11522D-1C9C-4D0E-9B7A-5BA72D35130E} - System32\Tasks\{032BC8D1-E903-442C-AD3D-663C978C3C89} => C:\Windows\IsUninst.exe [1998-10-29] (InstallShield Software Corporation)
Task: {5CA971C2-901F-4579-A42B-BD179731A700} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {61976A89-9FD1-4956-93B7-BC295A6CD108} - System32\Tasks\{70A75179-EB46-4F0D-819C-1C5675BA0FCE} => G:\PL2303\vista\PL-2303 Vista Driver Installer.exe
Task: {691B6565-A31E-49C3-BFAC-E709BB6233EF} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {6EDCEEB2-661F-4ABE-A892-7F16031A40EF} - System32\Tasks\{78A82B56-A6F7-43AF-95BD-0A3A5936D939} => pcalua.exe -a C:\Users\رياض\Downloads\Programs\NetFx20SP2_x86.exe -d C:\Users\رياض\Downloads\Programs
Task: {727E3B41-3F56-42A8-BDE3-ED665791842C} - System32\Tasks\{2B935064-2C4B-4E94-80BF-6CF1A8A59467} => C:\Program Files\ITE\IT1167B\DtMPTool_V1.67B.11.0\DtMPTool.exe
Task: {7D030B84-8CEB-4B17-A342-DF37325CE0EF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {7D149F7C-3187-4F41-9863-CC2E40E4B11C} - System32\Tasks\{D113C49F-8720-4AA8-92B2-01EB670E53D3} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {7E70318B-72DA-4E63-B71C-6971C11134CF} - System32\Tasks\Google Updater and Installer => C:\Users\رياض\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {8F2181C5-0845-4C9C-957C-D925EE7D96B9} - System32\Tasks\{56F02A15-328D-4EFF-BD66-44E861C19F7E} => C:\Program Files\Your Uninstaller 2010\urmain.exe
Task: {91316D64-78EC-4B95-8394-0607A0E7DA11} - System32\Tasks\{3F83C32F-1F4D-4235-978A-3DF6E5AE9118} => C:\Program Files\ManyCam\ManyCam.exe [2014-03-26] (Visicom Media Inc.)
Task: {950E37CD-E8A8-45D6-8FB8-267286DB2B10} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3488952640-1886036067-2608822963-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {BCB8E5C0-9F28-40DB-B737-F9BFED18D568} - System32\Tasks\{7DE0E98D-6DCC-43CD-A5E7-30B48962E5CD} => C:\DriveKey\HPUSBFW.EXE
Task: {BFDF6117-D59F-4CA8-B7F3-9946316A8641} - System32\Tasks\{EB525EF4-EB7F-4AE1-80B1-17D7A17F20E1} => C:\Users\رياض\Desktop\Translator4.2.exe
Task: {C19B2E10-84D2-4C34-85A7-313571EBCEE0} - System32\Tasks\{87896E32-7C92-4925-8FF9-08B7CAA383E6} => G:\PL2303\winxp\PL-2303 Driver Installer.exe
Task: {C6888691-8AB5-480E-92A3-F2686FB51415} - System32\Tasks\{A4A2A960-6BA9-4C49-A9F7-3C6BD32C586B} => C:\Users\رياض\Downloads\Programs\Windows_Fix_It.exe
Task: {CB8987FA-6DAA-4FBF-B810-AF5971D6327B} - System32\Tasks\{5E5884D6-511D-476D-8FEE-4679E36B0AC4} => C:\Program Files\GameTop.com\Police Supercars Racing\PSR.exe
Task: {CBC43EF5-11FA-48A5-9ED3-E50055688824} - System32\Tasks\Real Player online update program => C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Task: {D29BABA6-BB1C-467A-A19D-D031155C7902} - System32\Tasks\{12EBF2BF-6DCF-470D-99E5-D35ABA35B42F} => Firefox.exe
Task: {DA85C48F-6551-4776-A3A3-F7043908F799} - System32\Tasks\{00F73461-0287-403E-9622-4686C1943159} => C:\Program Files\ManyCam\ManyCam.exe [2014-03-26] (Visicom Media Inc.)
Task: {DF1D2133-485C-4353-9219-1C9D87F841B9} - System32\Tasks\{D5DBDEB0-62D0-4F6A-9F7C-3D322CBA4D41} => G:\PL2303\winxp\PL-2303 Driver Installer.exe
Task: {E1424965-1DCD-4E92-BBE3-A9C09C1CD331} - System32\Tasks\{4899A4A0-C77E-4243-9A11-7827047D88B0} => C:\Program Files\ManyCam\ManyCam.exe [2014-03-26] (Visicom Media Inc.)
Task: {E2FC7307-2C97-4A9D-A2BA-22C2486D6D66} - System32\Tasks\{932CA38C-4745-468D-8D9A-798CAAA92E7B} => C:\Users\رياض\Desktop\Translator4.2.exe
Task: {EC244750-1DF3-4BC2-AA1D-BB6207D92644} - System32\Tasks\{AD2250DA-7DD2-407F-A264-4D21856C57BA} => C:\DriveKey\HPUSBFW.EXE
Task: {EE11092A-EEAF-4C5F-BF87-69986E492855} - System32\Tasks\{CF5B3E65-61BE-4798-9B18-DD90DA1970EB} => G:\PL2303\vista\PL-2303 Vista Driver Installer.exe
Task: {F961B6A0-7727-4A60-B24C-DB7D088E8629} - System32\Tasks\{FCA782C9-EFC9-49C3-832C-5E30CC6D57CB} => pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller"
Task: {FF3E7136-D107-4E93-AC4A-93789813C025} - System32\Tasks\{366537CB-DA3C-4D77-BD12-848353C22F91} => C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\ReStart.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2012-09-20 15:09 - 2010-03-15 10:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00271712 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2014-02-06 11:36 - 2013-05-21 10:58 - 00656976 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\ouc.exe
2014-02-06 11:36 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\mingwm10.dll
2014-02-06 11:36 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\libgcc_s_dw2-1.dll
2014-02-06 11:36 - 2012-10-31 10:11 - 02417152 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\QtCore4.dll
2014-02-06 11:36 - 2012-10-31 10:14 - 01148416 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\QtNetwork4.dll
2014-02-06 11:36 - 2013-05-21 10:50 - 00839680 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\QueryStrategy.dll
2014-02-06 11:36 - 2012-10-31 10:11 - 00398336 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\QtXml4.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [228]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7690 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-04-05 19:15 - 2014-04-05 19:15 - 00517864 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
0.0.0.0 banner.ad.nu
There are 12407 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3488952640-1886036067-2608822963-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\رياض\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4DA49A12-F589-40D5-A5A4-DF738A320F87}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Ace Translator\AceTrans.exe] => Enabled:Ace Translator
StandardProfile\AuthorizedApplications: [C:\Program Files\Ace Translator\AceTrans.exe] => Enabled:Ace Translator
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Realtek RTL8139/810x Family Fast Ethernet NIC
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8023xp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: محول المنفذ المصغر لـ Wifi الظاهري الخاص بـ Microsoft
Description: محول المنفذ المصغر لـ Wifi الظاهري الخاص بـ Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/09/2016 11:09:45 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, تم رفض الوصول.
.
This is often caused by incorrect security settings in either the writer or requestor process.
العملية:
تجميع بيانات الكاتب
السياق:
معرف فئة الكاتب: {e8132975-6f93-4464-a53e-1050253ae220}
اسم الكاتب: System Writer
معرف مثيل الكاتب: {72edbebc-ca92-4f52-83cc-d5a715a36a54}
Error: (05/09/2016 10:17:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: اسم التطبيق الذي يحتوي على أخطاء: Dumpper.exe، الإصدار: 30.3.0.0، الطابع الزمني: 0x525931fa
اسم الوحدة النمطية التي تحتوي على أخطاء: KERNELBASE.dll، الإصدار: 6.1.7601.18409، الطابع الزمني: 0x531599f6
رمز الاستثناء: 0xe0434352
إزاحة الخطأ: 0x0000812f
معرّف العملية التي تحتوي على خطأ: 0xbdc
وقت بدء تشغيل التطبيق الذي يحتوي على خطأ: 0xDumpper.exe0
مسار التطبيق الذي يحتوي على خطأ: Dumpper.exe1
مسار الوحدة النمطية التي تحتوي على خطأ: Dumpper.exe2
معرف التقرير: Dumpper.exe3
Error: (05/09/2016 10:17:31 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Dumpper.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Net.WebException
Stack:
at System.Net.HttpWebRequest.GetResponse()
at Dumpper.Form1.upsnew()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.runTryCode(System.Object)
at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
Error: (05/09/2016 08:59:23 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, تم رفض الوصول.
.
This is often caused by incorrect security settings in either the writer or requestor process.
العملية:
تجميع بيانات الكاتب
السياق:
معرف فئة الكاتب: {e8132975-6f93-4464-a53e-1050253ae220}
اسم الكاتب: System Writer
معرف مثيل الكاتب: {aa283620-74aa-417e-96b6-79bf2a6cd49d}
Error: (05/09/2016 05:35:54 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, تم رفض الوصول.
.
This is often caused by incorrect security settings in either the writer or requestor process.
العملية:
تجميع بيانات الكاتب
السياق:
معرف فئة الكاتب: {e8132975-6f93-4464-a53e-1050253ae220}
اسم الكاتب: System Writer
معرف مثيل الكاتب: {ce3e2171-679b-4cd8-979e-fd476ee2c9d1}
Error: (05/08/2016 01:44:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: فشل إنشاء سياق التنشيط لـ "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
تعذر العثور على التجميع Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.
Error: (05/08/2016 01:44:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: فشل إنشاء سياق التنشيط لـ "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
تعذر العثور على التجميع Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.
Error: (05/08/2016 01:44:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: فشل إنشاء سياق التنشيط لـ "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
تعذر العثور على التجميع Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.
Error: (05/08/2016 01:44:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: فشل إنشاء سياق التنشيط لـ "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
تعذر العثور على التجميع Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.
Error: (05/08/2016 01:44:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: فشل إنشاء سياق التنشيط لـ "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
تعذر العثور على التجميع Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.
System errors:
=============
Error: (05/13/2016 05:52:03 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (05/13/2016 05:51:30 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}
Error: (05/13/2016 05:51:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة خدمة Google Update (gupdate) بسبب الخطأ التالي:
%%1053
Error: (05/13/2016 05:51:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة خدمة Google Update (gupdate).
Error: (05/13/2016 05:50:26 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (05/13/2016 05:50:12 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (05/13/2016 05:49:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة MobiConnect. OUC بسبب الخطأ التالي:
%%1053
Error: (05/13/2016 05:49:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة MobiConnect. OUC.
Error: (05/12/2016 11:18:15 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: لم يتم إيقاف تشغيل الخدمة Windows Update بشكل صحيح بعد تلقي عنصر تحكم لقبل إيقاف التشغيل.
Error: (05/12/2016 10:17:32 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Сonnection is not established
CodeIntegrity:
===================================
Date: 2016-05-12 21:11:03.274
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-12 21:11:03.274
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-12 21:08:14.723
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-12 21:08:14.723
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-12 21:08:01.623
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-12 21:08:01.623
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-12 21:08:00.904
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-05-12 21:08:00.857
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-16 06:48:05.347
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-01-16 06:48:05.332
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz
Percentage of memory in use: 96%
Total physical RAM: 1014.49 MB
Available physical RAM: 31.84 MB
Total Virtual: 2525.49 MB
Available Virtual: 849.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:78.13 GB) (Free:53.55 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:78.13 GB) (Free:52.59 GB) NTFS
Drive e: () (Fixed) (Total:78.13 GB) (Free:71 GB) NTFS
Drive f: () (Fixed) (Total:231.37 GB) (Free:225.86 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 18931892)
Partition 1: (Active) - (Size=78.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=387.6 GB) - (Type=OF Extended)
==================== End of Addition.txt ============================