cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-07-2014
Ran by Pierre at 2014-07-02 18:33:26 Run:1
Running from C:\Users\Pierre\Desktop
Boot Mode: Safe Mode (with Networking)
==============================================

Content of fixlist:
*****************
start
HKLM-x32\...\Run: []
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\Run: [3690d8ef93d0e170a26b28590efa9122]
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\Run: [693d5f65d36e42d63e26f33781007b13]
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\Run: [iexplore] => wscript.exe //B "iexplore.vbs"
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\Run: [21430559_Adsl] => wscript.exe //B "C:\Users\Pierre\AppData\Roaming\21430559_Adsl.vbs"
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\Run: [e021b9e9d0deb5d7e860e77c6ac2e06a] => .. [0 2014-05-15] ()
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\Run: [uwllyzimdj] => wscript.exe //B "C:\Users\Pierre\AppData\Roaming\uwllyzimdj..vbs"
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\Run: [whsrltaiyj] => wscript.exe //B "C:\Users\Pierre\AppData\Roaming\whsrltaiyj..vbs"
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\Run: [explorer] => wscript.exe //B "explorer.vbs"
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\Run: [winlogon] => wscript.exe //B "winlogon.vbs"
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\Run: [a08be681ee110e94daadc14b0d594035] => C:\Users\Pierre\AppData\Roaming\MpsSvc.exe
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\Run: [97335ed968c8d21501810d2516770677] => C:\Users\Pierre\AppData\Roaming\csrss.exe
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\MountPoints2: {fd181f48-1fbe-11e2-a061-806e6f6e6963} - D:\setup.exe
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\97335ed968c8d21501810d2516770677.exe ()
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a08be681ee110e94daadc14b0d594035.exe ()
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ares.lnk
ShortcutTarget: Ares.lnk -> C:\Users\Pierre\AppData\Local\Temp\Server.exe (No File)
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ATI6a.lnk
ShortcutTarget: ATI6a.lnk -> C:\Users\Pierre\AppData\Local\Temp\ATI6.exe ()
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorer.vbs ()
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iexplore.vbs ()
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft2014.lnk
ShortcutTarget: Microsoft2014.lnk -> C:\Users\Pierre\AppData\Local\Temp\Windows2014.exe ()
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update-Wind.lnk
ShortcutTarget: Update-Wind.lnk -> C:\Users\Pierre\AppData\Local\Temp\Windows-Sp.exe (No File)
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uwllyzimdj..vbs ()
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\whsrltaiyj..vbs ()
Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winlogon.vbs ()
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A}
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524}
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A}
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524}
C:\Users\Pierre\AppData\Roaming\csrss.exe
C:\Users\Pierre\AppData\Roaming\MpsSvc.exe
C:\Users\Pierre\AppData\Roaming\csrss.exe
C:\Users\Pierre\taskhost.exe
C:\Users\Invité\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pierre\AppData\Local\Temp\ATI6.exe
C:\Users\Pierre\AppData\Local\Temp\avgnt.exe
C:\Users\Pierre\AppData\Local\Temp\Windows2014.exe
Task: {D252AAED-C991-472E-9BC1-70734C162A9A} - \GoforFilesUpdate
Task: {FB46BB1D-AA6E-419C-8F20-133B45C608EB} - \YourFile Update
end
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HKLM-x32\...\Run: [] => Value not found.
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\Run: [3690d8ef93d0e170a26b28590efa9122] => Value not found.
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\...\Run: [693d5f65d36e42d63e26f33781007b13] => Value not found.
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\Software\Microsoft\Windows\CurrentVersion\Run\\iexplore => value deleted successfully.
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\Software\Microsoft\Windows\CurrentVersion\Run\\21430559_Adsl => value deleted successfully.
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\Software\Microsoft\Windows\CurrentVersion\Run\\e021b9e9d0deb5d7e860e77c6ac2e06a => value deleted successfully.
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uwllyzimdj => value deleted successfully.
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\Software\Microsoft\Windows\CurrentVersion\Run\\whsrltaiyj => value deleted successfully.
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\Software\Microsoft\Windows\CurrentVersion\Run\\explorer => value deleted successfully.
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\Software\Microsoft\Windows\CurrentVersion\Run\\winlogon => value deleted successfully.
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\Software\Microsoft\Windows\CurrentVersion\Run\\a08be681ee110e94daadc14b0d594035 => value deleted successfully.
HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\Software\Microsoft\Windows\CurrentVersion\Run\\97335ed968c8d21501810d2516770677 => value deleted successfully.
'HKU\S-1-5-21-1782731079-4137701228-2646092641-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd181f48-1fbe-11e2-a061-806e6f6e6963}' => Key deleted successfully.
'HKCR\CLSID\{fd181f48-1fbe-11e2-a061-806e6f6e6963}'=> Key not found.
C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\97335ed968c8d21501810d2516770677.exe => Moved successfully.
C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a08be681ee110e94daadc14b0d594035.exe => Moved successfully.
C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ares.lnk => Moved successfully.
C:\Users\Pierre\AppData\Local\Temp\Server.exe not found.
C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ATI6a.lnk => Moved successfully.
C:\Users\Pierre\AppData\Local\Temp\ATI6.exe => Moved successfully.
C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\explorer.vbs => Moved successfully.
C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iexplore.vbs => Moved successfully.
C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft2014.lnk => Moved successfully.
C:\Users\Pierre\AppData\Local\Temp\Windows2014.exe => Moved successfully.
C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update-Wind.lnk => Moved successfully.
C:\Users\Pierre\AppData\Local\Temp\Windows-Sp.exe not found.
C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uwllyzimdj..vbs => Moved successfully.
C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\whsrltaiyj..vbs => Moved successfully.
C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winlogon.vbs => Moved successfully.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A}'=> Key not found.
'HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}'=> Key not found.
'HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524}'=> Key not found.
'HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Classes\CLSID\ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A}'=> Key not found.
'HKLM\Software\Wow6432Node\Classes\CLSID\ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}'=> Key not found.
'HKLM\Software\Wow6432Node\Classes\CLSID\ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524}'=> Key not found.
'HKLM\Software\Wow6432Node\Classes\CLSID\ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524}'=> Key not found.
C:\Users\Pierre\AppData\Roaming\csrss.exe => Moved successfully.
C:\Users\Pierre\AppData\Roaming\MpsSvc.exe => Moved successfully.
"C:\Users\Pierre\AppData\Roaming\csrss.exe" => File/Directory not found.
C:\Users\Pierre\taskhost.exe => Moved successfully.
C:\Users\Invité\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
"C:\Users\Pierre\AppData\Local\Temp\ATI6.exe" => File/Directory not found.
C:\Users\Pierre\AppData\Local\Temp\avgnt.exe => Moved successfully.
"C:\Users\Pierre\AppData\Local\Temp\Windows2014.exe" => File/Directory not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D252AAED-C991-472E-9BC1-70734C162A9A}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D252AAED-C991-472E-9BC1-70734C162A9A}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FB46BB1D-AA6E-419C-8F20-133B45C608EB}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB46BB1D-AA6E-419C-8F20-133B45C608EB}' => Key deleted successfully.

==== End of Fixlog ====

Publicité


Signaler le contenu de ce document

Publicité