cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Scan Tool (x64) Version:08-10-2015
Ran by PC SOBRESSALENTE (2015-10-08 23:52:31) Run:1
Running from C:\Users\PC SOBRESSALENTE\Desktop
Loaded Profiles: PC SOBRESSALENTE (Available Profiles: PC SOBRESSALENTE)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://do-search.com/?type=hp&ts=1430343103&from=cor&uid=ST3250318AS_6VY0APRN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://do-search.com/?type=hp&ts=1430343103&from=cor&uid=ST3250318AS_6VY0APRN
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1430343103&from=cor&uid=ST3250318AS_6VY0APRN&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1430343103&from=cor&uid=ST3250318AS_6VY0APRN&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1430343103&from=cor&uid=ST3250318AS_6VY0APRN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1430343103&from=cor&uid=ST3250318AS_6VY0APRN
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1430343103&from=cor&uid=ST3250318AS_6VY0APRN&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1430343103&from=cor&uid=ST3250318AS_6VY0APRN&q={searchTerms}
HKU\S-1-5-21-2201604522-913026945-3012054626-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1430343103&from=cor&uid=ST3250318AS_6VY0APRN
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
2015-09-12 12:58 - 2015-09-23 18:48 - 00000807 _____ C:\Users\PC SOBRESSALENTE\Desktop\ZHPCleaner.lnk
C:\Users\PC SOBRESSALENTE\ZHPCleaner.exe
Task: {5C9C13DC-25FA-4F0C-9BBA-A7F3EEE5193A} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js" <==== ATTENTION
Task: {A37E5597-7402-43A0-AC4A-333258950B49} - System32\Tasks\94A46359-5537-4201-BEFD-1EC63DFD0943 => C:\ProgramData\Baidu Security\PC_Faster_Setup_Mini_GL16.exe <==== ATTENTION
Task: {A40A8157-3B46-4E47-80ED-B6090B8556AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {BE9CFC27-D75D-4E5E-8D9F-477249F6CB78} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-08-17] (Glarysoft Ltd)
Task: {D6C114B6-0BA0-45D5-B78D-4AC8A716AC0A} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-08-17] (Glarysoft Ltd)
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
Hosts:
end
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock" => key removed successfully
HKCR\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => key not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2201604522-913026945-3012054626-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}" => key removed successfully
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => key not found.
C:\Users\PC SOBRESSALENTE\Desktop\ZHPCleaner.lnk => moved successfully
C:\Users\PC SOBRESSALENTE\ZHPCleaner.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C9C13DC-25FA-4F0C-9BBA-A7F3EEE5193A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C9C13DC-25FA-4F0C-9BBA-A7F3EEE5193A}" => key removed successfully
C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A37E5597-7402-43A0-AC4A-333258950B49}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A37E5597-7402-43A0-AC4A-333258950B49}" => key removed successfully
C:\Windows\System32\Tasks\94A46359-5537-4201-BEFD-1EC63DFD0943 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\94A46359-5537-4201-BEFD-1EC63DFD0943" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A40A8157-3B46-4E47-80ED-B6090B8556AA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A40A8157-3B46-4E47-80ED-B6090B8556AA}" => key removed successfully
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE9CFC27-D75D-4E5E-8D9F-477249F6CB78} => key not found.
C:\Windows\System32\Tasks\GU5SkipUAC => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GU5SkipUAC => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6C114B6-0BA0-45D5-B78D-4AC8A716AC0A} => key not found.
C:\Windows\System32\Tasks\GlaryInitialize 5 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GlaryInitialize 5 => key not found.
Restore point was successfully created.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2201604522-913026945-3012054626-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2201604522-913026945-3012054626-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 384 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 23:53:14 ====

Publicité


Signaler le contenu de ce document

Publicité