cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Scan Tool (x64) Version:04-07-2015
Ran by Bennani at 2015-07-05 21:39:05 Run:1
Running from C:\Users\Bennani\Desktop
Loaded Profiles: Bennani (Available Profiles: Bennani)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Bennani\AppData\Local\Smartbar\Application\Smartbar.exe [29696 2014-08-27] (Smartbar)
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\...\Run: [uTorrent] => C:\Users\Bennani\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-06]
AppInit_DLLs: C:\Users\Bennani\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Bennani\AppData\Local\Smartbar\Application\Resources\crdlil64.dll [140800 2015-04-03]
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.helperbar.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.helperbar.com/
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/
SearchScopes: HKU\S-1-5-21-1293848520-3022823651-4053527934-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/
SearchScopes: HKU\S-1-5-21-1293848520-3022823651-4053527934-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/
SearchScopes: HKU\S-1-5-21-1293848520-3022823651-4053527934-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-11-26]
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-26]
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKU\S-1-5-21-1293848520-3022823651-4053527934-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF NewTab: hxxp://feed.helperbar.com/
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.helperbar.com/
FF Keyword.URL: hxxp://feed.helperbar.com/
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-26] (Oracle Corporation)
FF SearchPlugin: C:\Users\Bennani\AppData\Roaming\Mozilla\Firefox\Profiles\nla6zqke.default\searchplugins\Web Search.xml [2015-05-19]
FF Extension: DebrideurStreaming - C:\Users\Bennani\AppData\Roaming\Mozilla\Firefox\Profiles\nla6zqke.default\Extensions\jid1-6gzTcCreJnRqoIj7t8ltxj2HuKc@jetpack.xpi [2015-02-28]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2015-06-02]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
2015-06-09 15:55 - 2015-06-09 15:56 - 00000000 ____D C:\Users\Bennani\AppData\Local\{C4F77483-634E-4290-B6F6-486F012534DE}
2015-07-04 15:44 - 2014-10-23 22:55 - 00000000 ____D C:\Users\Bennani\AppData\Roaming\uTorrent
2014-08-23 12:32 - 2014-08-23 12:32 - 0580303 _____ () C:\ProgramData\1408788808.bdinstall.bin
2014-11-26 21:29 - 2014-11-26 21:29 - 0249219 _____ () C:\ProgramData\1417030112.bdinstall.bin
2014-08-27 16:28 - 2014-08-27 16:28 - 00025088 _____ () C:\Users\Bennani\AppData\Local\Smartbar\
C:\Users\Bennani\AppData\Local\Temp\1abpdenl.dll
C:\Users\Bennani\AppData\Local\Temp\sp58915.exe
FirewallRules: [{F8F264C8-745F-4A4E-916E-378F5C8EF6EE}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{85C40B82-13A5-4BA3-8DC8-CD6711ACC64E}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{FCF54265-B3CF-48AD-B0C1-7DFF52E51049}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{5DE642F4-DEF4-43AC-9991-A7545D9D24DF}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{E4F2C699-F30B-4900-8DC0-9E7C7E872712}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{CA2B24E8-8EA6-41B0-9344-341E99CAB694}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{02A5B6F2-B983-4DE5-B957-AE60544AA59E}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{45914352-CAB3-4D29-8CB9-F45BC8ECEC83}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{13E3378B-1FA0-46AC-BF38-D2A0E0F3B7D2}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{F9B889D4-90D4-4052-9503-EAE3D6CACDFD}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{4E96B918-0A82-46DD-874B-23E4FDE05532}] => (Allow) C:\Users\Bennani\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{75ECABFD-06F0-48B6-AE65-22CC61C14D77}] => (Allow) C:\Users\Bennani\AppData\Roaming\uTorrent\uTorrent.exe
end
*****************

Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

Restore point was successfully created.
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Bitdefender Wallet Agent => value removed successfully
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Browser Infrastructure Helper => value removed successfully
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value removed successfully
"C:\Users\Bennani\AppData\Local\Smartbar\Application\Resources\crdlil64.dll" => value data removed successfully.
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => key removed successfully
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => key removed successfully
HKCR\Wow6432Node\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => key removed successfully
HKCR\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => key not found.
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => key removed successfully
HKCR\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => key not found.
"HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}" => key removed successfully
HKCR\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
"HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}" => key removed successfully
HKCR\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}" => key removed successfully
HKCR\Wow6432Node\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}" => key removed successfully
HKCR\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => value removed successfully
"HKCR\CLSID\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => value removed successfully
HKCR\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => value removed successfully
HKCR\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} => key not found.
HKU\S-1-5-21-1293848520-3022823651-4053527934-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
Firefox newtab removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox homepage removed successfully
Firefox Keyword.URL removed successfully
HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2 => key not found.
"C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll" => not found.
HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2 => key not found.
"C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll" => not found.
C:\Users\Bennani\AppData\Roaming\Mozilla\Firefox\Profiles\nla6zqke.default\searchplugins\Web Search.xml => moved successfully.
C:\Users\Bennani\AppData\Roaming\Mozilla\Firefox\Profiles\nla6zqke.default\Extensions\jid1-6gzTcCreJnRqoIj7t8ltxj2HuKc@jetpack.xpi => moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com => moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\bdwteff@bitdefender.com => value removed successfully
Service KMSELDI => Service removed successfully
C:\Users\Bennani\AppData\Local\{C4F77483-634E-4290-B6F6-486F012534DE} => moved successfully.
C:\Users\Bennani\AppData\Roaming\uTorrent => moved successfully.
C:\ProgramData\1408788808.bdinstall.bin => moved successfully.
C:\ProgramData\1417030112.bdinstall.bin => moved successfully.
C:\Users\Bennani\AppData\Local\Smartbar => moved successfully.
C:\Users\Bennani\AppData\Local\Temp\1abpdenl.dll => moved successfully.
C:\Users\Bennani\AppData\Local\Temp\sp58915.exe => moved successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F8F264C8-745F-4A4E-916E-378F5C8EF6EE} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{85C40B82-13A5-4BA3-8DC8-CD6711ACC64E} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FCF54265-B3CF-48AD-B0C1-7DFF52E51049} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5DE642F4-DEF4-43AC-9991-A7545D9D24DF} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E4F2C699-F30B-4900-8DC0-9E7C7E872712} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CA2B24E8-8EA6-41B0-9344-341E99CAB694} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{02A5B6F2-B983-4DE5-B957-AE60544AA59E} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45914352-CAB3-4D29-8CB9-F45BC8ECEC83} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{13E3378B-1FA0-46AC-BF38-D2A0E0F3B7D2} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F9B889D4-90D4-4052-9503-EAE3D6CACDFD} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4E96B918-0A82-46DD-874B-23E4FDE05532} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75ECABFD-06F0-48B6-AE65-22CC61C14D77} => value removed successfully
EmptyTemp: => 558.4 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 21:40:11 ====

Publicité


Signaler le contenu de ce document

Publicité