cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-12-2014
Ran by Breno at 2014-12-01 21:29:47 Run:1
Running from C:\Users\Breno\Downloads
Loaded Profile: Breno (Available profiles: Breno)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CloseProcesses:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3953213382-33664593-4059234609-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=111304&tt=3412_7&babsrc=HP_ss&mntrId=26be4e280000000000007071bc4e2fdd", "hxxp://search.babylon.com/?affID=110824&tt=4412_8&babsrc=HP_ss&mntrId=6c61473100000000000000224d48808a", "hxxp://br.hao123.com/?tn=opencd_hp_hao123_br", "hxxp://search.babylon.com/?affID=110824&tt=4512_2&babsrc=HP_ss&mntrId=5447336e00000000000000224d488094", "hxxp://search.babylon.com/?affID=110825&tt=0313_1&babsrc=HP_ss&mntrId=6c61473100000000000000224d48808a", "hxxp://astromenda.com/?f=7&a=ast_ir_14_39_ch&cd=2XzuyEtN2Y1L1QzuyCyEyD0AtDyEtDtCyEtD0D0ByEyByCyCtN0D0Tzu0SzyzytDtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyB0B0DyD0EtA0BtGyD0AyDtAtGtCtA0C0FtG0CyDzz0BtGyEtBtD0D0F0C0CzyyC0D0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0C0D0B0E0DyDyE0AtGzz0B0FyDtGyEyEyD0EtGzz0FtCyDtG0EtD0DtAyDyB0E0A0FyByDtD2Q&cr=241189509&uref=308&ir="
S3 catchme; \??\C:\Users\Breno\AppData\Local\Temp\catchme.sys [X]
2014-11-30 14:43 - 2014-11-30 14:43 - 00000810 _____ () C:\Users\Breno\Desktop\AdwCleaner[R0].txt
2014-11-30 14:40 - 2014-11-30 14:41 - 00000000 ____D () C:\AdwCleaner
2014-11-30 14:39 - 2014-11-30 14:39 - 02148864 _____ () C:\Users\Breno\Downloads\adwcleaner_4.102 (1).exe
2014-11-30 00:28 - 2014-11-30 00:28 - 00007166 _____ () C:\Users\Breno\Desktop\zoek-results.txt
2014-11-30 00:28 - 2014-11-30 00:28 - 00000197 _____ () C:\Windows\system32\2014-11-30-03-28-03.068-AvastVBoxSVC.exe-2652.log
2014-11-30 00:23 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-30 00:07 - 2014-11-30 00:25 - 00007163 _____ () C:\zoek-results.log
2014-11-30 00:04 - 2014-11-30 00:21 - 00000000 ____D () C:\zoek_backup
2014-11-30 00:02 - 2014-11-30 00:05 - 00000000 ____D () C:\Users\Breno\Desktop\Zoek
2014-11-30 00:01 - 2014-11-30 00:02 - 04270204 _____ () C:\Users\Breno\Desktop\zoek.zip
2014-11-29 23:52 - 2014-11-29 23:52 - 00000197 _____ () C:\Windows\system32\2014-11-30-02-52-13.012-AvastVBoxSVC.exe-5360.log
2014-11-29 14:45 - 2014-11-29 14:45 - 00000360 _____ () C:\Windows\DirectX.log
2014-11-29 14:35 - 2014-11-29 14:35 - 00002328 _____ () C:\Users\Breno\Desktop\ZHPFix[R1].txt
2014-11-29 14:33 - 2014-11-29 14:33 - 00002328 _____ () C:\Users\Breno\Desktop\ZHPFixReport.txt
2014-11-29 14:33 - 2014-11-29 14:33 - 00002158 _____ () C:\script.txt
2014-11-29 14:31 - 2014-11-29 14:31 - 03520003 _____ (Nicolas Coolman ) C:\Users\Breno\Downloads\ZHPFix.exe
2014-11-29 14:31 - 2014-11-29 14:31 - 00001849 _____ () C:\Users\Public\Desktop\ZHPFix.lnk
2014-11-29 14:31 - 2014-11-29 14:31 - 00000000 ____D () C:\Program Files (x86)\ZHPFix
2014-11-29 14:16 - 2014-11-29 14:16 - 00000197 _____ () C:\Windows\system32\2014-11-29-17-16-22.028-AvastVBoxSVC.exe-1940.log
2014-11-29 10:00 - 2014-11-29 10:00 - 00123065 _____ () C:\ZHPDiag.txt
2014-11-29 09:58 - 2014-11-29 09:58 - 00123065 _____ () C:\Users\Breno\Desktop\ZHPDiag.txt
2014-11-29 09:46 - 2014-11-29 09:58 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-11-29 09:41 - 2014-11-29 14:33 - 00000000 ____D () C:\Users\Breno\AppData\Roaming\ZHP
2014-11-29 09:41 - 2014-11-29 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-11-29 09:41 - 2014-11-29 09:41 - 06864042 _____ (Nicolas Coolman ) C:\Users\Breno\Downloads\ZHPDiag2.exe
2014-11-29 09:41 - 2014-11-29 09:41 - 00001987 _____ () C:\Users\Breno\Desktop\ZHPFix.lnk
2014-11-29 09:41 - 2014-11-29 09:41 - 00001860 _____ () C:\Users\Breno\Desktop\ZHPDiag.lnk
2014-11-29 09:41 - 2014-11-29 09:41 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-11-29 03:03 - 2014-11-29 03:03 - 00042009 _____ () C:\Users\Breno\Desktop\1344 2012-10-19 17.47.txt
2014-11-28 19:32 - 2014-11-28 19:32 - 00026749 _____ () C:\ComboFix.txt
2014-11-28 19:27 - 2014-11-28 19:27 - 00000197 _____ () C:\Windows\system32\2014-11-28-22-27-49.091-AvastVBoxSVC.exe-4448.log
2014-11-28 19:14 - 2014-11-28 19:32 - 00000000 ____D () C:\Qoobox
2014-11-28 19:14 - 2011-06-26 03:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-28 19:14 - 2010-11-07 14:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-28 19:14 - 2009-04-20 01:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-28 19:14 - 2000-08-30 21:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-28 19:14 - 2000-08-30 21:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-28 19:14 - 2000-08-30 21:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-28 19:14 - 2000-08-30 21:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-28 19:14 - 2000-08-30 21:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-28 19:13 - 2014-11-28 19:13 - 05577449 ____R (Swearware) C:\Users\Breno\Downloads\ComboFix.exe
2014-11-28 18:54 - 2014-11-28 18:54 - 00000197 _____ () C:\Windows\system32\2014-11-28-21-54-26.059-AvastVBoxSVC.exe-5140.log
2014-11-28 13:06 - 2014-11-28 13:06 - 00000197 _____ () C:\Windows\system32\2014-11-28-16-06-29.007-AvastVBoxSVC.exe-3584.log
2014-11-27 11:10 - 2014-11-27 11:10 - 00000197 _____ () C:\Windows\system32\2014-11-27-14-10-07.000-AvastVBoxSVC.exe-5812.log
2014-11-26 13:11 - 2014-11-26 13:11 - 00000197 _____ () C:\Windows\system32\2014-11-26-16-11-57.076-AvastVBoxSVC.exe-4440.log
2014-11-25 20:56 - 2014-11-25 20:56 - 00000247 _____ () C:\Windows\system32\2014-11-25-23-56-25.058-aswFe.exe-7152.log
2014-11-25 20:51 - 2014-11-25 20:56 - 00000247 _____ () C:\Windows\system32\2014-11-25-23-51-23.019-aswFe.exe-4808.log
2014-11-25 20:51 - 2014-11-25 20:51 - 00000197 _____ () C:\Windows\system32\2014-11-25-23-51-20.001-AvastVBoxSVC.exe-6712.log
2014-11-25 20:43 - 2014-11-30 00:24 - 00059588 _____ () C:\Windows\PFRO.log
2014-11-25 19:08 - 2014-12-01 12:56 - 00002688 _____ () C:\Windows\setupact.log
2014-11-25 19:08 - 2014-11-25 19:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-15 14:45 - 2014-11-15 14:45 - 00007044 _____ () C:\Users\Breno\Desktop\h_r_m_txtres_us_02.txt
2014-11-15 14:44 - 2014-11-15 14:44 - 00091668 _____ () C:\Users\Breno\Desktop\h_r_b_txtres_us_01.ztr.txt
2014-11-14 18:34 - 2014-11-14 18:34 - 00000017 _____ () C:\Users\Breno\Desktop\oi cancelamento.txt
2014-11-29 14:33 - 2014-10-11 14:13 - 00000000 ____D () C:\Windows\AutoKMS
C:\Users\Breno\AppData\Local\Temp\sfamcc00001.dll
emptytemp:
end
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3953213382-33664593-4059234609-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
Chrome StartupUrls deleted successfully.
catchme => Service deleted successfully.
C:\Users\Breno\Desktop\AdwCleaner[R0].txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Breno\Downloads\adwcleaner_4.102 (1).exe => Moved successfully.
C:\Users\Breno\Desktop\zoek-results.txt => Moved successfully.
Could not move "C:\Windows\system32\2014-11-30-03-28-03.068-AvastVBoxSVC.exe-2652.log" => Scheduled to move on reboot.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Breno\Desktop\Zoek => Moved successfully.
C:\Users\Breno\Desktop\zoek.zip => Moved successfully.
C:\Windows\system32\2014-11-30-02-52-13.012-AvastVBoxSVC.exe-5360.log => Moved successfully.
C:\Windows\DirectX.log => Moved successfully.
C:\Users\Breno\Desktop\ZHPFix[R1].txt => Moved successfully.
C:\Users\Breno\Desktop\ZHPFixReport.txt => Moved successfully.
C:\script.txt => Moved successfully.
C:\Users\Breno\Downloads\ZHPFix.exe => Moved successfully.
C:\Users\Public\Desktop\ZHPFix.lnk => Moved successfully.
C:\Program Files (x86)\ZHPFix => Moved successfully.
C:\Windows\system32\2014-11-29-17-16-22.028-AvastVBoxSVC.exe-1940.log => Moved successfully.
C:\ZHPDiag.txt => Moved successfully.
C:\Users\Breno\Desktop\ZHPDiag.txt => Moved successfully.
C:\PhysicalDisk0_MBR.bin => Moved successfully.
C:\Users\Breno\AppData\Roaming\ZHP => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP => Moved successfully.
C:\Users\Breno\Downloads\ZHPDiag2.exe => Moved successfully.
C:\Users\Breno\Desktop\ZHPFix.lnk => Moved successfully.
C:\Users\Breno\Desktop\ZHPDiag.lnk => Moved successfully.
C:\Program Files (x86)\ZHPDiag => Moved successfully.
C:\Users\Breno\Desktop\1344 2012-10-19 17.47.txt => Moved successfully.
C:\ComboFix.txt => Moved successfully.
C:\Windows\system32\2014-11-28-22-27-49.091-AvastVBoxSVC.exe-4448.log => Moved successfully.
C:\Qoobox => Moved successfully.
C:\Windows\PEV.exe => Moved successfully.
C:\Windows\MBR.exe => Moved successfully.
C:\Windows\NIRCMD.exe => Moved successfully.
C:\Windows\SWREG.exe => Moved successfully.
C:\Windows\SWSC.exe => Moved successfully.
C:\Windows\sed.exe => Moved successfully.
C:\Windows\grep.exe => Moved successfully.
C:\Windows\zip.exe => Moved successfully.
C:\Users\Breno\Downloads\ComboFix.exe => Moved successfully.
C:\Windows\system32\2014-11-28-21-54-26.059-AvastVBoxSVC.exe-5140.log => Moved successfully.
C:\Windows\system32\2014-11-28-16-06-29.007-AvastVBoxSVC.exe-3584.log => Moved successfully.
C:\Windows\system32\2014-11-27-14-10-07.000-AvastVBoxSVC.exe-5812.log => Moved successfully.
C:\Windows\system32\2014-11-26-16-11-57.076-AvastVBoxSVC.exe-4440.log => Moved successfully.
C:\Windows\system32\2014-11-25-23-56-25.058-aswFe.exe-7152.log => Moved successfully.
C:\Windows\system32\2014-11-25-23-51-23.019-aswFe.exe-4808.log => Moved successfully.
C:\Windows\system32\2014-11-25-23-51-20.001-AvastVBoxSVC.exe-6712.log => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\Breno\Desktop\h_r_m_txtres_us_02.txt => Moved successfully.
C:\Users\Breno\Desktop\h_r_b_txtres_us_01.ztr.txt => Moved successfully.
C:\Users\Breno\Desktop\oi cancelamento.txt => Moved successfully.
C:\Windows\AutoKMS => Moved successfully.
C:\Users\Breno\AppData\Local\Temp\sfamcc00001.dll => Moved successfully.
EmptyTemp: => Removed 403.6 MB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-12-01 21:33:29)<=

C:\Windows\system32\2014-11-30-03-28-03.068-AvastVBoxSVC.exe-2652.log => Is moved successfully.

==== End of Fixlog ====

Publicité


Signaler le contenu de ce document

Publicité