Post by jkbojm on Nov 1, 2014 4:01:03 GMT -8
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-11-2014
Ran by kime at 2014-11-01 07:53:51 Run:1
Running from C:\Users\kime\Desktop
Loaded Profile: kime (Available profiles: kime)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-153806010-217916309-4060054218-1004\...\MountPoints2: {3af7f2cc-ffad-11e3-b9c0-806e6f6e6963} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-153806010-217916309-4060054218-1004\...\MountPoints2: {8adab881-ffb5-11e3-a917-4ceb426a85cd} - E:\SISetup.exe
HKU\S-1-5-21-153806010-217916309-4060054218-1004\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
C:\Users\kime\AppData\Local\Temp\siinst.exe
C:\Users\kime\AppData\Local\Temp\strings.dll
CustomCLSID: HKU\S-1-5-21-153806010-217916309-4060054218-1004_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
Reboot:
end
*****************
[1464] C:\WINDOWS\SysWOW64\dllhost.exe => Process closed successfully.
C:\WINDOWS\System32\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-153806010-217916309-4060054218-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3af7f2cc-ffad-11e3-b9c0-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{3af7f2cc-ffad-11e3-b9c0-806e6f6e6963}" => Key not found.
"HKU\S-1-5-21-153806010-217916309-4060054218-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8adab881-ffb5-11e3-a917-4ceb426a85cd}" => Key deleted successfully.
"HKCR\CLSID\{8adab881-ffb5-11e3-a917-4ceb426a85cd}" => Key not found.
"HKU\S-1-5-21-153806010-217916309-4060054218-1004\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32" => Key Deleted Successfully.
"HKU\S-1-5-21-153806010-217916309-4060054218-1004\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Users\kime\AppData\Local\Temp\siinst.exe => Moved successfully.
C:\Users\kime\AppData\Local\Temp\strings.dll => Moved successfully.
"HKU\S-1-5-21-153806010-217916309-4060054218-1004_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key not found.
The system needed a reboot.
==== End of Fixlog ====
Ran by kime at 2014-11-01 07:53:51 Run:1
Running from C:\Users\kime\Desktop
Loaded Profile: kime (Available profiles: kime)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-153806010-217916309-4060054218-1004\...\MountPoints2: {3af7f2cc-ffad-11e3-b9c0-806e6f6e6963} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-153806010-217916309-4060054218-1004\...\MountPoints2: {8adab881-ffb5-11e3-a917-4ceb426a85cd} - E:\SISetup.exe
HKU\S-1-5-21-153806010-217916309-4060054218-1004\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
C:\Users\kime\AppData\Local\Temp\siinst.exe
C:\Users\kime\AppData\Local\Temp\strings.dll
CustomCLSID: HKU\S-1-5-21-153806010-217916309-4060054218-1004_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
Reboot:
end
*****************
[1464] C:\WINDOWS\SysWOW64\dllhost.exe => Process closed successfully.
C:\WINDOWS\System32\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
C:\WINDOWS\SysWOW64\dllhost.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-153806010-217916309-4060054218-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3af7f2cc-ffad-11e3-b9c0-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{3af7f2cc-ffad-11e3-b9c0-806e6f6e6963}" => Key not found.
"HKU\S-1-5-21-153806010-217916309-4060054218-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8adab881-ffb5-11e3-a917-4ceb426a85cd}" => Key deleted successfully.
"HKCR\CLSID\{8adab881-ffb5-11e3-a917-4ceb426a85cd}" => Key not found.
"HKU\S-1-5-21-153806010-217916309-4060054218-1004\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32" => Key Deleted Successfully.
"HKU\S-1-5-21-153806010-217916309-4060054218-1004\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Users\kime\AppData\Local\Temp\siinst.exe => Moved successfully.
C:\Users\kime\AppData\Local\Temp\strings.dll => Moved successfully.
"HKU\S-1-5-21-153806010-217916309-4060054218-1004_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key not found.
The system needed a reboot.
==== End of Fixlog ====