cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Christina at 2015-03-20 16:34:55 Run:1
Running from C:\Users\Invité\Downloads
Loaded Profiles: Christina & Invité (Available profiles: UpdatusUser & Christina & Invité)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2964183969-392809350-584086208-1002 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
FF Homepage: hxxp://start.mysearchdial.com/
FF SearchPlugin: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\q27pgwxn.default\searchplugins\Mysearchdial.xml [2014-03-11]
FF Extension: SaveSense - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\q27pgwxn.default\Extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} [2014-03-11]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-2964183969-392809350-584086208-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-2964183969-392809350-584086208-501\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: SaveSense - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\q27pgwxn.default\Extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} [2014-03-11]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
R2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe [706560 2014-05-28] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
2015-03-19 20:10 - 2013-12-27 23:35 - 00000062 _____ () C:\Users\Invité\AppData\Roaming\sp_data.sys
2015-03-19 19:57 - 2014-03-11 16:57 - 00000320 _____ () C:\WINDOWS\Tasks\MySearchDial.job
2015-03-17 10:23 - 2014-03-11 16:57 - 00000000 ____D () C:\Users\Christina\AppData\Local\SaveSense
2015-03-17 10:10 - 2013-12-15 19:00 - 00000062 _____ () C:\Users\Christina\AppData\Roaming\sp_data.sys
2013-05-01 05:34 - 2012-09-07 07:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 05:34 - 2009-07-22 06:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 05:34 - 2012-09-07 07:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Task: {303E75D1-4B31-457E-B40C-5D363096B583} - System32\Tasks\MySearchDial => C:\Users\CHRIST~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE
Task: C:\WINDOWS\Tasks\MySearchDial.job => C:\Users\CHRIST~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE
end
*****************

Processes closed successfully.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.

========= RemoveProxy: =========

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-2964183969-392809350-584086208-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-2964183969-392809350-584086208-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-2964183969-392809350-584086208-501\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-2964183969-392809350-584086208-501\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.


========= End of RemoveProxy: =========

Restore point was successfully created.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk not found.
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe not found.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found.
"HKU\S-1-5-21-2964183969-392809350-584086208-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}" => Key deleted successfully.
HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key not found.
HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Key not found.
Firefox homepage deleted successfully.
C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\q27pgwxn.default\searchplugins\Mysearchdial.xml => Moved successfully.
C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\q27pgwxn.default\Extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value deleted successfully.
HKU\S-1-5-21-2964183969-392809350-584086208-1002\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => Value not found.
C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi not found.
HKU\S-1-5-21-2964183969-392809350-584086208-501\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => Value not found.
C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\q27pgwxn.default\Extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh => Key not found.
xmkysecqun64 => Service deleted successfully.
McComponentHostService => Service not found.
C:\Users\Invité\AppData\Roaming\sp_data.sys => Moved successfully.
C:\WINDOWS\Tasks\MySearchDial.job => Moved successfully.
C:\Users\Christina\AppData\Local\SaveSense => Moved successfully.
C:\Users\Christina\AppData\Roaming\sp_data.sys => Moved successfully.
C:\ProgramData\SetStretch.cmd => Moved successfully.
C:\ProgramData\SetStretch.exe => Moved successfully.
C:\ProgramData\SetStretch.VBS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{303E75D1-4B31-457E-B40C-5D363096B583}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{303E75D1-4B31-457E-B40C-5D363096B583}" => Key deleted successfully.
C:\Windows\System32\Tasks\MySearchDial => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MySearchDial" => Key deleted successfully.
C:\WINDOWS\Tasks\MySearchDial.job not found.
EmptyTemp: => Removed 761.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog 16:38:22 ====

Publicité


Signaler le contenu de ce document

Publicité