Format du document : text/plain
Prévisualisation
Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 10-01-2022 01
Exécuté par Sapnas (14-01-2022 23:37:45) Run:2
Exécuté depuis C:\Users\Sapnas\OneDrive\Bureau
Profils chargés: Sapnas & Administrateur
Mode d'amorçage: Normal
==============================================
fixlist contenu:
*****************
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-1099541378-3990462571-2549696652-1001\...\Run: [ut] => "C:\Users\33601\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED (Pas de fichier)
HKU\S-1-5-21-1099541378-3990462571-2549696652-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (Pas de fichier)
GroupPolicy: Restriction ?
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction
cmd: netsh advfirewall reset
Task: {0AA80B58-FEDA-4F6D-B2D3-B98D3B5104D7} - System32\Tasks\Opera scheduled Autoupdate 1595298619 => C:\Users\33601\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier)
Task: {3818618C-6B97-4259-8B01-DFCB529C84C0} - System32\Tasks\ChromeTask => cmd /c start /min "" powershell -ExecutionPolicy Bypass -WindowStyle Hidden -E JABlAHgAdABQAGEAdABoACAAPQAgACIAJAAoACQAZQBuAHYAOgBMAE8AQwBBAEwAQQBQAFAARABBAFQAQQApAFwAYwBoAHIAbwBtAGUAIgAKACQAYwBvAG4AZgBQAGEAdABoACAAPQAgACIAJABlAHgAdABQAGEAdABoAFwAYwBvAG4AZgAuAGoAcwAiAAoAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAI (l'élément de données a 6027 caractères en plus).
Task: {B87E4C76-FCBB-4277-938F-999A26C8B681} - System32\Tasks\Opera scheduled Autoupdate 1633301122 => C:\Users\33601\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier)
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
CHR NewTab: Default -> Not-active:"chrome-extension://mhffmephdchhhbfjmdpoaldedhhdanbn/homePageRedirect.html"
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
C:\WINDOWS\system32\Tasks\ChromeTask
IE trusted site: HKU\S-1-5-21-1099541378-3990462571-2549696652-1001\...\webcompanion.com -> hxxp://webcompanion.com
AlternateDataStreams: C:\WINDOWS\system32\msln.exe:b32e32229dacaa6b8fd4ecfaabfaa90d [494]
AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [140]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [486]
FirewallRules: [{BA3A39EC-9486-47C9-81A8-837350759A65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege - Test Server\RainbowSix_BE.exe => Pas de fichier
FirewallRules: [{60FDB7CE-96B0-4364-9098-1AB615BB659C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege - Test Server\RainbowSix_BE.exe => Pas de fichier
FirewallRules: [{AF1AB971-E170-49BB-AE56-A912063B2BAD}] => (Allow) C:\Users\33601\AppData\Local\Programs\Opera\69.0.3686.77\opera.exe => Pas de fichier
FirewallRules: [{E7DB8C68-3CAB-4579-BE21-AB7F4A15CBAB}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe => Pas de fichier
FirewallRules: [{8A3B6FAC-C7B2-4D30-96E7-8A07B2C4F493}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => Pas de fichier
FirewallRules: [{7E82DBAF-5BEA-4FF4-8DF9-545F53B13B49}] => (Allow) C:\Users\33601\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier
FirewallRules: [{2D93C194-4154-4BDC-AB63-58DF0E0B6C78}] => (Allow) C:\Users\33601\AppData\Roaming\uTorrent\uTorrent.exe => Pas de fichier
FirewallRules: [{341B23AD-7162-4E4C-A2E7-9AEE1FFF520E}] => (Allow) C:\Users\33601\AppData\Local\Programs\Opera\79.0.4143.72\opera.exe => Pas de fichier
FirewallRules: [TCP Query User{5BAC2BC6-6B9C-42EF-8871-4807E74EB868}C:\games\city car driving\bin\win32\starter.exe] => (Allow) C:\games\city car driving\bin\win32\starter.exe => Pas de fichier
FirewallRules: [UDP Query User{B9D40800-457C-4FF9-9270-6E0737CCBC79}C:\games\city car driving\bin\win32\starter.exe] => (Allow) C:\games\city car driving\bin\win32\starter.exe => Pas de fichier
FirewallRules: [{3A775179-91F8-40E3-BADF-54A742189DF3}] => (Block) C:\games\city car driving\bin\win32\starter.exe => Pas de fichier
FirewallRules: [{87D47D11-B263-4E33-B157-68EE143D2A66}] => (Block) C:\games\city car driving\bin\win32\starter.exe => Pas de fichier
Hosts:
EmptyTemp:
*****************
Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
"HKU\S-1-5-21-1099541378-3990462571-2549696652-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ut" => non trouvé(e)
"HKU\S-1-5-21-1099541378-3990462571-2549696652-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion" => non trouvé(e)
"C:\Windows\system32\GroupPolicy\Machine" => non trouvé(e)
HKLM\SOFTWARE\Policies\Mozilla => supprimé(es) avec succès
========= netsh advfirewall reset =========
Ok.
========= Fin de CMD: =========
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AA80B58-FEDA-4F6D-B2D3-B98D3B5104D7}" => non trouvé(e)
"C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1595298619" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1595298619" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3818618C-6B97-4259-8B01-DFCB529C84C0}" => non trouvé(e)
"C:\Windows\System32\Tasks\ChromeTask" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ChromeTask" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87E4C76-FCBB-4277-938F-999A26C8B681}" => non trouvé(e)
"C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1633301122" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1633301122" => non trouvé(e)
"HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08" => non trouvé(e)
"HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8" => non trouvé(e)
"HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824" => non trouvé(e)
"HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368" => non trouvé(e)
"Chrome NewTab" => supprimé(es) avec succès
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb => supprimé(es) avec succès
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp => non trouvé(e)
"C:\WINDOWS\system32\Tasks\ChromeTask" => non trouvé(e)
"HKU\S-1-5-21-1099541378-3990462571-2549696652-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com" => non trouvé(e)
"C:\WINDOWS\system32\msln.exe" => ":b32e32229dacaa6b8fd4ecfaabfaa90d" ADS non trouvé(e).
"C:\ProgramData\TEMP" => ":FB6A21E3" ADS non trouvé(e).
C:\Users\Public\Shared Files => ":VersionCache" ADS supprimé(es) avec succès
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BA3A39EC-9486-47C9-81A8-837350759A65}" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{60FDB7CE-96B0-4364-9098-1AB615BB659C}" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF1AB971-E170-49BB-AE56-A912063B2BAD}" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E7DB8C68-3CAB-4579-BE21-AB7F4A15CBAB}" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A3B6FAC-C7B2-4D30-96E7-8A07B2C4F493}" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7E82DBAF-5BEA-4FF4-8DF9-545F53B13B49}" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D93C194-4154-4BDC-AB63-58DF0E0B6C78}" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{341B23AD-7162-4E4C-A2E7-9AEE1FFF520E}" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5BAC2BC6-6B9C-42EF-8871-4807E74EB868}C:\games\city car driving\bin\win32\starter.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B9D40800-457C-4FF9-9270-6E0737CCBC79}C:\games\city car driving\bin\win32\starter.exe" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A775179-91F8-40E3-BADF-54A742189DF3}" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{87D47D11-B263-4E33-B157-68EE143D2A66}" => non trouvé(e)
C:\Windows\System32\Drivers\etc\hosts => déplacé(es) avec succès
Hosts restauré(es) avec succès.
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19116677 B
Java, Flash, Steam htmlcache => 34348136 B
Windows/system/drivers => 23470055 B
Edge => 0 B
Chrome => 396828087 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 18482 B
NetworkService => 45696 B
Sapnas => 5390786304 B
Administrateur => 5445099669 B
RecycleBin => 164679004 B
EmptyTemp: => 10.7 GB données temporaires supprimées.
================================
Le système a dû redémarrer.
==== Fin de Fixlog 23:40:11 ====