مشكلة مشكلة بطئ اقلاع الجهاز وتهنيج بسيط

الحالة
مغلق و غير مفتوح للمزيد من الردود.
S

spider_ man

زيزوومى مبدع
إنضم
26 أكتوبر 2009
المشاركات
1,404
مستوى التفاعل
305
النقاط
670
الإقامة
مصر
غير متصل
مشكلة بطئ اقلاع الجهاز وتهنيج بسيط

واليوم ظهرت شاشة زرقاء وانا اتصفح الانترنت لكن لم استطيع تصويرها -_-

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:06:51 م, on 22/03/2015
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: إر&سال إلى OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: إضافة إلى مكافحة الشعارات - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: لوحة المفاتيح الظاهرية - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: انقر للاتصال من Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: انقر للاتصال من Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O9 - Extra button: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: التحقق من عناوين URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O15 - Trusted Zone:

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O17 - HKLM\System\CCS\Services\Tcpip\..\{A7D3C551-B867-4F2E-BEBA-73D333DFF595}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: خدمة Kaspersky Anti-Virus 15.0.0 (AVP15.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: خدمة iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Ma-Config Agent (MaConfigAgent) - CybelSoft - C:\Program Files\ma-config.com\MaConfigAgent.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TechSmith Uploader Service - TechSmith Corporation - C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13805 bytes
 

ترتيب حسب التاريخ ترتيب حسب الأصوات

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


فى هذا المنتدى دائما كان المراقبين والمشرفين يستخدموا الهايجاك ويمسحوا بعض القيم الضارة !
 

تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

نعم اخى .. لكن مع الـ 7 والـ 8 قد يعطى قيم خاطئة احياناً لاختلاف المسارات
اداة الرن سكنر اشمل وتعطى تفاصيل اكثر وادق
+
حاول تحذف تعريف كرت الشبكة وثبته من جديد
 
توقيع : White Man
تأييد 0
تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

اخى احذف برنامج KM Player
ثم
حمل ملف الرن سكنر التالى

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


وطبق عليه التنظيف كما بالشرح
● تنظيف runscanner ●
+
كان هناك بقايا لاحد برامج شركة بيدو وسيتم حذفها بعد تطبيق تنظيف الملف المرفق اعلاه
 
توقيع : White Man
تأييد 0
تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

هل مازالت تظهر اخى ؟
لو مازالت تظهر قم بعمل تقرير سجلات الاخطاء من جديد
 
توقيع : White Man
تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



نعم تظهر



====== سجل أخطاء النظام ======

Computer Name: Omar-PC
Event Code: 1060
Message: \??\C:\Program Files (x86)\Quintessential Media Player\cdrpdacc has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Record Number: 132030
Source Name: Application Popup
Time Written: 20150311065658.962231-000
Event Type: Error
User:

Computer Name: Omar-PC
Event Code: 11
Message: Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Record Number: 132020
Source Name: Microsoft-Windows-Wininit
Time Written: 20150311065544.219650-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Omar-PC
Event Code: 7031
Message: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Record Number: 131879
Source Name: Service Control Manager
Time Written: 20150310204613.617996-000
Event Type: Error
User:

Computer Name: Omar-PC
Event Code: 7024
Message: The Windows Search service terminated with service-specific error %%-1073473536.
Record Number: 131878
Source Name: Service Control Manager
Time Written: 20150310204613.617996-000
Event Type: Error
User:

Computer Name: Omar-PC
Event Code: 7031
Message: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Record Number: 131876
Source Name: Service Control Manager
Time Written: 20150310204542.940242-000
Event Type: Error
User:



===== سجل أخطاء البرامج =====

Computer Name: Omar-PC
Event Code: 3029
Message: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Record Number: 32438
Source Name: Microsoft-Windows-Search
Time Written: 20150310204613.000000-000
Event Type: Error
User:

Computer Name: Omar-PC
Event Code: 3029
Message: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Record Number: 32437
Source Name: Microsoft-Windows-Search
Time Written: 20150310204613.000000-000
Event Type: Error
User:

Computer Name: Omar-PC
Event Code: 7042
Message: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Context: Windows Application

Details:
The content index catalog is corrupt. 0xc0041801 (0xc0041801)

Record Number: 32432
Source Name: Microsoft-Windows-Search
Time Written: 20150310204613.000000-000
Event Type: Error
User:

Computer Name: Omar-PC
Event Code: 7040
Message: The search service has detected corrupted data files in the index {id=2801}. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application

Details:
The content index catalog is corrupt. 0xc0041801 (0xc0041801)

Record Number: 32431
Source Name: Microsoft-Windows-Search
Time Written: 20150310204613.000000-000
Event Type: Error
User:

Computer Name: Omar-PC
Event Code: 1000
Message: Faulting application name: SearchIndexer.exe, version: 7.0.7601.17610, time stamp: 0x4dc0d019
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000005
Fault offset: 0x00000000000011fd
Faulting process id: 0x138
Faulting application start time: 0x01d05b15fbdf526c
Faulting application path: C:\Windows\system32\SearchIndexer.exe
Faulting module path: C:\Windows\system32\msvcrt.dll
Report Id: 69c07c0e-c766-11e4-ac60-902b349bbe43
Record Number: 32428
Source Name: Application Error
Time Written: 20150310204541.000000-000
Event Type: Error
User:



===== السجل الأمني =====

Computer Name: Omar-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 28844
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150310204541.149139-000
Event Type: Audit Success
User:

Computer Name: Omar-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: OMAR-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x310
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 28843
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150310204541.149139-000
Event Type: Audit Success
User:

Computer Name: Omar-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 28842
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150310195112.995235-000
Event Type: Audit Success
User:

Computer Name: Omar-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: OMAR-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x310
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 28841
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150310195112.995235-000
Event Type: Audit Success
User:

Computer Name: Omar-PC
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-2137065626-392791487-870866828-1000
Account Name: Omar
Domain Name: Omar-PC
Logon ID: 0x24718
Record Number: 28840
Source Name: Microsoft-Windows-Eventlog
Time Written: 20150310195035.100179-000
Event Type: Audit Success
User:



===== تقرير انهيار البرامج =====

==================================================
Process File : firefox.exe
Event Name : Stopped working
Event Time : 22/03/2015 02:49:52 م
User Name : All Users
Exception Code : 0xc0000005
Exception Offset : 0x00001aa4
Fault Module Name : firefox.exe
Fault Module Version: 36.0.4.5557
Process Path : C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report File Size : 4,400
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_firefox.exe_4de07cc132ce4bf566c8ac7c1ea5512c2522e9b0_04449da5\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped working
Event Time : 22/03/2015 02:39:50 م
User Name : All Users
Exception Code : 0xc0000005
Exception Offset : 0x00001aa4
Fault Module Name : firefox.exe
Fault Module Version: 36.0.4.5557
Process Path : C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report File Size : 4,400
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_firefox.exe_4de07cc132ce4bf566c8ac7c1ea5512c2522e9b0_0ef779a1\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped working
Event Time : 22/03/2015 02:43:15 م
User Name : All Users
Exception Code : 0xc0000005
Exception Offset : 0x00001aa4
Fault Module Name : firefox.exe
Fault Module Version: 36.0.4.5557
Process Path : C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report File Size : 4,400
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_firefox.exe_4de07cc132ce4bf566c8ac7c1ea5512c2522e9b0_140e8f44\Report.wer
==================================================

==================================================
Process File : WerFault.exe
Event Name : Shut down unexpectedly
Event Time : 22/03/2015 03:15:25 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\WerFault.exe
Report File Size : 4,492
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_097d32b3\Report.wer
==================================================

==================================================
Process File : WerFault.exe
Event Name : Shut down unexpectedly
Event Time : 22/03/2015 03:02:15 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\WerFault.exe
Report File Size : 3,446
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0e69aacf\Report.wer
==================================================

==================================================
Process File : WerFault.exe
Event Name : Shut down unexpectedly
Event Time : 22/03/2015 06:00:51 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\WerFault.exe
Report File Size : 3,448
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0f08058b\Report.wer
==================================================

==================================================
Process File : WerFault.exe
Event Name : Shut down unexpectedly
Event Time : 22/03/2015 04:32:45 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\WerFault.exe
Report File Size : 3,390
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0fed8007\Report.wer
==================================================

==================================================
Process File : RelPost.exe
Event Name : Memory test results reported
Event Time : 22/03/2015 06:29:22 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\RelPost.exe
Report File Size : 2,346
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_4097_82e549faa2715ca648b9414cea94543845754a5_038b674a\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped working
Event Time : 22/03/2015 02:38:21 م
User Name : Omar
Exception Code : 0xc0000005
Exception Offset : 0x00001aa4
Fault Module Name : firefox.exe
Fault Module Version: 36.0.4.5557
Process Path : C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report File Size : 4,400
Report File Path : C:\Users\Omar\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_firefox.exe_4de07cc132ce4bf566c8ac7c1ea5512c2522e9b0_07fa6602\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped working
Event Time : 22/03/2015 02:50:06 م
User Name : Omar
Exception Code : 0xc0000005
Exception Offset : 0x00001aa4
Fault Module Name : firefox.exe
Fault Module Version: 36.0.4.5557
Process Path : C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report File Size : 4,400
Report File Path : C:\Users\Omar\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_firefox.exe_4de07cc132ce4bf566c8ac7c1ea5512c2522e9b0_1354e8c8\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped working
Event Time : 22/03/2015 02:38:45 م
User Name : Omar
Exception Code : 0xc0000005
Exception Offset : 0x00001aa4
Fault Module Name : firefox.exe
Fault Module Version: 36.0.4.5557
Process Path : C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report File Size : 4,686
Report File Path : C:\Users\Omar\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_firefox.exe_4de07cc132ce4bf566c8ac7c1ea5512c2522e9b0_149accfe\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped working
Event Time : 22/03/2015 02:37:00 م
User Name : Omar
Exception Code : 0xc0000005
Exception Offset : 0x00001aa4
Fault Module Name : firefox.exe
Fault Module Version: 36.0.4.5557
Process Path : C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report File Size : 4,400
Report File Path : C:\Users\Omar\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_firefox.exe_4de07cc132ce4bf566c8ac7c1ea5512c2522e9b0_1558d90f\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped working
Event Time : 22/03/2015 02:38:17 م
User Name : Omar
Exception Code : 0xc0000005
Exception Offset : 0x00001aa4
Fault Module Name : firefox.exe
Fault Module Version: 36.0.4.5557
Process Path : C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report File Size : 4,400
Report File Path : C:\Users\Omar\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_firefox.exe_4de07cc132ce4bf566c8ac7c1ea5512c2522e9b0_17ae053d\Report.wer
==================================================

==================================================
Process File : rundll32.exe
Event Name : Installed generic driver software
Event Time : 22/03/2015 05:26:09 م
User Name : Omar
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\rundll32.exe
Report File Size : 2,374
Report File Path : C:\Users\Omar\AppData\Local\Microsoft\Windows\WER\ReportArchive\NonCritical_x64_5242aa185cb45af4a1283fb52fd9217759a0837_16db0bb3\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped working
Event Time : 22/03/2015 02:49:52 م
User Name :
Exception Code : 0xc0000005
Exception Offset : 0x00001aa4
Fault Module Name : firefox.exe
Fault Module Version: 36.0.4.5557
Process Path : C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report File Size : 4,400
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_firefox.exe_4de07cc132ce4bf566c8ac7c1ea5512c2522e9b0_04449da5\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped working
Event Time : 22/03/2015 02:39:50 م
User Name :
Exception Code : 0xc0000005
Exception Offset : 0x00001aa4
Fault Module Name : firefox.exe
Fault Module Version: 36.0.4.5557
Process Path : C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report File Size : 4,400
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_firefox.exe_4de07cc132ce4bf566c8ac7c1ea5512c2522e9b0_0ef779a1\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped working
Event Time : 22/03/2015 02:43:15 م
User Name :
Exception Code : 0xc0000005
Exception Offset : 0x00001aa4
Fault Module Name : firefox.exe
Fault Module Version: 36.0.4.5557
Process Path : C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report File Size : 4,400
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_firefox.exe_4de07cc132ce4bf566c8ac7c1ea5512c2522e9b0_140e8f44\Report.wer
==================================================

==================================================
Process File : WerFault.exe
Event Name : Shut down unexpectedly
Event Time : 22/03/2015 03:15:25 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\WerFault.exe
Report File Size : 4,492
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_097d32b3\Report.wer
==================================================

==================================================
Process File : WerFault.exe
Event Name : Shut down unexpectedly
Event Time : 22/03/2015 03:02:15 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\WerFault.exe
Report File Size : 3,446
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0e69aacf\Report.wer
==================================================

==================================================
Process File : WerFault.exe
Event Name : Shut down unexpectedly
Event Time : 22/03/2015 06:00:51 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\WerFault.exe
Report File Size : 3,448
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0f08058b\Report.wer
==================================================

==================================================
Process File : WerFault.exe
Event Name : Shut down unexpectedly
Event Time : 22/03/2015 04:32:45 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\WerFault.exe
Report File Size : 3,390
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0fed8007\Report.wer
==================================================

==================================================
Process File : RelPost.exe
Event Name : Memory test results reported
Event Time : 22/03/2015 06:29:22 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\RelPost.exe
Report File Size : 2,346
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_4097_82e549faa2715ca648b9414cea94543845754a5_038b674a\Report.wer
==================================================




===== تقرير الشاشة الزرقاء =====

==================================================
Dump File : 032215-16473-01.dmp
Crash Time : 22/03/2015 03:14:38 م
Bug Check String : DRIVER_CORRUPTED_EXPOOL
Bug Check Code : 0x000000c5
Parameter 1 : 00000000`00000000
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff800`031f4b23
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+74ec0
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18741 (win7sp1_gdr.150202-1526)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\032215-16473-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 288,624
==================================================

==================================================
Dump File : 032215-18064-01.dmp
Crash Time : 22/03/2015 04:31:33 م
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 00000000`00000003
Parameter 2 : fffff800`0326e070
Parameter 3 : 00000000`00000000
Parameter 4 : fffff800`0326e070
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+74ec0
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18741 (win7sp1_gdr.150202-1526)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\032215-18064-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 317,296
==================================================

==================================================
Dump File : 032215-18220-01.dmp
Crash Time : 22/03/2015 05:59:37 م
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 00000000`00000003
Parameter 2 : fffff800`03265940
Parameter 3 : 00000000`00000000
Parameter 4 : fffff800`03265940
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+74ec0
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18741 (win7sp1_gdr.150202-1526)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\032215-18220-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 317,296
==================================================

==================================================
Dump File : 032215-18267-01.dmp
Crash Time : 22/03/2015 03:00:56 م
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`000000a1
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`03080035
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+74ec0
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18741 (win7sp1_gdr.150202-1526)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\032215-18267-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 288,624
==================================================

==================================================
Dump File : 032215-19203-01.dmp
Crash Time : 22/03/2015 10:48:57 ص
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 00000000`00000003
Parameter 2 : fffff800`03266940
Parameter 3 : 00000000`00000000
Parameter 4 : fffff800`03266940
Caused By Driver : afd.sys
Caused By Address : afd.sys+2cd06
File Description :
Product Name :
Company :
File Version :
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\032215-19203-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 292,752
==================================================
 
تأييد 0
255921696.jpg
 
تأييد 0
طيب اخى ممكن صورة لمواصفات الجهاز (كليك يمين على ماى كمبيوتر >> خصائص) ؟
 
توقيع : White Man
تأييد 0
+
لاتنس حذف تعريف كرت الشبكة واعادة تثبيته
 
توقيع : White Man
تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

اخى حمل هذه الأداة

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


ضع علامة صح امام النواة الخاصة بالويندوز واكتب ايميلك وسيتم ارسال الرابط لك
 
توقيع : White Man
تأييد 0
توقيع : White Man
تأييد 0
ماذا بعد وما فائدة الاداة ؟
ما فائدة هذة التحديث KB2832829 ؟
 
تأييد 0
توقيع : White Man
تأييد 0
توقيع : White Man
تأييد 0
تمام تسلم يا عمرو بس وانا بتصفح الانترنت بلاقى مؤشر الماوس بيقف لمدة اقل من ثانية
تقطيع بسيط لماذا ؟
 
تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

تمام اخى .. لكن اولاً ماذا عن الشاشة الزرقاء ؟
 
توقيع : White Man
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى