Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 30-10-2021
Exécuté par user (01-11-2021 17:34:48) Run:2
Exécuté depuis C:\Users\user\Downloads
Profils chargés: user
Mode d'amorçage: Normal
==============================================
fixlist contenu:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-06-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Program Files (x86)\Touch Portal\plugins\adb\platform-tools;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
FirewallRules: [UDP Query User{A1CA2825-0E12-498B-A06A-D04F56CB8E90}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [TCP Query User{61950C38-DDD3-4C3E-A342-1217A80EE9A2}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [UDP Query User{BAFDA43E-5682-4DA5-80C9-D6F71881A913}C:\program files\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_241\bin\javaw.exe => Pas de fichier
FirewallRules: [TCP Query User{DB63120F-8EA7-4F66-956A-0DB6E6BF6686}C:\program files\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_241\bin\javaw.exe => Pas de fichier
CHR Extension: (ExpressVPN : proxy VPN pour une connexion sécurisée) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgddmllnllkalaagkghckoinaemmogpe [2021-06-22]
Express Zip - Compresseur de fichiers (HKLM-x32\...\ExpressZip) (Version: 8.12 - NCH Software)
AV: Norton Security (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75}
Wondershare FilmoraPro (HKLM\...\{92F289A8-A52F-4779-8382-4B91055D7D8D}) (Version: 2.3.10723.54848 - Wondershare)
FirewallRules: [UDP Query User{4F0CA934-5E4D-4BF4-8D9B-2707045AA0AB}C:\users\user\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\user\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => Pas de fichier
FirewallRules: [TCP Query User{E7F5CD3F-B2BD-4306-8E8C-949A5CFEC15F}C:\users\user\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\user\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => Pas de fichier
FirewallRules: [UDP Query User{2DC97F68-8263-48CB-93BA-19EE883B9B06}C:\users\user\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\user\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => Pas de fichier
FirewallRules: [TCP Query User{B39A2FCB-CE16-4F93-A24B-CEA1C650EC23}C:\users\user\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\user\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => Pas de fichier
C:\Windows\System32\cmd.exe cmd /c powershell -Command Add-MpPreference -ExclusionPath @(($pwd).path, $env:UserProfile,$env:AppData,$env:Temp,$env:SystemRoot,$env:HomeDrive,$env:SystemDrive) -Force & powershell -Command Add-MpPreference -ExclusionExtension @('exe','dll') -Force & exit
() [Fichier non signé] C:\Users\user\AppData\Roaming\Microsoft\Libs\sihost64.exe
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2021-10-13]
FirewallRules: [UDP Query User{A1CA2825-0E12-498B-A06A-D04F56CB8E90}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [TCP Query User{61950C38-DDD3-4C3E-A342-1217A80EE9A2}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [UDP Query User{BAFDA43E-5682-4DA5-80C9-D6F71881A913}C:\program files\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_241\bin\javaw.exe => Pas de fichier
FirewallRules: [TCP Query User{DB63120F-8EA7-4F66-956A-0DB6E6BF6686}C:\program files\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_241\bin\javaw.exe => Pas de fichier
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2552352709-2022222001-3759235135-1001\...\Run: [winlogon] => C:\Program Files (x86)\microsoft\winlogon.exe [3698196 2021-10-30] (Microsoft Corporation) [Fichier non signé] <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {4C3EC906-F0B8-4956-8068-8406C9A92212} - System32\Tasks\services => C:\Users\user\AppData\Roaming\services.exe [18268180 2021-10-23] (Process Explorer) [Fichier non signé] <==== ATTENTION
Task: {56B46FBB-4BF5-4E3F-BEA2-FDB5D6578D9E} - System32\Tasks\winlogon => C:\Program Files (x86)\microsoft\winlogon.exe [3698196 2021-10-30] (Microsoft Corporation) [Fichier non signé] <==== ATTENTION
Task: {A0210F36-E11F-4026-9615-4CC78CD86825} - System32\Tasks\WmiPrvSE => C:\WINDOWS\system32\WmiPrvSE.exe [5684224 2021-10-31] (Avast) [Fichier non signé] <==== ATTENTION
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-12] (Oracle America, Inc. -> Oracle Corporation)
CHR DefaultSearchURL: Default -> hxxps//search.yahoo.com/search?fr=mcafee_uninternational&type=E210BE91082G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
R2 WindowsInput; C:\WINDOWS\SysWOW64\WindowsInput.exe [21504 2021-10-30] (Microsoft) [Fichier non signé]
2021-10-30 23:38 - 2021-10-30 23:38 - 000009216 _____ () C:\Users\user\AppData\Roaming\winlog.exe
2021-10-30 23:38 - 2021-10-30 23:38 - 000001348 _____ C:\Users\user\Desktop\ETS2-Tool.0.0.7.lnk
2021-10-30 23:38 - 2021-10-30 23:38 - 000000357 _____ C:\WINDOWS\SysWOW64\WindowsInput.exe.config
2021-10-30 23:38 - 2021-10-30 23:38 - 000000357 _____ C:\Users\user\AppData\Roaming\winlog.exe.config
2021-10-30 23:38 - 2021-10-23 23:58 - 018268180 _____ (Process Explorer) C:\Users\user\AppData\Roaming\services.exe
2021-10-24 06:39 - 2021-10-24 06:39 - 000234272 _____ (AVAST Software) C:\Users\user\AppData\Roaming\avast.exe
2021-05-31 16:52 - 2021-05-31 16:52 - 000007605 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
EmptyTemp:
Reboot:
*****************
Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => non trouvé(e)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation) => Erreur: Pas de correction automatique trouvée pour cet élément.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => non trouvé(e)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => non trouvé(e)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Program Files (x86)\Touch Portal\plugins\adb\platform-tools;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ => Erreur: Pas de correction automatique trouvée pour cet élément.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\SunJavaUpdateSched" => non trouvé(e)
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A1CA2825-0E12-498B-A06A-D04F56CB8E90}C:\program files\java\jre1.8.0_291\bin\javaw.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{61950C38-DDD3-4C3E-A342-1217A80EE9A2}C:\program files\java\jre1.8.0_291\bin\javaw.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BAFDA43E-5682-4DA5-80C9-D6F71881A913}C:\program files\java\jre1.8.0_241\bin\javaw.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DB63120F-8EA7-4F66-956A-0DB6E6BF6686}C:\program files\java\jre1.8.0_241\bin\javaw.exe" => non trouvé(e)
CHR Extension: (ExpressVPN : proxy VPN pour une connexion sécurisée) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgddmllnllkalaagkghckoinaemmogpe [2021-06-22] => Erreur: Pas de correction automatique trouvée pour cet élément.
Express Zip - Compresseur de fichiers (HKLM-x32\...\ExpressZip) (Version: 8.12 - NCH Software) => Erreur: Pas de correction automatique trouvée pour cet élément.
"AV: Norton Security (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75}" => non trouvé(e)
Wondershare FilmoraPro (HKLM\...\{92F289A8-A52F-4779-8382-4B91055D7D8D}) (Version: 2.3.10723.54848 - Wondershare) => Erreur: Pas de correction automatique trouvée pour cet élément.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4F0CA934-5E4D-4BF4-8D9B-2707045AA0AB}C:\users\user\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E7F5CD3F-B2BD-4306-8E8C-949A5CFEC15F}C:\users\user\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2DC97F68-8263-48CB-93BA-19EE883B9B06}C:\users\user\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B39A2FCB-CE16-4F93-A24B-CEA1C650EC23}C:\users\user\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => non trouvé(e)
"C:\Windows\System32\cmd.exe cmd \c powershell -Command Add-MpPreference -ExclusionPath @(($pwd).path, $env:UserProfile,$env:AppData,$env:Temp,$env:SystemRoot,$env:HomeDrive,$env:SystemDrive) -Force & powershell -Command Add-MpPreference -ExclusionExtension @('exe','dll') -Force & exit" => non trouvé(e)
C:\Users\user\AppData\Roaming\Microsoft\Libs\sihost64.exe => Aucun processus actif trouvé
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2021-10-13] => Erreur: Pas de correction automatique trouvée pour cet élément.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A1CA2825-0E12-498B-A06A-D04F56CB8E90}C:\program files\java\jre1.8.0_291\bin\javaw.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{61950C38-DDD3-4C3E-A342-1217A80EE9A2}C:\program files\java\jre1.8.0_291\bin\javaw.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BAFDA43E-5682-4DA5-80C9-D6F71881A913}C:\program files\java\jre1.8.0_241\bin\javaw.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DB63120F-8EA7-4F66-956A-0DB6E6BF6686}C:\program files\java\jre1.8.0_241\bin\javaw.exe" => non trouvé(e)
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => non trouvé(e)
"HKU\S-1-5-21-2552352709-2022222001-3759235135-1001\Software\Microsoft\Windows\CurrentVersion\Run\\winlogon" => non trouvé(e)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C3EC906-F0B8-4956-8068-8406C9A92212}" => non trouvé(e)
"C:\WINDOWS\System32\Tasks\services" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\services" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56B46FBB-4BF5-4E3F-BEA2-FDB5D6578D9E}" => non trouvé(e)
"C:\WINDOWS\System32\Tasks\winlogon" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\winlogon" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0210F36-E11F-4026-9615-4CC78CD86825}" => non trouvé(e)
"C:\WINDOWS\System32\Tasks\WmiPrvSE" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WmiPrvSE" => non trouvé(e)
HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.291.2 => non trouvé(e)
"C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll" => non trouvé(e)
HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.291.2 => non trouvé(e)
"C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll" => non trouvé(e)
"Chrome DefaultSearchURL" => non trouvé(e)
"Chrome DefaultSearchKeyword" => non trouvé(e)
WindowsInput => service non trouvé(e).
"C:\Users\user\AppData\Roaming\winlog.exe" => non trouvé(e)
"C:\Users\user\Desktop\ETS2-Tool.0.0.7.lnk" => non trouvé(e)
"C:\WINDOWS\SysWOW64\WindowsInput.exe.config" => non trouvé(e)
"C:\Users\user\AppData\Roaming\winlog.exe.config" => non trouvé(e)
"C:\Users\user\AppData\Roaming\services.exe" => non trouvé(e)
"C:\Users\user\AppData\Roaming\avast.exe" => non trouvé(e)
"C:\Users\user\AppData\Local\Resmon.ResmonCfg" => non trouvé(e)
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9481344 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 183973187 B
Firefox => 610811835 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 43958 B
user => 532026028 B
RecycleBin => 0 B
EmptyTemp: => 1.2 GB données temporaires supprimées.
================================
Le système a dû redémarrer.
==== Fin de Fixlog 17:40:21 ====
Exécuté par user (01-11-2021 17:34:48) Run:2
Exécuté depuis C:\Users\user\Downloads
Profils chargés: user
Mode d'amorçage: Normal
==============================================
fixlist contenu:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-06-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Program Files (x86)\Touch Portal\plugins\adb\platform-tools;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
FirewallRules: [UDP Query User{A1CA2825-0E12-498B-A06A-D04F56CB8E90}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [TCP Query User{61950C38-DDD3-4C3E-A342-1217A80EE9A2}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [UDP Query User{BAFDA43E-5682-4DA5-80C9-D6F71881A913}C:\program files\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_241\bin\javaw.exe => Pas de fichier
FirewallRules: [TCP Query User{DB63120F-8EA7-4F66-956A-0DB6E6BF6686}C:\program files\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_241\bin\javaw.exe => Pas de fichier
CHR Extension: (ExpressVPN : proxy VPN pour une connexion sécurisée) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgddmllnllkalaagkghckoinaemmogpe [2021-06-22]
Express Zip - Compresseur de fichiers (HKLM-x32\...\ExpressZip) (Version: 8.12 - NCH Software)
AV: Norton Security (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75}
Wondershare FilmoraPro (HKLM\...\{92F289A8-A52F-4779-8382-4B91055D7D8D}) (Version: 2.3.10723.54848 - Wondershare)
FirewallRules: [UDP Query User{4F0CA934-5E4D-4BF4-8D9B-2707045AA0AB}C:\users\user\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\user\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => Pas de fichier
FirewallRules: [TCP Query User{E7F5CD3F-B2BD-4306-8E8C-949A5CFEC15F}C:\users\user\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\user\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => Pas de fichier
FirewallRules: [UDP Query User{2DC97F68-8263-48CB-93BA-19EE883B9B06}C:\users\user\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\user\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => Pas de fichier
FirewallRules: [TCP Query User{B39A2FCB-CE16-4F93-A24B-CEA1C650EC23}C:\users\user\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\user\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => Pas de fichier
C:\Windows\System32\cmd.exe cmd /c powershell -Command Add-MpPreference -ExclusionPath @(($pwd).path, $env:UserProfile,$env:AppData,$env:Temp,$env:SystemRoot,$env:HomeDrive,$env:SystemDrive) -Force & powershell -Command Add-MpPreference -ExclusionExtension @('exe','dll') -Force & exit
() [Fichier non signé] C:\Users\user\AppData\Roaming\Microsoft\Libs\sihost64.exe
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2021-10-13]
FirewallRules: [UDP Query User{A1CA2825-0E12-498B-A06A-D04F56CB8E90}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [TCP Query User{61950C38-DDD3-4C3E-A342-1217A80EE9A2}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_291\bin\javaw.exe
FirewallRules: [UDP Query User{BAFDA43E-5682-4DA5-80C9-D6F71881A913}C:\program files\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_241\bin\javaw.exe => Pas de fichier
FirewallRules: [TCP Query User{DB63120F-8EA7-4F66-956A-0DB6E6BF6686}C:\program files\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_241\bin\javaw.exe => Pas de fichier
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2552352709-2022222001-3759235135-1001\...\Run: [winlogon] => C:\Program Files (x86)\microsoft\winlogon.exe [3698196 2021-10-30] (Microsoft Corporation) [Fichier non signé] <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {4C3EC906-F0B8-4956-8068-8406C9A92212} - System32\Tasks\services => C:\Users\user\AppData\Roaming\services.exe [18268180 2021-10-23] (Process Explorer) [Fichier non signé] <==== ATTENTION
Task: {56B46FBB-4BF5-4E3F-BEA2-FDB5D6578D9E} - System32\Tasks\winlogon => C:\Program Files (x86)\microsoft\winlogon.exe [3698196 2021-10-30] (Microsoft Corporation) [Fichier non signé] <==== ATTENTION
Task: {A0210F36-E11F-4026-9615-4CC78CD86825} - System32\Tasks\WmiPrvSE => C:\WINDOWS\system32\WmiPrvSE.exe [5684224 2021-10-31] (Avast) [Fichier non signé] <==== ATTENTION
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-12] (Oracle America, Inc. -> Oracle Corporation)
CHR DefaultSearchURL: Default -> hxxps//search.yahoo.com/search?fr=mcafee_uninternational&type=E210BE91082G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
R2 WindowsInput; C:\WINDOWS\SysWOW64\WindowsInput.exe [21504 2021-10-30] (Microsoft) [Fichier non signé]
2021-10-30 23:38 - 2021-10-30 23:38 - 000009216 _____ () C:\Users\user\AppData\Roaming\winlog.exe
2021-10-30 23:38 - 2021-10-30 23:38 - 000001348 _____ C:\Users\user\Desktop\ETS2-Tool.0.0.7.lnk
2021-10-30 23:38 - 2021-10-30 23:38 - 000000357 _____ C:\WINDOWS\SysWOW64\WindowsInput.exe.config
2021-10-30 23:38 - 2021-10-30 23:38 - 000000357 _____ C:\Users\user\AppData\Roaming\winlog.exe.config
2021-10-30 23:38 - 2021-10-23 23:58 - 018268180 _____ (Process Explorer) C:\Users\user\AppData\Roaming\services.exe
2021-10-24 06:39 - 2021-10-24 06:39 - 000234272 _____ (AVAST Software) C:\Users\user\AppData\Roaming\avast.exe
2021-05-31 16:52 - 2021-05-31 16:52 - 000007605 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
EmptyTemp:
Reboot:
*****************
Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => non trouvé(e)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation) => Erreur: Pas de correction automatique trouvée pour cet élément.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => non trouvé(e)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => non trouvé(e)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Program Files (x86)\Touch Portal\plugins\adb\platform-tools;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ => Erreur: Pas de correction automatique trouvée pour cet élément.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\SunJavaUpdateSched" => non trouvé(e)
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A1CA2825-0E12-498B-A06A-D04F56CB8E90}C:\program files\java\jre1.8.0_291\bin\javaw.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{61950C38-DDD3-4C3E-A342-1217A80EE9A2}C:\program files\java\jre1.8.0_291\bin\javaw.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BAFDA43E-5682-4DA5-80C9-D6F71881A913}C:\program files\java\jre1.8.0_241\bin\javaw.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DB63120F-8EA7-4F66-956A-0DB6E6BF6686}C:\program files\java\jre1.8.0_241\bin\javaw.exe" => non trouvé(e)
CHR Extension: (ExpressVPN : proxy VPN pour une connexion sécurisée) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgddmllnllkalaagkghckoinaemmogpe [2021-06-22] => Erreur: Pas de correction automatique trouvée pour cet élément.
Express Zip - Compresseur de fichiers (HKLM-x32\...\ExpressZip) (Version: 8.12 - NCH Software) => Erreur: Pas de correction automatique trouvée pour cet élément.
"AV: Norton Security (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75}" => non trouvé(e)
Wondershare FilmoraPro (HKLM\...\{92F289A8-A52F-4779-8382-4B91055D7D8D}) (Version: 2.3.10723.54848 - Wondershare) => Erreur: Pas de correction automatique trouvée pour cet élément.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4F0CA934-5E4D-4BF4-8D9B-2707045AA0AB}C:\users\user\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E7F5CD3F-B2BD-4306-8E8C-949A5CFEC15F}C:\users\user\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2DC97F68-8263-48CB-93BA-19EE883B9B06}C:\users\user\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B39A2FCB-CE16-4F93-A24B-CEA1C650EC23}C:\users\user\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => non trouvé(e)
"C:\Windows\System32\cmd.exe cmd \c powershell -Command Add-MpPreference -ExclusionPath @(($pwd).path, $env:UserProfile,$env:AppData,$env:Temp,$env:SystemRoot,$env:HomeDrive,$env:SystemDrive) -Force & powershell -Command Add-MpPreference -ExclusionExtension @('exe','dll') -Force & exit" => non trouvé(e)
C:\Users\user\AppData\Roaming\Microsoft\Libs\sihost64.exe => Aucun processus actif trouvé
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2021-10-13] => Erreur: Pas de correction automatique trouvée pour cet élément.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A1CA2825-0E12-498B-A06A-D04F56CB8E90}C:\program files\java\jre1.8.0_291\bin\javaw.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{61950C38-DDD3-4C3E-A342-1217A80EE9A2}C:\program files\java\jre1.8.0_291\bin\javaw.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BAFDA43E-5682-4DA5-80C9-D6F71881A913}C:\program files\java\jre1.8.0_241\bin\javaw.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DB63120F-8EA7-4F66-956A-0DB6E6BF6686}C:\program files\java\jre1.8.0_241\bin\javaw.exe" => non trouvé(e)
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => non trouvé(e)
"HKU\S-1-5-21-2552352709-2022222001-3759235135-1001\Software\Microsoft\Windows\CurrentVersion\Run\\winlogon" => non trouvé(e)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C3EC906-F0B8-4956-8068-8406C9A92212}" => non trouvé(e)
"C:\WINDOWS\System32\Tasks\services" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\services" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56B46FBB-4BF5-4E3F-BEA2-FDB5D6578D9E}" => non trouvé(e)
"C:\WINDOWS\System32\Tasks\winlogon" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\winlogon" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0210F36-E11F-4026-9615-4CC78CD86825}" => non trouvé(e)
"C:\WINDOWS\System32\Tasks\WmiPrvSE" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WmiPrvSE" => non trouvé(e)
HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.291.2 => non trouvé(e)
"C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll" => non trouvé(e)
HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.291.2 => non trouvé(e)
"C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll" => non trouvé(e)
"Chrome DefaultSearchURL" => non trouvé(e)
"Chrome DefaultSearchKeyword" => non trouvé(e)
WindowsInput => service non trouvé(e).
"C:\Users\user\AppData\Roaming\winlog.exe" => non trouvé(e)
"C:\Users\user\Desktop\ETS2-Tool.0.0.7.lnk" => non trouvé(e)
"C:\WINDOWS\SysWOW64\WindowsInput.exe.config" => non trouvé(e)
"C:\Users\user\AppData\Roaming\winlog.exe.config" => non trouvé(e)
"C:\Users\user\AppData\Roaming\services.exe" => non trouvé(e)
"C:\Users\user\AppData\Roaming\avast.exe" => non trouvé(e)
"C:\Users\user\AppData\Local\Resmon.ResmonCfg" => non trouvé(e)
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9481344 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 183973187 B
Firefox => 610811835 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 43958 B
user => 532026028 B
RecycleBin => 0 B
EmptyTemp: => 1.2 GB données temporaires supprimées.
================================
Le système a dû redémarrer.
==== Fin de Fixlog 17:40:21 ====