API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 7th, 2018
140
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.05 KB | None | 0 0
raw download clone embed print report
  1. Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 02.08.2018
  2. Uruchomiony przez mike (07-08-2018 19:40:13) Run:1
  3. Uruchomiony z C:\Users\mike\Downloads
  4. Załadowane profile: mike (Dostępne profile: defaultuser0 & mike)
  5. Tryb startu: Normal
  6. ==============================================
  7.  
  8. fixlist - zawartość:
  9. *****************
  10. CloseProcesses:
  11. CreateRestorePoint:
  12. EmptyTemp:
  13. VirusTotal: C:\Users\mike\Downloads\a7ykymh6.exe
  14. CustomCLSID: HKU\S-1-5-21-3813753414-3908090346-2982434286-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A94103D4E3CC}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Brak pliku
  15. ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll -> Brak pliku
  16. ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Brak pliku
  17. ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
  18. ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Brak pliku
  19. Task: {FFDA825A-3849-46D2-9015-AB5DE0937BC0} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
  20. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09
  21. HKU\S-1-5-21-3813753414-3908090346-2982434286-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09
  22. SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09&q={searchTerms}
  23. SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09&q={searchTerms}
  24. SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09&q={searchTerms}
  25. SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09&q={searchTerms}
  26. SearchScopes: HKU\S-1-5-21-3813753414-3908090346-2982434286-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09&q={searchTerms}
  27. SearchScopes: HKU\S-1-5-21-3813753414-3908090346-2982434286-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09&q={searchTerms}
  28. CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nie znaleziono>
  29. CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
  30. HKLM\SYSTEM\CurrentControlSet\Services\45837DE3BA5D8900 <==== UWAGA (Rootkit!)
  31. C:\Users\mike\Downloads\a7ykymh6.exe
  32.  
  33. *****************
  34.  
  35. Procesy zostały pomyślnie zamknięte.
  36. Błąd: (0) Nie udało się utworzyć punktu przywracania.
  37. VirusTotal: C:\Users\mike\Downloads\a7ykymh6.exe => D41D8CD98F00B204E9800998ECF8427E (0-byte MD5)
  38. "HKU\S-1-5-21-3813753414-3908090346-2982434286-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A94103D4E3CC}" => pomyślnie usunięto
  39. "HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Cover Designer" => pomyślnie usunięto
  40. "HKLM\Software\Wow6432Node\Classes\CLSID\{73FCA462-9BD5-4065-A73F-A8E5F6904EF7}" => pomyślnie usunięto
  41. "HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO" => pomyślnie usunięto
  42. HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => nie znaleziono
  43. "HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => pomyślnie usunięto
  44. HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => nie znaleziono
  45. "HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO" => pomyślnie usunięto
  46. HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => nie znaleziono
  47. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFDA825A-3849-46D2-9015-AB5DE0937BC0}" => pomyślnie usunięto
  48. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFDA825A-3849-46D2-9015-AB5DE0937BC0}" => pomyślnie usunięto
  49. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => nie znaleziono
  50. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
  51. HKU\S-1-5-21-3813753414-3908090346-2982434286-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
  52. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono
  53. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => pomyślnie usunięto
  54. HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => nie znaleziono
  55. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono
  56. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => pomyślnie usunięto
  57. HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => nie znaleziono
  58. "HKU\S-1-5-21-3813753414-3908090346-2982434286-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto
  59. "HKU\S-1-5-21-3813753414-3908090346-2982434286-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => pomyślnie usunięto
  60. HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => nie znaleziono
  61. "HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek" => pomyślnie usunięto
  62. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg" => pomyślnie usunięto
  63. HKLM\SYSTEM\CurrentControlSet\Services\45837DE3BA5D8900 <==== UWAGA (Rootkit!) => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia.
  64. C:\Users\mike\Downloads\a7ykymh6.exe => pomyślnie przeniesiono
  65.  
  66. =========== EmptyTemp: ==========
  67.  
  68. BITS transfer queue => 6053888 B
  69. DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13080112 B
  70. Java, Flash, Steam htmlcache => 71605247 B
  71. Windows/system/drivers => 671795 B
  72. Edge => 2426649 B
  73. Chrome => 0 B
  74. Firefox => 390216971 B
  75. Opera => 0 B
  76.  
  77. Temp, IE cache, history, cookies, recent:
  78. Default => 6656 B
  79. Users => 0 B
  80. ProgramData => 0 B
  81. Public => 0 B
  82. systemprofile => 0 B
  83. systemprofile32 => 0 B
  84. LocalService => 0 B
  85. LocalService => 0 B
  86. NetworkService => 0 B
  87. NetworkService => 0 B
  88. defaultuser0 => 0 B
  89. mike => 212471324 B
  90.  
  91. RecycleBin => 0 B
  92. EmptyTemp: => 664.3 MB danych tymczasowych Usunięto.
  93.  
  94. ================================
  95.  
  96.  
  97. System wymagał restartu.
  98.  
  99. ==== Koniec Fixlog 19:40:58 ====
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!