Jump to content

AstraDaimon

Members
  • Content Count

    2
  • Joined

  • Last visited

About AstraDaimon

  • Rank
    New Member
  1. Fix result of Farbar Recovery Scan Tool (x64) Version: 23.04.2019 Ran by private (24-04-2019 23:09:32) Run:1 Running from C:\Users\private\Downloads Loaded Profiles: private (Available Profiles: private) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: EmptyTemp: CloseProcesses: HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-972725633-3369851496-79442316-1001\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-972725633-3369851496-79442316-1001\...\Policies\Explorer\DisallowRun: [1] Mshta.exe HKU\S-1-5-21-972725633-3369851496-79442316-1001\...\Policies\Explorer\DisallowRun: [2] powershell.exe HKU\S-1-5-21-972725633-3369851496-79442316-1001\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION Task: {08D7A902-CA81-4D03-BFBB-E0A5DC60BE92} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate Task: {E20D52D0-6659-40D1-9197-08ACEF454720} - System32\Tasks\DriverPack Notifier => C:\Program Files (x86)\DriverPack Notifier\DriverPackNotifier.exe Task: {F19B5128-EFC7-48CD-AD7C-7C7C3D36B155} - System32\Tasks\Microsoft\Windows\User Profile Service\MasterGuid => C:\Users\private\AppData\Roaming\\simpletools\\masterguid.exe HKU\S-1-5-21-972725633-3369851496-79442316-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10477_728_181027 SearchScopes: HKU\S-1-5-21-972725633-3369851496-79442316-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10477_728_181027&q={searchTerms} FF Extension: (Earth from space) - C:\Users\private\AppData\Roaming\Mozilla\Firefox\Profiles\sin8clk6.Dec2018-1545849910610\Extensions\{e3cdb989-8a0e-4fdf-aeed-02058fd00835}.xpi [2019-03-22] S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2018-08-02] () [File not signed] R1 M2E1ZDM0; C:\Windows\system32\drivers\M2E1ZDM0 [140008 2018-11-01] (technologiepillac.com -> ) R1 MTJhOG; C:\Windows\system32\drivers\MTJhOG [122520 2018-11-14] (technologievassy.com -> ) R1 NjE3ZWU2Yjg; C:\Windows\system32\drivers\NjE3ZWU2Yjg [121968 2019-02-04] (chavanactechnology.com -> ) R1 ODgzMjZkMmM5Z; C:\Windows\system32\drivers\ODgzMjZkMmM5Z [119920 2018-10-27] (technologiepillac.com -> ) S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X] S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X] R3 X6va066; \??\C:\Windows\SysWOW64\Drivers\X6va066 [X] S1 YjUzMzU5MTEyM2Mx; system32\drivers\YjUzMzU5MTEyM2Mx.sys [X] HKLM\...\StartupApproved\Run32: => "DriverPack Notifier" ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File AlternateDataStreams: C:\Users\private\Application Data:fbd50e2f7662a5c33287ddc6e65ab5a1 [394] AlternateDataStreams: C:\Users\private\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394] FirewallRules: [{B98B372F-B95B-4B0B-BBD0-B4D4B4860573}] => (Allow) C:\Windows\KMS-R@1n.exe () [File not signed] FirewallRules: [{5840B121-8319-4D56-8594-B06B169EDD75}] => (Allow) C:\Windows\KMS-R@1n.exe () [File not signed] C:\Windows\KMS-R@1n.exe C:\Windows\System32\Tasks\R@1n-KMS\ C:\Windows\system32\drivers\M2E1ZDM0 C:\Windows\system32\drivers\MTJhOG C:\Windows\system32\drivers\NjE3ZWU2Yjg C:\Windows\system32\drivers\ODgzMjZkMmM5Z C:\Program Files (x86)\DriverPack Notifier C:\Users\private\AppData\Roaming\\simpletools\\masterguid.exe Reboot: ***************** Restore point was successfully created. Processes closed successfully. "HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully "HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully "HKU\S-1-5-21-972725633-3369851496-79442316-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisallowRun" => removed successfully "HKU\S-1-5-21-972725633-3369851496-79442316-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\\1" => removed successfully "HKU\S-1-5-21-972725633-3369851496-79442316-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\\2" => removed successfully "HKU\S-1-5-21-972725633-3369851496-79442316-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\\3" => removed successfully HKLM\SOFTWARE\Policies\Mozilla => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08D7A902-CA81-4D03-BFBB-E0A5DC60BE92}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08D7A902-CA81-4D03-BFBB-E0A5DC60BE92}" => removed successfully C:\Windows\System32\Tasks\R@1n-KMS\Windows64Professional => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\Windows64Professional" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E20D52D0-6659-40D1-9197-08ACEF454720}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E20D52D0-6659-40D1-9197-08ACEF454720}" => removed successfully C:\Windows\System32\Tasks\DriverPack Notifier => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverPack Notifier" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F19B5128-EFC7-48CD-AD7C-7C7C3D36B155}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F19B5128-EFC7-48CD-AD7C-7C7C3D36B155}" => removed successfully C:\Windows\System32\Tasks\Microsoft\Windows\User Profile Service\MasterGuid => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\User Profile Service\MasterGuid" => removed successfully HKU\S-1-5-21-972725633-3369851496-79442316-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully HKU\S-1-5-21-972725633-3369851496-79442316-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} => removed successfully HKLM\Software\Classes\CLSID\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} => not found C:\Users\private\AppData\Roaming\Mozilla\Firefox\Profiles\sin8clk6.Dec2018-1545849910610\Extensions\{e3cdb989-8a0e-4fdf-aeed-02058fd00835}.xpi => moved successfully HKLM\System\CurrentControlSet\Services\KMS-R@1n => removed successfully KMS-R@1n => service removed successfully M2E1ZDM0 => Unable to stop service. HKLM\System\CurrentControlSet\Services\M2E1ZDM0 => removed successfully M2E1ZDM0 => service removed successfully MTJhOG => Unable to stop service. HKLM\System\CurrentControlSet\Services\MTJhOG => removed successfully MTJhOG => service removed successfully NjE3ZWU2Yjg => Unable to stop service. HKLM\System\CurrentControlSet\Services\NjE3ZWU2Yjg => removed successfully NjE3ZWU2Yjg => service removed successfully ODgzMjZkMmM5Z => Unable to stop service. HKLM\System\CurrentControlSet\Services\ODgzMjZkMmM5Z => removed successfully ODgzMjZkMmM5Z => service removed successfully HKLM\System\CurrentControlSet\Services\atillk64 => removed successfully atillk64 => service removed successfully HKLM\System\CurrentControlSet\Services\BAPIDRV => removed successfully BAPIDRV => service removed successfully HKLM\System\CurrentControlSet\Services\X6va066 => removed successfully X6va066 => service removed successfully HKLM\System\CurrentControlSet\Services\YjUzMzU5MTEyM2Mx => removed successfully YjUzMzU5MTEyM2Mx => service removed successfully "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\DriverPack Notifier" => removed successfully "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DriverPack Notifier" => not found "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found C:\Users\private\Application Data => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS removed successfully "C:\Users\private\AppData\Roaming" => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS not found. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B98B372F-B95B-4B0B-BBD0-B4D4B4860573}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5840B121-8319-4D56-8594-B06B169EDD75}" => removed successfully C:\Windows\KMS-R@1n.exe => moved successfully C:\Windows\System32\Tasks\R@1n-KMS => moved successfully C:\Windows\system32\drivers\M2E1ZDM0 => moved successfully C:\Windows\system32\drivers\MTJhOG => moved successfully C:\Windows\system32\drivers\NjE3ZWU2Yjg => moved successfully C:\Windows\system32\drivers\ODgzMjZkMmM5Z => moved successfully "C:\Program Files (x86)\DriverPack Notifier" => not found "C:\Users\private\AppData\Roaming\\simpletools\\masterguid.exe" => not found =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 128855428 B Java, Flash, Steam htmlcache => 405889215 B Windows/system/drivers => 222949 B Edge => 9498 B Chrome => 0 B Firefox => 2189021769 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 128 B LocalService => 0 B NetworkService => 15062756 B private => 62213185 B RecycleBin => 4086 B EmptyTemp: => 2.6 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 23:15:59 ==== All fixed I guess? Many thanks for the help.
  2. Pls guide me. Tia. Addition.txt FRST.txt
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.