Publicité
Publicité
Format du document : text/plain
Prévisualisation
Fix result of Farbar Recovery Scan Tool (x64) Version:04-07-2015
Ran by boulanger at 2015-07-05 16:53:32 Run:1
Running from D:\Torrents
Loaded Profiles: boulanger (Available Profiles: boulanger)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
(Software) C:\Program Files (x86)\Common Files\Hydrup\hydrup.exe
HKLM-x32\...\Run: [gmsd_us_255] => [X]
HKU\S-1-5-21-2107773142-4241447983-42072094-1000\...\Run: [AdobeBridge] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction
CHR HKU\S-1-5-21-2107773142-4241447983-42072094-1000\SOFTWARE\Policies\Google: Policy restriction
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:64575;https=127.0.0.1:64575
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {EE6AC587-9C9B-4131-8342-52D6C6ADA018} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-2107773142-4241447983-42072094-1000 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No File
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - No File
DisableService: Hydrup
R2 Hydrup; C:\Program Files (x86)\Common Files\Hydrup\hydrup.exe
RemoveDirectory: C:\Program Files (x86)\Common Files\Hydrup
C:\Users\boulanger\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\boulanger\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\boulanger\AppData\Local\Temp\nvStInst.exe
C:\Users\boulanger\AppData\Local\Temp\Quarantine.exe
C:\Users\boulanger\AppData\Local\Temp\sqlite3.dll
Task: {5B2579A6-E3CC-4498-95C4-396FF51DB3CE} - \e330685e-a257-4cd4-a187-72a7b94e6680-6 No Task File
Task: {CB4ECE3C-6D2F-411F-909A-A30DE8B582A7} - \big_phat_sports_helper_service No Task File
Task: {CF8C2D63-7F88-4648-924D-B6093FF07C05} - System32\Tasks\{61DD0639-42AC-4A8E-93CD-CFC78755D30F} => C:\Users\boulanger\Downloads\setup (5).exe
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\boulanger\Application Data:NT
AlternateDataStreams: C:\Users\boulanger\Application Data:NT2
AlternateDataStreams: C:\Users\boulanger\Downloads\chromeinstall-8u45.exe:BDU
AlternateDataStreams: C:\Users\boulanger\Downloads\OriginThinSetup.exe:BDU
AlternateDataStreams: C:\Users\boulanger\AppData\Roaming:NT
AlternateDataStreams: C:\Users\boulanger\AppData\Roaming:NT2
end
*****************
Processes closed successfully.
C:\Program Files (x86)\Common Files\Hydrup\hydrup.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_us_255 => value removed successfully
HKU\S-1-5-21-2107773142-4241447983-42072094-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-2107773142-4241447983-42072094-1000\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}" => key removed successfully
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EE6AC587-9C9B-4131-8342-52D6C6ADA018}" => key removed successfully
HKCR\CLSID\{EE6AC587-9C9B-4131-8342-52D6C6ADA018} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => key removed successfully
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2107773142-4241447983-42072094-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => value removed successfully
HKCR\CLSID\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => key not found.
"HKCR\PROTOCOLS\Handler\tmbp" => key removed successfully
HKCR\CLSID\{1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} => key not found.
Hydrup service was disabled
Hydrup => Service removed successfully
"C:\Program Files (x86)\Common Files\Hydrup" => removed successfully.
C:\Users\boulanger\AppData\Local\Temp\nvSCPAPI.dll => moved successfully.
C:\Users\boulanger\AppData\Local\Temp\nvSCPAPI64.dll => moved successfully.
C:\Users\boulanger\AppData\Local\Temp\nvStInst.exe => moved successfully.
C:\Users\boulanger\AppData\Local\Temp\Quarantine.exe => moved successfully.
C:\Users\boulanger\AppData\Local\Temp\sqlite3.dll => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B2579A6-E3CC-4498-95C4-396FF51DB3CE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B2579A6-E3CC-4498-95C4-396FF51DB3CE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e330685e-a257-4cd4-a187-72a7b94e6680-6" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CB4ECE3C-6D2F-411F-909A-A30DE8B582A7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB4ECE3C-6D2F-411F-909A-A30DE8B582A7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\big_phat_sports_helper_service" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF8C2D63-7F88-4648-924D-B6093FF07C05}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF8C2D63-7F88-4648-924D-B6093FF07C05}" => key removed successfully
C:\Windows\System32\Tasks\{61DD0639-42AC-4A8E-93CD-CFC78755D30F} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{61DD0639-42AC-4A8E-93CD-CFC78755D30F}" => key removed successfully
C:\ProgramData => ":NT" ADS removed successfully.
C:\ProgramData => ":NT2" ADS removed successfully.
"C:\Users\All Users" => ":NT" ADS not found.
"C:\Users\All Users" => ":NT2" ADS not found.
"C:\ProgramData\Application Data" => ":NT" ADS not found.
"C:\ProgramData\Application Data" => ":NT2" ADS not found.
C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully.
C:\ProgramData\MTA San Andreas All => ":NT2" ADS removed successfully.
"C:\Users\boulanger\Application Data" => ":NT" ADS not found.
"C:\Users\boulanger\Application Data" => ":NT2" ADS not found.
C:\Users\boulanger\Downloads\chromeinstall-8u45.exe => ":BDU" ADS removed successfully.
C:\Users\boulanger\Downloads\OriginThinSetup.exe => ":BDU" ADS removed successfully.
C:\Users\boulanger\AppData\Roaming => ":NT" ADS removed successfully.
C:\Users\boulanger\AppData\Roaming => ":NT2" ADS removed successfully.
The system needed a reboot..
==== End of Fixlog 16:53:32 ====
Ran by boulanger at 2015-07-05 16:53:32 Run:1
Running from D:\Torrents
Loaded Profiles: boulanger (Available Profiles: boulanger)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
(Software) C:\Program Files (x86)\Common Files\Hydrup\hydrup.exe
HKLM-x32\...\Run: [gmsd_us_255] => [X]
HKU\S-1-5-21-2107773142-4241447983-42072094-1000\...\Run: [AdobeBridge] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction
CHR HKU\S-1-5-21-2107773142-4241447983-42072094-1000\SOFTWARE\Policies\Google: Policy restriction
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:64575;https=127.0.0.1:64575
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {EE6AC587-9C9B-4131-8342-52D6C6ADA018} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-2107773142-4241447983-42072094-1000 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No File
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - No File
DisableService: Hydrup
R2 Hydrup; C:\Program Files (x86)\Common Files\Hydrup\hydrup.exe
RemoveDirectory: C:\Program Files (x86)\Common Files\Hydrup
C:\Users\boulanger\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\boulanger\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\boulanger\AppData\Local\Temp\nvStInst.exe
C:\Users\boulanger\AppData\Local\Temp\Quarantine.exe
C:\Users\boulanger\AppData\Local\Temp\sqlite3.dll
Task: {5B2579A6-E3CC-4498-95C4-396FF51DB3CE} - \e330685e-a257-4cd4-a187-72a7b94e6680-6 No Task File
Task: {CB4ECE3C-6D2F-411F-909A-A30DE8B582A7} - \big_phat_sports_helper_service No Task File
Task: {CF8C2D63-7F88-4648-924D-B6093FF07C05} - System32\Tasks\{61DD0639-42AC-4A8E-93CD-CFC78755D30F} => C:\Users\boulanger\Downloads\setup (5).exe
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\boulanger\Application Data:NT
AlternateDataStreams: C:\Users\boulanger\Application Data:NT2
AlternateDataStreams: C:\Users\boulanger\Downloads\chromeinstall-8u45.exe:BDU
AlternateDataStreams: C:\Users\boulanger\Downloads\OriginThinSetup.exe:BDU
AlternateDataStreams: C:\Users\boulanger\AppData\Roaming:NT
AlternateDataStreams: C:\Users\boulanger\AppData\Roaming:NT2
end
*****************
Processes closed successfully.
C:\Program Files (x86)\Common Files\Hydrup\hydrup.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_us_255 => value removed successfully
HKU\S-1-5-21-2107773142-4241447983-42072094-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-2107773142-4241447983-42072094-1000\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}" => key removed successfully
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EE6AC587-9C9B-4131-8342-52D6C6ADA018}" => key removed successfully
HKCR\CLSID\{EE6AC587-9C9B-4131-8342-52D6C6ADA018} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => key removed successfully
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2107773142-4241447983-42072094-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => value removed successfully
HKCR\CLSID\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => key not found.
"HKCR\PROTOCOLS\Handler\tmbp" => key removed successfully
HKCR\CLSID\{1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} => key not found.
Hydrup service was disabled
Hydrup => Service removed successfully
"C:\Program Files (x86)\Common Files\Hydrup" => removed successfully.
C:\Users\boulanger\AppData\Local\Temp\nvSCPAPI.dll => moved successfully.
C:\Users\boulanger\AppData\Local\Temp\nvSCPAPI64.dll => moved successfully.
C:\Users\boulanger\AppData\Local\Temp\nvStInst.exe => moved successfully.
C:\Users\boulanger\AppData\Local\Temp\Quarantine.exe => moved successfully.
C:\Users\boulanger\AppData\Local\Temp\sqlite3.dll => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B2579A6-E3CC-4498-95C4-396FF51DB3CE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B2579A6-E3CC-4498-95C4-396FF51DB3CE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e330685e-a257-4cd4-a187-72a7b94e6680-6" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CB4ECE3C-6D2F-411F-909A-A30DE8B582A7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB4ECE3C-6D2F-411F-909A-A30DE8B582A7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\big_phat_sports_helper_service" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF8C2D63-7F88-4648-924D-B6093FF07C05}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF8C2D63-7F88-4648-924D-B6093FF07C05}" => key removed successfully
C:\Windows\System32\Tasks\{61DD0639-42AC-4A8E-93CD-CFC78755D30F} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{61DD0639-42AC-4A8E-93CD-CFC78755D30F}" => key removed successfully
C:\ProgramData => ":NT" ADS removed successfully.
C:\ProgramData => ":NT2" ADS removed successfully.
"C:\Users\All Users" => ":NT" ADS not found.
"C:\Users\All Users" => ":NT2" ADS not found.
"C:\ProgramData\Application Data" => ":NT" ADS not found.
"C:\ProgramData\Application Data" => ":NT2" ADS not found.
C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully.
C:\ProgramData\MTA San Andreas All => ":NT2" ADS removed successfully.
"C:\Users\boulanger\Application Data" => ":NT" ADS not found.
"C:\Users\boulanger\Application Data" => ":NT2" ADS not found.
C:\Users\boulanger\Downloads\chromeinstall-8u45.exe => ":BDU" ADS removed successfully.
C:\Users\boulanger\Downloads\OriginThinSetup.exe => ":BDU" ADS removed successfully.
C:\Users\boulanger\AppData\Roaming => ":NT" ADS removed successfully.
C:\Users\boulanger\AppData\Roaming => ":NT2" ADS removed successfully.
The system needed a reboot..
==== End of Fixlog 16:53:32 ====