cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Fix result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by Elodie at 2015-06-05 13:54:47 Run:1
Running from C:\Users\Elodie\Desktop
Loaded Profiles: Elodie (Available Profiles: Elodie)
Boot Mode: Normal
==============================================

fixlist content:
*****************
START
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
HKLM SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-863468509-2547012645-337239753-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
FF Plugin: @adobe.com/FlashPlayer -> C: WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll [2013-06-11]
FF Plugin-x32: @adobe.com/FlashPlayer -> C: WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll [2013-06-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR HKLM-x32\...\Chrome\Extension: [gfkbfjcbkhnmiignagpkiijohkcdkffb] - https://clients2.google.com/service/update2/crx
2015-06-03 09:16 - 2015-06-04 10:34 - 00000000 ____D C:\Program Files (x86)\SegmentSustainer
2015-05-26 07:03 - 2015-06-04 10:34 - 00000000 ____D C:\Users\Elodie\AppData\Roaming\fRTKhcG
2015-05-26 07:03 - 2015-06-04 10:34 - 00000000 ____D C:\Users\Elodie\AppData\Roaming\05vLLdo
2015-05-26 07:03 - 2015-05-26 07:03 - 00003282 _____ C:\Windows\System32\Tasks\GuLTkIEpovjDarZ
2015-05-26 07:03 - 2015-05-26 07:03 - 00003242 _____ C:\Windows\System32\Tasks\kWVX7dRBKpHzd6W
2015-03-17 19:14 - 2015-06-04 10:34 - 00000000 ____D C:\Program Files (x86)\07ee6061-df96-4f44-8bfd-ed7c2f7cf505
2015-03-13 19:10 - 2015-06-04 10:34 - 00000000 ____D C:\Program Files (x86)\7d7a5934-e73d-47c5-916b-69b4e684bbc1
2015-03-11 12:55 - 2015-03-11 12:55 - 00003152 _____ C:\Windows\System32\Tasks\{92C7598D-DE6F-4FAE-B810-00684973BFD1}
2015-03-08 16:33 - 2015-06-04 10:34 - 00000000 ____D C:\Program Files (x86)\9035f52e-f3c2-46f7-b0ce-2c59ee20f497
2015-06-04 10:34 - 2015-02-20 12:49 - 00000000 ____D C:\Program Files (x86)\93dabc92-2c3c-49f6-b30b-6fb9e1094381
2015-06-04 08:59 - 2015-02-26 11:26 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-02-23 15:44 - 2015-02-23 15:44 - 0613057 _____ (CMI Limited) C:\Users\Elodie\AppData\Local\nse2F17.tmp
2015-02-23 15:49 - 2015-02-23 15:49 - 0613057 _____ (CMI Limited) C:\Users\Elodie\AppData\Local\nsg26DD.tmp
2015-03-19 21:00 - 2015-03-19 21:00 - 0628688 _____ (CMI Limited) C:\Users\Elodie\AppData\Local\nsnDAAE.tmp
2015-02-23 16:27 - 2015-02-23 16:27 - 0628496 _____ (CMI Limited) C:\Users\Elodie\AppData\Local\nsv3EAE.tmp
2015-02-23 15:34 - 2015-02-23 15:33 - 0613057 _____ (CMI Limited) C:\Users\Elodie\AppData\Local\nsvA7A0.tmp
2015-02-23 18:21 - 2015-02-23 18:21 - 0613057 _____ (CMI Limited) C:\Users\Elodie\AppData\Local\nsy7DB3.tmp
2015-02-23 17:54 - 2015-02-23 17:53 - 0613057 _____ (CMI Limited) C:\Users\Elodie\AppData\Local\nsy92F4.tmp
C:\Windows\pss\McAfee SECURITY SCAN Plus.lnk.CommonStartup
Task: {005D2220-A201-466D-964A-E5030C6BB82F} - \AdobeFlashPlayerUpdate 2 No Task File
Task: {447F2EC7-4B1E-4767-9E27-15CD5C93E192} - \AdobeFlashPlayerUpdate No Task File
Task: {5563D523-290F-4F92-928D-873134B3D59A} - System32\Tasks\kWVX7dRBKpHzd6W => C:\Users\Elodie\AppData\Roaming\05vLLdo\MNgTcKw.exe
Task: {6EE29BF8-15AE-4F3B-B574-A7E31C681DE0} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\Elodie\AppData\Roaming\~slxtyrq.exe
Task: {760502E2-5F35-4CBF-B865-9D1CC0014F04} - System32\Tasks\GuLTkIEpovjDarZ => C:\Users\Elodie\AppData\Roaming\fRTKhcG\aLzIqF9.exe
Task: {999ADC65-E0D3-4690-8F93-11F89A2DACD1} - System32\Tasks\WIN-statsAdmin => C:\Users\Elodie\AppData\Local\Microsoft\WinU\~iwlizny.exe
Task: {A2935A2A-6494-4047-8007-095585C5CB12} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\Elodie\AppData\Roaming\~fulytol.exe
Task: {AED5CFF6-C3B0-4BE5-BF53-89D677FCCA4B} - System32\Tasks\WIN-fIGbfFfEGCfFGEGbfCfE => C:\Users\Elodie\AppData\Roaming\~nvpohzd.exe
Task: {DB5DC35E-4ED1-4100-B0E6-1D166ADA7FD0} - System32\Tasks\{92C7598D-DE6F-4FAE-B810-00684973BFD1}
Task: {FDF89235-A0E2-41A9-AF9E-BC94C5E06FB8} - System32\Tasks\pgmEez6gQN1W2Lo => C:\Users\Elodie\AppData\Roaming\blBnaWb\JztT4tv.exe
FirewallRules: [{9AA0A62E-2825-4A62-9121-2D2F4308A580}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{F8C0FB6D-683F-4E7C-859B-18639D34B8E9}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{6539BF77-C475-484A-A8DF-F2D49E5C810A}] => (Allow) C:\Program Files (x86)\ClearThink\bin\ClearThink.BRT.Helper.exe
FirewallRules: [{0F322F71-51E2-4D1E-941F-4FF47659D04F}] => (Allow) C:\Program Files (x86)\ClearThink\bin\ClearThink.BRT.Helper.exe
FirewallRules: [TCP Query User{6D05BBB2-3247-4407-A355-36853D501FBC}C:\program files (x86)\emule\emule.exe] => (Block) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{EE6454A5-5012-4491-9E5B-2822F425FAB3}C:\program files (x86)\emule\emule.exe] => (Block) C:\program files (x86)\emule\emule.exe
end
*****************

Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-863468509-2547012645-337239753-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-863468509-2547012645-337239753-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

Restore point was successfully created.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}" => key removed successfully
HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-863468509-2547012645-337239753-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => key removed successfully
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer" => key removed successfully
"FF Plugin: @adobe.com/FlashPlayer -> C: WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll [2013-06-11]" => not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer" => key removed successfully
FF Plugin-x32: @adobe.com/FlashPlayer -> C: WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll [2013-06-11] () not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gfkbfjcbkhnmiignagpkiijohkcdkffb" => key removed successfully
C:\Program Files (x86)\SegmentSustainer => moved successfully.
C:\Users\Elodie\AppData\Roaming\fRTKhcG => moved successfully.
C:\Users\Elodie\AppData\Roaming\05vLLdo => moved successfully.
C:\Windows\System32\Tasks\GuLTkIEpovjDarZ => moved successfully.
C:\Windows\System32\Tasks\kWVX7dRBKpHzd6W => moved successfully.
C:\Program Files (x86)\07ee6061-df96-4f44-8bfd-ed7c2f7cf505 => moved successfully.
C:\Program Files (x86)\7d7a5934-e73d-47c5-916b-69b4e684bbc1 => moved successfully.
C:\Windows\System32\Tasks\{92C7598D-DE6F-4FAE-B810-00684973BFD1} => moved successfully.
C:\Program Files (x86)\9035f52e-f3c2-46f7-b0ce-2c59ee20f497 => moved successfully.
C:\Program Files (x86)\93dabc92-2c3c-49f6-b30b-6fb9e1094381 => moved successfully.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.
C:\Users\Elodie\AppData\Local\nse2F17.tmp => moved successfully.
C:\Users\Elodie\AppData\Local\nsg26DD.tmp => moved successfully.
C:\Users\Elodie\AppData\Local\nsnDAAE.tmp => moved successfully.
C:\Users\Elodie\AppData\Local\nsv3EAE.tmp => moved successfully.
C:\Users\Elodie\AppData\Local\nsvA7A0.tmp => moved successfully.
C:\Users\Elodie\AppData\Local\nsy7DB3.tmp => moved successfully.
C:\Users\Elodie\AppData\Local\nsy92F4.tmp => moved successfully.
C:\Windows\pss\McAfee SECURITY SCAN Plus.lnk.CommonStartup => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{005D2220-A201-466D-964A-E5030C6BB82F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{005D2220-A201-466D-964A-E5030C6BB82F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{447F2EC7-4B1E-4767-9E27-15CD5C93E192}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{447F2EC7-4B1E-4767-9E27-15CD5C93E192}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5563D523-290F-4F92-928D-873134B3D59A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5563D523-290F-4F92-928D-873134B3D59A}" => key removed successfully
C:\Windows\System32\Tasks\kWVX7dRBKpHzd6W not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\kWVX7dRBKpHzd6W" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6EE29BF8-15AE-4F3B-B574-A7E31C681DE0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EE29BF8-15AE-4F3B-B574-A7E31C681DE0}" => key removed successfully
C:\Windows\System32\Tasks\WIN-fdfEfEfAfC => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-fdfEfEfAfC" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{760502E2-5F35-4CBF-B865-9D1CC0014F04}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{760502E2-5F35-4CBF-B865-9D1CC0014F04}" => key removed successfully
C:\Windows\System32\Tasks\GuLTkIEpovjDarZ not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GuLTkIEpovjDarZ" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{999ADC65-E0D3-4690-8F93-11F89A2DACD1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{999ADC65-E0D3-4690-8F93-11F89A2DACD1}" => key removed successfully
C:\Windows\System32\Tasks\WIN-statsAdmin => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsAdmin" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A2935A2A-6494-4047-8007-095585C5CB12}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2935A2A-6494-4047-8007-095585C5CB12}" => key removed successfully
C:\Windows\System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-GGfIfEGCfEGbGffIfCfEGC" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AED5CFF6-C3B0-4BE5-BF53-89D677FCCA4B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AED5CFF6-C3B0-4BE5-BF53-89D677FCCA4B}" => key removed successfully
C:\Windows\System32\Tasks\WIN-fIGbfFfEGCfFGEGbfCfE => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-fIGbfFfEGCfFGEGbfCfE" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB5DC35E-4ED1-4100-B0E6-1D166ADA7FD0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB5DC35E-4ED1-4100-B0E6-1D166ADA7FD0}" => key removed successfully
C:\Windows\System32\Tasks\{92C7598D-DE6F-4FAE-B810-00684973BFD1} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{92C7598D-DE6F-4FAE-B810-00684973BFD1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FDF89235-A0E2-41A9-AF9E-BC94C5E06FB8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDF89235-A0E2-41A9-AF9E-BC94C5E06FB8}" => key removed successfully
C:\Windows\System32\Tasks\pgmEez6gQN1W2Lo => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pgmEez6gQN1W2Lo" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9AA0A62E-2825-4A62-9121-2D2F4308A580} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F8C0FB6D-683F-4E7C-859B-18639D34B8E9} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6539BF77-C475-484A-A8DF-F2D49E5C810A} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0F322F71-51E2-4D1E-941F-4FF47659D04F} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6D05BBB2-3247-4407-A355-36853D501FBC}C:\program files (x86)\emule\emule.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EE6454A5-5012-4491-9E5B-2822F425FAB3}C:\program files (x86)\emule\emule.exe => value removed successfully
EmptyTemp: => 3.4 GB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 14:03:01 ====

Publicité


Signaler le contenu de ce document

Publicité