cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Scan Tool (x86) Version: 15-08-2016 01
Ran by soso (17-08-2016 21:42:59) Run:1
Running from C:\Users\soso\Desktop
Loaded Profiles: soso (Available Profiles: soso)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKLM\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-326591620-3134671043-2444896497-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-326591620-3134671043-2444896497-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL =
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://ar.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {E8554DC9-DB89-42CE-BC14-20D94B5AB756} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-326591620-3134671043-2444896497-1000 -> DefaultScope {84317AB9-4A73-45B4-A382-2C8BE1857B62} URL = hxxp://www.google.ae/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7PRFB_enAE500
SearchScopes: HKU\S-1-5-21-326591620-3134671043-2444896497-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-326591620-3134671043-2444896497-1000 -> {84317AB9-4A73-45B4-A382-2C8BE1857B62} URL = hxxp://www.google.ae/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7PRFB_enAE500
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin: @kaspersky.com/content_blocker -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [No File]
FF Plugin: @kaspersky.com/online_banking -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [No File]
FF Plugin: @kaspersky.com/virtual_keyboard -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [No File]
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com => not found
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com => not found
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com => not found
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com => not found
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com => not found
S2 AVP15.0.0; "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe" -r [X]
S1 Avgdiskx; system32\DRIVERS\avgdiskx.sys [X]
S1 AVGIDSDriver; system32\DRIVERS\avgidsdriverx.sys [X]
S0 AVGIDSHX; system32\DRIVERS\avgidshx.sys [X]
S1 AVGIDSShim; system32\DRIVERS\avgidsshimx.sys [X]
S1 Avgldx86; system32\DRIVERS\avgldx86.sys [X]
S0 Avglogx; system32\DRIVERS\avglogx.sys [X]
S0 Avgmfx86; system32\DRIVERS\avgmfx86.sys [X]
S0 Avgrkx86; system32\DRIVERS\avgrkx86.sys [X]
S1 Avgtdix; system32\DRIVERS\avgtdix.sys [X]
S3 catchme; \??\C:\Users\soso\AppData\Local\Temp\catchme.sys [X]
S3 cpuz134; \??\C:\Users\soso\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S1 kltdi; system32\DRIVERS\kltdi.sys [X]
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {2CED2805-E875-4174-9751-464B564F97BA} - \{715A44D0-37E8-4796-8880-3596A3537B1B} -> No File <==== ATTENTION
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{0C1EB979-8EC7-46E8-8097-246957D6B94C}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{1434DD3D-0AF6-41E0-BB71-8C86010D9AF5}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{4B66DD3F-2E6E-4F7C-B38C-E32608820825}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{53DBCD97-3FDF-4B60-975B-2596B57482EF}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{BA3D0120-E617-4F66-ADCA-585CC2FB86DB}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{CAFCE71A-72F0-41AD-A8A4-4F70CDD72381}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{D41C1E5B-0566-4BB1-BE72-1A5407349CA6}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{EE7F6B66-AC97-41CF-BD88-372DDB786DB6}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{F6CF0104-4F4A-4EBE-999D-A12D838E65B5}\InprocServer32 -> no filepath



CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end
*****************

Restore point was successfully created.
Processes closed successfully.

========= RemoveProxy: =========

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-326591620-3134671043-2444896497-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-21-326591620-3134671043-2444896497-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-21-326591620-3134671043-2444896497-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.


========= End of RemoveProxy: =========

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKU\S-1-5-21-326591620-3134671043-2444896497-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\S-1-5-21-326591620-3134671043-2444896497-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => key removed successfully.
HKCR\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E8554DC9-DB89-42CE-BC14-20D94B5AB756}" => key removed successfully.
HKCR\CLSID\{E8554DC9-DB89-42CE-BC14-20D94B5AB756} => key not found.
HKU\S-1-5-21-326591620-3134671043-2444896497-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-326591620-3134671043-2444896497-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-326591620-3134671043-2444896497-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{84317AB9-4A73-45B4-A382-2C8BE1857B62}" => key removed successfully.
HKCR\CLSID\{84317AB9-4A73-45B4-A382-2C8BE1857B62} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully.
HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
"HKCR\PROTOCOLS\Handler\livecall" => key removed successfully.
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => key not found.
"HKCR\PROTOCOLS\Handler\msnim" => key removed successfully.
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => key not found.
"HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2" => key removed successfully.
"HKLM\Software\MozillaPlugins\@kaspersky.com/content_blocker" => key removed successfully.
"HKLM\Software\MozillaPlugins\@kaspersky.com/online_banking" => key removed successfully.
"HKLM\Software\MozillaPlugins\@kaspersky.com/virtual_keyboard" => key removed successfully.
"HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6" => key removed successfully.
C:\Program Files\Yahoo!\Shared\npYState.dll => moved successfully
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} => value removed successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\content_blocker@kaspersky.com => value removed successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com => value removed successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\url_advisor@kaspersky.com => value removed successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\anti_banner@kaspersky.com => value removed successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\online_banking@kaspersky.com => value removed successfully.
AVP15.0.0 => service removed successfully.
Avgdiskx => service removed successfully.
AVGIDSDriver => service removed successfully.
AVGIDSHX => service removed successfully.
AVGIDSShim => service removed successfully.
Avgldx86 => service removed successfully.
Avglogx => service removed successfully.
Avgmfx86 => service removed successfully.
Avgrkx86 => service removed successfully.
Avgtdix => service removed successfully.
catchme => service removed successfully.
cpuz134 => service removed successfully.
ewusbnet => service removed successfully.
hwdatacard => service removed successfully.
hwusbdev => service removed successfully.
kltdi => service removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BD05BA6-988D-4BD3-A9CD-9A39F80AF524}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BD05BA6-988D-4BD3-A9CD-9A39F80AF524}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CED2805-E875-4174-9751-464B564F97BA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CED2805-E875-4174-9751-464B564F97BA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{715A44D0-37E8-4796-8880-3596A3537B1B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B184694-64C3-4633-94C5-945B3FA561D6}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B184694-64C3-4633-94C5-945B3FA561D6}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F54B95F-5096-4803-AE61-E9B3AC5B616D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F54B95F-5096-4803-AE61-E9B3AC5B616D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D21F6024-191F-4454-BBBC-09A650DA2549}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21F6024-191F-4454-BBBC-09A650DA2549}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => key removed successfully.
"HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{0C1EB979-8EC7-46E8-8097-246957D6B94C}" => key removed successfully.
"HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{1434DD3D-0AF6-41E0-BB71-8C86010D9AF5}" => key removed successfully.
"HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{4B66DD3F-2E6E-4F7C-B38C-E32608820825}" => key removed successfully.
"HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{53DBCD97-3FDF-4B60-975B-2596B57482EF}" => key removed successfully.
"HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{BA3D0120-E617-4F66-ADCA-585CC2FB86DB}" => key removed successfully.
"HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{CAFCE71A-72F0-41AD-A8A4-4F70CDD72381}" => key removed successfully.
"HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{D41C1E5B-0566-4BB1-BE72-1A5407349CA6}" => key removed successfully.
"HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{EE7F6B66-AC97-41CF-BD88-372DDB786DB6}" => key removed successfully.
"HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{F6CF0104-4F4A-4EBE-999D-A12D838E65B5}" => key removed successfully.

========= netsh winsock reset all =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13714788 B
Java, Flash, Steam htmlcache => 612 B
Windows/system/drivers => 129165779 B
Edge => 0 B
Chrome => 111241353 B
Firefox => 372930103 B
Opera => 13716693 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 23024647 B
LocalService => 82612 B
NetworkService => 0 B
soso => 27237063 B

RecycleBin => 7471 B
EmptyTemp: => 671.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:48:33 ====

Publicité


Signaler le contenu de ce document

Publicité