API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 21st, 2015
370
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.11 KB | None | 0 0
raw download clone embed print report
  1. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-04-2015
  2. Ran by minh at 2015-04-21 07:42:42 Run:1
  3. Running from C:\Users\minh\Desktop
  4. Loaded Profiles: minh (Available profiles: minh)
  5. Boot Mode: Normal
  6. ==============================================
  7.  
  8. Content of fixlist:
  9. *****************
  10. Start
  11. CreateRestorePoint:
  12. CloseProcesses:
  13. HKLM-x32\...\Run: [] => [X]
  14. Winlogon\Notify\igfxcui: igfxdev.dll [X]
  15. CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  16. HKU\S-1-5-21-2449617907-3497520671-1790711468-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  17. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
  18. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
  19. HKU\S-1-5-21-2449617907-3497520671-1790711468-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
  20. SearchScopes: HKU\S-1-5-21-2449617907-3497520671-1790711468-1000 -> {1A5454B2-9035-4B86-941A-29DC183D68AD} URL =
  21. FF Plugin: @microsoft.com/GENUINE -> disabled No File
  22. FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  23. S3 catchme; \??\C:\ComboFix\catchme.sys [X]
  24. C:\Users\minh\AppData\Roaming\appdataFr3.bin
  25. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
  26. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
  27. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
  28. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
  29. CMD: netsh advfirewall reset
  30. CMD: netsh advfirewall set allprofiles state on
  31. CMD: ipconfig /flushdns
  32. EmptyTemp:
  33. Hosts:
  34. End
  35. *****************
  36.  
  37. Restore point was successfully created.
  38. Processes closed successfully.
  39. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
  40. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => Key deleted successfully.
  41. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
  42. "HKU\S-1-5-21-2449617907-3497520671-1790711468-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
  43. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
  44. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value deleted successfully.
  45. HKU\S-1-5-21-2449617907-3497520671-1790711468-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
  46. "HKU\S-1-5-21-2449617907-3497520671-1790711468-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1A5454B2-9035-4B86-941A-29DC183D68AD}" => Key deleted successfully.
  47. HKCR\CLSID\{1A5454B2-9035-4B86-941A-29DC183D68AD} => Key not found.
  48. "HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
  49. "HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
  50. catchme => Service deleted successfully.
  51. C:\Users\minh\AppData\Roaming\appdataFr3.bin => Moved successfully.
  52. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart" => Key deleted successfully.
  53. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys" => Key deleted successfully.
  54. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart" => Key deleted successfully.
  55. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys" => Key deleted successfully.
  56.  
  57. ========= netsh advfirewall reset =========
  58.  
  59. Ok.
  60.  
  61.  
  62. ========= End of CMD: =========
  63.  
  64.  
  65. ========= netsh advfirewall set allprofiles state on =========
  66.  
  67. Ok.
  68.  
  69.  
  70. ========= End of CMD: =========
  71.  
  72.  
  73. ========= ipconfig /flushdns =========
  74.  
  75.  
  76. Windows IP Configuration
  77.  
  78. Successfully flushed the DNS Resolver Cache.
  79.  
  80. ========= End of CMD: =========
  81.  
  82. C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
  83. Hosts was reset successfully.
  84. EmptyTemp: => Removed 973.5 MB temporary data.
  85.  
  86.  
  87. The system needed a reboot.
  88.  
  89. ==== End of Fixlog 07:43:12 ====
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!