cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Scan Tool (x64) Version:03-05-2016
Ran by uthmin (2016-05-04 02:11:59) Run:1
Running from C:\Users\uthmin\Desktop
Loaded Profiles: uthmin (Available Profiles: uthmin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
CreateRestorePoint:
RemoveProxy:

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/?ilc=8
SearchScopes: HKU\S-1-5-21-2791196081-3455553443-96247009-1001 -> DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=mkg028
SearchScopes: HKU\S-1-5-21-2791196081-3455553443-96247009-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=mkg028
CHR HomePage: Default -> hxxp://eg.hao222.com/
CHR StartupUrls: Default -> "hxxp://eg.hao222.com/"
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
2016-04-28 02:40 - 2016-04-28 02:40 - 00001427 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-04-28 01:11 - 2016-04-28 01:48 - 00000000 ____D C:\Users\uthmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2016-04-28 01:11 - 2016-04-28 01:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2016-04-28 01:11 - 2016-04-28 01:11 - 00014501 _____ C:\ProgramData\Duplicaterecord.js
2016-04-28 01:11 - 2016-04-28 01:11 - 00000000 ____D C:\ProgramData\Baidu
2016-04-27 22:29 - 2016-04-27 22:29 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-04-27 19:44 - 2016-04-27 19:44 - 00000000 _SHDL C:\Users\uthmin\My Documents
2016-04-27 19:44 - 2016-04-27 19:44 - 00000000 _SHDL C:\Users\uthmin\Documents\My Videos
2016-04-27 19:44 - 2016-04-27 19:44 - 00000000 _SHDL C:\Users\uthmin\Documents\My Pictures
2016-04-27 19:44 - 2016-04-27 19:44 - 00000000 _SHDL C:\Users\uthmin\Documents\My Music
Task: {1721B862-666C-4F34-ADA2-0F4D97A29970} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATTENTION
Task: {5DBD4505-4D34-4F34-881C-B64685AFE22E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9F25FD7B-D8A4-47CA-AFEA-4A6D47DBB9B0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AC4DE593-1CC8-415A-B8A8-C321520EB5AA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B020AAEC-8DAC-4EAC-8D60-0C6BDA049D49} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D4A94B4D-EC9D-4232-9130-94D99DD64BBE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_uthmin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
EmptyTemp:
CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
reboot:
end
*****************

Processes closed successfully.
Restore point was successfully created.

========= RemoveProxy: =========

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2791196081-3455553443-96247009-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}" => key removed successfully
HKCR\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4} => key not found.
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
LiveUpdateSvc => service removed successfully
C:\Users\Public\Desktop\IObit Uninstaller.lnk => moved successfully
"C:\Users\uthmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster" => not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster" => not found.
C:\ProgramData\Duplicaterecord.js => moved successfully
C:\ProgramData\Baidu => moved successfully
C:\WINDOWS\SysWOW64\sda => moved successfully
Symbolic link found: "C:\Users\uthmin\My Documents" => "C:\Users\uthmin\Documents"
"C:\Users\uthmin\My Documents" => Symbolic link removed successfully
C:\Users\uthmin\My Documents => moved successfully
Symbolic link found: "C:\Users\uthmin\Documents\My Videos" => "C:\Users\uthmin\Videos"
"C:\Users\uthmin\Documents\My Videos" => Symbolic link removed successfully
C:\Users\uthmin\Documents\My Videos => moved successfully
Symbolic link found: "C:\Users\uthmin\Documents\My Pictures" => "C:\Users\uthmin\Pictures"
"C:\Users\uthmin\Documents\My Pictures" => Symbolic link removed successfully
C:\Users\uthmin\Documents\My Pictures => moved successfully
Symbolic link found: "C:\Users\uthmin\Documents\My Music" => "C:\Users\uthmin\Music"
"C:\Users\uthmin\Documents\My Music" => Symbolic link removed successfully
C:\Users\uthmin\Documents\My Music => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1721B862-666C-4F34-ADA2-0F4D97A29970}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1721B862-666C-4F34-ADA2-0F4D97A29970}" => key removed successfully
C:\WINDOWS\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5DBD4505-4D34-4F34-881C-B64685AFE22E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DBD4505-4D34-4F34-881C-B64685AFE22E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F25FD7B-D8A4-47CA-AFEA-4A6D47DBB9B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F25FD7B-D8A4-47CA-AFEA-4A6D47DBB9B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4DE593-1CC8-415A-B8A8-C321520EB5AA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4DE593-1CC8-415A-B8A8-C321520EB5AA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B020AAEC-8DAC-4EAC-8D60-0C6BDA049D49}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B020AAEC-8DAC-4EAC-8D60-0C6BDA049D49}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4A94B4D-EC9D-4232-9130-94D99DD64BBE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4A94B4D-EC9D-4232-9130-94D99DD64BBE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
C:\WINDOWS\Tasks\Uninstaller_SkipUac_uthmin.job => moved successfully

========= netsh winsock reset all =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 138.3 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 02:12:45 ====

Publicité


Signaler le contenu de ce document

Publicité