cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by razafimaharo at 2015-06-18 07:59:50 Run:1
Running from C:\Users\razafimaharo\Contacts\Downloads\Programs
Loaded Profiles: razafimaharo (Available Profiles: razafimaharo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
CreateRestorePoint:
C:\ProgramData\JakiKyhk\lhbyavau.EXE
C:\ProgramData\JakiKyhk\CisgFenash.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3171897459-3189365053-2893909511-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3171897459-3189365053-2893909511-1000 -> {3600F0CC-F12B-6939-2318-10ADA0CA7149} URL =
SearchScopes: HKU\S-1-5-21-3171897459-3189365053-2893909511-1000 -> {8188C457-5DBA-4C41-B5F5-52A69B994939} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
FF Extension: No Name - C:\Users\razafimaharo\AppData\Roaming\Mozilla\Firefox\Profiles\e2l35ilf.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com [not found]
FF Extension: No Name - C:\Users\razafimaharo\AppData\Roaming\Mozilla\Firefox\Profiles\e2l35ilf.default\extensions\CUFCV96103896@VLCZ37079202.com [not found]
FF Extension: No Name - C:\Users\razafimaharo\AppData\Roaming\Mozilla\Firefox\Profiles\e2l35ilf.default\extensions\ffxtlbr@delta.com [not found]
FF Extension: No Name - C:\Users\razafimaharo\AppData\Roaming\Mozilla\Firefox\Profiles\e2l35ilf.default\extensions\plugin@yontoo.com.xpi [not found]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2014-08-18] <==== ATTENTION
CHR dev: Chrome dev build detected! <======= ATTENTION
R2 pedlyjwutm; C:\ProgramData\JakiKyhk\lhbyavau.exe [0 ] () <==== ATTENTION (zero byte File/Folder)
R2 pehnaoa; "C:\ProgramData\JakiKyhk\lhbywvau.exe" -cms [X]
R2 TexfaUoca; "C:\ProgramData\JakiKyhk\CisgFenash.exe" -cmd [X]
U3 akodjb7i; C:\Windows\System32\Drivers\akodjb7i.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
U3 ao60sebs; C:\Windows\System32\Drivers\ao60sebs.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
2015-06-14 21:22 - 2014-05-10 19:20 - 00000137 _____ C:\Users\razafimaharo\AppData\Roaming\WB.CFG
Task: {5337CB50-C16E-4408-B32C-475C0FF1B0A6} - System32\Tasks\{C70D5A07-7AE8-44C8-A4B5-1ED4A204F472} => pcalua.exe -a C:\ProgramData\JakiKyhk\Uninstaller.exe -c /ga=1503 /ai=120 /bi=0
Task: {FF9E040D-25E7-4FE1-88B2-CF248171B9AE} - System32\Tasks\{89F54561-FF33-46A0-9228-F8073D04C64E} => pcalua.exe -a "C:\Users\razafimaharo\Desktop\feodal\Life is Feudal - Your Own Setup.exe" -d C:\Users\razafimaharo\Desktop\feodal
Task: C:\Windows\Tasks\Tempo Runner lhbydvau.job => C:\ProgramData\JakiKyhk\lhbyavau.EXE-/dgad C:\ProgramData\JakiKyhk\lhbydvau.exe
AlternateDataStreams: C:\ProgramData\Temp:2CFBE2D1
AlternateDataStreams: C:\ProgramData\Temp:373C6DC2
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5216CD26
AlternateDataStreams: C:\ProgramData\Temp:5D458568
AlternateDataStreams: C:\ProgramData\Temp:661DFA1C
AlternateDataStreams: C:\ProgramData\Temp:77846FFE
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:8AD1F2E0
AlternateDataStreams: C:\ProgramData\Temp:AC57032B
AlternateDataStreams: C:\ProgramData\Temp:AD022376
AlternateDataStreams: C:\ProgramData\Temp:D20FFA63
AlternateDataStreams: C:\ProgramData\Temp:FEF919E6
FirewallRules: [{45B2F780-CB4F-47B0-8BB8-28D4F573CF03}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe
FirewallRules: [{0C9FA6B8-35EC-4E30-9292-A0F4CAFCDAF3}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe
FirewallRules: [{89B3F229-B731-40E9-B08F-C5D5087E663B}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{0C55C1BF-6DF8-47B5-9943-A7AA57E73A5B}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe



EmptyTemp:
end
*****************

Processes closed successfully.
Restore point was successfully created.
"C:\ProgramData\JakiKyhk\lhbyavau.EXE" => File/Folder not found.
"C:\ProgramData\JakiKyhk\CisgFenash.exe" => File/Folder not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-3171897459-3189365053-2893909511-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3171897459-3189365053-2893909511-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3600F0CC-F12B-6939-2318-10ADA0CA7149}" => key removed successfully
HKCR\CLSID\{3600F0CC-F12B-6939-2318-10ADA0CA7149} => key not found.
"HKU\S-1-5-21-3171897459-3189365053-2893909511-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8188C457-5DBA-4C41-B5F5-52A69B994939}" => key removed successfully
HKCR\CLSID\{8188C457-5DBA-4C41-B5F5-52A69B994939} => key not found.
C:\Users\razafimaharo\AppData\Roaming\Mozilla\Firefox\Profiles\e2l35ilf.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com not found.
C:\Users\razafimaharo\AppData\Roaming\Mozilla\Firefox\Profiles\e2l35ilf.default\extensions\CUFCV96103896@VLCZ37079202.com not found.
C:\Users\razafimaharo\AppData\Roaming\Mozilla\Firefox\Profiles\e2l35ilf.default\extensions\ffxtlbr@delta.com not found.
C:\Users\razafimaharo\AppData\Roaming\Mozilla\Firefox\Profiles\e2l35ilf.default\extensions\plugin@yontoo.com.xpi not found.
C:\Program Files (x86)\mozilla firefox\firefox.cfg => moved successfully.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
pedlyjwutm => Unable to stop service.
pedlyjwutm => Service could not remove
pehnaoa => Unable to stop service.
pehnaoa => Service could not remove
TexfaUoca => Unable to stop service.
TexfaUoca => Service could not remove
akodjb7i => Service not found.
ao60sebs => Service not found.
C:\Users\razafimaharo\AppData\Roaming\WB.CFG => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5337CB50-C16E-4408-B32C-475C0FF1B0A6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5337CB50-C16E-4408-B32C-475C0FF1B0A6}" => key removed successfully
C:\Windows\System32\Tasks\{C70D5A07-7AE8-44C8-A4B5-1ED4A204F472} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C70D5A07-7AE8-44C8-A4B5-1ED4A204F472}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF9E040D-25E7-4FE1-88B2-CF248171B9AE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF9E040D-25E7-4FE1-88B2-CF248171B9AE}" => key removed successfully
C:\Windows\System32\Tasks\{89F54561-FF33-46A0-9228-F8073D04C64E} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{89F54561-FF33-46A0-9228-F8073D04C64E}" => key removed successfully
C:\Windows\Tasks\Tempo Runner lhbydvau.job not found.
C:\ProgramData\Temp => ":2CFBE2D1" ADS removed successfully.
C:\ProgramData\Temp => ":373C6DC2" ADS removed successfully.
C:\ProgramData\Temp => ":4D066AD2" ADS removed successfully.
C:\ProgramData\Temp => ":5216CD26" ADS removed successfully.
C:\ProgramData\Temp => ":5D458568" ADS removed successfully.
C:\ProgramData\Temp => ":661DFA1C" ADS removed successfully.
C:\ProgramData\Temp => ":77846FFE" ADS removed successfully.
C:\ProgramData\Temp => ":798A3728" ADS removed successfully.
C:\ProgramData\Temp => ":8AD1F2E0" ADS removed successfully.
C:\ProgramData\Temp => ":AC57032B" ADS removed successfully.
C:\ProgramData\Temp => ":AD022376" ADS removed successfully.
C:\ProgramData\Temp => ":D20FFA63" ADS removed successfully.
C:\ProgramData\Temp => ":FEF919E6" ADS removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45B2F780-CB4F-47B0-8BB8-28D4F573CF03} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0C9FA6B8-35EC-4E30-9292-A0F4CAFCDAF3} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{89B3F229-B731-40E9-B08F-C5D5087E663B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0C55C1BF-6DF8-47B5-9943-A7AA57E73A5B} => value removed successfully
EmptyTemp: => 395.7 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 08:03:44 ====

Publicité


Signaler le contenu de ce document

Publicité