Winterblizzard
Posts: 24 +0
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-12-2014 01
Ran by Cole at 2014-12-09 15:21:23 Run:1
Running from C:\Users\Cole\Desktop\FixlistandFRST64
Loaded Profile: Cole (Available profiles: Cole)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1563641593-1657672194-2611614249-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
Toolbar: HKU\S-1-5-21-1563641593-1657672194-2611614249-1001 -> No Name - {5F0DB9C6-EF49-4748-A75D-FAD76538734C} - No File
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
C:\ProgramData\hash.dat
C:\Users\Cole\AppData\Local\temp\Quarantine.exe
C:\Users\Cole\AppData\Local\temp\sqlite3.dll
*****************
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-1563641593-1657672194-2611614249-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKU\S-1-5-21-1563641593-1657672194-2611614249-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5F0DB9C6-EF49-4748-A75D-FAD76538734C} => value deleted successfully.
"HKCR\CLSID\{5F0DB9C6-EF49-4748-A75D-FAD76538734C}" => Key not found.
catchme => Service deleted successfully.
EagleX64 => Service deleted successfully.
VBoxNetFlt => Service deleted successfully.
X6va012 => Service deleted successfully.
C:\ProgramData\hash.dat => Moved successfully.
C:\Users\Cole\AppData\Local\temp\Quarantine.exe => Moved successfully.
C:\Users\Cole\AppData\Local\temp\sqlite3.dll => Moved successfully.
==== End of Fixlog ====
Ran by Cole at 2014-12-09 15:21:23 Run:1
Running from C:\Users\Cole\Desktop\FixlistandFRST64
Loaded Profile: Cole (Available profiles: Cole)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1563641593-1657672194-2611614249-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
Toolbar: HKU\S-1-5-21-1563641593-1657672194-2611614249-1001 -> No Name - {5F0DB9C6-EF49-4748-A75D-FAD76538734C} - No File
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
C:\ProgramData\hash.dat
C:\Users\Cole\AppData\Local\temp\Quarantine.exe
C:\Users\Cole\AppData\Local\temp\sqlite3.dll
*****************
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-1563641593-1657672194-2611614249-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKU\S-1-5-21-1563641593-1657672194-2611614249-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5F0DB9C6-EF49-4748-A75D-FAD76538734C} => value deleted successfully.
"HKCR\CLSID\{5F0DB9C6-EF49-4748-A75D-FAD76538734C}" => Key not found.
catchme => Service deleted successfully.
EagleX64 => Service deleted successfully.
VBoxNetFlt => Service deleted successfully.
X6va012 => Service deleted successfully.
C:\ProgramData\hash.dat => Moved successfully.
C:\Users\Cole\AppData\Local\temp\Quarantine.exe => Moved successfully.
C:\Users\Cole\AppData\Local\temp\sqlite3.dll => Moved successfully.
==== End of Fixlog ====