Advertisement
Guest User

fixlog

a guest
Jan 31st, 2015
234
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.60 KB | None | 0 0
  1. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-01-2015 01
  2. Ran by Halimat at 2015-01-31 23:12:39 Run:1
  3. Running from C:\Users\Halimat\Desktop\Audio React Ring
  4. Loaded Profiles: Halimat (Available profiles: Halimat & fbwuser)
  5. Boot Mode: Normal
  6. ==============================================
  7.  
  8. Content of fixlist:
  9. *****************
  10. Start
  11. CreateRestorePoint:
  12. CloseProcesses:
  13. HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-10] ()
  14. HKLM-x32\...\Run: [] => [X]
  15. HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
  16. HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2880536 2015-01-30] ()
  17. HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\...\Run: [Tetatet] => C:\Users\Halimat\tetatet\tetatet.exe [1856512 2013-04-13] ()
  18. HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
  19. HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\...\Run: [AdobeBridge] => [X]
  20. HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\...\Policies\Explorer: [NoInstrumentation] 1
  21. HKU\S-1-5-21-2618185841-1263108856-2755168256-1003\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
  22. AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
  23. AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll => "c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll" File Not Found
  24. C:\Users\Halimat\tetatet\tetatet.exe
  25. C:\Program Files (x86)\Ask.com\Updater\Updater.exe
  26. C:\Users\Halimat\jagex_cl_runescape_LIVE.dat
  27. C:\Users\Halimat\jagex_cl_runescape_LIVE1.dat
  28. C:\Users\Halimat\random.dat
  29. CustomCLSID: HKU\S-1-5-21-2618185841-1263108856-2755168256-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
  30. Task: {02EA9D87-868A-40EC-8444-81E702C76E85} - System32\Tasks\{F93427F7-2679-45D8-87DD-A53A357359E0} => pcalua.exe -a C:\Users\Halimat\Downloads\tetatet_setup_126.exe -d C:\Users\Halimat\Downloads
  31. Task: {3D65E00C-A37E-4150-B895-A2152B1DE6C1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001UA => C:\Users\Halimat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-18] (Facebook Inc.)
  32. Task: {686CEFDF-B551-4AEE-B588-7C1617429DFF} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
  33. Task: {D5DB3345-9FA0-4B64-A114-66656807EBF3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001Core => C:\Users\Halimat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-18] (Facebook Inc.)
  34. Task: {E77FC5F1-CE93-4B0A-88B4-CA838FE7443C} - System32\Tasks\{3B5E2772-67AA-4C4E-A7D6-8E64A68DA153} => pcalua.exe -a C:\Users\Halimat\AppData\Local\Babylon\Setup\Setup.exe -d C:\Users\Halimat\AppData\Local\Babylon\Setup\ -c "C:\Users\Halimat\AppData\Local\Temp\{A42DB39D-BAB0-7891-BA5D-9539965EB766}\Setup.exe" Internet Files\Content.IE5\GGLLIGF2\Babylon9_setup[1].exe" -rc
  35. Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  36. Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001Core.job => C:\Users\Halimat\AppData\Local\Facebook\Update\FacebookUpdate.exe
  37. Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001UA.job => C:\Users\Halimat\AppData\Local\Facebook\Update\FacebookUpdate.exe
  38. AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
  39. AlternateDataStreams: C:\Users\Halimat\Downloads\FIFA 15 COINS (IOS).eml:OECustomProperty
  40. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
  41. CMD: netsh advfirewall reset
  42. CMD: netsh advfirewall set allprofiles state on
  43. CMD: ipconfig /flushdns
  44. Emptytemp:
  45. Hosts:
  46. End
  47.  
  48. *****************
  49.  
  50. Restore point was successfully created.
  51. Processes closed successfully.
  52. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\PLFSetI => value deleted successfully.
  53. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
  54. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => value deleted successfully.
  55. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => value deleted successfully.
  56. HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Tetatet => value deleted successfully.
  57. HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\MobileDocuments => value deleted successfully.
  58. HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
  59. HKU\S-1-5-21-2618185841-1263108856-2755168256-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInstrumentation => value deleted successfully.
  60. HKU\S-1-5-21-2618185841-1263108856-2755168256-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value not found.
  61. "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value Data removed successfully.
  62. "c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll" => Value Data removed successfully.
  63. C:\Users\Halimat\tetatet\tetatet.exe => Moved successfully.
  64. "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" => File/Directory not found.
  65. C:\Users\Halimat\jagex_cl_runescape_LIVE.dat => Moved successfully.
  66. C:\Users\Halimat\jagex_cl_runescape_LIVE1.dat => Moved successfully.
  67. C:\Users\Halimat\random.dat => Moved successfully.
  68. "HKU\S-1-5-21-2618185841-1263108856-2755168256-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}" => Key deleted successfully.
  69. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02EA9D87-868A-40EC-8444-81E702C76E85}" => Key deleted successfully.
  70. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02EA9D87-868A-40EC-8444-81E702C76E85}" => Key deleted successfully.
  71. C:\Windows\System32\Tasks\{F93427F7-2679-45D8-87DD-A53A357359E0} => Moved successfully.
  72. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F93427F7-2679-45D8-87DD-A53A357359E0}" => Key deleted successfully.
  73. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D65E00C-A37E-4150-B895-A2152B1DE6C1}" => Key deleted successfully.
  74. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D65E00C-A37E-4150-B895-A2152B1DE6C1}" => Key deleted successfully.
  75. C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001UA => Moved successfully.
  76. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001UA" => Key deleted successfully.
  77. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{686CEFDF-B551-4AEE-B588-7C1617429DFF}" => Key deleted successfully.
  78. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{686CEFDF-B551-4AEE-B588-7C1617429DFF}" => Key deleted successfully.
  79. C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar => Moved successfully.
  80. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar" => Key deleted successfully.
  81. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5DB3345-9FA0-4B64-A114-66656807EBF3}" => Key deleted successfully.
  82. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5DB3345-9FA0-4B64-A114-66656807EBF3}" => Key deleted successfully.
  83. C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001Core => Moved successfully.
  84. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001Core" => Key deleted successfully.
  85. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E77FC5F1-CE93-4B0A-88B4-CA838FE7443C}" => Key deleted successfully.
  86. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E77FC5F1-CE93-4B0A-88B4-CA838FE7443C}" => Key deleted successfully.
  87. C:\Windows\System32\Tasks\{3B5E2772-67AA-4C4E-A7D6-8E64A68DA153} => Moved successfully.
  88. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3B5E2772-67AA-4C4E-A7D6-8E64A68DA153}" => Key deleted successfully.
  89. C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
  90. C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001Core.job => Moved successfully.
  91. C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2618185841-1263108856-2755168256-1001UA.job => Moved successfully.
  92. C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
  93. C:\Users\Halimat\Downloads\FIFA 15 COINS (IOS).eml => ":OECustomProperty" ADS removed successfully.
  94. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc" => Key deleted successfully.
  95.  
  96. ========= netsh advfirewall reset =========
  97.  
  98. OK.
  99.  
  100.  
  101. ========= End of CMD: =========
  102.  
  103.  
  104. ========= netsh advfirewall set allprofiles state on =========
  105.  
  106. OK.
  107.  
  108.  
  109. ========= End of CMD: =========
  110.  
  111.  
  112. ========= ipconfig /flushdns =========
  113.  
  114.  
  115. Windows IP-konfigurasjon
  116.  
  117. DNS Resolver-bufferen ble t�mt.
  118.  
  119. ========= End of CMD: =========
  120.  
  121. C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
  122. Hosts was reset successfully.
  123. EmptyTemp: => Removed 18.5 GB temporary data.
  124.  
  125.  
  126. The system needed a reboot.
  127.  
  128. ==== End of Fixlog 23:24:46 ====
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement