cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Scan Tool (x64) Version:25-08-2015 02
Ran by NEWUSU (2015-08-26 14:14:01) Run:1
Running from C:\Users\NEWUSU\Desktop
Loaded Profiles: NEWUSU & Servidor (Available Profiles: NEWUSU & arthur & Servidor & Convidado)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
GroupPolicyScripts: Group Policy detected <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-12-27] ()
S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
S1 Bnbase; System32\drivers\bnbasex64.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
U3 catchme; \??\C:\Users\NEWUSU\AppData\Local\Temp\catchme.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
U2 V2iMount; no ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-08-26 09:59 - 2015-08-26 09:59 - 00003193 _____ C:\Users\NEWUSU\Desktop\ZHPFixReport.txt
2015-08-26 09:56 - 2015-08-26 09:59 - 00000000 ____D C:\Users\NEWUSU\AppData\Roaming\ZHP
2015-08-26 09:56 - 2015-08-26 09:56 - 00001853 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2015-08-26 09:56 - 2015-08-26 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-08-26 09:56 - 2015-08-26 09:56 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2015-08-26 09:54 - 2015-08-26 09:56 - 03521472 _____ (Nicolas Coolman ) C:\Users\NEWUSU\Desktop\ZHPFix.exe
2015-08-26 09:47 - 2015-08-26 09:47 - 03521472 _____ (Nicolas Coolman ) C:\Users\Servidor.SERVIDOR\Desktop\ZHPFix.exe
2015-08-25 18:45 - 2015-08-25 18:45 - 00072000 _____ C:\Users\Servidor.SERVIDOR\Desktop\ZHPDiag.txt
2015-08-25 18:43 - 2015-08-25 18:44 - 00000000 ____D C:\Users\Servidor.SERVIDOR\AppData\Roaming\ZHP
2015-08-25 18:43 - 2015-08-25 18:43 - 01904640 _____ C:\ZHPDiag3.exe
2015-08-25 18:43 - 2015-08-25 18:43 - 00000794 _____ C:\Users\Servidor.SERVIDOR\Desktop\ZHPDiag.lnk
2015-07-31 16:27 - 2015-07-31 16:27 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-08-25 11:28 - 2015-03-24 17:49 - 00001024 _____ C:\.rnd
Task: {3F5E3C2D-630E-4C29-AF09-E71CC8590A55} - \APSnotifierPP2 -> No File <==== ATTENTION
Task: {7F786ECB-2FCC-439C-B762-AF06353C6F86} - \APSnotifierPP3 -> No File <==== ATTENTION
Task: {96EB286C-3BF9-47DC-8FE0-4D03DB33D3F5} - \APSnotifierPP1 -> No File <==== ATTENTION
Task: {AE65F7AC-CE6D-48D0-A0DC-0C4309C65915} - System32\Tasks\{60DB1F8F-EC97-4309-A08B-4707B1F6D67F} => pcalua.exe -a C:\Users\servidor\AppData\Roaming\uTorrent\uTorrent.exe -c /UNINSTALL
Task: {C1584255-98F7-4E76-B89F-DE597997EC20} - \SmartWeb Upgrade Trigger Task -> No File <==== ATTENTION
Task: {E0994E4F-9859-40FE-9958-F59FF6DA7A8D} - \NetEngine -> No File <==== ATTENTION
Task: {F99F6A0D-4298-4305-8B54-89D7D1F55041} - System32\Tasks\{4B60F0E6-CB1F-45D3-B1CD-F19E2A6C4FEE} => pcalua.exe -a "C:\Program Files (x86)\ZHPDiag\ZHPhep.exe" -d "C:\Program Files (x86)\ZHPDiag"
Task: {FAF6D6F3-AC4F-4AAB-9134-21B6D845D594} - System32\Tasks\{B660AFDC-24A2-4A2B-971C-EA18147EFC19} => pcalua.exe -a "C:\Users\servidor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BTQOW3GC\vnc-4_1_1-x86_win32.exe" -d "C:\Users\servidor\Desktop"
C:\Users\servidor\AppData\Local\Temp\FFSetup3.7.0.0.exe
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
Hosts:
end
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
GVTDrv64 => service removed successfully
Bfilter => service removed successfully
Bfmon => service removed successfully
Bnbase => service removed successfully
Bndef => service removed successfully
Bprotect => service removed successfully
catchme => service removed successfully
gbpddfac => service removed successfully
V2iMount => service removed successfully
VGPU => service removed successfully
C:\Users\NEWUSU\Desktop\ZHPFixReport.txt => moved successfully
C:\Users\NEWUSU\AppData\Roaming\ZHP => moved successfully
C:\Users\Public\Desktop\ZHPFix.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP => moved successfully
C:\Program Files (x86)\ZHPFix => moved successfully
C:\Users\NEWUSU\Desktop\ZHPFix.exe => moved successfully
C:\Users\Servidor.SERVIDOR\Desktop\ZHPFix.exe => moved successfully
C:\Users\Servidor.SERVIDOR\Desktop\ZHPDiag.txt => moved successfully
C:\Users\Servidor.SERVIDOR\AppData\Roaming\ZHP => moved successfully
C:\ZHPDiag3.exe => moved successfully
C:\Users\Servidor.SERVIDOR\Desktop\ZHPDiag.lnk => moved successfully
C:\Users\Public\Documents\Baidu => moved successfully
C:\.rnd => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F5E3C2D-630E-4C29-AF09-E71CC8590A55}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F5E3C2D-630E-4C29-AF09-E71CC8590A55}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2 => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F786ECB-2FCC-439C-B762-AF06353C6F86}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F786ECB-2FCC-439C-B762-AF06353C6F86}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3 => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96EB286C-3BF9-47DC-8FE0-4D03DB33D3F5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96EB286C-3BF9-47DC-8FE0-4D03DB33D3F5}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1 => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE65F7AC-CE6D-48D0-A0DC-0C4309C65915}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE65F7AC-CE6D-48D0-A0DC-0C4309C65915}" => key removed successfully
C:\Windows\System32\Tasks\{60DB1F8F-EC97-4309-A08B-4707B1F6D67F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{60DB1F8F-EC97-4309-A08B-4707B1F6D67F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1584255-98F7-4E76-B89F-DE597997EC20}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1584255-98F7-4E76-B89F-DE597997EC20}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{E0994E4F-9859-40FE-9958-F59FF6DA7A8D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0994E4F-9859-40FE-9958-F59FF6DA7A8D}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NetEngine => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F99F6A0D-4298-4305-8B54-89D7D1F55041}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F99F6A0D-4298-4305-8B54-89D7D1F55041}" => key removed successfully
C:\Windows\System32\Tasks\{4B60F0E6-CB1F-45D3-B1CD-F19E2A6C4FEE} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4B60F0E6-CB1F-45D3-B1CD-F19E2A6C4FEE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAF6D6F3-AC4F-4AAB-9134-21B6D845D594}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAF6D6F3-AC4F-4AAB-9134-21B6D845D594}" => key removed successfully
C:\Windows\System32\Tasks\{B660AFDC-24A2-4A2B-971C-EA18147EFC19} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B660AFDC-24A2-4A2B-971C-EA18147EFC19}" => key removed successfully
C:\Users\servidor\AppData\Local\Temp\FFSetup3.7.0.0.exe => moved successfully
Restore point was successfully created.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-4220064015-3225715080-1381729876-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-4220064015-3225715080-1381729876-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-4220064015-3225715080-1381729876-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 2.2 GB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 14:14:46 ====

Publicité


Signaler le contenu de ce document

Publicité