cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 13.01.2018 01
Exécuté par woara (14-01-2018 12:05:52) Run:1
Exécuté depuis C:\Users\woara\Desktop
Profils chargés: woara (Profils disponibles: woara)
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-05-02]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.551\SSScheduler.exe (McAfee, Inc.)
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{357FE1D5-C3D3-4E39-83AF-E41094A8590D}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{357FE1D5-C3D3-4E39-83AF-E41094A8590D}
C:\Windows\System32\Tasks\Driver Booster SkipUAC (woara)
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43464CDA-D197-4910-8D73-F23173764A5D}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{43464CDA-D197-4910-8D73-F23173764A5D}
C:\Windows\System32\Tasks\{F321C470-8A9C-43A1-818A-27FB19B538C6}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4AA1610-FBC8-4FA7-B68A-5A784F57E432}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{E4AA1610-FBC8-4FA7-B68A-5A784F57E432}
C:\Windows\System32\Tasks\{7EE8D0EC-D1B7-4A6F-9AC9-8179999F4BA9}
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|HP Officejet 4620 series (NET)
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Spotify
DeleteValue: HKU\S-1-5-21-228884955-3319345748-3275062577-1001\Software\Microsoft\Windows\CurrentVersion\Run|HP Officejet 4620 series (NET)
DeleteValue: HKU\S-1-5-21-228884955-3319345748-3275062577-1001\Software\Microsoft\Windows\CurrentVersion\Run|Spotify
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} <== Reinstall Software WinRAR32
DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui
DeleteKey: HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} <== Reinstall Software igfxcui
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} <== Reinstall Software WinRAR32
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E1336DA8-C25A-4B36-BD34-E98D9F5E5D05}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3EDD6C0D-A2A5-4020-990A-8CEA41F15C9E}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{CBEC4C45-2CB7-43C4-8F6A-23811EAD5910}C:\users\woara\appdata\local\temp\rar$exa0.359\eotu64ugtest0.03\eotu\binaries\win64\eotu-win64-shipping.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{CAD84CDF-9267-499D-B4AA-E112F90ED125}C:\users\woara\appdata\local\temp\rar$exa0.359\eotu64ugtest0.03\eotu\binaries\win64\eotu-win64-shipping.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{59B907A7-162F-40B7-90F6-BAA549BCC183}C:\users\woara\appdata\local\temp\rar$exa0.135\eotu64ugtest0.03\eotu\binaries\win64\eotu-win64-shipping.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{B303C897-C639-4174-B0EF-FDA591761E9D}C:\users\woara\appdata\local\temp\rar$exa0.135\eotu64ugtest0.03\eotu\binaries\win64\eotu-win64-shipping.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{774F11E5-C6EF-4BBE-86C8-C2D44E685A5B}C:\program files (x86)\hearthstone\hearthstone.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{B98BE2C3-3268-4474-8676-8BB6B047D2DB}C:\program files (x86)\hearthstone\hearthstone.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{D40ED864-A49D-4D65-B466-550756F6EAB0}C:\users\woara\desktop\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{DB6065C4-1AB7-408A-BD2E-F3D11E5AEDA3}C:\users\woara\desktop\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{6E0A06C4-6617-45E9-9FD9-9A1FE9EEC706}C:\users\woara\appdata\local\temp\rar$exa0.913\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{33587E93-9B0F-4B27-B313-6D53FFE9B514}C:\users\woara\appdata\local\temp\rar$exa0.913\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{96A4EA0C-538D-4341-9998-018C4A466D4C}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{26858B18-3097-400D-B734-D8E845F3334E}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{EDFBA2B3-A67B-4F0D-BAA0-CE4F84B9D4A1}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{28FE0F79-0553-4907-9B3B-423841626305}C:\program files\java\jre1.8.0_71\bin\javaw.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5BBDED2C-D4A1-4B38-ABDE-5A877CB438D2}C:\program files\java\jre1.8.0_71\bin\javaw.exe
C:\WINDOWS\Installer\10645e05.msp
C:\WINDOWS\Installer\14eec965.msp
C:\WINDOWS\Installer\159106ec.msp
C:\WINDOWS\Installer\17ae19.msp
C:\WINDOWS\Installer\23cea9af.msp
C:\WINDOWS\Installer\2976a77c.msp
C:\WINDOWS\Installer\3d0b11c7.msp
C:\WINDOWS\Installer\5a4ca2c.msp
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-228884955-3319345748-3275062577-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
Task: {74C80BE5-FE42-43F9-8FF6-548103BFD4C8} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier
AlternateDataStreams: C:\Users\woara:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
EmptyTemp:

*****************

Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => supprimé(es) avec succès
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => déplacé(es) avec succès
C:\Program Files\McAfee Security Scan\3.11.551\SSScheduler.exe => déplacé(es) avec succès
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{357FE1D5-C3D3-4E39-83AF-E41094A8590D} => impossible à supprimer clé. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{357FE1D5-C3D3-4E39-83AF-E41094A8590D} => clé non trouvé(e)
C:\Windows\System32\Tasks\Driver Booster SkipUAC (woara) => déplacé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43464CDA-D197-4910-8D73-F23173764A5D}" => supprimé(es) avec succès
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{43464CDA-D197-4910-8D73-F23173764A5D} => clé non trouvé(e)
C:\Windows\System32\Tasks\{F321C470-8A9C-43A1-818A-27FB19B538C6} => déplacé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4AA1610-FBC8-4FA7-B68A-5A784F57E432}" => supprimé(es) avec succès
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{E4AA1610-FBC8-4FA7-B68A-5A784F57E432} => clé non trouvé(e)
C:\Windows\System32\Tasks\{7EE8D0EC-D1B7-4A6F-9AC9-8179999F4BA9} => déplacé(es) avec succès
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\HP Officejet 4620 series (NET)" => supprimé(es) avec succès
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Spotify" => supprimé(es) avec succès
"HKU\S-1-5-21-228884955-3319345748-3275062577-1001\Software\Microsoft\Windows\CurrentVersion\Run\\HP Officejet 4620 series (NET)" => non trouvé(e)
"HKU\S-1-5-21-228884955-3319345748-3275062577-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify" => non trouvé(e)
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32" => supprimé(es) avec succès
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} <== Reinstall Software WinRAR32 => clé non trouvé(e)
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => supprimé(es) avec succès
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} <== Reinstall Software igfxcui => clé non trouvé(e)
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32" => supprimé(es) avec succès
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} <== Reinstall Software WinRAR32 => clé non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E1336DA8-C25A-4B36-BD34-E98D9F5E5D05}" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3EDD6C0D-A2A5-4020-990A-8CEA41F15C9E}" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CBEC4C45-2CB7-43C4-8F6A-23811EAD5910}C:\users\woara\appdata\local\temp\rar$exa0.359\eotu64ugtest0.03\eotu\binaries\win64\eotu-win64-shipping.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CAD84CDF-9267-499D-B4AA-E112F90ED125}C:\users\woara\appdata\local\temp\rar$exa0.359\eotu64ugtest0.03\eotu\binaries\win64\eotu-win64-shipping.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{59B907A7-162F-40B7-90F6-BAA549BCC183}C:\users\woara\appdata\local\temp\rar$exa0.135\eotu64ugtest0.03\eotu\binaries\win64\eotu-win64-shipping.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B303C897-C639-4174-B0EF-FDA591761E9D}C:\users\woara\appdata\local\temp\rar$exa0.135\eotu64ugtest0.03\eotu\binaries\win64\eotu-win64-shipping.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{774F11E5-C6EF-4BBE-86C8-C2D44E685A5B}C:\program files (x86)\hearthstone\hearthstone.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B98BE2C3-3268-4474-8676-8BB6B047D2DB}C:\program files (x86)\hearthstone\hearthstone.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D40ED864-A49D-4D65-B466-550756F6EAB0}C:\users\woara\desktop\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DB6065C4-1AB7-408A-BD2E-F3D11E5AEDA3}C:\users\woara\desktop\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6E0A06C4-6617-45E9-9FD9-9A1FE9EEC706}C:\users\woara\appdata\local\temp\rar$exa0.913\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{33587E93-9B0F-4B27-B313-6D53FFE9B514}C:\users\woara\appdata\local\temp\rar$exa0.913\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96A4EA0C-538D-4341-9998-018C4A466D4C}" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26858B18-3097-400D-B734-D8E845F3334E}" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDFBA2B3-A67B-4F0D-BAA0-CE4F84B9D4A1}" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{28FE0F79-0553-4907-9B3B-423841626305}C:\program files\java\jre1.8.0_71\bin\javaw.exe" => supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5BBDED2C-D4A1-4B38-ABDE-5A877CB438D2}C:\program files\java\jre1.8.0_71\bin\javaw.exe" => supprimé(es) avec succès
C:\WINDOWS\Installer\10645e05.msp => déplacé(es) avec succès
C:\WINDOWS\Installer\14eec965.msp => déplacé(es) avec succès
C:\WINDOWS\Installer\159106ec.msp => déplacé(es) avec succès
C:\WINDOWS\Installer\17ae19.msp => déplacé(es) avec succès
C:\WINDOWS\Installer\23cea9af.msp => déplacé(es) avec succès
C:\WINDOWS\Installer\2976a77c.msp => déplacé(es) avec succès
C:\WINDOWS\Installer\3d0b11c7.msp => déplacé(es) avec succès
C:\WINDOWS\Installer\5a4ca2c.msp => déplacé(es) avec succès
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => clé non trouvé(e)
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => clé non trouvé(e)
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => clé non trouvé(e)
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => clé non trouvé(e)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} => clé non trouvé(e)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} => clé non trouvé(e)
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL" => supprimé(es) avec succès
HKU\S-1-5-21-228884955-3319345748-3275062577-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => valeur restauré(es) avec succès
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => clé non trouvé(e)
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => clé non trouvé(e)
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74C80BE5-FE42-43F9-8FF6-548103BFD4C8}" => supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74C80BE5-FE42-43F9-8FF6-548103BFD4C8}" => supprimé(es) avec succès
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => clé non trouvé(e)
C:\Users\woara => ":Heroes & Generals" ADS supprimé(es) avec succès
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS supprimé(es) avec succès

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 50229467 B
Java, Flash, Steam htmlcache => 747312341 B
Windows/system/drivers => 190842713 B
Edge => 31368 B
Chrome => 790707328 B
Firefox => 389317701 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 3074870 B
LocalService => 37330 B
NetworkService => 0 B
woara => 20533781 B

RecycleBin => 9324269 B
EmptyTemp: => 2.1 GB données temporaires supprimées.

================================


Le système a dû redémarrer.

==== Fin de Fixlog 12:10:57 ====

Publicité


Signaler le contenu de ce document

Publicité