Nicholasp7
Posts: 21 +0
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-08-2014 02
Ran by Nick at 2014-09-03 08:36:38 Run:1
Running from C:\Users\Nick\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BHO-x32: No Name -> {AB5FD3EB-5A12-AED9-440B-A23A20F4D8C9} -> No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 MBAMScheduler; "C:\Users\Nick\Desktop\Malwarebytes Anti-Malware\mbamscheduler.exe" [X]
S2 MBAMService; "C:\Users\Nick\Desktop\Malwarebytes Anti-Malware\mbamservice.exe" [X]
S4 LMIRfsClientNP; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 cfcfvxsx; \??\C:\Windows\system32\drivers\cfcfvxsx.sys [X]
S2 LMIInfo; \??\D:\Program Files\LogMeIn\x64\RaInfo.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Users\Nick\AppData\Local\Temp\Quarantine.exe
*****************
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB5FD3EB-5A12-AED9-440B-A23A20F4D8C9}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AB5FD3EB-5A12-AED9-440B-A23A20F4D8C9}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
MBAMScheduler => Service deleted successfully.
MBAMService => Service deleted successfully.
LMIRfsClientNP => Service deleted successfully.
catchme => Service deleted successfully.
cfcfvxsx => Service deleted successfully.
LMIInfo => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Users\Nick\AppData\Local\Temp\Quarantine.exe => Moved successfully.
==== End of Fixlog ====
Ran by Nick at 2014-09-03 08:36:38 Run:1
Running from C:\Users\Nick\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BHO-x32: No Name -> {AB5FD3EB-5A12-AED9-440B-A23A20F4D8C9} -> No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 MBAMScheduler; "C:\Users\Nick\Desktop\Malwarebytes Anti-Malware\mbamscheduler.exe" [X]
S2 MBAMService; "C:\Users\Nick\Desktop\Malwarebytes Anti-Malware\mbamservice.exe" [X]
S4 LMIRfsClientNP; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 cfcfvxsx; \??\C:\Windows\system32\drivers\cfcfvxsx.sys [X]
S2 LMIInfo; \??\D:\Program Files\LogMeIn\x64\RaInfo.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Users\Nick\AppData\Local\Temp\Quarantine.exe
*****************
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB5FD3EB-5A12-AED9-440B-A23A20F4D8C9}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AB5FD3EB-5A12-AED9-440B-A23A20F4D8C9}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
MBAMScheduler => Service deleted successfully.
MBAMService => Service deleted successfully.
LMIRfsClientNP => Service deleted successfully.
catchme => Service deleted successfully.
cfcfvxsx => Service deleted successfully.
LMIInfo => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Users\Nick\AppData\Local\Temp\Quarantine.exe => Moved successfully.
==== End of Fixlog ====