cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:22-06-2014
Ran by N at 2014-06-23 21:57:20 Run:1
Running from C:\Users\N\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
HKU\S-1-5-21-1715670674-287497209-379217394-1000\...\Winlogon: [Shell] C:\Windows\system32\Windows Audio Device Graph Isolation\audiodg.exe [39136256 2014-03-02] () <==== ATTENTION
IFEO\AvastSvc.exe: [Debugger] nqij.exe
IFEO\AvastUI.exe: [Debugger] nqij.exe
IFEO\avcenter.exe: [Debugger] nqij.exe
IFEO\avconfig.exe: [Debugger] nqij.exe
IFEO\avgcsrvx.exe: [Debugger] nqij.exe
IFEO\avgidsagent.exe: [Debugger] nqij.exe
IFEO\avgnt.exe: [Debugger] nqij.exe
IFEO\avgrsx.exe: [Debugger] nqij.exe
IFEO\avguard.exe: [Debugger] nqij.exe
IFEO\avgui.exe: [Debugger] nqij.exe
IFEO\avgwdsvc.exe: [Debugger] nqij.exe
IFEO\avp.exe: [Debugger] nqij.exe
IFEO\avscan.exe: [Debugger] nqij.exe
IFEO\bdagent.exe: [Debugger] nqij.exe
IFEO\blindman.exe: [Debugger] nqij.exe
IFEO\ccuac.exe: [Debugger] nqij.exe
IFEO\ComboFix.exe: [Debugger] nqij.exe
IFEO\egui.exe: [Debugger] nqij.exe
IFEO\hijackthis.exe: [Debugger] nqij.exe
IFEO\instup.exe: [Debugger] nqij.exe
IFEO\keyscrambler.exe: [Debugger] nqij.exe
IFEO\mbam.exe: [Debugger] nqij.exe
IFEO\mbamgui.exe: [Debugger] nqij.exe
IFEO\mbampt.exe: [Debugger] nqij.exe
IFEO\mbamscheduler.exe: [Debugger] nqij.exe
IFEO\mbamservice.exe: [Debugger] nqij.exe
IFEO\MpCmdRun.exe: [Debugger] nqij.exe
IFEO\MSASCui.exe: [Debugger] nqij.exe
IFEO\MsMpEng.exe: [Debugger] nqij.exe
IFEO\msseces.exe: [Debugger] nqij.exe
IFEO\rstrui.exe: [Debugger] nqij.exe
IFEO\SDFiles.exe: [Debugger] nqij.exe
IFEO\SDMain.exe: [Debugger] nqij.exe
IFEO\SDWinSec.exe: [Debugger] nqij.exe
IFEO\spybotsd.exe: [Debugger] nqij.exe
IFEO\wireshark.exe: [Debugger] nqij.exe
IFEO\zlclient.exe: [Debugger] nqij.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
2014-06-15 16:51 - 2011-05-24 13:15 - 04413896 _____ () C:\Users\N\Documents\PCOptimizerProSetup.exe
2014-06-15 16:51 - 2010-08-01 09:43 - 00325632 _____ () C:\Users\N\Documents\pc.optimizer.pro.v6.x.x-patch.exe
2014-06-15 16:40 - 2014-06-15 16:43 - 04739685 ____R () C:\Users\N\Documents\PC_Optimizer_Pro_6.1.4.5.rar
2014-06-17 18:50 - 2014-06-17 19:07 - 76520448 ____H () C:\Users\N\AppData\Roaming\svchost.exe
2014-06-15 15:25 - 2014-06-15 15:42 - 00000000 ____D () C:\ProgramData\ba8661613f2f77ca
2014-06-15 15:25 - 2014-06-15 15:25 - 00000290 __RSH () C:\ProgramData\ntuser.pol
2014-06-15 15:15 - 2014-06-15 15:35 - 00000000 ____D () C:\Users\N\AppData\Local\Genesis_06151315
2014-06-14 23:01 - 2014-06-23 20:06 - 00010788 _____ () C:\Windows\PFRO.log
2014-06-14 23:01 - 2014-06-23 20:06 - 00001904 _____ () C:\Windows\setupact.log
2014-06-14 23:01 - 2014-06-14 23:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-02 21:17 - 2014-06-13 20:09 - 00000000 _____ () C:\Users\N\Downloads\cacaoweb (4).exe
2014-05-24 23:55 - 2014-05-25 01:06 - 00000000 _____ () C:\Users\N\Downloads\cacaoweb (3).exe
2014-06-23 21:17 - 2009-07-14 06:34 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-23 21:17 - 2009-07-14 06:34 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-17 20:46 - 2014-06-17 20:46 - 00000000 ____H () C:\Users\N\AppData\Roaming\fHhd7tgd1kH7
2014-06-16 08:00 - 2014-01-13 23:59 - 00000782 _____ () C:\Users\N\Documents\plot.log
2014-06-15 17:56 - 2014-06-15 17:12 - 00007601 _____ () C:\Users\N\AppData\Local\resmon.resmoncfg
2014-06-15 16:43 - 2014-06-15 16:40 - 04739685 ____R () C:\Users\N\Documents\PC_Optimizer_Pro_6.1.4.5.rar
2014-06-13 20:09 - 2014-06-02 21:17 - 00000000 _____ () C:\Users\N\Downloads\cacaoweb (4).exe
C:\Users\N\AppData\Local\Temp\18be6784_.exe
C:\Users\N\AppData\Local\Temp\294823_.exe
C:\Users\N\AppData\Local\Temp\6_Offer_12.exe
C:\Users\N\AppData\Local\Temp\BackupSetup.exe
C:\Users\N\AppData\Local\Temp\bassmod.dll
C:\Users\N\AppData\Local\Temp\CloudBackup5076.exe
C:\Users\N\AppData\Local\Temp\f.exe
C:\Users\N\AppData\Local\Temp\htmlayout.dll
C:\Users\N\AppData\Local\Temp\nsjDCEC.exe
C:\Users\N\AppData\Local\Temp\nso3B34.exe
C:\Users\N\AppData\Local\Temp\nso440B.exe
C:\Users\N\AppData\Local\Temp\nstD4A1.exe
C:\Users\N\AppData\Local\Temp\nsu4676.exe
C:\Users\N\AppData\Local\Temp\Quarantine.exe
C:\Users\N\AppData\Local\Temp\RegClean2.exe
C:\Users\N\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\N\AppData\Local\Temp\setup_293.exe
C:\Users\N\AppData\Local\Temp\setup_av_pro.exe
C:\Users\N\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\N\AppData\Local\Temp\toolbar673655.exe
C:\Users\N\AppData\Local\Temp\toolbar676622.exe
C:\Users\N\AppData\Local\Temp\toolbar700288.exe
C:\Users\N\AppData\Local\Temp\uninstall-updater2080698.exe
C:\Users\N\AppData\Local\Temp\uninstall1131299.exe
C:\Users\N\AppData\Local\Temp\uninstall1150253.exe
C:\Users\N\AppData\Local\Temp\uninstall2091072.exe
C:\Users\N\AppData\Local\Temp\vp.exe
C:\Users\N\AppData\Roaming\msconfig.ini
C:\Users\Public\AlexaNSISPlugin.3328.dll
Task: {386C07FC-1A47-470A-945E-C61747836C30} - \7f1686b7-ae3f-42c2-8914-974b05eaaa0c-2 No Task File <==== ATTENTION
Task: {8883E7CB-AC7C-452C-A528-957E0FB62D97} - \7f1686b7-ae3f-42c2-8914-974b05eaaa0c-3 No Task File <==== ATTENTION
Task: {992A5F39-36F0-4E1F-BB8D-8D40200C2DED} - \7f1686b7-ae3f-42c2-8914-974b05eaaa0c-4 No Task File <==== ATTENTION
Task: {A2B1FCA0-0391-4A61-8EE7-9B6CF460FC8C} - \7f1686b7-ae3f-42c2-8914-974b05eaaa0c-5 No Task File <==== ATTENTION
Task: {AA38F9C3-17A9-4818-86F1-ECCA06F9DE53} - \7f1686b7-ae3f-42c2-8914-974b05eaaa0c-1 No Task File <==== ATTENTIO
end

*****************

HKU\S-1-5-21-1715670674-287497209-379217394-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvastSvc.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvastUI.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avcenter.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avconfig.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgcsrvx.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgidsagent.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgnt.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgrsx.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avguard.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgui.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgwdsvc.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avp.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avscan.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bdagent.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\blindman.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ccuac.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ComboFix.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\egui.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\hijackthis.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\instup.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\keyscrambler.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbam.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamgui.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbampt.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamscheduler.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamservice.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MpCmdRun.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MSASCui.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MsMpEng.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msseces.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rstrui.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SDFiles.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SDMain.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SDWinSec.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\spybotsd.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wireshark.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\zlclient.exe' => Key deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Users\N\Documents\PCOptimizerProSetup.exe => Moved successfully.
C:\Users\N\Documents\pc.optimizer.pro.v6.x.x-patch.exe => Moved successfully.
C:\Users\N\Documents\PC_Optimizer_Pro_6.1.4.5.rar => Moved successfully.
C:\Users\N\AppData\Roaming\svchost.exe => Moved successfully.
C:\ProgramData\ba8661613f2f77ca => Moved successfully.
C:\ProgramData\ntuser.pol => Moved successfully.
C:\Users\N\AppData\Local\Genesis_06151315 => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\N\Downloads\cacaoweb (4).exe => Moved successfully.
C:\Users\N\Downloads\cacaoweb (3).exe => Moved successfully.
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 => Moved successfully.
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 => Moved successfully.
C:\Users\N\AppData\Roaming\fHhd7tgd1kH7 => Moved successfully.
C:\Users\N\Documents\plot.log => Moved successfully.
C:\Users\N\AppData\Local\resmon.resmoncfg => Moved successfully.
"C:\Users\N\Documents\PC_Optimizer_Pro_6.1.4.5.rar" => File/Directory not found.
"C:\Users\N\Downloads\cacaoweb (4).exe" => File/Directory not found.
C:\Users\N\AppData\Local\Temp\18be6784_.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\294823_.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\6_Offer_12.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\bassmod.dll => Moved successfully.
C:\Users\N\AppData\Local\Temp\CloudBackup5076.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\f.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\htmlayout.dll => Moved successfully.
C:\Users\N\AppData\Local\Temp\nsjDCEC.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\nso3B34.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\nso440B.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\nstD4A1.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\nsu4676.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\RegClean2.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\SearchProtectINT.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\setup_293.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\setup_av_pro.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\System.Data.SQLite.dll => Moved successfully.
C:\Users\N\AppData\Local\Temp\toolbar673655.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\toolbar676622.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\toolbar700288.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\uninstall-updater2080698.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\uninstall1131299.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\uninstall1150253.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\uninstall2091072.exe => Moved successfully.
C:\Users\N\AppData\Local\Temp\vp.exe => Moved successfully.
C:\Users\N\AppData\Roaming\msconfig.ini => Moved successfully.
C:\Users\Public\AlexaNSISPlugin.3328.dll => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{386C07FC-1A47-470A-945E-C61747836C30}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{386C07FC-1A47-470A-945E-C61747836C30}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7f1686b7-ae3f-42c2-8914-974b05eaaa0c-2' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8883E7CB-AC7C-452C-A528-957E0FB62D97}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8883E7CB-AC7C-452C-A528-957E0FB62D97}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7f1686b7-ae3f-42c2-8914-974b05eaaa0c-3' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{992A5F39-36F0-4E1F-BB8D-8D40200C2DED}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{992A5F39-36F0-4E1F-BB8D-8D40200C2DED}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7f1686b7-ae3f-42c2-8914-974b05eaaa0c-4' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A2B1FCA0-0391-4A61-8EE7-9B6CF460FC8C}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2B1FCA0-0391-4A61-8EE7-9B6CF460FC8C}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7f1686b7-ae3f-42c2-8914-974b05eaaa0c-5' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AA38F9C3-17A9-4818-86F1-ECCA06F9DE53}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA38F9C3-17A9-4818-86F1-ECCA06F9DE53}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7f1686b7-ae3f-42c2-8914-974b05eaaa0c-1' => Key deleted successfully.


The system needed a reboot.

==== End of Fixlog ====

Publicité


Signaler le contenu de ce document

Publicité