API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 25th, 2014
213
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.63 KB | None | 0 0
raw download clone embed print report
  1. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-07-2014 01
  2. Ran by PAUL at 2014-07-25 22:17:26 Run:3
  3. Running from C:\Users\PAUL\Desktop\Mailware
  4. Boot Mode: Normal
  5. ==============================================
  6.  
  7. Content of fixlist:
  8. *****************
  9. () C:\Windows\System32\mstcntrs.exe
  10. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  11. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  12. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  13. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  14. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  15. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  16. HKLM-x32\...\Run: [] => [X]
  17. GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  18. SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
  19. SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
  20. SearchScopes: HKLM-x32 - DefaultScope value is missing.
  21. SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  22. BHO: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files\{CAC9EFB5-4F70-4EDE-A049-A412D9A1075B}\{87EDDB32-D7FA-4FDB-A735-B25763682037}.bin (Download Protect)
  23. C:\Program Files\{CAC9EFB5-4F70-4EDE-A049-A412D9A1075B}\{87EDDB32-D7FA-4FDB-A735-B25763682037}.bin
  24. BHO-x32: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files (x86)\{7253BAE9-9C31-4697-89ED-1A8C78DC192E}\{CEDCB182-6F48-496A-B42D-6AE9F0BBD095}.bin (Download Protect)
  25. C:\Program Files (x86)\{7253BAE9-9C31-4697-89ED-1A8C78DC192E}\{CEDCB182-6F48-496A-B42D-6AE9F0BBD095}.bin (Download Protect)
  26. FF Plugin: @microsoft.com/GENUINE - disabled No File
  27. FF HKLM-x32\...\Firefox\Extensions: [{5960B094-9894-4CB6-8555-77E5440285A3}] - C:\Windows\Installer\{0D055583-FA89-496D-8684-C63CC7004BF5}\{5960B094-9894-4CB6-8555-77E5440285A3}.xpi
  28. FF Extension: Download Protect - C:\Windows\Installer\{0D055583-FA89-496D-8684-C63CC7004BF5}\{5960B094-9894-4CB6-8555-77E5440285A3}.xpi [2014-07-25]
  29. C:\Windows\Installer\{0D055583-FA89-496D-8684-C63CC7004BF5}\{5960B094-9894-4CB6-8555-77E5440285A3}.xpi [2014-07-25]
  30. CHR Extension: (Download Protect) - C:\Users\PAUL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjhjoemoechogmnomaebajbikjbicafe [2014-07-25]
  31. CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  32. R2 SebrchProtocolHost; C:\Windows\system32\mstcntrs.exe [118784 2013-12-23] () [File not signed]
  33. 2014-07-25 19:02 - 2014-07-25 19:02 - 00000000 ____D () C:\Program Files\{CAC9EFB5-4F70-4EDE-A049-A412D9A1075B}
  34. 2014-07-25 19:02 - 2014-07-25 19:02 - 00000000 ____D () C:\Program Files (x86)\{7253BAE9-9C31-4697-89ED-1A8C78DC192E}
  35. 2014-07-25 17:31 - 2014-07-25 19:00 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  36. 2014-07-25 17:31 - 2014-07-25 18:36 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  37. C:\Users\PAUL\AppData\Local\Temp\avgnt.exe
  38. C:\Users\PAUL\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_mp3tagv258setup.exe
  39. C:\Users\PAUL\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
  40. C:\Users\PAUL\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
  41. C:\Users\PAUL\AppData\Local\Temp\QuickStores_Unlocker.exe
  42. Task: {051C2A8A-F99C-442B-9BF1-3C2DF77BDADF} - System32\Tasks\{2A0BDC3A-94D2-4A9A-B4E1-527FC0D712A8} => Chrome.exe
  43. Task: {2AB67FC4-35BC-45CA-A462-F56EAA1F0F4C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-24] (Google Inc.)
  44. Task: {2D41049D-A1C5-4379-A7E0-BF3F5936F632} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-880213145-57001013-3768279162-1000Core => C:\Users\PAUL\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-09] (Google Inc.)
  45. Task: {4A414945-AB07-4987-8A8C-CFFFF47390DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-24] (Google Inc.)
  46. Task: {4ED13A86-7A6C-4DAF-B59A-595B4ABE889C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-880213145-57001013-3768279162-1000UA => C:\Users\PAUL\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-09] (Google Inc.)
  47. Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  48. Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  49. Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-880213145-57001013-3768279162-1000Core.job => C:\Users\PAUL\AppData\Local\Google\Update\GoogleUpdate.exe
  50. Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-880213145-57001013-3768279162-1000UA.job => C:\Users\PAUL\AppData\Local\Google\Update\GoogleUpdate.exe
  51. 2013-12-23 21:32 - 2013-12-23 21:32 - 00118784 _____ () C:\Windows\system32\mstcntrs.exe
  52. AlternateDataStreams: C:\ProgramData\Temp:AD022376
  53. *****************
  54.  
  55. [1528] C:\Windows\System32\mstcntrs.exe => Process closed successfully.
  56. [4380] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe => Process closed successfully.
  57. [5508] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe => Process closed successfully.
  58. [5508] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe => Process closed successfully.
  59. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe => No running process found
  60. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe => No running process found
  61. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe => No running process found
  62. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
  63. C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
  64. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
  65. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
  66. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
  67. "HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
  68. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
  69. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
  70. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}" => Key deleted successfully.
  71. "HKCR\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}" => Key deleted successfully.
  72. "C:\Program Files\{CAC9EFB5-4F70-4EDE-A049-A412D9A1075B}\{87EDDB32-D7FA-4FDB-A735-B25763682037}.bin" => File/Directory not found.
  73. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}" => Key deleted successfully.
  74. "HKCR\Wow6432Node\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}" => Key deleted successfully.
  75. "C:\Program Files (x86)\{7253BAE9-9C31-4697-89ED-1A8C78DC192E}\{CEDCB182-6F48-496A-B42D-6AE9F0BBD095}.bin (Download Protect)" => File/Directory not found.
  76. "HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File" => Key not found.
  77. "FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
  78. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{5960B094-9894-4CB6-8555-77E5440285A3} => Value not found.
  79. C:\Windows\Installer\{0D055583-FA89-496D-8684-C63CC7004BF5}\{5960B094-9894-4CB6-8555-77E5440285A3}.xpi not found.
  80. "C:\Windows\Installer\{0D055583-FA89-496D-8684-C63CC7004BF5}\{5960B094-9894-4CB6-8555-77E5440285A3}.xpi [2014-07-25]" => File/Directory not found.
  81. C:\Users\PAUL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjhjoemoechogmnomaebajbikjbicafe directory not found.
  82. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
  83. SebrchProtocolHost => Service deleted successfully.
  84. "C:\Program Files\{CAC9EFB5-4F70-4EDE-A049-A412D9A1075B}" => File/Directory not found.
  85. "C:\Program Files (x86)\{7253BAE9-9C31-4697-89ED-1A8C78DC192E}" => File/Directory not found.
  86. C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
  87. C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
  88. C:\Users\PAUL\AppData\Local\Temp\avgnt.exe => Moved successfully.
  89. C:\Users\PAUL\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_mp3tagv258setup.exe => Moved successfully.
  90. C:\Users\PAUL\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe => Moved successfully.
  91. C:\Users\PAUL\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe => Moved successfully.
  92. C:\Users\PAUL\AppData\Local\Temp\QuickStores_Unlocker.exe => Moved successfully.
  93. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{051C2A8A-F99C-442B-9BF1-3C2DF77BDADF}" => Key deleted successfully.
  94. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{051C2A8A-F99C-442B-9BF1-3C2DF77BDADF}" => Key deleted successfully.
  95. C:\Windows\System32\Tasks\{2A0BDC3A-94D2-4A9A-B4E1-527FC0D712A8} => Moved successfully.
  96. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2A0BDC3A-94D2-4A9A-B4E1-527FC0D712A8}" => Key deleted successfully.
  97. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AB67FC4-35BC-45CA-A462-F56EAA1F0F4C}" => Key not found.
  98. C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
  99. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
  100. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D41049D-A1C5-4379-A7E0-BF3F5936F632}" => Key deleted successfully.
  101. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D41049D-A1C5-4379-A7E0-BF3F5936F632}" => Key deleted successfully.
  102. C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-880213145-57001013-3768279162-1000Core => Moved successfully.
  103. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-880213145-57001013-3768279162-1000Core" => Key deleted successfully.
  104. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A414945-AB07-4987-8A8C-CFFFF47390DE}" => Key not found.
  105. C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
  106. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
  107. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4ED13A86-7A6C-4DAF-B59A-595B4ABE889C}" => Key deleted successfully.
  108. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ED13A86-7A6C-4DAF-B59A-595B4ABE889C}" => Key deleted successfully.
  109. C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-880213145-57001013-3768279162-1000UA => Moved successfully.
  110. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-880213145-57001013-3768279162-1000UA" => Key deleted successfully.
  111. C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
  112. C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
  113. C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-880213145-57001013-3768279162-1000Core.job => Moved successfully.
  114. C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-880213145-57001013-3768279162-1000UA.job => Moved successfully.
  115. C:\Windows\system32\mstcntrs.exe => Moved successfully.
  116. C:\ProgramData\Temp => ":AD022376" ADS removed successfully.
  117.  
  118.  
  119. The system needed a reboot.
  120.  
  121. ==== End of Fixlog ====
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!