cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Admin at 2015-06-30 22:29:52
Running from D:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2883582482-3555326582-3093543286-1001 - Administrator - Enabled) => C:\Users\Admin
Administrateur (S-1-5-21-2883582482-3555326582-3093543286-500 - Administrator - Disabled)
flo (S-1-5-21-2883582482-3555326582-3093543286-1002 - Limited - Enabled) => C:\Users\flo
HomeGroupUser$ (S-1-5-21-2883582482-3555326582-3093543286-1004 - Limited - Enabled)
Invité (S-1-5-21-2883582482-3555326582-3093543286-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.7.1893 - CDBurnerXP)
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java(TM) 6 Update 18 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
LibraryEngine (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{2969302e}) (Version: - Software Publisher) <==== ATTENTION
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - French/Français (HKLM-x32\...\OMUI.fr-fr) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Mozilla Firefox 38.0.5 (x86 fr) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 fr)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
RealtimeBoard Extension (HKLM-x32\...\{F6C44C71-2CFE-8176-3A4D-CBD0DCE5AEFA}) (Version: - "") <==== ATTENTION
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

13-05-2015 22:39:50 Windows Update
24-05-2015 08:18:14 avast! antivirus system restore point
02-06-2015 20:01:21 Windows Update
03-06-2015 21:21:18 Installed TRENDnet TEW-648UBM Wireless N USB Adapter
03-06-2015 21:41:15 1
11-06-2015 22:35:58 Removed Bonjour
15-06-2015 12:04:20 Windows Update
25-06-2015 03:07:09 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2004-12-24 01:53 - 00198176 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 downloads.aaa1screensavers.com #[Bargin Buddy]
127.0.0.1 china.dalexcars.com
127.0.0.1 dl.aaascreensavers.com
127.0.0.1 abcsearch.com
127.0.0.1 admin.abcsearch.com
127.0.0.1 www3.abcsearch.com #[Browseraid]
127.0.0.1 www.abcsearch.com
127.0.0.1 abc517.net #[Trojan.Mitglieder.H]
127.0.0.1 absoluagency.com #[Trojan.StartPage.H]
127.0.0.1 acestats.com
127.0.0.1 www.acestats.com
127.0.0.1 actualnames.com #[Parasite.ActualNames][Spyware.ActualNames]
127.0.0.1 www.actualnames.com
127.0.0.1 ad-up.com
127.0.0.1 www.ad-up.com
127.0.0.1 adatom.com
127.0.0.1 aesp.adatom.com
127.0.0.1 adbest.com
127.0.0.1 www.adcipta.net #[W32/Malware]
127.0.0.1 adserv.adbonus.com
127.0.0.1 www.adbonus.com
127.0.0.1 ad2.adcept.net
127.0.0.1 ad3.adcept.net
127.0.0.1 www.adcept.net
127.0.0.1 adcomplete.com
127.0.0.1 www.adcomplete.com
127.0.0.1 www.adcopy.info
127.0.0.1 ads.adcorps.com

There are 1000 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09CC0E20-F8A0-4337-AC7F-A3B0C0742080} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2C6240C1-6E3C-407A-8E61-113F0E49EEFD} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: {3266A490-DF7F-432E-AFE4-DB71C69C5E64} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated)
Task: {4B6D0B9E-E3A1-4FFA-9001-3F0C0EA010C7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {5F310A88-8471-4FF9-AFAF-2A59A31C50F7} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: {61C538C3-24BC-4529-805C-8163940D1543} - System32\Tasks\Run_Bobby_Browser => C:\Users\Admin\AppData\Local\BoBrowser\Application\bobrowser.exe [2015-05-25] (The BoBrowser Authors) <==== ATTENTION
Task: {620319C0-4532-46BD-AEEB-3F9CB218A289} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-15] (Microsoft Corporation)
Task: {E5C71FBA-7907-43B8-A489-2170AE21AE01} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-17 18:54 - 2009-11-12 14:48 - 00071096 _____ () C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
2014-01-30 00:02 - 2014-01-30 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-01-21 04:06 - 2015-01-21 04:06 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2015-06-23 18:59 - 2015-06-23 18:59 - 01747456 _____ () c:\Program Files (x86)\LibraryEngine\LibraryEngine.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2883582482-3555326582-3093543286-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Tux.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2883582482-3555326582-3093543286-1001\...\StartupApproved\Run: => "Chromium"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{552ECF23-C20A-4D75-AAB6-3CE4A7AEAC08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B1CD400E-B98F-4D74-BACC-90DA2B700E5F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{96DC94F6-9C2D-4C20-B917-9EFAC0049DFC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CAEDA960-A8D8-4E65-9DF7-91014BF96F19}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{08C89556-D70C-46BE-BE41-D4716B47AE91}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{584C90DA-1B12-46E4-BBF1-021DFBE405DD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{732F018D-9596-40C6-8DD5-CD12563D1F57}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{19AC0D4B-B377-4CD5-83D7-01D7927A88B6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8CC9CBD5-F992-4601-9415-7E877E871A07}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9F75B148-4CAA-46AF-A84F-48BA8D38BA75}] => (Allow) %systemroot%\system32\alg.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/25/2015 03:07:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.


Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdatem) since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.

Error: (06/25/2015 03:07:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.


Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdate) since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.

Error: (06/24/2015 10:06:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante plugin-container.exe, version : 38.0.5.5623, horodatage : 0x5563c49a
Nom du module défaillant : mozalloc.dll, version : 38.0.5.5623, horodatage : 0x5563b229
Code d’exception : 0x80000003
Décalage d’erreur : 0x00001aa1
ID du processus défaillant : 0x5dc
Heure de début de l’application défaillante : 0xplugin-container.exe0
Chemin d’accès de l’application défaillante : plugin-container.exe1
Chemin d’accès du module défaillant: plugin-container.exe2
ID de rapport : plugin-container.exe3
Nom complet du package défaillant : plugin-container.exe4
ID de l’application relative au package défaillant : plugin-container.exe5

Error: (06/24/2015 09:56:20 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/15/2015 00:39:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1094

Error: (06/15/2015 00:39:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1094

Error: (06/15/2015 00:39:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/11/2015 09:59:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante plugin-container.exe, version : 37.0.1.5570, horodatage : 0x551e23ee
Nom du module défaillant : mozalloc.dll, version : 37.0.1.5570, horodatage : 0x551e1536
Code d’exception : 0x80000003
Décalage d’erreur : 0x00001aa1
ID du processus défaillant : 0x59c
Heure de début de l’application défaillante : 0xplugin-container.exe0
Chemin d’accès de l’application défaillante : plugin-container.exe1
Chemin d’accès du module défaillant: plugin-container.exe2
ID de rapport : plugin-container.exe3
Nom complet du package défaillant : plugin-container.exe4
ID de l’application relative au package défaillant : plugin-container.exe5

Error: (06/11/2015 09:59:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante plugin-container.exe, version : 37.0.1.5570, horodatage : 0x551e23ee
Nom du module défaillant : mozalloc.dll, version : 37.0.1.5570, horodatage : 0x551e1536
Code d’exception : 0x80000003
Décalage d’erreur : 0x00001aa1
ID du processus défaillant : 0x16f4
Heure de début de l’application défaillante : 0xplugin-container.exe0
Chemin d’accès de l’application défaillante : plugin-container.exe1
Chemin d’accès du module défaillant: plugin-container.exe2
ID de rapport : plugin-container.exe3
Nom complet du package défaillant : plugin-container.exe4
ID de l’application relative au package défaillant : plugin-container.exe5

Error: (06/04/2015 10:48:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme Go4Up(1).exe version 0.0.0.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID de processus : 4bc

Heure de début : 01d09f078a985f80

Heure de fin : 4294967295

Chemin d’accès de l’application : D:\Users\Admin\Downloads\Go4Up(1).exe

ID de rapport : 075dd078-0afb-11e5-8282-60a44c73f7b6

Nom complet du package défaillant :

ID de l’application relative au package défaillant :


System errors:
=============
Error: (06/23/2015 06:29:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service globalUpdate Update Service (globalUpdate) n’a pas pu démarrer en raison de l’erreur :
%%2

Error: (06/23/2015 06:28:03 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (06/23/2015 06:28:03 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (06/15/2015 00:20:38 PM) (Source: DCOM) (EventID: 10010) (User: pc-portable)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/15/2015 00:20:08 PM) (Source: DCOM) (EventID: 10010) (User: pc-portable)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/11/2015 10:45:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Update eye perform s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service.

Error: (06/11/2015 10:45:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Util eye perform s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service.

Error: (06/11/2015 10:00:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Le service ClaraUpdater est marqué comme étant interactif. Cependant, le système est configuré pour ne pas autoriser les services interactifs. Ce service peut ne pas fonctionner correctement.

Error: (06/04/2015 09:26:52 PM) (Source: DCOM) (EventID: 10010) (User: pc-portable)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/04/2015 09:26:22 PM) (Source: DCOM) (EventID: 10010) (User: pc-portable)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office:
=========================

CodeIntegrity Errors:
===================================
Date: 2015-06-04 21:27:53.542
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-05-24 09:45:58.204
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 32%
Total physical RAM: 8075.68 MB
Available physical RAM: 5432.63 MB
Total Pagefile: 16267.68 MB
Available Pagefile: 13353.43 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:316.43 GB) (Free:254.6 GB) NTFS
Drive d: (DATA) (Fixed) (Total:614.13 GB) (Free:598.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité