cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Scan Tool (x64) Version:10-06-2016
Ran by adam (2016-06-12 10:56:26) Run:1
Running from C:\Users\adam\Desktop
Loaded Profiles: adam (Available Profiles: adam)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKU\S-1-5-21-2800183623-575756498-154981772-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.teoma.com/?tpid=ARS2-TMG&o=APN11170&pf=V7&trgb=IE&p2=%5ECGT%5EYYYYYY%5ECW%5EES&gct=hp&apn_ptnrs=%5ECGT&apn_dtid=%5EYYYYYY%5ECW%5EES&apn_dbr=iexplore.exe_0_8.0.7600.16385&apn_uid=0FB13A64-B6D2-4DED-BB00-B49FA9F6FFCC&itbv=12.40.4.66&doi=2016-05-10&psv=&pt=tb
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2800183623-575756498-154981772-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
Toolbar: HKU\S-1-5-21-2800183623-575756498-154981772-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF SearchEngineOrder.3: Bing
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
2016-06-11 21:15 - 2016-06-11 21:15 - 00109617 _____ C:\Users\adam\Desktop\ZHPDiag.txt
2016-06-11 19:16 - 2016-06-11 19:16 - 00003240 _____ C:\Users\adam\Desktop\ZHPFix[R10].txt
2016-06-11 15:52 - 2016-06-11 15:52 - 03521617 _____ (Nicolas Coolman ) C:\Users\adam\Desktop\ZHPFix (2).exe
2016-06-11 15:52 - 2016-06-11 15:52 - 00001849 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-06-11 15:52 - 2016-06-11 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-06-11 15:51 - 2016-06-11 15:52 - 03521617 _____ (Nicolas Coolman ) C:\Users\adam\Downloads\ZHPFix (2).exe
2016-06-11 15:15 - 2016-06-11 15:15 - 03521617 _____ (Nicolas Coolman ) C:\Users\adam\Downloads\ZHPFix (1).exe
2016-06-11 15:14 - 2016-06-11 15:15 - 03521617 _____ (Nicolas Coolman ) C:\Users\adam\Downloads\ZHPFix.exe
2016-06-10 17:59 - 2016-06-10 17:59 - 02213888 _____ C:\Users\adam\Desktop\ZHPDiag3_2.exe
2016-06-10 17:22 - 2016-06-10 22:11 - 00000000 ____D C:\Users\adam\Desktop\SalityKiller
2016-06-10 17:21 - 2016-06-10 17:21 - 00170498 _____ C:\Users\adam\Desktop\SalityKiller.rar
2016-06-10 16:57 - 2016-06-11 15:52 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-06-10 16:16 - 2016-06-10 17:58 - 02215424 _____ C:\Users\adam\ZHPDiag3.exe
2016-06-10 06:58 - 2016-06-10 06:27 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-06-10 06:32 - 2016-06-11 12:44 - 00000000 ____D C:\Users\adam\AppData\Local\CrashDumps
2016-06-09 17:33 - 2016-06-09 17:33 - 19906632 _____ C:\Users\adam\Desktop\RogueKiller.exe
2016-06-09 17:33 - 2016-06-09 17:33 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-09 17:17 - 2016-06-09 20:12 - 00000000 ____D C:\AdwCleaner
2016-06-09 17:17 - 2016-06-09 17:17 - 03677248 _____ C:\Users\adam\Desktop\AdwCleaner.exe
2016-06-09 17:05 - 2016-06-09 17:05 - 01610816 _____ (Malwarebytes) C:\Users\adam\Desktop\JRT_2.exe
2016-06-09 16:06 - 2016-06-11 19:52 - 00000000 ____D C:\Users\adam\AppData\Roaming\ZHP
2016-06-09 16:06 - 2016-06-10 16:16 - 00000663 _____ C:\Users\adam\Desktop\ZHPDiag.lnk
2016-06-09 16:04 - 2016-06-09 16:05 - 02213888 _____ C:\Users\adam\Desktop\ZHPDiag3.exe
C:\Users\adam\ZHPDiag3.exe
Task: {AB934FC0-19E8-4BF1-92EB-D3C777A38B12} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"

CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end
*****************

Restore point was successfully created.
Processes closed successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2800183623-575756498-154981772-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2800183623-575756498-154981772-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

HKU\S-1-5-21-2800183623-575756498-154981772-1000\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKU\S-1-5-21-2800183623-575756498-154981772-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}" => key removed successfully
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => key not found.
HKU\S-1-5-21-2800183623-575756498-154981772-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
Firefox SearchEngineOrder.3 removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer" => key removed successfully
"C:\Users\adam\Desktop\ZHPDiag.txt" => not found.
"C:\Users\adam\Desktop\ZHPFix[R10].txt" => not found.
C:\Users\adam\Desktop\ZHPFix (2).exe => moved successfully
C:\Users\Public\Desktop\ZHPFix.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP => moved successfully
C:\Users\adam\Downloads\ZHPFix (2).exe => moved successfully
C:\Users\adam\Downloads\ZHPFix (1).exe => moved successfully
C:\Users\adam\Downloads\ZHPFix.exe => moved successfully
C:\Users\adam\Desktop\ZHPDiag3_2.exe => moved successfully
C:\Users\adam\Desktop\SalityKiller => moved successfully
C:\Users\adam\Desktop\SalityKiller.rar => moved successfully
C:\Program Files (x86)\ZHPFix => moved successfully
C:\Users\adam\ZHPDiag3.exe => moved successfully
C:\Windows\zoek-delete.exe => moved successfully
C:\Users\adam\AppData\Local\CrashDumps => moved successfully
C:\Users\adam\Desktop\RogueKiller.exe => moved successfully
C:\ProgramData\RogueKiller => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\adam\Desktop\AdwCleaner.exe => moved successfully
C:\Users\adam\Desktop\JRT_2.exe => moved successfully
C:\Users\adam\AppData\Roaming\ZHP => moved successfully
C:\Users\adam\Desktop\ZHPDiag.lnk => moved successfully
C:\Users\adam\Desktop\ZHPDiag3.exe => moved successfully
"C:\Users\adam\ZHPDiag3.exe" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AB934FC0-19E8-4BF1-92EB-D3C777A38B12}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB934FC0-19E8-4BF1-92EB-D3C777A38B12}" => key removed successfully
C:\Windows\System32\Tasks\USER_ESRV_SVC => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\USER_ESRV_SVC" => key removed successfully

========= netsh winsock reset all =========


El cat?logo Winsock se restableci? correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci?n IP de Windows

Se vaci? correctamente la cach� de resoluci?n de DNS.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 693.2 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 10:57:52 ====

Publicité


Signaler le contenu de ce document

Publicité