Publicité
Publicité
Format du document : text/plain
Prévisualisation
Fix result of Farbar Recovery Scan Tool (x86) Version: 02-11-2017 02
Ran by VURRY (03-11-2017 09:22:21) Run:1
Running from C:\Users\VURRY\Downloads
Loaded Profiles: VURRY (Available Profiles: VURRY)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction - Chrome
CHR HKLM\SOFTWARE\Policies\Google: Restriction
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2197174252-4146362831-129665958-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://mysearch.avg.com/search?cid={7C799F76-AFF7-47DF-BF14-54D92B566D24}&mid=730ef75254d447ccbd97d16e48fd2a33-51a8e8921d85620c3bf12903cbd3b793ddd53638&lang=fr&ds=AVG&coid=avgtbavg&cmpid=1216avz&pr=fr&d=2016-12-06 14:49:58&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
CHR DefaultSearchURL: Profile 4 -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Profile 4 -> hxxp://srch.bar/?s={searchTerms}
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2016-09-03 09:50 - 2016-07-20 13:01 - 000186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\VURRY\AppData\Local\Temp\avguirn_081024567502.exe
2015-11-29 10:48 - 2015-11-29 10:48 - 000000000 _____ () C:\Users\VURRY\AppData\Local\Temp\GUR1512.exe
2017-10-28 10:46 - 2017-10-28 10:46 - 000151040 ___SH () C:\Users\VURRY\AppData\Local\Temp\w2bhlp.dll
2017-10-28 10:46 - 2017-10-28 10:46 - 000110832 ___SH (Microsoft Corporation) C:\Users\VURRY\AppData\Local\Temp\WiNToBootic.exe
Search the Web (Yahoo) (HKLM\...\a92e2408) (Version: - )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {81EAD7EC-9A72-4CBE-96A4-04E9FF6FDD42} - System32\Tasks\{1AEE7F0E-D93F-17C2-AF86-257CA6B4B60F} => C:\Users\VURRY\AppData\Roaming\{DC6FE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\{1AEE7F0E-D93F-17C2-AF86-257CA6B4B60F}.job => C:\Users\VURRY\AppData\Roaming\{DC6FE~1\UPDATE~1.EXE
EmptyTemp:
*****************
Restore point was successfully created.
Processes closed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{26080cad-4adc-49ac-8c63-eda16e595cbd} => key removed successfully.
HKLM\Software\Classes\CLSID\{26080cad-4adc-49ac-8c63-eda16e595cbd} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{f7bb050c-e116-44da-89c2-6f2b68c54836} => key removed successfully.
HKLM\Software\Classes\CLSID\{f7bb050c-e116-44da-89c2-6f2b68c54836} => key not found.
HKU\S-1-5-21-2197174252-4146362831-129665958-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} => key removed successfully.
HKLM\Software\Classes\CLSID\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} => key not found.
Chrome DefaultSearchURL => removed successfully.
Chrome DefaultSuggestURL => removed successfully.
HKLM\System\CurrentControlSet\Services\Synth3dVsc => key removed successfully.
Synth3dVsc => service removed successfully.
HKLM\System\CurrentControlSet\Services\tsusbhub => key removed successfully.
tsusbhub => service removed successfully.
HKLM\System\CurrentControlSet\Services\VGPU => key removed successfully.
VGPU => service removed successfully.
C:\Users\VURRY\AppData\Local\Temp\avguirn_081024567502.exe => moved successfully
C:\Users\VURRY\AppData\Local\Temp\GUR1512.exe => moved successfully
C:\Users\VURRY\AppData\Local\Temp\w2bhlp.dll => moved successfully
C:\Users\VURRY\AppData\Local\Temp\WiNToBootic.exe => moved successfully
Search the Web (Yahoo) (HKLM\...\a92e2408) (Version: - ) => Error: No automatic fix found for this entry.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => key removed successfully.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81EAD7EC-9A72-4CBE-96A4-04E9FF6FDD42} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81EAD7EC-9A72-4CBE-96A4-04E9FF6FDD42} => key removed successfully.
C:\Windows\System32\Tasks\{1AEE7F0E-D93F-17C2-AF86-257CA6B4B60F} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1AEE7F0E-D93F-17C2-AF86-257CA6B4B60F} => key removed successfully.
C:\Windows\Tasks\{1AEE7F0E-D93F-17C2-AF86-257CA6B4B60F}.job => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16911383 B
Java, Flash, Steam htmlcache => 911 B
Windows/system/drivers => 248344262 B
Edge => 0 B
Chrome => 98009345 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 21116204 B
LocalService => 165347 B
NetworkService => 1532810 B
VURRY => 675769513 B
RecycleBin => 10655248 B
EmptyTemp: => 1 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 09:23:58 ====
Ran by VURRY (03-11-2017 09:22:21) Run:1
Running from C:\Users\VURRY\Downloads
Loaded Profiles: VURRY (Available Profiles: VURRY)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction - Chrome
CHR HKLM\SOFTWARE\Policies\Google: Restriction
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2197174252-4146362831-129665958-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://mysearch.avg.com/search?cid={7C799F76-AFF7-47DF-BF14-54D92B566D24}&mid=730ef75254d447ccbd97d16e48fd2a33-51a8e8921d85620c3bf12903cbd3b793ddd53638&lang=fr&ds=AVG&coid=avgtbavg&cmpid=1216avz&pr=fr&d=2016-12-06 14:49:58&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
CHR DefaultSearchURL: Profile 4 -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Profile 4 -> hxxp://srch.bar/?s={searchTerms}
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2016-09-03 09:50 - 2016-07-20 13:01 - 000186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\VURRY\AppData\Local\Temp\avguirn_081024567502.exe
2015-11-29 10:48 - 2015-11-29 10:48 - 000000000 _____ () C:\Users\VURRY\AppData\Local\Temp\GUR1512.exe
2017-10-28 10:46 - 2017-10-28 10:46 - 000151040 ___SH () C:\Users\VURRY\AppData\Local\Temp\w2bhlp.dll
2017-10-28 10:46 - 2017-10-28 10:46 - 000110832 ___SH (Microsoft Corporation) C:\Users\VURRY\AppData\Local\Temp\WiNToBootic.exe
Search the Web (Yahoo) (HKLM\...\a92e2408) (Version: - )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {81EAD7EC-9A72-4CBE-96A4-04E9FF6FDD42} - System32\Tasks\{1AEE7F0E-D93F-17C2-AF86-257CA6B4B60F} => C:\Users\VURRY\AppData\Roaming\{DC6FE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\{1AEE7F0E-D93F-17C2-AF86-257CA6B4B60F}.job => C:\Users\VURRY\AppData\Roaming\{DC6FE~1\UPDATE~1.EXE
EmptyTemp:
*****************
Restore point was successfully created.
Processes closed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{26080cad-4adc-49ac-8c63-eda16e595cbd} => key removed successfully.
HKLM\Software\Classes\CLSID\{26080cad-4adc-49ac-8c63-eda16e595cbd} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{f7bb050c-e116-44da-89c2-6f2b68c54836} => key removed successfully.
HKLM\Software\Classes\CLSID\{f7bb050c-e116-44da-89c2-6f2b68c54836} => key not found.
HKU\S-1-5-21-2197174252-4146362831-129665958-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} => key removed successfully.
HKLM\Software\Classes\CLSID\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} => key not found.
Chrome DefaultSearchURL => removed successfully.
Chrome DefaultSuggestURL => removed successfully.
HKLM\System\CurrentControlSet\Services\Synth3dVsc => key removed successfully.
Synth3dVsc => service removed successfully.
HKLM\System\CurrentControlSet\Services\tsusbhub => key removed successfully.
tsusbhub => service removed successfully.
HKLM\System\CurrentControlSet\Services\VGPU => key removed successfully.
VGPU => service removed successfully.
C:\Users\VURRY\AppData\Local\Temp\avguirn_081024567502.exe => moved successfully
C:\Users\VURRY\AppData\Local\Temp\GUR1512.exe => moved successfully
C:\Users\VURRY\AppData\Local\Temp\w2bhlp.dll => moved successfully
C:\Users\VURRY\AppData\Local\Temp\WiNToBootic.exe => moved successfully
Search the Web (Yahoo) (HKLM\...\a92e2408) (Version: - ) => Error: No automatic fix found for this entry.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => key removed successfully.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81EAD7EC-9A72-4CBE-96A4-04E9FF6FDD42} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81EAD7EC-9A72-4CBE-96A4-04E9FF6FDD42} => key removed successfully.
C:\Windows\System32\Tasks\{1AEE7F0E-D93F-17C2-AF86-257CA6B4B60F} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1AEE7F0E-D93F-17C2-AF86-257CA6B4B60F} => key removed successfully.
C:\Windows\Tasks\{1AEE7F0E-D93F-17C2-AF86-257CA6B4B60F}.job => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16911383 B
Java, Flash, Steam htmlcache => 911 B
Windows/system/drivers => 248344262 B
Edge => 0 B
Chrome => 98009345 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 21116204 B
LocalService => 165347 B
NetworkService => 1532810 B
VURRY => 675769513 B
RecycleBin => 10655248 B
EmptyTemp: => 1 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 09:23:58 ====