cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Simon at 2015-07-09 18:03:44 Run:1
Running from C:\Users\Simon\Desktop
Loaded Profiles: Simon (Available Profiles: Simon)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
() C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Simon.exe
AppInit_DLLs-x32: AirfoilInjector_3_7.dll => "AirfoilInjector_3_7.dll" File not found
Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Simon.exe [2015-06-08] ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction
HKU\S-1-5-21-168422143-2221164617-2328260565-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction
HKU\S-1-5-21-168422143-2221164617-2328260565-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://yourtv.link
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-168422143-2221164617-2328260565-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.google.com/cse?cx=partner-pub-8036109189802438%3A7790813904&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=yourtv.link%2F
SearchScopes: HKU\S-1-5-21-168422143-2221164617-2328260565-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.google.com/cse?cx=partner-pub-8036109189802438%3A7790813904&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=yourtv.link%2F
FF Homepage: hxxp://yourtv.link
C:\Users\Simon\AppData\Local\Temp\AcerDocsSetup.exe
C:\Users\Simon\AppData\Local\Temp\AcerPortalSetup.exe
C:\Users\Simon\AppData\Local\Temp\CM.Launcher.Win.exe
C:\Users\Simon\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbtcw5y.dll
C:\Users\Simon\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\Simon\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\Simon\AppData\Local\Temp\Newtonsoft.Json.dll
C:\Users\Simon\AppData\Local\Temp\NLog.dll
C:\Users\Simon\AppData\Local\Temp\npp.6.7.9.2.Installer.exe
C:\Users\Simon\AppData\Local\Temp\Quarantine.exe
C:\Users\Simon\AppData\Local\Temp\Shuame_Uninst.exe
C:\Users\Simon\AppData\Local\Temp\sqlite3.dll
C:\Users\Simon\AppData\Local\Temp\System.Core.dll
C:\Users\Simon\AppData\Local\Temp\System.Xml.Linq.dll
C:\Users\Simon\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Simon.exe
RemoveDirectory: C:\ProgramData\NavRight
C:\Users\Simon\Downloads\SpyHunter-Installer.exe
Task: {974BCD99-2D7B-481E-838B-F62543A883F7} - System32\Tasks\tet3008 => C:\PROGRA~2\FASTSE~1\tet3008.exe
Task: {B3BF6760-B616-4007-989F-1B42842D4282} - System32\Tasks\JQBIWWQW1 => C:\ProgramData\NavRight\NavRight.exe
Task: {B6228F33-E4A3-40E9-B96A-E6557C877B41} - System32\Tasks\sol3007 => C:\PROGRA~2\FASTSE~1\sol3007.exe
Task: C:\WINDOWS\Tasks\JQBIWWQW1.job => C:\ProgramData\NavRight\NavRight.exe
2015-06-08 21:16 - 2015-06-02 12:03 - 14949273 ____S () C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Simon.exe
end
*****************

Processes closed successfully.
C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Simon.exe => No running process found
"AirfoilInjector_3_7.dll" => value data removed successfully.
C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Simon.exe => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-168422143-2221164617-2328260565-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-168422143-2221164617-2328260565-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-168422143-2221164617-2328260565-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-168422143-2221164617-2328260565-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
Firefox homepage removed successfully
C:\Users\Simon\AppData\Local\Temp\AcerDocsSetup.exe => moved successfully.
C:\Users\Simon\AppData\Local\Temp\AcerPortalSetup.exe => moved successfully.
C:\Users\Simon\AppData\Local\Temp\CM.Launcher.Win.exe => moved successfully.
C:\Users\Simon\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbtcw5y.dll => moved successfully.
C:\Users\Simon\AppData\Local\Temp\Foxit PhantomPDF Updater.exe => moved successfully.
C:\Users\Simon\AppData\Local\Temp\FoxitUpdater.exe => moved successfully.
C:\Users\Simon\AppData\Local\Temp\Newtonsoft.Json.dll => moved successfully.
C:\Users\Simon\AppData\Local\Temp\NLog.dll => moved successfully.
C:\Users\Simon\AppData\Local\Temp\npp.6.7.9.2.Installer.exe => moved successfully.
C:\Users\Simon\AppData\Local\Temp\Quarantine.exe => moved successfully.
C:\Users\Simon\AppData\Local\Temp\Shuame_Uninst.exe => moved successfully.
C:\Users\Simon\AppData\Local\Temp\sqlite3.dll => moved successfully.
C:\Users\Simon\AppData\Local\Temp\System.Core.dll => moved successfully.
C:\Users\Simon\AppData\Local\Temp\System.Xml.Linq.dll => moved successfully.
C:\Users\Simon\AppData\Local\Temp\xmlUpdater.exe => moved successfully.
"C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Simon.exe" => File/Folder not found.
"C:\ProgramData\NavRight" => File/Folder not found.
C:\Users\Simon\Downloads\SpyHunter-Installer.exe => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{974BCD99-2D7B-481E-838B-F62543A883F7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{974BCD99-2D7B-481E-838B-F62543A883F7}" => key removed successfully
C:\Windows\System32\Tasks\tet3008 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\tet3008" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B3BF6760-B616-4007-989F-1B42842D4282}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3BF6760-B616-4007-989F-1B42842D4282}" => key removed successfully
C:\Windows\System32\Tasks\JQBIWWQW1 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JQBIWWQW1" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B6228F33-E4A3-40E9-B96A-E6557C877B41}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6228F33-E4A3-40E9-B96A-E6557C877B41}" => key removed successfully
C:\Windows\System32\Tasks\sol3007 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\sol3007" => key removed successfully
C:\WINDOWS\Tasks\JQBIWWQW1.job => moved successfully.
"C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Simon.exe" => File/Folder not found.


The system needed a reboot..

==== End of Fixlog 18:03:54 ====

Publicité


Signaler le contenu de ce document

Publicité