Publicité
Publicité
Format du document : text/plain
Prévisualisation
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-03-2015 01
Ran by RESO at 2015-03-05 19:04:42 Run:3
Running from C:\Users\RESO\Desktop
Loaded Profiles: RESO (Available profiles: RESO)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
folder: C:\Users\Public\Documents\ShopperPro
CMD: For %i in ("c:\frst\logs\fixlog*.txt") do for /f "delims=" %p in ('type "%i"') do echo %p
end
*****************
========================= folder: C:\Users\Public\Documents\ShopperPro ========================
2015-02-28 10:13 - 2015-02-28 10:13 - 0000000 ____D () C:\Users\Public\Documents\ShopperPro\JsDriver
2015-02-27 19:11 - 2015-02-27 19:11 - 0001915 _____ () C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml
====== End of Folder: ======
========= For %i in ("c:\frst\logs\fixlog*.txt") do for /f "delims=" %p in ('type "%i"') do echo %p =========
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-03-2015
Ran by RESO at 2015-03-04 18:27:09 Run:2
Running from C:\Users\RESO\Desktop
Loaded Profiles: RESO (Available profiles: RESO)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
closeprocesses:
createrestorepoint:
file: C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e\3e2a3a4b2e7d4a2ca793dd4127047b9e.exe
file: C:\Windows\TEMP\006113~1.EXE
file: C:\Windows\SysWOW64\locale.nls
file: C:\Windows\system32\locale.nls
file: C:\Users\RESO\Downloads\keyboard-leds_2-7-1-59_fr_335880.exe
file: C:\Users\RESO\Downloads\SpyHunter-Installer.exe
file: C:\Users\RESO\AppData\Roaming\sp_data.sys
folder: C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e
Task: {51AA86B9-391D-4C1D-8DE0-94FEF6E51457} - System32\Tasks\FOUMHM => C:\Users\RESO\AppData\Roaming\FOUMHM.exe [2015-02-28] (Cinema PlusV28.02) <==== ATTENTION
Task: {88F03275-3636-4977-8A35-70628B442092} - System32\Tasks\BLZYASW => C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e\3e2a3a4b2e7d4a2ca793dd4127047b9e.exe
Task: {928F9601-0B3B-4DF4-BF44-03E10DF214C6} - System32\Tasks\{50279AC7-2083-4FF7-A406-6776252DB802} => pcalua.exe -a C:\Users\RESO\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=amt
Task: C:\Windows\Tasks\FOUMHM.job => C:\Users\RESO\AppData\Roaming\FOUMHM.exe <==== ATTENTION
c:\windows\System32\Tasks\FOUMHM
c:\windows\System32\Tasks\BLZYASW
c:\windowsSystem32\Tasks\{50279AC7-2083-4FF7-A406-6776252DB802}
C:\Users\RESO\AppData\Roaming\FOUMHM.exe
C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e\3e2a3a4b2e7d4a2ca793dd4127047b9e.exe
HKLM-x32\...\Run: [mbot_fr_530] => [X]
HKLM-x32\...\Run: [gmsd_fr_259] => [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff64.dll No File
BHO-x32: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff32.dll No File
S1 qrnfd_1_10_0_9; system32\drivers\qrnfd_1_10_0_9.sys [X]
c:\windows\system32\drivers\qrnfd_1_10_0_9.sys
C:\Windows\Tasks\FOUMHM.job
2015-02-28 10:08 - 2015-02-28 10:08 - 02039256 _____ (Cinema PlusV28.02) C:\Users\RESO\AppData\Roaming\FOUMHM.exe
2015-02-28 10:08 - 2015-02-28 10:08 - 00004372 _____ () C:\Windows\System32\Tasks\FOUMHM
2015-02-28 10:08 - 2015-02-28 10:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clean2PC
2015-02-28 10:08 - 2015-02-28 10:08 - 00000000 ____D () C:\Program Files (x86)\clean2PC
2014-10-29 07:25 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 07:25 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 07:25 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
C:\Users\RESO\AppData\Local\Temp\84119B98-C705-4D51-7590-22C23A5B69FD.dll
C:\Users\RESO\AppData\Local\Temp\ccicabfceia.exe
C:\Users\RESO\AppData\Local\Temp\cracked version of aero glass for windows 8.1__10924_i1473522581_il1111637.exe
C:\Users\RESO\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\RESO\AppData\Local\Temp\setup.exe
C:\Users\RESO\AppData\Local\Temp\ShopperProJSINJFull.exe
C:\Users\RESO\AppData\Local\Temp\SpOrder.dll
C:\Users\RESO\AppData\Local\Temp\tu17p84.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clean2PC\clean2PC.lnk
C:\Program Files (x86)\clean2PC
emptytemp:
end
*****************
Processes closed successfully.
Restore point was successfully created.
========================= file: C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e\3e2a3a4b2e7d4a2ca793dd4127047b9e.exe ========================
"C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e\3e2a3a4b2e7d4a2ca793dd4127047b9e.exe" not found.
====== End Of File: ======
========================= file: C:\Windows\TEMP\006113~1.EXE ========================
"C:\Windows\TEMP\006113~1.EXE" not found.
====== End Of File: ======
========================= file: C:\Windows\SysWOW64\locale.nls ========================
MD5: D4A564BABFF82F56E68835FBFDA7AB00
Creation and modification date: 2015-03-02 19:47 - 2014-12-13 22:28
Size: 0513488
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End Of File: ======
========================= file: C:\Windows\system32\locale.nls ========================
MD5: D4A564BABFF82F56E68835FBFDA7AB00
Creation and modification date: 2015-03-02 19:47 - 2014-12-13 22:28
Size: 0513488
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End Of File: ======
========================= file: C:\Users\RESO\Downloads\keyboard-leds_2-7-1-59_fr_335880.exe ========================
MD5: 168DDA478D68FF19354ADDF64653E0F8
Creation and modification date: 2015-03-02 19:15 - 2015-03-02 19:15
Size: 0522508
Attributes: ----A
Company Name: KARPOLAN
Internal Name:
Original Name:
Product Name: Keyboard LEDs
Description: Keyboard LEDs
File Version: 2.7.1.59
Product Version: 2.7
Copyright: Copyright © KARPOLAN
====== End Of File: ======
========================= file: C:\Users\RESO\Downloads\SpyHunter-Installer.exe ========================
MD5: B4CD9E8513C17C32224C70330A235296
Creation and modification date: 2015-02-28 13:14 - 2015-02-28 13:15
Size: 3044736
Attributes: ----A
Company Name: Enigma Software Group USA, LLC.
Internal Name: Installer.exe
Original Name: Installer.exe
Product Name: Installer
Description: Enigma Installer
File Version: 1.0.298.372
Product Version: 1.0.298.372
Copyright: Copyright 2003-2014. Enigma Software Group USA, LLC. All rights reserved.
====== End Of File: ======
========================= file: C:\Users\RESO\AppData\Roaming\sp_data.sys ========================
MD5: 5CA9D0681DAB4EF84F87B8D22639BA1C
Creation and modification date: 2015-02-27 15:38 - 2015-03-04 18:12
Size: 0000074
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End Of File: ======
========================= folder: C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e ========================
Directory Not Found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51AA86B9-391D-4C1D-8DE0-94FEF6E51457} => Key not found.
C:\Windows\System32\Tasks\FOUMHM not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FOUMHM => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88F03275-3636-4977-8A35-70628B442092} => Key not found.
C:\Windows\System32\Tasks\BLZYASW not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BLZYASW => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{928F9601-0B3B-4DF4-BF44-03E10DF214C6} => Key not found.
C:\Windows\System32\Tasks\{50279AC7-2083-4FF7-A406-6776252DB802} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{50279AC7-2083-4FF7-A406-6776252DB802} => Key not found.
C:\Windows\Tasks\FOUMHM.job not found.
"c:\windows\System32\Tasks\FOUMHM" => File/Directory not found.
"c:\windows\System32\Tasks\BLZYASW" => File/Directory not found.
"c:\windowsSystem32\Tasks\{50279AC7-2083-4FF7-A406-6776252DB802}" => File/Directory not found.
"C:\Users\RESO\AppData\Roaming\FOUMHM.exe" => File/Directory not found.
"C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e\3e2a3a4b2e7d4a2ca793dd4127047b9e.exe" => File/Directory not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_530 => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_259 => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404c-B74F-50526718257D} => Key not found.
HKCR\CLSID\{5081D2D4-1637-404c-B74F-50526718257D} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404c-B74F-50526718257D} => Key not found.
HKCR\Wow6432Node\CLSID\{5081D2D4-1637-404c-B74F-50526718257D} => Key not found.
qrnfd_1_10_0_9 => Service not found.
"c:\windows\system32\drivers\qrnfd_1_10_0_9.sys" => File/Directory not found.
"C:\Windows\Tasks\FOUMHM.job" => File/Directory not found.
"C:\Users\RESO\AppData\Roaming\FOUMHM.exe" => File/Directory not found.
"C:\Windows\System32\Tasks\FOUMHM" => File/Directory not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clean2PC" => File/Directory not found.
"C:\Program Files (x86)\clean2PC" => File/Directory not found.
"C:\ProgramData\SetStretch.cmd" => File/Directory not found.
"C:\ProgramData\SetStretch.exe" => File/Directory not found.
"C:\ProgramData\SetStretch.VBS" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\84119B98-C705-4D51-7590-22C23A5B69FD.dll" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\ccicabfceia.exe" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\cracked version of aero glass for windows 8.1__10924_i1473522581_il1111637.exe" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\Opera_NI_stable.exe" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\setup.exe" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\ShopperProJSINJFull.exe" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\SpOrder.dll" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\tu17p84.exe" => File/Directory not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clean2PC\clean2PC.lnk" => File/Directory not found.
"C:\Program Files (x86)\clean2PC" => File/Directory not found.
EmptyTemp: => Removed 353.6 MB temporary data.
The system needed a reboot.
==== End of Fixlog 18:28:08 ====
========= End of CMD: =========
==== End of Fixlog 19:04:44 ====
Ran by RESO at 2015-03-05 19:04:42 Run:3
Running from C:\Users\RESO\Desktop
Loaded Profiles: RESO (Available profiles: RESO)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
folder: C:\Users\Public\Documents\ShopperPro
CMD: For %i in ("c:\frst\logs\fixlog*.txt") do for /f "delims=" %p in ('type "%i"') do echo %p
end
*****************
========================= folder: C:\Users\Public\Documents\ShopperPro ========================
2015-02-28 10:13 - 2015-02-28 10:13 - 0000000 ____D () C:\Users\Public\Documents\ShopperPro\JsDriver
2015-02-27 19:11 - 2015-02-27 19:11 - 0001915 _____ () C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml
====== End of Folder: ======
========= For %i in ("c:\frst\logs\fixlog*.txt") do for /f "delims=" %p in ('type "%i"') do echo %p =========
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-03-2015
Ran by RESO at 2015-03-04 18:27:09 Run:2
Running from C:\Users\RESO\Desktop
Loaded Profiles: RESO (Available profiles: RESO)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
closeprocesses:
createrestorepoint:
file: C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e\3e2a3a4b2e7d4a2ca793dd4127047b9e.exe
file: C:\Windows\TEMP\006113~1.EXE
file: C:\Windows\SysWOW64\locale.nls
file: C:\Windows\system32\locale.nls
file: C:\Users\RESO\Downloads\keyboard-leds_2-7-1-59_fr_335880.exe
file: C:\Users\RESO\Downloads\SpyHunter-Installer.exe
file: C:\Users\RESO\AppData\Roaming\sp_data.sys
folder: C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e
Task: {51AA86B9-391D-4C1D-8DE0-94FEF6E51457} - System32\Tasks\FOUMHM => C:\Users\RESO\AppData\Roaming\FOUMHM.exe [2015-02-28] (Cinema PlusV28.02) <==== ATTENTION
Task: {88F03275-3636-4977-8A35-70628B442092} - System32\Tasks\BLZYASW => C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e\3e2a3a4b2e7d4a2ca793dd4127047b9e.exe
Task: {928F9601-0B3B-4DF4-BF44-03E10DF214C6} - System32\Tasks\{50279AC7-2083-4FF7-A406-6776252DB802} => pcalua.exe -a C:\Users\RESO\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=amt
Task: C:\Windows\Tasks\FOUMHM.job => C:\Users\RESO\AppData\Roaming\FOUMHM.exe <==== ATTENTION
c:\windows\System32\Tasks\FOUMHM
c:\windows\System32\Tasks\BLZYASW
c:\windowsSystem32\Tasks\{50279AC7-2083-4FF7-A406-6776252DB802}
C:\Users\RESO\AppData\Roaming\FOUMHM.exe
C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e\3e2a3a4b2e7d4a2ca793dd4127047b9e.exe
HKLM-x32\...\Run: [mbot_fr_530] => [X]
HKLM-x32\...\Run: [gmsd_fr_259] => [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff64.dll No File
BHO-x32: shopperz -> {5081D2D4-1637-404c-B74F-50526718257D} -> C:\Program Files\shopperz\mseff32.dll No File
S1 qrnfd_1_10_0_9; system32\drivers\qrnfd_1_10_0_9.sys [X]
c:\windows\system32\drivers\qrnfd_1_10_0_9.sys
C:\Windows\Tasks\FOUMHM.job
2015-02-28 10:08 - 2015-02-28 10:08 - 02039256 _____ (Cinema PlusV28.02) C:\Users\RESO\AppData\Roaming\FOUMHM.exe
2015-02-28 10:08 - 2015-02-28 10:08 - 00004372 _____ () C:\Windows\System32\Tasks\FOUMHM
2015-02-28 10:08 - 2015-02-28 10:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clean2PC
2015-02-28 10:08 - 2015-02-28 10:08 - 00000000 ____D () C:\Program Files (x86)\clean2PC
2014-10-29 07:25 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 07:25 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 07:25 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
C:\Users\RESO\AppData\Local\Temp\84119B98-C705-4D51-7590-22C23A5B69FD.dll
C:\Users\RESO\AppData\Local\Temp\ccicabfceia.exe
C:\Users\RESO\AppData\Local\Temp\cracked version of aero glass for windows 8.1__10924_i1473522581_il1111637.exe
C:\Users\RESO\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\RESO\AppData\Local\Temp\setup.exe
C:\Users\RESO\AppData\Local\Temp\ShopperProJSINJFull.exe
C:\Users\RESO\AppData\Local\Temp\SpOrder.dll
C:\Users\RESO\AppData\Local\Temp\tu17p84.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clean2PC\clean2PC.lnk
C:\Program Files (x86)\clean2PC
emptytemp:
end
*****************
Processes closed successfully.
Restore point was successfully created.
========================= file: C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e\3e2a3a4b2e7d4a2ca793dd4127047b9e.exe ========================
"C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e\3e2a3a4b2e7d4a2ca793dd4127047b9e.exe" not found.
====== End Of File: ======
========================= file: C:\Windows\TEMP\006113~1.EXE ========================
"C:\Windows\TEMP\006113~1.EXE" not found.
====== End Of File: ======
========================= file: C:\Windows\SysWOW64\locale.nls ========================
MD5: D4A564BABFF82F56E68835FBFDA7AB00
Creation and modification date: 2015-03-02 19:47 - 2014-12-13 22:28
Size: 0513488
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End Of File: ======
========================= file: C:\Windows\system32\locale.nls ========================
MD5: D4A564BABFF82F56E68835FBFDA7AB00
Creation and modification date: 2015-03-02 19:47 - 2014-12-13 22:28
Size: 0513488
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End Of File: ======
========================= file: C:\Users\RESO\Downloads\keyboard-leds_2-7-1-59_fr_335880.exe ========================
MD5: 168DDA478D68FF19354ADDF64653E0F8
Creation and modification date: 2015-03-02 19:15 - 2015-03-02 19:15
Size: 0522508
Attributes: ----A
Company Name: KARPOLAN
Internal Name:
Original Name:
Product Name: Keyboard LEDs
Description: Keyboard LEDs
File Version: 2.7.1.59
Product Version: 2.7
Copyright: Copyright © KARPOLAN
====== End Of File: ======
========================= file: C:\Users\RESO\Downloads\SpyHunter-Installer.exe ========================
MD5: B4CD9E8513C17C32224C70330A235296
Creation and modification date: 2015-02-28 13:14 - 2015-02-28 13:15
Size: 3044736
Attributes: ----A
Company Name: Enigma Software Group USA, LLC.
Internal Name: Installer.exe
Original Name: Installer.exe
Product Name: Installer
Description: Enigma Installer
File Version: 1.0.298.372
Product Version: 1.0.298.372
Copyright: Copyright 2003-2014. Enigma Software Group USA, LLC. All rights reserved.
====== End Of File: ======
========================= file: C:\Users\RESO\AppData\Roaming\sp_data.sys ========================
MD5: 5CA9D0681DAB4EF84F87B8D22639BA1C
Creation and modification date: 2015-02-27 15:38 - 2015-03-04 18:12
Size: 0000074
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End Of File: ======
========================= folder: C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e ========================
Directory Not Found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51AA86B9-391D-4C1D-8DE0-94FEF6E51457} => Key not found.
C:\Windows\System32\Tasks\FOUMHM not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FOUMHM => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88F03275-3636-4977-8A35-70628B442092} => Key not found.
C:\Windows\System32\Tasks\BLZYASW not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BLZYASW => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{928F9601-0B3B-4DF4-BF44-03E10DF214C6} => Key not found.
C:\Windows\System32\Tasks\{50279AC7-2083-4FF7-A406-6776252DB802} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{50279AC7-2083-4FF7-A406-6776252DB802} => Key not found.
C:\Windows\Tasks\FOUMHM.job not found.
"c:\windows\System32\Tasks\FOUMHM" => File/Directory not found.
"c:\windows\System32\Tasks\BLZYASW" => File/Directory not found.
"c:\windowsSystem32\Tasks\{50279AC7-2083-4FF7-A406-6776252DB802}" => File/Directory not found.
"C:\Users\RESO\AppData\Roaming\FOUMHM.exe" => File/Directory not found.
"C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e\3e2a3a4b2e7d4a2ca793dd4127047b9e.exe" => File/Directory not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_530 => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_259 => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404c-B74F-50526718257D} => Key not found.
HKCR\CLSID\{5081D2D4-1637-404c-B74F-50526718257D} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404c-B74F-50526718257D} => Key not found.
HKCR\Wow6432Node\CLSID\{5081D2D4-1637-404c-B74F-50526718257D} => Key not found.
qrnfd_1_10_0_9 => Service not found.
"c:\windows\system32\drivers\qrnfd_1_10_0_9.sys" => File/Directory not found.
"C:\Windows\Tasks\FOUMHM.job" => File/Directory not found.
"C:\Users\RESO\AppData\Roaming\FOUMHM.exe" => File/Directory not found.
"C:\Windows\System32\Tasks\FOUMHM" => File/Directory not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clean2PC" => File/Directory not found.
"C:\Program Files (x86)\clean2PC" => File/Directory not found.
"C:\ProgramData\SetStretch.cmd" => File/Directory not found.
"C:\ProgramData\SetStretch.exe" => File/Directory not found.
"C:\ProgramData\SetStretch.VBS" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\84119B98-C705-4D51-7590-22C23A5B69FD.dll" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\ccicabfceia.exe" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\cracked version of aero glass for windows 8.1__10924_i1473522581_il1111637.exe" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\Opera_NI_stable.exe" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\setup.exe" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\ShopperProJSINJFull.exe" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\SpOrder.dll" => File/Directory not found.
"C:\Users\RESO\AppData\Local\Temp\tu17p84.exe" => File/Directory not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clean2PC\clean2PC.lnk" => File/Directory not found.
"C:\Program Files (x86)\clean2PC" => File/Directory not found.
EmptyTemp: => Removed 353.6 MB temporary data.
The system needed a reboot.
==== End of Fixlog 18:28:08 ====
========= End of CMD: =========
==== End of Fixlog 19:04:44 ====