Publicité
Publicité
Format du document : text/plain
Prévisualisation
Fix result of Farbar Recovery Scan Tool (x64) Version:30-07-2015
Ran by lilian rodriguez (2015-08-01 16:50:50) Run:1
Running from C:\Users\lilian rodriguez\Desktop
Loaded Profiles: lilian rodriguez (Available Profiles: lilian rodriguez)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CreateRestorepoint:
CloseProcesses:
Task: {627ACB57-9224-4192-BA00-341CBE19DCC6} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
C:\Program Files (x86)\MyPC Backup\
Task: {7E5E5B4E-D6B7-4AA1-853F-96603BBFB351} - System32\Tasks\CleanerPro_Start => C:\Program Files (x86)\Cleaner Pro\CleanerPro.exe
C:\Program Files (x86)\Cleaner Pro\
Task: {87FBFDF3-60B7-4338-9BE1-C8D34AFA0DCA} - System32\Tasks\SoftwareUpdateTaskMachineUA => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe <==== ATTENTION
C:\Program Files (x86)\Software\Update\
Task: {8F9FEBDB-69DB-47D8-B870-096A8003E735} - System32\Tasks\ReviverSoft Start Menu Run once task => C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe [2014-09-17] (ReviverSoft)
C:\Program Files\ReviverSoft\
Task: {BD520C03-4F91-4C43-A7F7-55320684177F} - System32\Tasks\CleanerPro_Popup => C:\Program Files (x86)\Cleaner Pro\Splash.exe
Task: C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineUA.job => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe <==== ATTENTION
2015-06-17 20:36 - 2015-07-01 08:47 - 00532784 _____ () C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb\cacaoweb.exe
FirewallRules: [TCP Query User{201D655E-95E0-40ED-AE29-F4275C74D9D0}C:\users\lilian rodriguez\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\lilian rodriguez\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{C225D039-6A73-475A-95CC-A3D0A38674F8}C:\users\lilian rodriguez\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\lilian rodriguez\appdata\roaming\cacaoweb\cacaoweb.exe
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
ShortcutWithArgument: C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-3992782600-320336532-2615484944-1001\dashboard.lnk -> C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe (ReviverSoft) -> --dashboard
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Désinstaller.lnk -> C:\Program Files\McAfee Security Scan\uninstall.exe (McAfee, Inc.) -> C:\Program Files\McAfee Security Scan\3.11.149\McAfee.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll
(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe
(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe
() C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb\cacaoweb.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
HKLM-x32\...\RunOnce: [Futugopi] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\LILIAN~1\AppData\Local\72EBE3~1\Rebumace.dat"
C:\Users\LILIAN~1\AppData\Local\72EBE3~1\Rebumace.dat
HKU\S-1-5-21-3992782600-320336532-2615484944-1001\...\Run: [cacaoweb] => C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb\cacaoweb.exe [532784 2015-07-01] ()
C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb\
AppInit_DLLs-x32: c:/progra~3/{b6625~1/171~1.0/fite.dll => c:\ProgramData\{B6625EA1-E6E0-8F27-5766-FFA587E42C2B}\1.7.1.0\fite.dll [649216 2015-01-06] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-04-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Hosts: 0.0.0.1 mssplus.mcafee.com
FF Extension: cacaoweb - C:\Users\lilian rodriguez\AppData\Roaming\Mozilla\Firefox\Profiles\2d9d7oz9.default\Extensions\cacaoweb@cacaoweb.org [2015-08-01]
FF Extension: SuperManCoupon - C:\Users\lilian rodriguez\AppData\Roaming\Mozilla\Firefox\Profiles\2d9d7oz9.default\Extensions\xxtvjaupqdhidkhg@eaktxapmsscrdgivw.com [2015-05-05]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 StartMenuReviverService; C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe [765048 2014-09-17] (ReviverSoft)
S2 28964cc3; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\TerminusEdit\TerminusEdit.dll",serv
c:\Program Files (x86)\TerminusEdit
2015-07-24 19:54 - 2015-07-24 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-24 19:54 - 2015-07-24 19:54 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-06-17 20:36 - 2015-08-01 14:56 - 00000000 ____D C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb
2015-06-17 20:36 - 2015-08-01 13:31 - 00532784 _____ C:\Users\lilian rodriguez\Desktop\cacaoweb.exe
2015-06-17 20:35 - 2015-06-17 20:35 - 00515888 _____ C:\Users\lilian rodriguez\Downloads\cacaoweb.exe
2015-07-24 19:54 - 2015-04-17 15:56 - 00000000 ____D C:\ProgramData\McAfee Security Scan
C:\ProgramData\StartMenuReviver.exe
cmd: ipconfig /flushdns
Hosts:
removeproxy:
emptytemp:
*****************
Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{627ACB57-9224-4192-BA00-341CBE19DCC6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{627ACB57-9224-4192-BA00-341CBE19DCC6}" => key removed successfully
C:\Windows\System32\Tasks\LaunchSignup => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => key removed successfully
"C:\Program Files (x86)\MyPC Backup" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7E5E5B4E-D6B7-4AA1-853F-96603BBFB351}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E5E5B4E-D6B7-4AA1-853F-96603BBFB351}" => key removed successfully
C:\Windows\System32\Tasks\CleanerPro_Start => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CleanerPro_Start" => key removed successfully
"C:\Program Files (x86)\Cleaner Pro" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87FBFDF3-60B7-4338-9BE1-C8D34AFA0DCA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87FBFDF3-60B7-4338-9BE1-C8D34AFA0DCA}" => key removed successfully
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SoftwareUpdateTaskMachineUA" => key removed successfully
C:\Program Files (x86)\Software\Update => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F9FEBDB-69DB-47D8-B870-096A8003E735}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F9FEBDB-69DB-47D8-B870-096A8003E735}" => key removed successfully
C:\Windows\System32\Tasks\ReviverSoft Start Menu Run once task => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReviverSoft Start Menu Run once task" => key removed successfully
C:\Program Files\ReviverSoft => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD520C03-4F91-4C43-A7F7-55320684177F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD520C03-4F91-4C43-A7F7-55320684177F}" => key removed successfully
C:\Windows\System32\Tasks\CleanerPro_Popup => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CleanerPro_Popup" => key removed successfully
C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineUA.job => moved successfully.
C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb\cacaoweb.exe => moved successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{201D655E-95E0-40ED-AE29-F4275C74D9D0}C:\users\lilian rodriguez\appdata\roaming\cacaoweb\cacaoweb.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C225D039-6A73-475A-95CC-A3D0A38674F8}C:\users\lilian rodriguez\appdata\roaming\cacaoweb\cacaoweb.exe => value removed successfully
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.) => Error: No automatic fix found for this entry.
C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-3992782600-320336532-2615484944-1001\dashboard.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Désinstaller.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk => Shortcut argument removed successfully.
C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe => No running process found
C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe => No running process found
C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb\cacaoweb.exe => No running process found
C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\Futugopi => value removed successfully
C:\Users\LILIAN~1\AppData\Local\72EBE3~1\Rebumace.dat => moved successfully.
HKU\S-1-5-21-3992782600-320336532-2615484944-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cacaoweb => value removed successfully
C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb => moved successfully.
"c:/progra~3/{b6625~1/171~1.0/fite.dll" => Value data removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully.
C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe => moved successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
C:\Users\lilian rodriguez\AppData\Roaming\Mozilla\Firefox\Profiles\2d9d7oz9.default\Extensions\cacaoweb@cacaoweb.org => moved successfully.
C:\Users\lilian rodriguez\AppData\Roaming\Mozilla\Firefox\Profiles\2d9d7oz9.default\Extensions\xxtvjaupqdhidkhg@eaktxapmsscrdgivw.com => moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
McComponentHostService => service removed successfully
StartMenuReviverService => service removed successfully
28964cc3 => service removed successfully
c:\Program Files (x86)\TerminusEdit => moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus => moved successfully.
C:\Program Files\McAfee Security Scan => moved successfully.
"C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb" => File/Folder not found.
C:\Users\lilian rodriguez\Desktop\cacaoweb.exe => moved successfully.
C:\Users\lilian rodriguez\Downloads\cacaoweb.exe => moved successfully.
C:\ProgramData\McAfee Security Scan => moved successfully.
C:\ProgramData\StartMenuReviver.exe => moved successfully.
========= ipconfig /flushdns =========
Configuration IP de Windows
Cache de r�solution DNS vid�.
========= End of CMD: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3992782600-320336532-2615484944-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3992782600-320336532-2615484944-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
EmptyTemp: => 5.2 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 16:53:25 ====
Ran by lilian rodriguez (2015-08-01 16:50:50) Run:1
Running from C:\Users\lilian rodriguez\Desktop
Loaded Profiles: lilian rodriguez (Available Profiles: lilian rodriguez)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CreateRestorepoint:
CloseProcesses:
Task: {627ACB57-9224-4192-BA00-341CBE19DCC6} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
C:\Program Files (x86)\MyPC Backup\
Task: {7E5E5B4E-D6B7-4AA1-853F-96603BBFB351} - System32\Tasks\CleanerPro_Start => C:\Program Files (x86)\Cleaner Pro\CleanerPro.exe
C:\Program Files (x86)\Cleaner Pro\
Task: {87FBFDF3-60B7-4338-9BE1-C8D34AFA0DCA} - System32\Tasks\SoftwareUpdateTaskMachineUA => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe <==== ATTENTION
C:\Program Files (x86)\Software\Update\
Task: {8F9FEBDB-69DB-47D8-B870-096A8003E735} - System32\Tasks\ReviverSoft Start Menu Run once task => C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe [2014-09-17] (ReviverSoft)
C:\Program Files\ReviverSoft\
Task: {BD520C03-4F91-4C43-A7F7-55320684177F} - System32\Tasks\CleanerPro_Popup => C:\Program Files (x86)\Cleaner Pro\Splash.exe
Task: C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineUA.job => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe <==== ATTENTION
2015-06-17 20:36 - 2015-07-01 08:47 - 00532784 _____ () C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb\cacaoweb.exe
FirewallRules: [TCP Query User{201D655E-95E0-40ED-AE29-F4275C74D9D0}C:\users\lilian rodriguez\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\lilian rodriguez\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{C225D039-6A73-475A-95CC-A3D0A38674F8}C:\users\lilian rodriguez\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\lilian rodriguez\appdata\roaming\cacaoweb\cacaoweb.exe
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
ShortcutWithArgument: C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-3992782600-320336532-2615484944-1001\dashboard.lnk -> C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe (ReviverSoft) -> --dashboard
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Désinstaller.lnk -> C:\Program Files\McAfee Security Scan\uninstall.exe (McAfee, Inc.) -> C:\Program Files\McAfee Security Scan\3.11.149\McAfee.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll
(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe
(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe
() C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb\cacaoweb.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
HKLM-x32\...\RunOnce: [Futugopi] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\LILIAN~1\AppData\Local\72EBE3~1\Rebumace.dat"
C:\Users\LILIAN~1\AppData\Local\72EBE3~1\Rebumace.dat
HKU\S-1-5-21-3992782600-320336532-2615484944-1001\...\Run: [cacaoweb] => C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb\cacaoweb.exe [532784 2015-07-01] ()
C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb\
AppInit_DLLs-x32: c:/progra~3/{b6625~1/171~1.0/fite.dll => c:\ProgramData\{B6625EA1-E6E0-8F27-5766-FFA587E42C2B}\1.7.1.0\fite.dll [649216 2015-01-06] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-04-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Hosts: 0.0.0.1 mssplus.mcafee.com
FF Extension: cacaoweb - C:\Users\lilian rodriguez\AppData\Roaming\Mozilla\Firefox\Profiles\2d9d7oz9.default\Extensions\cacaoweb@cacaoweb.org [2015-08-01]
FF Extension: SuperManCoupon - C:\Users\lilian rodriguez\AppData\Roaming\Mozilla\Firefox\Profiles\2d9d7oz9.default\Extensions\xxtvjaupqdhidkhg@eaktxapmsscrdgivw.com [2015-05-05]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 StartMenuReviverService; C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe [765048 2014-09-17] (ReviverSoft)
S2 28964cc3; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\TerminusEdit\TerminusEdit.dll",serv
c:\Program Files (x86)\TerminusEdit
2015-07-24 19:54 - 2015-07-24 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-24 19:54 - 2015-07-24 19:54 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-06-17 20:36 - 2015-08-01 14:56 - 00000000 ____D C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb
2015-06-17 20:36 - 2015-08-01 13:31 - 00532784 _____ C:\Users\lilian rodriguez\Desktop\cacaoweb.exe
2015-06-17 20:35 - 2015-06-17 20:35 - 00515888 _____ C:\Users\lilian rodriguez\Downloads\cacaoweb.exe
2015-07-24 19:54 - 2015-04-17 15:56 - 00000000 ____D C:\ProgramData\McAfee Security Scan
C:\ProgramData\StartMenuReviver.exe
cmd: ipconfig /flushdns
Hosts:
removeproxy:
emptytemp:
*****************
Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{627ACB57-9224-4192-BA00-341CBE19DCC6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{627ACB57-9224-4192-BA00-341CBE19DCC6}" => key removed successfully
C:\Windows\System32\Tasks\LaunchSignup => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => key removed successfully
"C:\Program Files (x86)\MyPC Backup" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7E5E5B4E-D6B7-4AA1-853F-96603BBFB351}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E5E5B4E-D6B7-4AA1-853F-96603BBFB351}" => key removed successfully
C:\Windows\System32\Tasks\CleanerPro_Start => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CleanerPro_Start" => key removed successfully
"C:\Program Files (x86)\Cleaner Pro" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87FBFDF3-60B7-4338-9BE1-C8D34AFA0DCA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87FBFDF3-60B7-4338-9BE1-C8D34AFA0DCA}" => key removed successfully
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SoftwareUpdateTaskMachineUA" => key removed successfully
C:\Program Files (x86)\Software\Update => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F9FEBDB-69DB-47D8-B870-096A8003E735}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F9FEBDB-69DB-47D8-B870-096A8003E735}" => key removed successfully
C:\Windows\System32\Tasks\ReviverSoft Start Menu Run once task => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReviverSoft Start Menu Run once task" => key removed successfully
C:\Program Files\ReviverSoft => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD520C03-4F91-4C43-A7F7-55320684177F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD520C03-4F91-4C43-A7F7-55320684177F}" => key removed successfully
C:\Windows\System32\Tasks\CleanerPro_Popup => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CleanerPro_Popup" => key removed successfully
C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineUA.job => moved successfully.
C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb\cacaoweb.exe => moved successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{201D655E-95E0-40ED-AE29-F4275C74D9D0}C:\users\lilian rodriguez\appdata\roaming\cacaoweb\cacaoweb.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C225D039-6A73-475A-95CC-A3D0A38674F8}C:\users\lilian rodriguez\appdata\roaming\cacaoweb\cacaoweb.exe => value removed successfully
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.) => Error: No automatic fix found for this entry.
C:\ProgramData\ReviverSoft\Start Menu Reviver\S-1-5-21-3992782600-320336532-2615484944-1001\dashboard.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Désinstaller.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk => Shortcut argument removed successfully.
C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe => No running process found
C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe => No running process found
C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb\cacaoweb.exe => No running process found
C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\Futugopi => value removed successfully
C:\Users\LILIAN~1\AppData\Local\72EBE3~1\Rebumace.dat => moved successfully.
HKU\S-1-5-21-3992782600-320336532-2615484944-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cacaoweb => value removed successfully
C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb => moved successfully.
"c:/progra~3/{b6625~1/171~1.0/fite.dll" => Value data removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully.
C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe => moved successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
C:\Users\lilian rodriguez\AppData\Roaming\Mozilla\Firefox\Profiles\2d9d7oz9.default\Extensions\cacaoweb@cacaoweb.org => moved successfully.
C:\Users\lilian rodriguez\AppData\Roaming\Mozilla\Firefox\Profiles\2d9d7oz9.default\Extensions\xxtvjaupqdhidkhg@eaktxapmsscrdgivw.com => moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
McComponentHostService => service removed successfully
StartMenuReviverService => service removed successfully
28964cc3 => service removed successfully
c:\Program Files (x86)\TerminusEdit => moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus => moved successfully.
C:\Program Files\McAfee Security Scan => moved successfully.
"C:\Users\lilian rodriguez\AppData\Roaming\cacaoweb" => File/Folder not found.
C:\Users\lilian rodriguez\Desktop\cacaoweb.exe => moved successfully.
C:\Users\lilian rodriguez\Downloads\cacaoweb.exe => moved successfully.
C:\ProgramData\McAfee Security Scan => moved successfully.
C:\ProgramData\StartMenuReviver.exe => moved successfully.
========= ipconfig /flushdns =========
Configuration IP de Windows
Cache de r�solution DNS vid�.
========= End of CMD: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3992782600-320336532-2615484944-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3992782600-320336532-2615484944-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
EmptyTemp: => 5.2 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 16:53:25 ====