Addition

Additional scan result of Farbar Recovery Scan Tool (x86) Version:29-10-2015
Ran by Patsaka Trust (2015-10-30 18:58:41)

Running from C:\Users\Patsaka Trust\Desktop
Microsoft Windows 7 Professional (X86) (2015-07-22 22:42:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-686996414-4244965904-281940818-500 - Administrator - Dis
abled)
Guest (S-1-5-21-686996414-4244965904-281940818-501 - Limited - Disabled)
Patsaka Trust (S-1-5-21-686996414-4244965904-281940818-1000 - Administrator - En
abled) => C:\Users\Patsaka Trust
Visitor (S-1-5-21-686996414-4244965904-281940818-1001 - Limited - Enabled) => C:
\Users\Visitor
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF
46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to un
hide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 7.1.4 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0
- Adobe Systems Incorporated)
BitComet 1.40 (HKLM\...\BitComet) (Version: 1.40 - CometNetwork)
HomeworkSimplified Internet Explorer Toolbar (HKLM\...\HomeworkSimplified_7ebar
Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== A
TTENTION
HP LaserJet Professional M1530 MFP Series (HKLM\...\{74280B5D-A0AF-46c5-9C85-D9E
A078262F1}) (Version: - Hewlett-Packard)
HP LJ M1530 MFP Series HP Scan (HKLM\...\{C05002F1-06F8-4A15-B6F8-E4DC655C28AA})
(Version: 1.0.302.0 - Hewlett-Packard Co.)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.
003 - Hewlett-Packard)
HPLaserJetHelp_LearnCenter (HKLM\...\{B2AA0F22-E167-4C4A-BAE2-E0025028E61B}) (Ve
rsion: 1.02.0000 - Hewlett-Packard)
HPLJUT (Version: 1.00.0012 - HP) Hidden
hppFaxDrvM1530 (Version: 003.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityM1530 (Version: 000.002.00001 - Hewlett-Packard) Hidden
hppLaserJetService (Version: 002.015.00599 - Hewlett-Packard) Hidden
hppM1530LaserJetService (Version: 001.008.00477 - Hewlett-Packard) Hidden
hppSendFaxM1530 (Version: 003.000.00001 - Hewlett-Packard) Hidden
hppTLBXFXM1530 (Version: 001.012.00948 - Hewlett-Packard) Hidden
hpzTLBXFX (Version: 006.015.01163 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.
0 - HP)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (V
ersion: 10.18.10.3431 - Intel Corporation)

Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tone
c Inc.)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014
- Microsoft Corporation)
Opera Stable 32.0.1948.69 (HKLM\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 Opera Software)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE
7DBC}) (Version: 6.0.1.7179 - Realtek Semiconductor Corp.)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
WinRAR 4.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. T
he file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-686996414-4244965904-281940818-1000_Classes\CLSID\{3b8
6c427-928d-4b50-910c-117fa4830443}\InprocServer32 -> C:\Program Files\HomeworkSi
mplified_7e\bar\1.bin\7eSrcAs.dll (Mindspark)
CustomCLSID: HKU\S-1-5-21-686996414-4244965904-281940818-1000_Classes\CLSID\{820
D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.e
xe (Intel Corporation)
==================== Restore Points =========================
07-09-2015
15-09-2015
23-09-2015
01-10-2015
09-10-2015
16-10-2015
26-10-2015
02:33:03
05:11:42
05:44:31
01:19:59
02:26:36
03:23:04
08:03:18
Scheduled
Scheduled
Scheduled
Scheduled
Scheduled
Scheduled
Scheduled
Checkpoint
Checkpoint
Checkpoint
Checkpoint
Checkpoint
Checkpoint
Checkpoint
==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:04 - 2009-06-10 14:39 - 00000824 ____A C:\Windows\system32\Drivers
\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
Task: {32FE64EB-4E78-4579-943C-ABAF0BFA52C4} - System32\Tasks\HPLJCustParticipat
ion => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard)
Task: {3ED9E147-6C76-421E-84D7-AC0F1D4B4244} - System32\Tasks\Opera scheduled Au
toupdate 1437577276 => C:\Users\Visitor\AppData\Local\Programs\Opera\launcher.ex
e [2015-09-25] (Opera Software)
Task: {70BCFDD0-9D0F-491E-AD73-44A272376059} - System32\Tasks\{9148FD51-85F1-481
F-973B-74CF8536D8A6} => pcalua.exe -a "C:\Users\Patsaka Trust\Downloads\Programs
\JavaSetup8u65.exe" -d "C:\Users\Patsaka Trust\AppData\Roaming\IDM"
Task: {854E8C6C-B8CC-44E3-9DF7-B5A16D0DBC05} - System32\Tasks\Opera scheduled Au
toupdate 1437576487 => C:\Program Files\Opera\launcher.exe [2015-09-25] (Opera S
oftware)
(If an entry is included in the fixlist, the task (.job) file will be moved. The
file which is running by the task will not be moved.)

==================== Loaded Modules (Whitelisted) ==============
2015-08-16 09:46 - 2011-03-02
rarext.dll
2015-07-22 07:58 - 2012-01-20
y\TeraCopyExt.dll
2015-07-22 07:58 - 2012-01-29
y\TeraCopy.dll
2010-10-25 14:36 - 2010-10-25
boxFX\bin\nativeutils.dll
12:40 - 00140288 _____ () C:\Program Files\WinRAR\

14:55 - 00427520 _____ () C:\Program Files\TeraCop
16:54 - 00408576 _____ () C:\Program Files\TeraCop
14:36 - 00119864 _____ () C:\Program Files\HP\Tool
==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
he "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to d
efault or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-686996414-4244965904-281940818-1000\Control Panel\Desktop\\Wallpape
r -> C:\Users\Patsaka Trust\AppData\Roaming\Microsoft\Windows\Themes\TranscodedW
allpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPrompt
BehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.e
xe
FirewallRules: [{6B21DCE1-F048-45A2-A5BD-C359D6EE3B50}] => (Allow) C:\Program Fi
les\BitComet\BitComet.exe
FirewallRules: [{504D5E42-499C-42EB-B317-DAAF9383BBE6}] => (Allow) C:\Program Fi
les\BitComet\BitComet.exe
FirewallRules: [TCP Query User{0619ABA5-1D00-49A8-80E6-AD370DE8ADEB}C:\program f
iles\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe
FirewallRules: [UDP Query User{A5C70864-7188-4082-8536-523EDD7BEFA4}C:\program f
iles\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe
==================== Faulty Device Manager Devices =============
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which
starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/30/2015 06:52:07 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (908) SUS20ClientDataStore: Unable to read the header o
f logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
Error: (10/30/2015 09:26:45 AM) (Source: ESENT) (EventID: 412) (User: )

System errors:
=============
Error: (10/30/2015 08:49:28 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:42:39 AM on 10/ 29/ 2015 was unexpecte
d.
d.
Error: (10/26/2015 08:42:27 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "PATSAKATRUST-PC:20" could not be registered on the interf
ace with IP address 192.168.1.24.
The computer with the IP address 192.168.1.20 did not allow the name to be claim
ed by
this computer.
Error: (10/26/2015 08:42:27 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "PATSAKATRUST-PC:0" could not be registered on the interfa
ce with IP address 192.168.1.24.
The computer with the IP address 192.168.1.20 did not allow the name to be claim
ed by
this computer.
Error: (10/26/2015 08:42:27 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{7C0
8EF18-27E0-4BFE-BD4B-E77F27F31AD5} because another computer on the network has t
he same name. The server could not start.
Error: (10/22/2015 01:27:36 AM) (Source: Service Control Manager) (EventID: 7034
) (User: )
Description: The HP LaserJet Service service terminated unexpectedly. It has do
ne this 1 time(s).
Error: (10/21/2015 11:34:01 PM) (Source: EventLog) (EventID: 6008) (User: )
d.
Error: (10/20/2015 07:24:25 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.1.14
with the system
having network hardware address 00-26-B6-EF-10-96. Network operations on this sy
stem may
be disrupted as a result.
d.
Error: (10/09/2015 09:28:55 AM) (Source: Service Control Manager) (EventID: 7034
) (User: )
Description: The HP LaserJet Service service terminated unexpectedly. It has do
ne this 1 time(s).
==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G3240 @ 3.10GHz
Percentage of memory in use: 39%
Total physical RAM: 1920.46 MB
Available physical RAM: 1153.24 MB
Total Virtual: 3840.91 MB
Available Virtual: 2733.27 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:416.74 GB) NTFS
Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system
with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 81FAC030)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================

Addition

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Addition

Caricato da

Copyright:

Formati disponibili

Additional scan result of Farbar Recovery Scan Tool (x86) Version:29-10-2015

Ran by Patsaka Trust (2015-10-30 18:58:41)

ersion: 10.18.10.3431 - Intel Corporation)

==================== Hosts content: ===============================

file which is running by the task will not be moved.)

12:40 - 00140288 _____ () C:\Program Files\WinRAR\

==================== Alternate Data Streams (Whitelisted) =========

f logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

==================== Memory info ===========================

Potrebbero piacerti anche