Publicité
Publicité
Format du document : text/plain
Prévisualisation
Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Roland at 2015-06-20 10:19:14 Run:1
Running from C:\Users\Roland\Downloads
Loaded Profiles: Roland (Available Profiles: Roland)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Format du document : text/plain
start
CloseProcesses:
CreateRestorePoint:
C: PROGRAM Files REIMAGE\Reimage Protector\ReiGuard.exe
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\6\Plugin.exe
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\3\Plugin.exe
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\4\Plugin.exe
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\5\Plugin.exe
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\2\Plugin.exe
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\8\Plugin.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
SearchScopes: HKLM -> OldSearch URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_15_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtDyBzyyDzyzztC0B0F0DtByByE0AtCtN0D0Tzu0StCtBtAzytN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StByEzzyBzy0F0DtBtGyC0FyEyEtGyE0CzytDtGtAtAzzzztGyCyB0Bzz0EyDtAyBzyyDtBtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0DyByEyB0CtDyEtG0FtD0E0FtGyEyEtCtBtGzyzyzz0AtG0FtD0AyEtC0CtA0F0DyCtBtA2QtN0A0LzuyE%26cr%3D1612253123%26a%3Dwncy_secureddownload_15_21%26os%3DWindows 8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3157952996-1925456827-2438661710-1001 -> OldSearch URL = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_15_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtDyBzyyDzyzztC0B0F0DtByByE0AtCtN0D0Tzu0StCtBtAzytN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StByEzzyBzy0F0DtBtGyC0FyEyEtGyE0CzytDtGtAtAzzzztGyCyB0Bzz0EyDtAyBzyyDtBtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0DyByEyB0CtDyEtG0FtD0E0FtGyEyEtCtBtGzyzyzz0AtG0FtD0AyEtC0CtA0F0DyCtBtA2QtN0A0LzuyE%26cr%3D1612253123%26a%3Dwncy_secureddownload_15_21%26os%3DWindows 8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3157952996-1925456827-2438661710-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
CHR HKU\S-1-5-21-3157952996-1925456827-2438661710-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
2015-06-18 16:36 - 2015-06-18 16:36 - 00000000 ____H C:\Users\Roland\AppData\Local\BITA47.tmp
2015-06-18 16:34 - 2015-04-23 02:24 - 00000093 _____ C:\Users\Roland\AppData\Roaming\sp_data.sys
2015-04-23 02:24 - 2015-06-18 16:34 - 0000093 _____ () C:\Users\Roland\AppData\Roaming\sp_data.sys
2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage) <==== ATTENTION
Task: {C164FA8C-6C2C-4DDC-9AC1-30B636257601} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
Task: {E678C35E-39DB-49E2-85E2-D1DA4C3DD416} - \ReimageUpdater No Task File <==== ATTENTION
EmptyTemp:
end
*****************
Format du document : text/plain => Error: No automatic fix found for this entry.
Processes closed successfully.
Restore point was successfully created.
C: PROGRAM Files REIMAGE\Reimage Protector\ReiGuard.exe => Error: No automatic fix found for this entry.
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\6\Plugin.exe => moved successfully.
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\3\Plugin.exe => moved successfully.
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\4\Plugin.exe => moved successfully.
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\5\Plugin.exe => moved successfully.
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\2\Plugin.exe => moved successfully.
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\8\Plugin.exe => moved successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
HKU\CHR HKLM SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION\SOFTWARE\Policies\Google => key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\OldSearch" => key removed successfully
HKCR\CLSID\OldSearch => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKU\S-1-5-21-3157952996-1925456827-2438661710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\OldSearch" => key removed successfully
HKCR\CLSID\OldSearch => key not found.
"HKU\S-1-5-21-3157952996-1925456827-2438661710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKU\S-1-5-21-3157952996-1925456827-2438661710-1001\SOFTWARE\Google\Chrome\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko" => key removed successfully
ReimageRealTimeProtector => Service removed successfully
"C:\Users\Roland\AppData\Local\BITA47.tmp" => File/Folder not found.
C:\Users\Roland\AppData\Roaming\sp_data.sys => moved successfully.
"C:\Users\Roland\AppData\Roaming\sp_data.sys" => File/Folder not found.
C:\ProgramData\SetStretch.exe => moved successfully.
C:\ProgramData\SetStretch.VBS => moved successfully.
"C:\ProgramData\SetStretch.exe" => File/Folder not found.
"C:\ProgramData\SetStretch.VBS" => File/Folder not found.
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage) <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C164FA8C-6C2C-4DDC-9AC1-30B636257601}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C164FA8C-6C2C-4DDC-9AC1-30B636257601}" => key removed successfully
C:\Windows\System32\Tasks\LaunchPreSignup => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchPreSignup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E678C35E-39DB-49E2-85E2-D1DA4C3DD416}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E678C35E-39DB-49E2-85E2-D1DA4C3DD416}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater" => key removed successfully
EmptyTemp: => 65.5 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 10:20:34 ====
Ran by Roland at 2015-06-20 10:19:14 Run:1
Running from C:\Users\Roland\Downloads
Loaded Profiles: Roland (Available Profiles: Roland)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Format du document : text/plain
start
CloseProcesses:
CreateRestorePoint:
C: PROGRAM Files REIMAGE\Reimage Protector\ReiGuard.exe
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\6\Plugin.exe
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\3\Plugin.exe
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\4\Plugin.exe
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\5\Plugin.exe
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\2\Plugin.exe
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\8\Plugin.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
SearchScopes: HKLM -> OldSearch URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_15_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtDyBzyyDzyzztC0B0F0DtByByE0AtCtN0D0Tzu0StCtBtAzytN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StByEzzyBzy0F0DtBtGyC0FyEyEtGyE0CzytDtGtAtAzzzztGyCyB0Bzz0EyDtAyBzyyDtBtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0DyByEyB0CtDyEtG0FtD0E0FtGyEyEtCtBtGzyzyzz0AtG0FtD0AyEtC0CtA0F0DyCtBtA2QtN0A0LzuyE%26cr%3D1612253123%26a%3Dwncy_secureddownload_15_21%26os%3DWindows 8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3157952996-1925456827-2438661710-1001 -> OldSearch URL = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_15_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtDyBzyyDzyzztC0B0F0DtByByE0AtCtN0D0Tzu0StCtBtAzytN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StByEzzyBzy0F0DtBtGyC0FyEyEtGyE0CzytDtGtAtAzzzztGyCyB0Bzz0EyDtAyBzyyDtBtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0DyByEyB0CtDyEtG0FtD0E0FtGyEyEtCtBtGzyzyzz0AtG0FtD0AyEtC0CtA0F0DyCtBtA2QtN0A0LzuyE%26cr%3D1612253123%26a%3Dwncy_secureddownload_15_21%26os%3DWindows 8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3157952996-1925456827-2438661710-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1429879288&from=corfr&uid=ST1000LM024XHN-M101MBB_S32XJ9BF991428&q={searchTerms}
CHR HKU\S-1-5-21-3157952996-1925456827-2438661710-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
2015-06-18 16:36 - 2015-06-18 16:36 - 00000000 ____H C:\Users\Roland\AppData\Local\BITA47.tmp
2015-06-18 16:34 - 2015-04-23 02:24 - 00000093 _____ C:\Users\Roland\AppData\Roaming\sp_data.sys
2015-04-23 02:24 - 2015-06-18 16:34 - 0000093 _____ () C:\Users\Roland\AppData\Roaming\sp_data.sys
2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage) <==== ATTENTION
Task: {C164FA8C-6C2C-4DDC-9AC1-30B636257601} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
Task: {E678C35E-39DB-49E2-85E2-D1DA4C3DD416} - \ReimageUpdater No Task File <==== ATTENTION
EmptyTemp:
end
*****************
Format du document : text/plain => Error: No automatic fix found for this entry.
Processes closed successfully.
Restore point was successfully created.
C: PROGRAM Files REIMAGE\Reimage Protector\ReiGuard.exe => Error: No automatic fix found for this entry.
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\6\Plugin.exe => moved successfully.
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\3\Plugin.exe => moved successfully.
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\4\Plugin.exe => moved successfully.
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\5\Plugin.exe => moved successfully.
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\2\Plugin.exe => moved successfully.
C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugins\8\Plugin.exe => moved successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
HKU\CHR HKLM SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION\SOFTWARE\Policies\Google => key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\OldSearch" => key removed successfully
HKCR\CLSID\OldSearch => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKU\S-1-5-21-3157952996-1925456827-2438661710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\OldSearch" => key removed successfully
HKCR\CLSID\OldSearch => key not found.
"HKU\S-1-5-21-3157952996-1925456827-2438661710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKU\S-1-5-21-3157952996-1925456827-2438661710-1001\SOFTWARE\Google\Chrome\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko" => key removed successfully
ReimageRealTimeProtector => Service removed successfully
"C:\Users\Roland\AppData\Local\BITA47.tmp" => File/Folder not found.
C:\Users\Roland\AppData\Roaming\sp_data.sys => moved successfully.
"C:\Users\Roland\AppData\Roaming\sp_data.sys" => File/Folder not found.
C:\ProgramData\SetStretch.exe => moved successfully.
C:\ProgramData\SetStretch.VBS => moved successfully.
"C:\ProgramData\SetStretch.exe" => File/Folder not found.
"C:\ProgramData\SetStretch.VBS" => File/Folder not found.
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage) <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C164FA8C-6C2C-4DDC-9AC1-30B636257601}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C164FA8C-6C2C-4DDC-9AC1-30B636257601}" => key removed successfully
C:\Windows\System32\Tasks\LaunchPreSignup => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchPreSignup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E678C35E-39DB-49E2-85E2-D1DA4C3DD416}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E678C35E-39DB-49E2-85E2-D1DA4C3DD416}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater" => key removed successfully
EmptyTemp: => 65.5 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 10:20:34 ====