cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-04-2017
Ran by Owner (19-04-2017 16:09:28)
Running from C:\Documents and Settings\Owner\My Documents\Downloads\Programs
Microsoft Windows XP Professional Service Pack 3 (X86) (2015-12-25 22:45:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-329068152-2052111302-1801674531-500 - Administrator - Disabled)
ASPNET (S-1-5-21-329068152-2052111302-1801674531-1004 - Limited - Enabled)
Guest (S-1-5-21-329068152-2052111302-1801674531-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-329068152-2052111302-1801674531-1000 - Limited - Disabled)
Owner (S-1-5-21-329068152-2052111302-1801674531-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Owner
SUPPORT_388945a0 (S-1-5-21-329068152-2052111302-1801674531-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBulkMailer (HKLM\...\{7F6276CF-ACCE-4C11-8AF3-F8C166ECC81B}) (Version: 8.2 - Advanced Business Objects)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Bandicam (HKLM\...\Bandicam) (Version: 2.3.1.840 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - Bandisoft.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
CherryPlayer (HKLM\...\CherryPlayer) (Version: 2.4.5 - CherryPlayer)
Classic FTP File Transfer Software (HKLM\...\ClassicFTP) (Version: 2.38 - NCH Software)
Color Cop 5.4.3 (HKLM\...\Color Cop_is1) (Version: - Jay Prall)
ContextConsole Shell Extension (x86-32) (HKLM\...\CmdOpen Shell Extension) (Version: 2.1.0.1 - Kai Liu)
CuteFTP 9 (HKLM\...\{89B9E358-75C6-4C6B-BD38-803FF156CC4B}) (Version: 9.0.5 - Globalscape)
Detect-Email (HKLM\...\Detect-Email_is1) (Version: Detect-Email - Matisoft)
DFX (HKLM\...\DFX) (Version: 11.113.0.0 - Power Technology)
ESET Smart Security (HKLM\...\{1A992BAD-C2ED-4B54-8124-3A7762514373}) (Version: 10.0.386.0 - ESET, spol. s r.o.)
FastStone Capture 8.3 (HKLM\...\FastStone Capture) (Version: 8.3 - FastStone Soft)
Foxit Advanced PDF Editor 3 (HKLM\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (Version: 1.3.33.3 - Google Inc.) Hidden
iLovePage1 version 1.6 (HKLM\...\iLovePage1_is1) (Version: 1.6 - iLovePage1 Ltd.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 0.0.0.0000 - Intel Corporation)
Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation)
Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
K-Lite Codec Pack 11.8.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.8.0 - )
Malwarebytes Anti-Exploit version 1.9.1.1384 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.9.1.1384 - Malwarebytes)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.6229 (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7497 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7497 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219.436 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM\...\{262779db-23a3-4517-bbcd-a05a9ff0570b}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Firefox 52.0.2 ESR (x86 en-US) (HKLM\...\Mozilla Firefox 52.0.2 ESR (x86 en-US)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
Notepad++ (HKLM\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
Opera Mobile Emulator (HKLM\...\{1826D0CA-F479-4430-9EFE-86E8E783505B}_is1) (Version: - Opera Software ASA)
RogueKiller version 12.10.5.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.10.5.0 - Adlice Software)
RS Email Extractor version 4.1.0.23 (HKLM\...\RS Email Extractor_is1) (Version: 4.1.0.23 - Redscraper)
Shutdown8 (HKU\S-1-5-21-329068152-2052111302-1801674531-1003\...\Shutdown8) (Version: 1.08 - Bandisoft.com)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.5880 - Analog Devices)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
SumatraPDF 2.2.1 (HKLM\...\SumatraPDF) (Version: 2.2.1 - Krzysztof Kowalczyk)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unity Web Player (HKU\S-1-5-21-329068152-2052111302-1801674531-1003\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
VC_CRT_x86 (Version: 1.02.0000 - Intel Corporation) Hidden
VirusTotal Uploader 2.2 (HKLM\...\VTUploader) (Version: - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WinHTTrack Website Copier 3.49-1 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.1 - HTTrack)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WPS Office (10.1.0.5656) (HKU\S-1-5-21-329068152-2052111302-1801674531-1003\...\Kingsoft Office) (Version: 10.1.0.5656 - Kingsoft Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{00020812-0000-0000-C000-000000000046}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{00020820-0000-0000-C000-000000000046}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{00020821-0000-0000-C000-000000000046}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{00020830-0000-0000-C000-000000000046}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{00020832-0000-0000-C000-000000000046}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{00020900-0000-0000-C000-000000000046}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{00020906-0000-0000-C000-000000000046}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{00020906-0000-4b30-A977-D214852036FF}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{00020907-0000-0000-C000-000000000046}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{000209F0-0000-4b30-A977-D214852036FF}\InprocServer32 -> => No File
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{000209FE-0000-0000-C000-000000000046}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{000209FF-0000-0000-C000-000000000046}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{000209FF-0000-4b30-A977-D214852036FF}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{00024500-0000-0000-C000-000000000046}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{00024512-0000-0000-C000-000000000046}\InprocServer32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\refedit.dll ()
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{0002CE21-0000-0000-C000-000000000046}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\mui\default\resource\ksee\EqnEdit.exe (Design Science, Inc.)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{048EB43E-2059-422F-95E0-557DA96038AF}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{112EA537-7AB9-4e22-8BFB-7FD5FCB19849}\localserver32 -> C:\Program Files\Globalscape\CuteFTP\ftpte.exe (Globalscape, Inc.)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{18A06B6B-2F3F-4E2B-A611-52BE631B2D22}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{3C18EAE4-BC25-4134-B7DF-1ECA1337DDDC}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{3D3B1846-CC43-42ae-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll (Simon Bünzli)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{41C26FB6-41AF-4A3D-AD41-32D5218B60E1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{44720441-94BF-4940-926D-4F38FECF2A48}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{44720444-94BF-4940-926D-4F38FECF2A48}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{45540001-5750-5300-4B49-4E47534F4655}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{45540003-5750-5300-4B49-4E47534F4655}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{4D4E0078-1386-4536-BD05-3E1013F17116}\InprocServer32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\oledefaulthandler.dll (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{55808EA8-81FE-43c6-AAE8-1D8149F941D3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfFilter.dll (Simon Bünzli)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{64818D10-4F9B-11CF-86EA-00AA00B929E8}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{64818D11-4F9B-11CF-86EA-00AA00B929E8}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{75D01070-1234-44E9-82F6-DB5B39A47C13}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{8A624388-AA27-43E0-89F8-2A12BFF7BCCD}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{912ABC52-36E2-4714-8E62-A8B73CA5E390}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{91493441-5A91-11CF-8700-00AA0060263B}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{91493443-94BF-4940-926D-4F38FECF2A48}\InprocServer32 -> => No File
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{AA14F9C9-62B5-4637-8AC4-8F25BF29D5A7}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{B722BCCD-4E68-101B-A2BC-00AA00404770}\InprocServer32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\ksoapi.dll (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{CF4F55F4-8F87-4D47-80BB-5808164BB3F8}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{DC020317-E6E2-4A62-B9FA-B3EFE16626F4}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-329068152-2052111302-1801674531-1003_Classes\CLSID\{F4754C9B-64F5-4B40-8AF4-679732AC0607}\localserver32 -> C:\Documents and Settings\Owner\Local Settings\Application Data\Kingsoft\WPS Office\10.1.0.5656\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Documents and Settings\Owner\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Documents and Settings\Owner\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://diagnostic.image-line.com
Shortcut: C:\Documents and Settings\Owner\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Documents and Settings\Owner\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
Shortcut: C:\Documents and Settings\Owner\Start Menu\Programs\CherryPlayer\Visit CherryPlayer website.lnk -> hxxp://www.cherryplayer.com
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://diagnostic.image-line.com
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk

==================== Loaded Modules (Whitelisted) ==============

2015-04-15 21:13 - 2015-04-15 21:13 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2013-01-02 07:48 - 2013-01-02 07:48 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2014-04-07 20:40 - 2014-04-07 20:40 - 00049112 _____ () C:\Program Files\Common Files\DFX\Dlls\dfxShared32.dll
2017-04-18 16:32 - 2017-04-18 16:32 - 19700312 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 13:00 - 1980-01-04 00:01 - 00000889 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 HPSystem # LMS GENERATED LINE

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-329068152-2052111302-1801674531-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk => C:\WINDOWS\pss\Ralink Wireless Utility.lnkCommon Startup
MSCONFIG\startupreg: atchk => "C:\Program Files\Intel\AMT\atchk.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: DFX => C:\Program Files\DFX\DFX.exe -startup
MSCONFIG\startupreg: DLLSuite2016 => C:\Program Files\DLL Suite\DLLSuite.exe
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: IMJPMIG8.1 => "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
MSCONFIG\startupreg: Persistence => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: PHIME2002A => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Social Bookmark Commando => C:\Documents and Settings\Owner\My Documents\Downloads\Compressed\Social Bookmark Commando\Social Bookmark Commando\Social Bookmark Commando\SocialBookmarkCommando.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\dpvsetup.exe] => Disabled:Microsoft DirectPlay Voice Test
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\rundll32.exe] => Disabled:Run a DLL as an App
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)

==================== Restore Points =========================

17-04-2017 03:00:18 Software Distribution Service 3.0
17-04-2017 03:23:25 Software Distribution Service 3.0
17-04-2017 13:55:56 Installed CuteFTP 9
17-04-2017 15:57:24 Revo Uninstaller's restore point - Xlight FTP Server 3.8.8
17-04-2017 15:58:31 Revo Uninstaller's restore point - FlashFXP 5
17-04-2017 16:11:15 Revo Uninstaller's restore point - Go!Zilla
17-04-2017 16:15:27 Revo Uninstaller's restore point - VideoPad Video Editor
17-04-2017 16:15:37 Revo Uninstaller's restore point - VideoPad Video Editor
17-04-2017 16:17:12 Revo Uninstaller's restore point - Pixillion Image Converter
17-04-2017 16:17:38 Revo Uninstaller's restore point - Express Burn Disc Burning Software
17-04-2017 16:18:07 Revo Uninstaller's restore point - Fling File Transfer
18-04-2017 02:26:25 Software Distribution Service 3.0
18-04-2017 16:20:49 Software Distribution Service 3.0
18-04-2017 16:30:26 Revo Uninstaller's restore point - Adobe Flash Player 25 NPAPI
18-04-2017 21:13:38 Revo Uninstaller's restore point - RogueKiller version 12.10.4.0
19-04-2017 03:00:20 Software Distribution Service 3.0
19-04-2017 03:17:19 Software Distribution Service 3.0

==================== Faulty Device Manager Devices =============

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name:
Description:
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
Percentage of memory in use: 62%
Total physical RAM: 2002.23 MB
Available physical RAM: 752.2 MB
Total Virtual: 3895.39 MB
Available Virtual: 2793.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:22.46 GB) (Free:1.8 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:120.19 GB) (Free:33.73 GB) NTFS
Drive e: (Local Disk) (Fixed) (Total:90.23 GB) (Free:13.47 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 4B60C751)
Partition 1: (Active) - (Size=22.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=210.4 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

Publicité


Signaler le contenu de ce document

Publicité