Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 31-08-2019
Exécuté par Sacha (04-09-2019 01:53:19) Run:2
Exécuté depuis C:\Users\Sacha\Desktop
Profils chargés: Sacha (Profils disponibles: Sacha & Invité)
Mode d'amorçage: Normal
==============================================
fixlist contenu:
*****************
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-189589398-992967775-3723316039-1000\...\MountPoints2: {4f4a8a7d-4c3b-11e7-b934-7c0507d278e4} - F:\startme.exe
HKU\S-1-5-21-189589398-992967775-3723316039-1000\...\MountPoints2: {9db16a13-a1e6-11e8-ae9d-7c0507d278e4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-189589398-992967775-3723316039-1000\...\MountPoints2: {9db16a18-a1e6-11e8-ae9d-7c0507d278e4} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-189589398-992967775-3723316039-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-09-02] (Google LLC -> Google LLC)
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|AVGUI.exe
C:\Program Files (x86)\Popcorn Time\Updater.exe
DeleteKey: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Popcorn-Time
DeleteKey: HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
DeleteKey: HKCU\SOFTWARE\Popcorn Time
DeleteKey: HKCU\SOFTWARE\PopcornTime
DeleteKey: HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\Popcorn Time
DeleteKey: HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\PopcornTime
C:\Program Files (x86)\Popcorn Time
C:\Users\Sacha\AppData\Local\Popcorn-Time
C:\Users\Sacha\AppData\Local\PopcornTime
C:\Users\Sacha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn-Time
C:\Windows\Installer\61341d4.msp
C:\Windows\Installer\bf749.msp
C:\Program Files (x86)\Remote Mouse
CHR StartupUrls: Default -> "hxxps://www.google.fr/?gws_rd=ssl","hxxps://mail.ru/cnt/10445?gp=811570","hxxps://www.google.com/"
CHR DefaultSearchKeyword: Default -> google.fr__
R2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
R2 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> Pas de fichier
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => E:\Program Files\Windows Sidebar\sbdrop.dll -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__TimerInstruction->SethomePage Interval Timer::
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\__EventFilter->EventFilter sethomePage2::[Query => Select * From __timerevent Where TimerId = "SethomePage Interval Timer"]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
EmptyTemp:
*****************
Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f4a8a7d-4c3b-11e7-b934-7c0507d278e4} => non trouvé(e)
HKLM\Software\Classes\CLSID\{4f4a8a7d-4c3b-11e7-b934-7c0507d278e4} => non trouvé(e)
HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9db16a13-a1e6-11e8-ae9d-7c0507d278e4} => non trouvé(e)
HKLM\Software\Classes\CLSID\{9db16a13-a1e6-11e8-ae9d-7c0507d278e4} => non trouvé(e)
HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9db16a18-a1e6-11e8-ae9d-7c0507d278e4} => non trouvé(e)
HKLM\Software\Classes\CLSID\{9db16a18-a1e6-11e8-ae9d-7c0507d278e4} => non trouvé(e)
"HKU\S-1-5-21-189589398-992967775-3723316039-1000\Control Panel\Desktop\\SCRNSAVE.EXE" => non trouvé(e)
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => non trouvé(e)
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AVGUI.exe" => non trouvé(e)
"C:\Program Files (x86)\Popcorn Time\Updater.exe" => non trouvé(e)
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Popcorn-Time => non trouvé(e)
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID => non trouvé(e)
HKCU\SOFTWARE\Popcorn Time => non trouvé(e)
HKCU\SOFTWARE\PopcornTime => non trouvé(e)
HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\Popcorn Time => non trouvé(e)
HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\PopcornTime => non trouvé(e)
"C:\Program Files (x86)\Popcorn Time" => non trouvé(e)
"C:\Users\Sacha\AppData\Local\Popcorn-Time" => non trouvé(e)
"C:\Users\Sacha\AppData\Local\PopcornTime" => non trouvé(e)
"C:\Users\Sacha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn-Time" => non trouvé(e)
"C:\Windows\Installer\61341d4.msp" => non trouvé(e)
"C:\Windows\Installer\bf749.msp" => non trouvé(e)
"C:\Program Files (x86)\Remote Mouse" => non trouvé(e)
"Chrome StartupUrls" => supprimé(es) avec succès
"Chrome DefaultSearchKeyword" => non trouvé(e)
WinDefend => service non trouvé(e).
WMPNetworkSvc => service non trouvé(e).
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => non trouvé(e)
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => non trouvé(e)
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ContextMenuExt => non trouvé(e)
HKLM\Software\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => non trouvé(e)
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => non trouvé(e)
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => non trouvé(e)
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => non trouvé(e)
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => non trouvé(e)
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => non trouvé(e)
"SethomePage Interval Timer" => non trouvé(e)
"SethomePage Interval Timer" => non trouvé(e)
"BVTFilter" => non trouvé(e)
"EventFilter sethomePage2" => non trouvé(e)
"BVTConsumer" => non trouvé(e)
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2100480 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 18972878 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Sacha => 31627 B
Invité => 0 B
RecycleBin => 0 B
EmptyTemp: => 28.1 MB données temporaires supprimées.
================================
Le système a dû redémarrer.
==== Fin de Fixlog 01:53:39 ====
Exécuté par Sacha (04-09-2019 01:53:19) Run:2
Exécuté depuis C:\Users\Sacha\Desktop
Profils chargés: Sacha (Profils disponibles: Sacha & Invité)
Mode d'amorçage: Normal
==============================================
fixlist contenu:
*****************
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-189589398-992967775-3723316039-1000\...\MountPoints2: {4f4a8a7d-4c3b-11e7-b934-7c0507d278e4} - F:\startme.exe
HKU\S-1-5-21-189589398-992967775-3723316039-1000\...\MountPoints2: {9db16a13-a1e6-11e8-ae9d-7c0507d278e4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-189589398-992967775-3723316039-1000\...\MountPoints2: {9db16a18-a1e6-11e8-ae9d-7c0507d278e4} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-189589398-992967775-3723316039-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-09-02] (Google LLC -> Google LLC)
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|AVGUI.exe
C:\Program Files (x86)\Popcorn Time\Updater.exe
DeleteKey: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Popcorn-Time
DeleteKey: HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
DeleteKey: HKCU\SOFTWARE\Popcorn Time
DeleteKey: HKCU\SOFTWARE\PopcornTime
DeleteKey: HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\Popcorn Time
DeleteKey: HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\PopcornTime
C:\Program Files (x86)\Popcorn Time
C:\Users\Sacha\AppData\Local\Popcorn-Time
C:\Users\Sacha\AppData\Local\PopcornTime
C:\Users\Sacha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn-Time
C:\Windows\Installer\61341d4.msp
C:\Windows\Installer\bf749.msp
C:\Program Files (x86)\Remote Mouse
CHR StartupUrls: Default -> "hxxps://www.google.fr/?gws_rd=ssl","hxxps://mail.ru/cnt/10445?gp=811570","hxxps://www.google.com/"
CHR DefaultSearchKeyword: Default -> google.fr__
R2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
R2 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> Pas de fichier
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => E:\Program Files\Windows Sidebar\sbdrop.dll -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__TimerInstruction->SethomePage Interval Timer::
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\__EventFilter->EventFilter sethomePage2::[Query => Select * From __timerevent Where TimerId = "SethomePage Interval Timer"]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
EmptyTemp:
*****************
Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f4a8a7d-4c3b-11e7-b934-7c0507d278e4} => non trouvé(e)
HKLM\Software\Classes\CLSID\{4f4a8a7d-4c3b-11e7-b934-7c0507d278e4} => non trouvé(e)
HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9db16a13-a1e6-11e8-ae9d-7c0507d278e4} => non trouvé(e)
HKLM\Software\Classes\CLSID\{9db16a13-a1e6-11e8-ae9d-7c0507d278e4} => non trouvé(e)
HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9db16a18-a1e6-11e8-ae9d-7c0507d278e4} => non trouvé(e)
HKLM\Software\Classes\CLSID\{9db16a18-a1e6-11e8-ae9d-7c0507d278e4} => non trouvé(e)
"HKU\S-1-5-21-189589398-992967775-3723316039-1000\Control Panel\Desktop\\SCRNSAVE.EXE" => non trouvé(e)
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => non trouvé(e)
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AVGUI.exe" => non trouvé(e)
"C:\Program Files (x86)\Popcorn Time\Updater.exe" => non trouvé(e)
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Popcorn-Time => non trouvé(e)
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID => non trouvé(e)
HKCU\SOFTWARE\Popcorn Time => non trouvé(e)
HKCU\SOFTWARE\PopcornTime => non trouvé(e)
HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\Popcorn Time => non trouvé(e)
HKU\S-1-5-21-189589398-992967775-3723316039-1000\SOFTWARE\PopcornTime => non trouvé(e)
"C:\Program Files (x86)\Popcorn Time" => non trouvé(e)
"C:\Users\Sacha\AppData\Local\Popcorn-Time" => non trouvé(e)
"C:\Users\Sacha\AppData\Local\PopcornTime" => non trouvé(e)
"C:\Users\Sacha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn-Time" => non trouvé(e)
"C:\Windows\Installer\61341d4.msp" => non trouvé(e)
"C:\Windows\Installer\bf749.msp" => non trouvé(e)
"C:\Program Files (x86)\Remote Mouse" => non trouvé(e)
"Chrome StartupUrls" => supprimé(es) avec succès
"Chrome DefaultSearchKeyword" => non trouvé(e)
WinDefend => service non trouvé(e).
WMPNetworkSvc => service non trouvé(e).
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => non trouvé(e)
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => non trouvé(e)
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ContextMenuExt => non trouvé(e)
HKLM\Software\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => non trouvé(e)
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => non trouvé(e)
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => non trouvé(e)
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => non trouvé(e)
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => non trouvé(e)
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => non trouvé(e)
"SethomePage Interval Timer" => non trouvé(e)
"SethomePage Interval Timer" => non trouvé(e)
"BVTFilter" => non trouvé(e)
"EventFilter sethomePage2" => non trouvé(e)
"BVTConsumer" => non trouvé(e)
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2100480 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 18972878 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Sacha => 31627 B
Invité => 0 B
RecycleBin => 0 B
EmptyTemp: => 28.1 MB données temporaires supprimées.
================================
Le système a dû redémarrer.
==== Fin de Fixlog 01:53:39 ====