Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02 Ran by Saliom at 2014-05-26 21:32:47 Run:1 Running from D:\Bureau Boot Mode: Normal ============================================== Content of fixlist: ***************** Start S2 system; C:\Windows\System32\system\svchost.exe [0 2014-05-23] () C:\Windows\System32\system\svchost.exe file: C:\ProgramData\rescue.vbe file: C:\Users\Mariage.lnk folder: C:\security folder: C:\Kernel folder: C:\UsbFix file: C:\config.dat C:\Users\Saliom\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3_6gom.dll C:\Users\Saliom\AppData\Local\Temp\nircmd.exe C:\Users\Saliom\AppData\Local\Temp\pv.exe C:\Users\Saliom\AppData\Local\Temp\vfind.exe C:\Users\Update.dat C:\Windows\System32\Tasks\CCleanerSkipUAC cmd: md c:\users\Saliom\desktop\tosubmit cmd: copy C:\ProgramData\rescue.vbe c:\users\Saliom\desktop\tosubmit cmd: Copy C:\Users\Mariage.lnk c:\users\Saliom\desktop\tosubmit End ***************** system => Service not found. C:\Windows\System32\system\svchost.exe => Moved successfully. ========================= file: C:\ProgramData\rescue.vbe ======================== MD5: 0AF9E8059F91BB22ED163C882AB29C73 Creation and modification date: 2014-05-23 23:43 - 2014-05-23 23:43 Size: 0001890 Attributes: ---AC Company Name: Internal Name: Original Name: Product Name: Description: File Version: Product Version: Copyright: ====== End Of File: ====== ========================= file: C:\Users\Mariage.lnk ======================== MD5: 452DB2886C2AE517D3C82164A87BDA39 Creation and modification date: 2014-05-23 23:43 - 2014-05-23 23:43 Size: 0000897 Attributes: ---RC Company Name: Internal Name: Original Name: Product Name: Description: File Version: Product Version: Copyright: ====== End Of File: ====== ========================= folder: C:\security ======================== 2014-05-23 23:43 - 2014-05-24 00:05 - 0716931 ____C () C:\security\blood.dat 2014-05-23 23:43 - 2013-12-16 17:24 - 0168960 ____C (Microsoft Corporation) C:\security\svchost.exe 2014-05-23 23:43 - 2014-05-23 23:43 - 0000125 ____C () C:\security\system.vbs 1601-01-01 01:00 - 1601-01-01 01:00 - 0000000 _____ () C:\security\lpt1 ====== End of Folder: ====== ========================= folder: C:\Kernel ======================== 2014-05-23 23:43 - 2014-05-21 07:21 - 0716931 __SHC () C:\Kernel\r00t3r 1601-01-01 01:00 - 1601-01-01 01:00 - 0000000 _____ () C:\Kernel\lpt1 ====== End of Folder: ====== ========================= folder: C:\UsbFix ======================== 2014-05-23 23:21 - 2014-05-23 23:21 - 0304233 ____C (El Desaparecido - SosVirus.net - UsbFix.net) C:\UsbFix\Un-UsbFix.exe 2014-05-18 17:27 - 2014-05-18 17:27 - 1662976 ____C () C:\UsbFix\UsbFix.exe 2014-05-23 23:21 - 2014-05-23 23:22 - 0000000 ___DC () C:\UsbFix\Log 2014-05-23 23:22 - 2014-05-23 23:23 - 0009194 ____C () C:\UsbFix\Log\UsbFix [Scan 1] PC.txt 2014-05-23 23:21 - 2014-05-23 23:21 - 0000000 ___DC () C:\UsbFix\Quarantine 2014-05-23 23:21 - 2014-05-23 23:21 - 0000000 RSHDC () C:\UsbFix\Quarantine\UpMalware 2014-05-23 23:21 - 2014-05-23 23:21 - 0000000 RSHDC () C:\UsbFix\Res 2013-12-16 20:45 - 2013-12-16 20:45 - 0038599 _RSHC () C:\UsbFix\Res\11.jpg 2014-01-25 08:28 - 2014-01-25 08:28 - 0014965 _RSHC () C:\UsbFix\Res\12.jpg 2014-01-20 19:15 - 2014-01-20 19:15 - 0015654 _RSHC () C:\UsbFix\Res\121.jpg 2013-12-15 19:03 - 2013-12-15 19:03 - 0016949 _RSHC () C:\UsbFix\Res\2.jpg 2014-01-20 19:16 - 2014-01-20 19:16 - 0031730 _RSHC () C:\UsbFix\Res\28.jpg 2013-12-16 18:02 - 2013-12-16 18:02 - 0027589 _RSHC () C:\UsbFix\Res\3.jpg 2013-12-16 19:28 - 2013-12-16 19:28 - 0048873 _RSHC () C:\UsbFix\Res\4.jpg 2013-12-16 18:29 - 2013-12-16 18:29 - 0031072 _RSHC () C:\UsbFix\Res\5.jpg 2013-12-16 18:30 - 2013-12-16 18:30 - 0025901 _RSHC () C:\UsbFix\Res\6.jpg 2013-12-16 18:31 - 2013-12-16 18:31 - 0030689 _RSHC () C:\UsbFix\Res\7.jpg 2013-12-16 18:53 - 2013-12-16 18:53 - 0007370 _RSHC () C:\UsbFix\Res\8.jpg 2013-12-16 19:36 - 2013-12-16 19:36 - 0023783 _RSHC () C:\UsbFix\Res\9.jpg 2014-01-24 17:43 - 2014-01-24 17:43 - 0032883 _RSHC () C:\UsbFix\Res\acueil.jpg 2014-05-11 11:12 - 2014-05-11 11:12 - 0013159 _RSHC () C:\UsbFix\Res\Apply.jpg 2014-05-11 11:13 - 2014-05-11 11:13 - 0012745 _RSHC () C:\UsbFix\Res\ApplyOver.jpg 2014-05-16 19:26 - 2014-05-16 19:26 - 0036655 _RSHC () C:\UsbFix\Res\bitdefender.png 2014-05-16 19:37 - 2014-05-16 19:37 - 0055556 _RSHC () C:\UsbFix\Res\bitdefender2.png 2014-04-28 17:26 - 2014-04-28 17:26 - 0041547 _RSHC () C:\UsbFix\Res\Blood.png 2014-04-28 11:29 - 2014-04-28 11:29 - 0059390 _RSHC () C:\UsbFix\Res\Blood-1.png 2014-05-11 15:40 - 2014-05-11 15:40 - 0044306 _RSHC () C:\UsbFix\Res\BloodOptions.png 2014-04-22 11:03 - 2014-04-22 11:03 - 0006439 _RSHC () C:\UsbFix\Res\disk-cdrom-icon.jpg 2014-04-22 11:01 - 2014-04-22 11:01 - 0008262 _RSHC () C:\UsbFix\Res\disk-fixe-icon.jpg 2014-04-22 11:03 - 2014-04-22 11:03 - 0008559 _RSHC () C:\UsbFix\Res\disk-usb-icon.jpg 2014-05-09 17:16 - 2014-05-09 17:16 - 0015751 _RSHC () C:\UsbFix\Res\donate.jpg 2014-05-10 13:01 - 2014-05-10 13:01 - 0015929 _RSHC () C:\UsbFix\Res\donateover.jpg 2014-05-09 17:16 - 2014-05-09 17:16 - 0015250 _RSHC () C:\UsbFix\Res\facebook.jpg 2014-05-10 13:32 - 2014-05-10 13:32 - 0015873 _RSHC () C:\UsbFix\Res\facebookover.jpg 2014-05-09 17:16 - 2014-05-09 17:16 - 0015259 _RSHC () C:\UsbFix\Res\forum.jpg 2014-05-10 13:34 - 2014-05-10 13:34 - 0015462 _RSHC () C:\UsbFix\Res\forumover.jpg 2014-04-27 14:35 - 2014-04-27 14:35 - 0031260 _RSHC () C:\UsbFix\Res\Home.jpg 2014-01-19 13:40 - 2014-01-19 13:40 - 0067646 _RSHC () C:\UsbFix\Res\Initizialize.ico 2014-05-10 14:19 - 2014-05-10 14:19 - 0015381 _RSHC () C:\UsbFix\Res\listing.jpg 2014-05-10 14:20 - 2014-05-10 14:20 - 0015682 _RSHC () C:\UsbFix\Res\listingover.jpg 2014-03-05 11:48 - 2014-03-05 11:48 - 0058387 _RSHC () C:\UsbFix\Res\logo.jpg 2014-04-02 10:12 - 2014-04-02 10:12 - 0027768 _RSHC () C:\UsbFix\Res\logo_simple.png 2014-05-11 11:11 - 2014-05-11 11:11 - 0014693 _RSHC () C:\UsbFix\Res\LogoSetting.jpg 2013-10-19 11:08 - 2013-10-19 11:08 - 0022657 _RSHC () C:\UsbFix\Res\monstre110.png 2014-05-17 10:12 - 2014-05-17 10:12 - 0007344 _RSHC () C:\UsbFix\Res\monstre80.png 2014-05-10 14:22 - 2014-05-10 14:22 - 0016398 _RSHC () C:\UsbFix\Res\options.jpg 2014-05-10 14:22 - 2014-05-10 14:22 - 0016658 _RSHC () C:\UsbFix\Res\optionsover.jpg 2014-05-09 17:15 - 2014-05-09 17:15 - 0015538 _RSHC () C:\UsbFix\Res\quitter.jpg 2014-05-10 13:33 - 2014-05-10 13:33 - 0015895 _RSHC () C:\UsbFix\Res\quitterover.jpg 2014-04-28 13:19 - 2014-04-28 13:19 - 0010442 _RSHC () C:\UsbFix\Res\RMFYD.png 2014-03-22 11:22 - 2014-03-22 11:22 - 0005854 _RSHC () C:\UsbFix\Res\RMFYD_1.png 2014-03-22 11:22 - 2014-03-22 11:22 - 0005641 _RSHC () C:\UsbFix\Res\RMFYD_2.png 2014-03-05 11:44 - 2014-03-05 11:44 - 0060431 _RSHC () C:\UsbFix\Res\scan.jpg 2014-04-22 09:57 - 2014-04-22 09:57 - 0008127 _RSHC () C:\UsbFix\Res\scan-icon.jpg 2014-05-11 17:24 - 2014-05-11 17:24 - 0006762 _RSHC () C:\UsbFix\Res\scan-loupe-icon.jpg 2014-03-05 11:56 - 2014-03-05 11:56 - 0059562 _RSHC () C:\UsbFix\Res\scanover.jpg 2014-04-28 15:19 - 2014-04-28 15:19 - 0009662 _RSHC () C:\UsbFix\Res\settings.ico 2014-01-08 12:54 - 2014-01-08 12:54 - 0251366 _RSHC () C:\UsbFix\Res\sosvirus.ico 2014-02-21 08:41 - 2014-02-21 08:41 - 0120270 _RSHC () C:\UsbFix\Res\splash.png 2014-03-03 11:18 - 2014-03-03 11:18 - 0014517 _RSHC () C:\UsbFix\Res\su.png 2014-03-05 12:01 - 2014-03-05 12:01 - 0060583 _RSHC () C:\UsbFix\Res\suppr.jpg 2014-03-05 11:59 - 2014-03-05 11:59 - 0059551 _RSHC () C:\UsbFix\Res\supprover.jpg 2014-01-15 13:10 - 2014-01-15 13:10 - 0118784 _RSHC () C:\UsbFix\Res\Thumbs.db 2014-05-09 17:15 - 2014-05-09 17:15 - 0015456 _RSHC () C:\UsbFix\Res\twitter.jpg 2014-05-10 13:32 - 2014-05-10 13:32 - 0016036 _RSHC () C:\UsbFix\Res\twitterover.jpg 2013-11-03 15:29 - 2013-11-03 15:29 - 0270398 _RSHC () C:\UsbFix\Res\UsbFix.ico 2014-05-09 17:16 - 2014-05-09 17:16 - 0014718 _RSHC () C:\UsbFix\Res\vaccin.jpg 2014-05-10 13:33 - 2014-05-10 13:33 - 0015383 _RSHC () C:\UsbFix\Res\vaccinover.jpg 2014-05-23 23:21 - 2014-05-23 23:49 - 0000000 RSHDC () C:\UsbFix\Tools 2014-05-23 23:23 - 2014-05-23 23:23 - 0000082 _RSHC () C:\UsbFix\Tools\$Fire 2008-12-22 12:16 - 2008-12-22 12:16 - 0284160 _RSHC (SteelWerX) C:\UsbFix\Tools\swreg.com 2014-05-23 23:21 - 2014-05-23 23:21 - 0000000 RSHDC () C:\UsbFix\Upload ====== End of Folder: ====== ========================= file: C:\config.dat ======================== MD5: A1D37C8DFEA42AC6B51F19DF39B5B588 Creation and modification date: 2014-05-23 23:43 - 2014-05-24 00:00 Size: 0716931 Attributes: -ASHC Company Name: Internal Name: Original Name: Product Name: Description: File Version: Product Version: Copyright: ====== End Of File: ====== C:\Users\Saliom\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3_6gom.dll => Moved successfully. C:\Users\Saliom\AppData\Local\Temp\nircmd.exe => Moved successfully. C:\Users\Saliom\AppData\Local\Temp\pv.exe => Moved successfully. C:\Users\Saliom\AppData\Local\Temp\vfind.exe => Moved successfully. C:\Users\Update.dat => Moved successfully. C:\Windows\System32\Tasks\CCleanerSkipUAC => Moved successfully. ========= md c:\users\Saliom\desktop\tosubmit ========= ========= End of CMD: ========= ========= copy C:\ProgramData\rescue.vbe c:\users\Saliom\desktop\tosubmit ========= 1 fichier(s) copi‚(s). ========= End of CMD: ========= ========= Copy C:\Users\Mariage.lnk c:\users\Saliom\desktop\tosubmit ========= 1 fichier(s) copi‚(s). ========= End of CMD: ========= ==== End of Fixlog ====