cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Scan Tool (x64) Version:25-08-2015 02
Ran by PAULO (2015-08-25 22:43:46) Run:1
Running from C:\Users\PAULO\Desktop
Loaded Profiles: PAULO (Available Profiles: PAULO)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
S1 lwylfutm; \??\C:\WINDOWS\system32\drivers\lwylfutm.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
S5 WinDivert1.1; <===== ATTENTION: Locked Service
2015-08-07 00:53 - 2015-08-07 00:57 - 01398750 _____ C:\WINDOWS\SysWOW64\kavremvr 2015-08-07 00-53-46 (pid 9252).log
2015-08-07 00:53 - 2015-08-07 00:57 - 00000022 _____ C:\Users\PAULO\Downloads\kavremover.zip
2015-08-06 19:58 - 2014-10-09 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
Task: {C475EC89-EF57-49FB-B5C0-B375D2F39F54} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
Task: {78F8091B-9C69-482C-AD59-2680695137AA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {9A7D896A-EB28-4D91-B43A-3C6C660EC9DB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A06F675D-626C-4ECB-AFC8-69788F1B3FFE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {ACB50037-CC28-4269-900A-680F0786D716} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B3173518-F6B6-43DD-BCFE-43720A94B87D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {BD7C5B4A-39D9-4987-95C1-AE79CAA1463E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C5FB748C-1E7F-4F49-8A4F-D9C11085BB85} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {CF7DAF55-2C3A-45B2-BCF0-9B99F5412F2A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D742F6B7-2251-46A9-965A-D03E287BDABD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {F3AAFB9E-E774-4F28-8061-133DA0862673} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F7D75242-2DCE-40C1-8BF4-4C5A585EEED8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
FirewallRules: [{E314AE35-3916-4AA9-8D33-618C40F7B295}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{DEB34A9C-11A4-48FD-BB4F-75BF182F65A0}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{CE71AC71-6F1F-484D-B13F-7E9A52BF4A97}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{CCF2D37D-DE27-4771-BB36-3DB2DD66B810}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{782C72A2-BE22-4DB9-B676-934F6EF9A510}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{C1C6E1E2-57AC-4D8C-82B3-C0D32461B39A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{3074D75B-DBF7-46F7-B985-0ABA84827E42}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{615A85CB-D898-4FE7-BD63-C2FEE6368595}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{9391BE92-5E67-41A9-9A6B-CA4AA0E7D218}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{83F44A12-C3CE-4EB4-8D9A-A69B3B105B52}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
CMD: netsh advfirewall reset
CreateRestorePoint:
EmptyTemp:
Reboot:
end
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\RestrictRun => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
lwylfutm => service removed successfully
wfpcapture => service removed successfully
WinDivert1.1 => service not found.
C:\WINDOWS\SysWOW64\kavremvr 2015-08-07 00-53-46 (pid 9252).log => moved successfully
C:\Users\PAULO\Downloads\kavremover.zip => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C475EC89-EF57-49FB-B5C0-B375D2F39F54}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C475EC89-EF57-49FB-B5C0-B375D2F39F54}" => key removed successfully
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78F8091B-9C69-482C-AD59-2680695137AA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78F8091B-9C69-482C-AD59-2680695137AA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A7D896A-EB28-4D91-B43A-3C6C660EC9DB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A7D896A-EB28-4D91-B43A-3C6C660EC9DB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A06F675D-626C-4ECB-AFC8-69788F1B3FFE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A06F675D-626C-4ECB-AFC8-69788F1B3FFE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ACB50037-CC28-4269-900A-680F0786D716}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACB50037-CC28-4269-900A-680F0786D716}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3173518-F6B6-43DD-BCFE-43720A94B87D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3173518-F6B6-43DD-BCFE-43720A94B87D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD7C5B4A-39D9-4987-95C1-AE79CAA1463E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD7C5B4A-39D9-4987-95C1-AE79CAA1463E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5FB748C-1E7F-4F49-8A4F-D9C11085BB85}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5FB748C-1E7F-4F49-8A4F-D9C11085BB85}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CF7DAF55-2C3A-45B2-BCF0-9B99F5412F2A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF7DAF55-2C3A-45B2-BCF0-9B99F5412F2A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D742F6B7-2251-46A9-965A-D03E287BDABD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D742F6B7-2251-46A9-965A-D03E287BDABD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3AAFB9E-E774-4F28-8061-133DA0862673}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3AAFB9E-E774-4F28-8061-133DA0862673}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7D75242-2DCE-40C1-8BF4-4C5A585EEED8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7D75242-2DCE-40C1-8BF4-4C5A585EEED8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E314AE35-3916-4AA9-8D33-618C40F7B295} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DEB34A9C-11A4-48FD-BB4F-75BF182F65A0} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE71AC71-6F1F-484D-B13F-7E9A52BF4A97} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CCF2D37D-DE27-4771-BB36-3DB2DD66B810} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{782C72A2-BE22-4DB9-B676-934F6EF9A510} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1C6E1E2-57AC-4D8C-82B3-C0D32461B39A} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3074D75B-DBF7-46F7-B985-0ABA84827E42} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{615A85CB-D898-4FE7-BD63-C2FEE6368595} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9391BE92-5E67-41A9-9A6B-CA4AA0E7D218} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{83F44A12-C3CE-4EB4-8D9A-A69B3B105B52} => value removed successfully

========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========

Restore point was successfully created.
EmptyTemp: => 143.2 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 22:44:19 ====

Publicité


Signaler le contenu de ce document

Publicité