cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x86) Version:18-04-2016
Ran by windows (2016-04-23 09:08:13)
Running from C:\Users\windows\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2016-02-14 11:27:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2744508499-2295875598-203414080-500 - Administrator - Disabled)
Guest (S-1-5-21-2744508499-2295875598-203414080-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2744508499-2295875598-203414080-1002 - Limited - Enabled)
windows (S-1-5-21-2744508499-2295875598-203414080-1000 - Administrator - Enabled) => C:\Users\windows

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 9.0.375.1 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.375.1 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: جدار الحماية الشخصي ESET (Disabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
ESET Smart Security (HKLM\...\{D3C4D87C-C7B1-4FA0-AF83-1ECC324684B1}) (Version: 9.0.375.1 - ESET, spol. s r.o.)
f.lux (HKU\S-1-5-21-2744508499-2295875598-203414080-1000\...\Flux) (Version: - )
FastStone Capture 8.3 (HKLM\...\FastStone Capture) (Version: 8.3 - FastStone Soft)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 5.4.4.1128 - Foxit Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc‎.‎)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
Malwarebytes Anti-Malware النسخة 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2 - Mozilla)
Norton Security Scan (HKLM\...\NSS) (Version: 4.3.1.3 - Symantec Corporation)
Opera developer 38.0.2190.0 (HKLM\...\Opera 38.0.2190.0) (Version: 38.0.2190.0 - Opera Software)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.9.0.124 - PandoraTV)
UltraISO Premium V9.61 (HKLM\...\UltraISO_is1) (Version: - )
USB Disk Security (HKLM\...\USB Disk Security_is1) (Version: - )
Vista Shortcut Manager (HKLM\...\{47609E69-4C5E-48B1-A889-24C6B82B5C04}) (Version: 2.0 - Frameworkx)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2744508499-2295875598-203414080-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\windows\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2744508499-2295875598-203414080-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2744508499-2295875598-203414080-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2744508499-2295875598-203414080-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2744508499-2295875598-203414080-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2744508499-2295875598-203414080-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2744508499-2295875598-203414080-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2744508499-2295875598-203414080-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2744508499-2295875598-203414080-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2744508499-2295875598-203414080-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2744508499-2295875598-203414080-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\windows\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {18DCF796-2C42-45DC-9F58-1043F9ED025E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {25A4873E-7C13-4CCD-B4C4-66556E5FFAE0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-20] (Adobe Systems Incorporated)
Task: {26DF9417-9A7B-4A18-80F0-200AFF40FE5E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2744508499-2295875598-203414080-1000Core => C:\Users\windows\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-14] (Google Inc.)
Task: {430391DC-D1C2-4E7B-AD3F-922B41E4DFC9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-04] (AVAST Software)
Task: {50EB59AF-EFA3-4276-AA9F-2E54FEC5DB2E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2744508499-2295875598-203414080-1000UA => C:\Users\windows\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-14] (Google Inc.)
Task: {576EEA45-EE20-4D76-BEF0-B4163680F76B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-07] (Google Inc.)
Task: {87E64BF3-A0F4-4273-8FE0-CC0A559A457F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-07] (Google Inc.)
Task: {968A3B82-964D-4999-9010-C61F66A12729} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {9926462E-5306-4D68-8CA7-3CE641B746D4} - System32\Tasks\Opera scheduled Autoupdate 1458161281 => C:\Program Files\Opera developer\launcher.exe [2016-04-05] (Opera Software)
Task: {D78A5592-EBE9-45BC-B9A6-47BB3EC4B881} - System32\Tasks\Norton Security Scan for windows => C:\Program Files\Norton Security Scan\Engine\4.3.1.3\Nss.exe [2015-10-16] (Symantec Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2744508499-2295875598-203414080-1000Core.job => C:\Users\windows\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2744508499-2295875598-203414080-1000UA.job => C:\Users\windows\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for windows.job => C:\PROGRA~1\NORTON~2\Engine\431~1.3\Nss.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-02-14 14:47 - 2004-09-08 20:51 - 00121344 _____ () C:\Program Files\WinRAR\rarext.dll
2016-01-06 18:41 - 2016-01-06 18:41 - 00070360 _____ () C:\Program Files\CCleaner\branding.dll
2016-03-11 22:31 - 2016-03-11 22:31 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1025.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\E617A003.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\E617A003.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2016-04-20 08:05 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts


0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2744508499-2295875598-203414080-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\windows\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C207F74D-0181-4495-ADEE-FD7D9423B332}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{86D5BEC6-15A9-43B9-8408-BAF5F994B627}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B53AD200-13C7-4A33-8A6B-FCBF3B1028D0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

22-03-2016 16:35:49 ComboFix created restore point
05-04-2016 22:39:52 Windows Update
09-04-2016 13:57:14 Removed Skype™ 6.16
22-04-2016 17:29:45 Installed Microsoft Fix it 50123
22-04-2016 17:35:57 Installed Microsoft Fix it 50123
23-04-2016 08:50:32 ResetBrowser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2016 08:40:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2016 05:23:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) 4 CPU 3.40GHz
Percentage of memory in use: 72%
Total physical RAM: 2012.49 MB
Available physical RAM: 552.18 MB
Total Virtual: 4024.98 MB
Available Virtual: 2003.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:107.32 GB) (Free:87.08 GB) NTFS
Drive d: () (Fixed) (Total:95.33 GB) (Free:55.93 GB) NTFS
Drive e: () (Fixed) (Total:95.33 GB) (Free:84.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 41B941B8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=95.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=95.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité