Publicité
Publicité
Format du document : text/plain
Prévisualisation
Fix result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by Eric at 2015-07-17 16:56:37 Run:1
Running from C:\Users\Eric\Downloads\Le 17-07-2015
Loaded Profiles: Eric (Available Profiles: Eric)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
createrestorepoint:
closeprocesses:
hosts:
reg: reg query "hkey_local_machine\system\CurrentControlSet\control\session manager"
reg: reg query "hkey_local_machine\system\ControlSet001\control\session manager"
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
c:\Program Files (x86)\Spybot - Search & Destroy 2
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2495529786-3529627654-4235211919-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
BootExecute: autocheck autochk * 쳱ȶꩼQᴈ@煮Q뉠ȳ뉠ȳ
HKU\S-1-5-21-2495529786-3529627654-4235211919-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2495529786-3529627654-4235211919-1001 -> {0C729D25-E0E8-3782-E82D-6694B613FED2} URL =
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
C:\Users\Eric\AppData\Local\Temp\SkypeSetup.exe
reboot:
end
Poste le rapport obtenu.
labougie
Edit;
*****************
Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
========= reg query "hkey_local_machine\system\CurrentControlSet\control\session manager" =========
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager
CriticalSectionTimeout REG_DWORD 0x278d00
GlobalFlag REG_DWORD 0x0
HeapDeCommitFreeBlockThreshold REG_DWORD 0x0
HeapDeCommitTotalFreeThreshold REG_DWORD 0x0
HeapSegmentCommit REG_DWORD 0x0
HeapSegmentReserve REG_DWORD 0x0
ProcessorControl REG_DWORD 0x2
ResourceTimeoutCount REG_DWORD 0x9e340
BootExecute REG_SZ autocheck autochk *
ExcludeFromKnownDlls REG_MULTI_SZ
ObjectDirectories REG_MULTI_SZ \Windows\0\RPC Control
ProtectionMode REG_DWORD 0x1
NumberOfInitialSessions REG_DWORD 0x2
SetupExecute REG_MULTI_SZ
PendingFileRenameOperations REG_MULTI_SZ \??\C:\Users\Eric\AppData\Local\Temp\_iu14D2N.tmp\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\scan.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\fr_FR\LC_MESSAGES\default.mo\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\fr_FR\LC_MESSAGES\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\fr_FR\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\Au_.exe\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\Au_.exe\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\Au_.exe\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\0\??\C:\Users\Eric\AppData\Local\Temp\nsh23DE.tmp\McSplash.dll\0\??\C:\Users\Eric\AppData\Local\Temp\nsh23DE.tmp\\0\??\C:\Windows\system32\drivers\HipShieldK.sys
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\AppCompatCache
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\Configuration Manager
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\DOS Devices
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\Environment
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\Executive
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\FileRenameOperations
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\I/O System
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\kernel
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\KnownDLLs
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\Memory Management
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\Power
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\Quota System
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\SubSystems
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\WPA
========= End of Reg: =========
========= reg query "hkey_local_machine\system\ControlSet001\control\session manager" =========
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager
CriticalSectionTimeout REG_DWORD 0x278d00
GlobalFlag REG_DWORD 0x0
HeapDeCommitFreeBlockThreshold REG_DWORD 0x0
HeapDeCommitTotalFreeThreshold REG_DWORD 0x0
HeapSegmentCommit REG_DWORD 0x0
HeapSegmentReserve REG_DWORD 0x0
ProcessorControl REG_DWORD 0x2
ResourceTimeoutCount REG_DWORD 0x9e340
BootExecute REG_SZ autocheck autochk *
ExcludeFromKnownDlls REG_MULTI_SZ
ObjectDirectories REG_MULTI_SZ \Windows\0\RPC Control
ProtectionMode REG_DWORD 0x1
NumberOfInitialSessions REG_DWORD 0x2
SetupExecute REG_MULTI_SZ
PendingFileRenameOperations REG_MULTI_SZ \??\C:\Users\Eric\AppData\Local\Temp\_iu14D2N.tmp\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\scan.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\fr_FR\LC_MESSAGES\default.mo\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\fr_FR\LC_MESSAGES\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\fr_FR\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\Au_.exe\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\Au_.exe\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\Au_.exe\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\0\??\C:\Users\Eric\AppData\Local\Temp\nsh23DE.tmp\McSplash.dll\0\??\C:\Users\Eric\AppData\Local\Temp\nsh23DE.tmp\\0\??\C:\Windows\system32\drivers\HipShieldK.sys
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\AppCompatCache
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\Configuration Manager
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\DOS Devices
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\Environment
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\Executive
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\FileRenameOperations
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\I/O System
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\kernel
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\KnownDLLs
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\Memory Management
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\Power
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\Quota System
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\SubSystems
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\WPA
========= End of Reg: =========
C:\Windows => ":nlsPreferences" ADS removed successfully.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe => value not found.
c:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => key not found.
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-21-2495529786-3529627654-4235211919-1001\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => key removed successfully
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found.
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"HKU\S-1-5-21-2495529786-3529627654-4235211919-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2495529786-3529627654-4235211919-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0C729D25-E0E8-3782-E82D-6694B613FED2}" => key removed successfully
HKCR\CLSID\{0C729D25-E0E8-3782-E82D-6694B613FED2} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => key removed successfully
HKCR\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/SAFFPlugin" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"C:\Users\Eric\AppData\Local\Temp\SkypeSetup.exe" => File/Folder not found.
Poste le rapport obtenu. => Error: No automatic fix found for this entry.
labougie => Error: No automatic fix found for this entry.
Edit; => Error: No automatic fix found for this entry.
The system needed a reboot..
==== End of Fixlog 16:56:54 ====
Ran by Eric at 2015-07-17 16:56:37 Run:1
Running from C:\Users\Eric\Downloads\Le 17-07-2015
Loaded Profiles: Eric (Available Profiles: Eric)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
createrestorepoint:
closeprocesses:
hosts:
reg: reg query "hkey_local_machine\system\CurrentControlSet\control\session manager"
reg: reg query "hkey_local_machine\system\ControlSet001\control\session manager"
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
c:\Program Files (x86)\Spybot - Search & Destroy 2
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2495529786-3529627654-4235211919-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
BootExecute: autocheck autochk * 쳱ȶꩼQᴈ@煮Q뉠ȳ뉠ȳ
HKU\S-1-5-21-2495529786-3529627654-4235211919-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2495529786-3529627654-4235211919-1001 -> {0C729D25-E0E8-3782-E82D-6694B613FED2} URL =
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
C:\Users\Eric\AppData\Local\Temp\SkypeSetup.exe
reboot:
end
Poste le rapport obtenu.
labougie
Edit;
*****************
Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
========= reg query "hkey_local_machine\system\CurrentControlSet\control\session manager" =========
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager
CriticalSectionTimeout REG_DWORD 0x278d00
GlobalFlag REG_DWORD 0x0
HeapDeCommitFreeBlockThreshold REG_DWORD 0x0
HeapDeCommitTotalFreeThreshold REG_DWORD 0x0
HeapSegmentCommit REG_DWORD 0x0
HeapSegmentReserve REG_DWORD 0x0
ProcessorControl REG_DWORD 0x2
ResourceTimeoutCount REG_DWORD 0x9e340
BootExecute REG_SZ autocheck autochk *
ExcludeFromKnownDlls REG_MULTI_SZ
ObjectDirectories REG_MULTI_SZ \Windows\0\RPC Control
ProtectionMode REG_DWORD 0x1
NumberOfInitialSessions REG_DWORD 0x2
SetupExecute REG_MULTI_SZ
PendingFileRenameOperations REG_MULTI_SZ \??\C:\Users\Eric\AppData\Local\Temp\_iu14D2N.tmp\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\scan.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\fr_FR\LC_MESSAGES\default.mo\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\fr_FR\LC_MESSAGES\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\fr_FR\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\Au_.exe\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\Au_.exe\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\Au_.exe\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\0\??\C:\Users\Eric\AppData\Local\Temp\nsh23DE.tmp\McSplash.dll\0\??\C:\Users\Eric\AppData\Local\Temp\nsh23DE.tmp\\0\??\C:\Windows\system32\drivers\HipShieldK.sys
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\AppCompatCache
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\Configuration Manager
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\DOS Devices
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\Environment
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\Executive
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\FileRenameOperations
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\I/O System
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\kernel
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\KnownDLLs
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\Memory Management
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\Power
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\Quota System
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\SubSystems
HKEY_LOCAL_MACHINE\system\CurrentControlSet\control\session manager\WPA
========= End of Reg: =========
========= reg query "hkey_local_machine\system\ControlSet001\control\session manager" =========
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager
CriticalSectionTimeout REG_DWORD 0x278d00
GlobalFlag REG_DWORD 0x0
HeapDeCommitFreeBlockThreshold REG_DWORD 0x0
HeapDeCommitTotalFreeThreshold REG_DWORD 0x0
HeapSegmentCommit REG_DWORD 0x0
HeapSegmentReserve REG_DWORD 0x0
ProcessorControl REG_DWORD 0x2
ResourceTimeoutCount REG_DWORD 0x9e340
BootExecute REG_SZ autocheck autochk *
ExcludeFromKnownDlls REG_MULTI_SZ
ObjectDirectories REG_MULTI_SZ \Windows\0\RPC Control
ProtectionMode REG_DWORD 0x1
NumberOfInitialSessions REG_DWORD 0x2
SetupExecute REG_MULTI_SZ
PendingFileRenameOperations REG_MULTI_SZ \??\C:\Users\Eric\AppData\Local\Temp\_iu14D2N.tmp\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\scan.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\fr_FR\LC_MESSAGES\default.mo\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dll\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\fr_FR\LC_MESSAGES\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\fr_FR\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\locale\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartmd5.dat\0\??\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\smartdb-ntfs.db\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\Au_.exe\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\Au_.exe\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\Au_.exe\0\??\C:\Users\Eric\AppData\Local\Temp\~nsu.tmp\0\??\C:\Users\Eric\AppData\Local\Temp\nsh23DE.tmp\McSplash.dll\0\??\C:\Users\Eric\AppData\Local\Temp\nsh23DE.tmp\\0\??\C:\Windows\system32\drivers\HipShieldK.sys
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\AppCompatCache
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\Configuration Manager
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\DOS Devices
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\Environment
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\Executive
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\FileRenameOperations
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\I/O System
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\kernel
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\KnownDLLs
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\Memory Management
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\Power
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\Quota System
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\SubSystems
HKEY_LOCAL_MACHINE\system\ControlSet001\control\session manager\WPA
========= End of Reg: =========
C:\Windows => ":nlsPreferences" ADS removed successfully.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe => value not found.
c:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => key not found.
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-21-2495529786-3529627654-4235211919-1001\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => key removed successfully
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found.
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"HKU\S-1-5-21-2495529786-3529627654-4235211919-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2495529786-3529627654-4235211919-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0C729D25-E0E8-3782-E82D-6694B613FED2}" => key removed successfully
HKCR\CLSID\{0C729D25-E0E8-3782-E82D-6694B613FED2} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => key removed successfully
HKCR\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/SAFFPlugin" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"C:\Users\Eric\AppData\Local\Temp\SkypeSetup.exe" => File/Folder not found.
Poste le rapport obtenu. => Error: No automatic fix found for this entry.
labougie => Error: No automatic fix found for this entry.
Edit; => Error: No automatic fix found for this entry.
The system needed a reboot..
==== End of Fixlog 16:56:54 ====