Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-01-2015 01
- Ran by Halimat at 2015-01-31 23:12:39 Run:1
- Running from C:\Users\Halimat\Desktop\Audio React Ring
- Loaded Profiles: Halimat (Available profiles: Halimat & fbwuser)
- Boot Mode: Normal
- ==============================================
- Content of fixlist:
- *****************
- Start
- CreateRestorePoint:
- CloseProcesses:
- HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-10] ()
- HKLM-x32\...\Run: [] => [X]
- HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
- HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2880536 2015-01-30] ()
- HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\...\Run: [Tetatet] => C:\Users\Halimat\tetatet\tetatet.exe [1856512 2013-04-13] ()
- HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
- HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\...\Run: [AdobeBridge] => [X]
- HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\...\Policies\Explorer: [NoInstrumentation] 1
- HKU\S-1-5-21-2618185841-1263108856-2755168256-1003\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
- AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
- AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll => "c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll" File Not Found
- C:\Users\Halimat\tetatet\tetatet.exe
- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
- C:\Users\Halimat\jagex_cl_runescape_LIVE.dat
- C:\Users\Halimat\jagex_cl_runescape_LIVE1.dat
- C:\Users\Halimat\random.dat
- CustomCLSID: HKU\S-1-5-21-2618185841-1263108856-2755168256-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
- Task: {02EA9D87-868A-40EC-8444-81E702C76E85} - System32\Tasks\{F93427F7-2679-45D8-87DD-A53A357359E0} => pcalua.exe -a C:\Users\Halimat\Downloads\tetatet_setup_126.exe -d C:\Users\Halimat\Downloads
- Task: {3D65E00C-A37E-4150-B895-A2152B1DE6C1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001UA => C:\Users\Halimat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-18] (Facebook Inc.)
- Task: {686CEFDF-B551-4AEE-B588-7C1617429DFF} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
- Task: {D5DB3345-9FA0-4B64-A114-66656807EBF3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001Core => C:\Users\Halimat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-18] (Facebook Inc.)
- Task: {E77FC5F1-CE93-4B0A-88B4-CA838FE7443C} - System32\Tasks\{3B5E2772-67AA-4C4E-A7D6-8E64A68DA153} => pcalua.exe -a C:\Users\Halimat\AppData\Local\Babylon\Setup\Setup.exe -d C:\Users\Halimat\AppData\Local\Babylon\Setup\ -c "C:\Users\Halimat\AppData\Local\Temp\{A42DB39D-BAB0-7891-BA5D-9539965EB766}\Setup.exe" Internet Files\Content.IE5\GGLLIGF2\Babylon9_setup[1].exe" -rc
- Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001Core.job => C:\Users\Halimat\AppData\Local\Facebook\Update\FacebookUpdate.exe
- Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001UA.job => C:\Users\Halimat\AppData\Local\Facebook\Update\FacebookUpdate.exe
- AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
- AlternateDataStreams: C:\Users\Halimat\Downloads\FIFA 15 COINS (IOS).eml:OECustomProperty
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
- CMD: netsh advfirewall reset
- CMD: netsh advfirewall set allprofiles state on
- CMD: ipconfig /flushdns
- Emptytemp:
- Hosts:
- End
- *****************
- Restore point was successfully created.
- Processes closed successfully.
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\PLFSetI => value deleted successfully.
- HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
- HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => value deleted successfully.
- HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => value deleted successfully.
- HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Tetatet => value deleted successfully.
- HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\MobileDocuments => value deleted successfully.
- HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
- HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInstrumentation => value deleted successfully.
- HKU\S-1-5-21-2618185841-1263108856-2755168256-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value not found.
- "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value Data removed successfully.
- "c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll" => Value Data removed successfully.
- C:\Users\Halimat\tetatet\tetatet.exe => Moved successfully.
- "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" => File/Directory not found.
- C:\Users\Halimat\jagex_cl_runescape_LIVE.dat => Moved successfully.
- C:\Users\Halimat\jagex_cl_runescape_LIVE1.dat => Moved successfully.
- C:\Users\Halimat\random.dat => Moved successfully.
- "HKU\S-1-5-21-2618185841-1263108856-2755168256-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}" => Key deleted successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02EA9D87-868A-40EC-8444-81E702C76E85}" => Key deleted successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02EA9D87-868A-40EC-8444-81E702C76E85}" => Key deleted successfully.
- C:\Windows\System32\Tasks\{F93427F7-2679-45D8-87DD-A53A357359E0} => Moved successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F93427F7-2679-45D8-87DD-A53A357359E0}" => Key deleted successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D65E00C-A37E-4150-B895-A2152B1DE6C1}" => Key deleted successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D65E00C-A37E-4150-B895-A2152B1DE6C1}" => Key deleted successfully.
- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001UA => Moved successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001UA" => Key deleted successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{686CEFDF-B551-4AEE-B588-7C1617429DFF}" => Key deleted successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{686CEFDF-B551-4AEE-B588-7C1617429DFF}" => Key deleted successfully.
- C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar => Moved successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar" => Key deleted successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5DB3345-9FA0-4B64-A114-66656807EBF3}" => Key deleted successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5DB3345-9FA0-4B64-A114-66656807EBF3}" => Key deleted successfully.
- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001Core => Moved successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001Core" => Key deleted successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E77FC5F1-CE93-4B0A-88B4-CA838FE7443C}" => Key deleted successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E77FC5F1-CE93-4B0A-88B4-CA838FE7443C}" => Key deleted successfully.
- C:\Windows\System32\Tasks\{3B5E2772-67AA-4C4E-A7D6-8E64A68DA153} => Moved successfully.
- "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3B5E2772-67AA-4C4E-A7D6-8E64A68DA153}" => Key deleted successfully.
- C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001Core.job => Moved successfully.
- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001UA.job => Moved successfully.
- C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
- C:\Users\Halimat\Downloads\FIFA 15 COINS (IOS).eml => ":OECustomProperty" ADS removed successfully.
- "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc" => Key deleted successfully.
- ========= netsh advfirewall reset =========
- OK.
- ========= End of CMD: =========
- ========= netsh advfirewall set allprofiles state on =========
- OK.
- ========= End of CMD: =========
- ========= ipconfig /flushdns =========
- Windows IP-konfigurasjon
- DNS Resolver-bufferen ble t�mt.
- ========= End of CMD: =========
- C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
- Hosts was reset successfully.
- EmptyTemp: => Removed 18.5 GB temporary data.
- The system needed a reboot.
- ==== End of Fixlog 23:24:46 ====
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement