API tools faq
paste
Guest User

Untitled

a guest
Oct 3rd, 2017
65
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.74 KB | None | 0 0
raw download clone embed print report
  1. Fix result of Farbar Recovery Scan Tool (x64) Version: 03-10-2017
  2. Ran by Mateusz (03-10-2017 23:10:38) Run:1
  3. Running from C:\Users\Mateusz\Downloads
  4. Loaded Profiles: Mateusz (Available Profiles: Mateusz)
  5. Boot Mode: Normal
  6. ==============================================
  7.  
  8. fixlist content:
  9. *****************
  10. CloseProcesses:
  11. ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
  12. Task: {438ABC54-29E6-4C9B-892D-502260C675A2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
  13. Task: {43C60824-2E8C-4AB8-809A-1AB56F037E4E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
  14. Task: {727D7186-D23B-4AF3-A9A5-8C8E93F80D9B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
  15. Task: {A5FDBF8E-DFD8-4797-974C-1F387BEEE513} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
  16. Task: {C559822F-0E48-4D8F-B25C-04171DAF0C4F} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-06-21] (Bitdefender)
  17. Task: {FE460D1A-AAB9-45F7-8CB5-EFA4A9610108} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate]
  18. FirewallRules: [{0F8FB708-5BF3-43FB-9EFF-D8D48A79E54F}] => (Allow) C:\Windows\KMS-R@1n.exe
  19. FirewallRules: [{21868A53-06EE-4852-BE72-E3A6650ED187}] => (Allow) C:\Windows\KMS-R@1n.exe
  20. HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-22-4B6147B1-00BC-4D0C-9128-68596A53D8A8\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-22-4B6147B (the data entry has 44 more characters).
  21. HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
  22. Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
  23. IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
  24. IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe
  25. BootExecute: autocheck autochk * sdnclean64.exe
  26. BHO: Portfel Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll => No File
  27. Toolbar: HKLM - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll No File
  28. FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff => not found
  29. FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff => not found
  30. R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-09-24] () [File not signed]
  31. C:\Windows\KMS-R@1n.exe
  32. C:\Windows\System32\Tasks\R@1n-KMS
  33. DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS
  34. U3 mbr; \??\C:\Users\Mateusz\AppData\Local\Temp\mbr.sys [X] <==== ATTENTION
  35. EmptyTemp:
  36. *****************
  37.  
  38. Processes closed successfully.
  39. HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
  40. HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
  41. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{438ABC54-29E6-4C9B-892D-502260C675A2} => key not found.
  42. C:\WINDOWS\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => not found.
  43. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system => key not found.
  44. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43C60824-2E8C-4AB8-809A-1AB56F037E4E} => key not found.
  45. C:\WINDOWS\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => not found.
  46. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates => key not found.
  47. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{727D7186-D23B-4AF3-A9A5-8C8E93F80D9B} => key not found.
  48. C:\WINDOWS\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => not found.
  49. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => key not found.
  50. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5FDBF8E-DFD8-4797-974C-1F387BEEE513} => key removed successfully
  51. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5FDBF8E-DFD8-4797-974C-1F387BEEE513} => key removed successfully
  52. C:\WINDOWS\System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => moved successfully
  53. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program 64 => key removed successfully
  54. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C559822F-0E48-4D8F-B25C-04171DAF0C4F} => key not found.
  55. C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => not found.
  56. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => key not found.
  57. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE460D1A-AAB9-45F7-8CB5-EFA4A9610108} => key removed successfully
  58. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE460D1A-AAB9-45F7-8CB5-EFA4A9610108} => key removed successfully
  59. C:\WINDOWS\System32\Tasks\R@1n-KMS\Windows64Professional => moved successfully
  60. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\Windows64Professional => key removed successfully
  61. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0F8FB708-5BF3-43FB-9EFF-D8D48A79E54F} => value removed successfully
  62. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{21868A53-06EE-4852-BE72-E3A6650ED187} => value removed successfully
  63. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\InstallerLauncher => value not found.
  64. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SDTray => value not found.
  65. HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => key not found.
  66. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\OSppSvc.exe => key removed successfully
  67. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe => key removed successfully
  68. HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
  69. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => key removed successfully
  70. HKLM\Software\Classes\CLSID\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => key removed successfully
  71. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => value removed successfully
  72. HKLM\Software\Classes\CLSID\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => key not found.
  73. HKLM\Software\Mozilla\Firefox\Extensions\\bdwtwe@bitdefender.com => value removed successfully
  74. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\bdwtwe@bitdefender.com => value removed successfully
  75. HKLM\System\CurrentControlSet\Services\KMS-R@1n => key removed successfully
  76. KMS-R@1n => service removed successfully
  77. C:\Windows\KMS-R@1n.exe => moved successfully
  78. C:\Windows\System32\Tasks\R@1n-KMS => moved successfully
  79. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS => key removed successfully
  80. mbr => service not found.
  81.  
  82. =========== EmptyTemp: ==========
  83.  
  84. BITS transfer queue => 6053888 B
  85. DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13868113 B
  86. Java, Flash, Steam htmlcache => 53228211 B
  87. Windows/system/drivers => 971386787 B
  88. Edge => 29073720 B
  89. Chrome => 694992471 B
  90. Firefox => 0 B
  91. Opera => 0 B
  92.  
  93. Temp, IE cache, history, cookies, recent:
  94. Default => 0 B
  95. Users => 0 B
  96. ProgramData => 0 B
  97. Public => 0 B
  98. systemprofile => 128 B
  99. systemprofile32 => 0 B
  100. LocalService => 13938 B
  101. NetworkService => 27418 B
  102. Mateusz => 406512038 B
  103.  
  104. RecycleBin => 89503 B
  105. EmptyTemp: => 2 GB temporary data Removed.
  106.  
  107. ================================
  108.  
  109.  
  110. The system needed a reboot.
  111.  
  112. ==== End of Fixlog 23:10:51 ====
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!