Publicité
Publicité
Format du document : text/plain
Prévisualisation
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-05-2015
Ran by ADM at 2015-05-19 21:33:37 Run:1
Running from C:\Users\ADM\Desktop
Loaded Profiles: ADM (Available profiles: ADM & teste)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CloseProcesses:
HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\MountPoints2: {2fecddd3-ef65-11df-bdef-806e6f6e6963} - E:\Setup.exe
HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\MountPoints2: {b1f9047a-ef6e-11df-a19d-4487fc840258} - F:\SETUP.EXE
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
CHR DefaultSuggestURL: Profile 1 -> http://ssmsp.ask.com...q={searchTerms}
U3 ak09znco; C:\Windows\System32\Drivers\ak09znco.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 NPF; system32\drivers\NPF.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
2015-05-09 14:17 - 2015-05-11 09:09 - 00000000 ____D () C:\Users\Todos os Usuários\boost_interprocess
2015-05-09 14:17 - 2015-05-11 09:09 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-05-09 13:47 - 2015-05-09 13:47 - 00003286 _____ () C:\Windows\System32\Tasks\{056C18FC-653E-47CD-8E44-8F7C1EA8902D}
2015-05-09 13:45 - 2015-05-09 13:45 - 00003128 _____ () C:\Windows\System32\Tasks\{FF81205E-70FE-41A1-83AE-F652A6A1A287}
2015-05-09 13:42 - 2015-05-09 13:42 - 00000000 ____D () C:\Program Files (x86)\Java2
2015-05-08 15:28 - 2015-05-08 15:29 - 00001196 ____N () C:\DelFix.txt
2015-05-06 01:25 - 2015-05-07 08:37 - 00000000 ____D () C:\Users\ADM\AppData\Roaming\ZHP
2015-05-05 16:33 - 2015-05-05 16:33 - 00000000 ____D () C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2015-05-05 16:33 - 2015-05-05 16:33 - 00000000 ____D () C:\Trend Micro
2015-05-09 13:42 - 2010-12-05 21:26 - 00000000 ____D () C:\Program Files (x86)\Java
AlternateDataStreams: C:\ProgramData\TEMP:2E77EDB1
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:2E77EDB1
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:5C321E34
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:D1B5B4F1
C:\Users\ADM\AppData\Local\Temp\avgnt.exe
C:\Users\ADM\AppData\Local\Temp\Foxit Updater.exe
C:\Users\ADM\AppData\Local\Temp\_TinDel.exe
Folder: C:\Program Files (x86)\Java2
CMD: netsh advfirewall reset
CMD: ipconfig /flushdns
CreateRestorePoint:
emptytemp:
Hosts:
Reboot:
*****************
Processes closed successfully.
"HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2fecddd3-ef65-11df-bdef-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{2fecddd3-ef65-11df-bdef-806e6f6e6963} => Key not found.
"HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1f9047a-ef6e-11df-a19d-4487fc840258}" => Key deleted successfully.
HKCR\CLSID\{b1f9047a-ef6e-11df-a19d-4487fc840258} => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
Chrome DefaultSuggestURL not detected.
ak09znco => Service not found.
NPF => Service deleted successfully.
Synth3dVsc => Service deleted successfully.
tsusbhub => Service deleted successfully.
VGPU => Service deleted successfully.
X6va012 => Service deleted successfully.
C:\Users\Todos os Usuários\boost_interprocess => Moved successfully.
"C:\ProgramData\boost_interprocess" => File/Directory not found.
C:\Windows\System32\Tasks\{056C18FC-653E-47CD-8E44-8F7C1EA8902D} => Moved successfully.
C:\Windows\System32\Tasks\{FF81205E-70FE-41A1-83AE-F652A6A1A287} => Moved successfully.
C:\Program Files (x86)\Java2 => Moved successfully.
C:\DelFix.txt => Moved successfully.
C:\Users\ADM\AppData\Roaming\ZHP => Moved successfully.
C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis => Moved successfully.
C:\Trend Micro => Moved successfully.
C:\Program Files (x86)\Java => Moved successfully.
C:\ProgramData\TEMP => ":2E77EDB1" ADS removed successfully.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully.
"C:\Users\Todos os Usuários\TEMP" => ":2E77EDB1" ADS not found.
"C:\Users\Todos os Usuários\TEMP" => ":5C321E34" ADS not found.
"C:\Users\Todos os Usuários\TEMP" => ":D1B5B4F1" ADS not found.
C:\Users\ADM\AppData\Local\Temp\avgnt.exe => Moved successfully.
C:\Users\ADM\AppData\Local\Temp\Foxit Updater.exe => Moved successfully.
C:\Users\ADM\AppData\Local\Temp\_TinDel.exe => Moved successfully.
========================= Folder: C:\Program Files (x86)\Java2 ========================
Directory Not Found
========= netsh advfirewall reset =========
========= End of CMD: =========
========= ipconfig /flushdns =========
========= End of CMD: =========
Restore point was successfully created.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 286.3 MB temporary data.
The system needed a reboot.
==== End of Fixlog 21:35:27 ====
Ran by ADM at 2015-05-19 21:33:37 Run:1
Running from C:\Users\ADM\Desktop
Loaded Profiles: ADM (Available profiles: ADM & teste)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CloseProcesses:
HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\MountPoints2: {2fecddd3-ef65-11df-bdef-806e6f6e6963} - E:\Setup.exe
HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\...\MountPoints2: {b1f9047a-ef6e-11df-a19d-4487fc840258} - F:\SETUP.EXE
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2957143589-1019319754-4208424685-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
CHR DefaultSuggestURL: Profile 1 -> http://ssmsp.ask.com...q={searchTerms}
U3 ak09znco; C:\Windows\System32\Drivers\ak09znco.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 NPF; system32\drivers\NPF.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
2015-05-09 14:17 - 2015-05-11 09:09 - 00000000 ____D () C:\Users\Todos os Usuários\boost_interprocess
2015-05-09 14:17 - 2015-05-11 09:09 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-05-09 13:47 - 2015-05-09 13:47 - 00003286 _____ () C:\Windows\System32\Tasks\{056C18FC-653E-47CD-8E44-8F7C1EA8902D}
2015-05-09 13:45 - 2015-05-09 13:45 - 00003128 _____ () C:\Windows\System32\Tasks\{FF81205E-70FE-41A1-83AE-F652A6A1A287}
2015-05-09 13:42 - 2015-05-09 13:42 - 00000000 ____D () C:\Program Files (x86)\Java2
2015-05-08 15:28 - 2015-05-08 15:29 - 00001196 ____N () C:\DelFix.txt
2015-05-06 01:25 - 2015-05-07 08:37 - 00000000 ____D () C:\Users\ADM\AppData\Roaming\ZHP
2015-05-05 16:33 - 2015-05-05 16:33 - 00000000 ____D () C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2015-05-05 16:33 - 2015-05-05 16:33 - 00000000 ____D () C:\Trend Micro
2015-05-09 13:42 - 2010-12-05 21:26 - 00000000 ____D () C:\Program Files (x86)\Java
AlternateDataStreams: C:\ProgramData\TEMP:2E77EDB1
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:2E77EDB1
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:5C321E34
AlternateDataStreams: C:\Users\Todos os Usuários\TEMP:D1B5B4F1
C:\Users\ADM\AppData\Local\Temp\avgnt.exe
C:\Users\ADM\AppData\Local\Temp\Foxit Updater.exe
C:\Users\ADM\AppData\Local\Temp\_TinDel.exe
Folder: C:\Program Files (x86)\Java2
CMD: netsh advfirewall reset
CMD: ipconfig /flushdns
CreateRestorePoint:
emptytemp:
Hosts:
Reboot:
*****************
Processes closed successfully.
"HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2fecddd3-ef65-11df-bdef-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{2fecddd3-ef65-11df-bdef-806e6f6e6963} => Key not found.
"HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1f9047a-ef6e-11df-a19d-4487fc840258}" => Key deleted successfully.
HKCR\CLSID\{b1f9047a-ef6e-11df-a19d-4487fc840258} => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2957143589-1019319754-4208424685-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
Chrome DefaultSuggestURL not detected.
ak09znco => Service not found.
NPF => Service deleted successfully.
Synth3dVsc => Service deleted successfully.
tsusbhub => Service deleted successfully.
VGPU => Service deleted successfully.
X6va012 => Service deleted successfully.
C:\Users\Todos os Usuários\boost_interprocess => Moved successfully.
"C:\ProgramData\boost_interprocess" => File/Directory not found.
C:\Windows\System32\Tasks\{056C18FC-653E-47CD-8E44-8F7C1EA8902D} => Moved successfully.
C:\Windows\System32\Tasks\{FF81205E-70FE-41A1-83AE-F652A6A1A287} => Moved successfully.
C:\Program Files (x86)\Java2 => Moved successfully.
C:\DelFix.txt => Moved successfully.
C:\Users\ADM\AppData\Roaming\ZHP => Moved successfully.
C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis => Moved successfully.
C:\Trend Micro => Moved successfully.
C:\Program Files (x86)\Java => Moved successfully.
C:\ProgramData\TEMP => ":2E77EDB1" ADS removed successfully.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully.
"C:\Users\Todos os Usuários\TEMP" => ":2E77EDB1" ADS not found.
"C:\Users\Todos os Usuários\TEMP" => ":5C321E34" ADS not found.
"C:\Users\Todos os Usuários\TEMP" => ":D1B5B4F1" ADS not found.
C:\Users\ADM\AppData\Local\Temp\avgnt.exe => Moved successfully.
C:\Users\ADM\AppData\Local\Temp\Foxit Updater.exe => Moved successfully.
C:\Users\ADM\AppData\Local\Temp\_TinDel.exe => Moved successfully.
========================= Folder: C:\Program Files (x86)\Java2 ========================
Directory Not Found
========= netsh advfirewall reset =========
========= End of CMD: =========
========= ipconfig /flushdns =========
========= End of CMD: =========
Restore point was successfully created.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 286.3 MB temporary data.
The system needed a reboot.
==== End of Fixlog 21:35:27 ====