cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 08.02.2018
Exécuté par zaza (09-02-2018 14:31:27) Run:1
Exécuté depuis C:\Users\zaza\Desktop
Profils chargés: zaza (Profils disponibles: zaza)
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
CreateRestorePoint:
CloseProcesses:
C:\Users\zaza\AppData\Local\Google\Chrome\User Data\Default\pilplloabdedfmialnfchjomjmpjcoej
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{275833E1-BAF0-48D6-9A60-18F0A5E0619D}
DeleteKey: HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASAPI32
DeleteKey: HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASMANCS
DeleteKey: HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32
DeleteKey: HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS
C:\Users\zaza\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pilplloabdedfmialnfchjomjmpjcoej
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASAPI32
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASMANCS
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASAPI32
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASMANCS
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_18_06¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEtCzyyCyDtDzzzytB0DzytN0D0Tzu0StBtBtAtDtN1L2XzuyEtFtBtCtFtDtFtCtDyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0DyBtAyCyC0CyEtGyEtC0C0FtGyC0CtDyCtGyB0FyD0EtGtA0ByCtAtD0EzyyC0Bzz0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE1S1R1TyEtByEyDtG1O1Q1TzytGyEtA1PtCtG1S1OtA1QtG1P1PtDtDyCzy1QyC1P1S1RtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzztDyCzyyEtCtD%26cr%3D1073523275%26a%3Dwbf_dmontlsfs_18_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_18_06¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEtCzyyCyDtDzzzytB0DzytN0D0Tzu0StBtBtAtDtN1L2XzuyEtFtBtCtFtDtFtCtDyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0DyBtAyCyC0CyEtGyEtC0C0FtGyC0CtDyCtGyB0FyD0EtGtA0ByCtAtD0EzyyC0Bzz0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE1S1R1TyEtByEyDtG1O1Q1TzytGyEtA1PtCtG1S1OtA1QtG1P1PtDtDyCzy1QyC1P1S1RtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzztDyCzyyEtCtD%26cr%3D1073523275%26a%3Dwbf_dmontlsfs_18_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKU\S-1-5-21-2356002060-726762920-1090022413-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_18_06¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEtCzyyCyDtDzzzytB0DzytN0D0Tzu0StBtBtAtDtN1L2XzuyEtFtBtCtFtDtFtCtDyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0DyBtAyCyC0CyEtGyEtC0C0FtGyC0CtDyCtGyB0FyD0EtGtA0ByCtAtD0EzyyC0Bzz0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE1S1R1TyEtByEyDtG1O1Q1TzytGyEtA1PtCtG1S1OtA1QtG1P1PtDtDyCzy1QyC1P1S1RtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzztDyCzyyEtCtD%26cr%3D1073523275%26a%3Dwbf_dmontlsfs_18_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_18_06¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEtCzyyCyDtDzzzytB0DzytN0D0Tzu0StBtBtAtDtN1L2XzuyEtFtBtCtFtDtFtCtDyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0DyBtAyCyC0CyEtGyEtC0C0FtGyC0CtDyCtGyB0FyD0EtGtA0ByCtAtD0EzyyC0Bzz0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE1S1R1TyEtByEyDtG1O1Q1TzytGyEtA1PtCtG1S1OtA1QtG1P1PtDtDyCzy1QyC1P1S1RtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzztDyCzyyEtCtD%26cr%3D1073523275%26a%3Dwbf_dmontlsfs_18_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_18_06¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEtCzyyCyDtDzzzytB0DzytN0D0Tzu0StBtBtAtDtN1L2XzuyEtFtBtCtFtDtFtCtDyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0DyBtAyCyC0CyEtGyEtC0C0FtGyC0CtDyCtGyB0FyD0EtGtA0ByCtAtD0EzyyC0Bzz0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE1S1R1TyEtByEyDtG1O1Q1TzytGyEtA1PtCtG1S1OtA1QtG1P1PtDtDyCzy1QyC1P1S1RtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzztDyCzyyEtCtD%26cr%3D1073523275%26a%3Dwbf_dmontlsfs_18_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_18_06¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEtCzyyCyDtDzzzytB0DzytN0D0Tzu0StBtBtAtDtN1L2XzuyEtFtBtCtFtDtFtCtDyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0DyBtAyCyC0CyEtGyEtC0C0FtGyC0CtDyCtGyB0FyD0EtGtA0ByCtAtD0EzyyC0Bzz0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE1S1R1TyEtByEyDtG1O1Q1TzytGyEtA1PtCtG1S1OtA1QtG1P1PtDtDyCzy1QyC1P1S1RtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzztDyCzyyEtCtD%26cr%3D1073523275%26a%3Dwbf_dmontlsfs_18_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_18_06¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEtCzyyCyDtDzzzytB0DzytN0D0Tzu0StBtBtAtDtN1L2XzuyEtFtBtCtFtDtFtCtDyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0DyBtAyCyC0CyEtGyEtC0C0FtGyC0CtDyCtGyB0FyD0EtGtA0ByCtAtD0EzyyC0Bzz0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE1S1R1TyEtByEyDtG1O1Q1TzytGyEtA1PtCtG1S1OtA1QtG1P1PtDtDyCzy1QyC1P1S1RtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzztDyCzyyEtCtD%26cr%3D1073523275%26a%3Dwbf_dmontlsfs_18_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2356002060-726762920-1090022413-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_18_06¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEtCzyyCyDtDzzzytB0DzytN0D0Tzu0StBtBtAtDtN1L2XzuyEtFtBtCtFtDtFtCtDyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0DyBtAyCyC0CyEtGyEtC0C0FtGyC0CtDyCtGyB0FyD0EtGtA0ByCtAtD0EzyyC0Bzz0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE1S1R1TyEtByEyDtG1O1Q1TzytGyEtA1PtCtG1S1OtA1QtG1P1PtDtDyCzy1QyC1P1S1RtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzztDyCzyyEtCtD%26cr%3D1073523275%26a%3Dwbf_dmontlsfs_18_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2356002060-726762920-1090022413-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dmontlsfs_18_06¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEtCzyyCyDtDzzzytB0DzytN0D0Tzu0StBtBtAtDtN1L2XzuyEtFtBtCtFtDtFtCtDyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0DyBtAyCyC0CyEtGyEtC0C0FtGyC0CtDyCtGyB0FyD0EtGtA0ByCtAtD0EzyyC0Bzz0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE1S1R1TyEtByEyDtG1O1Q1TzytGyEtA1PtCtG1S1OtA1QtG1P1PtDtDyCzy1QyC1P1S1RtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzztDyCzyyEtCtD%26cr%3D1073523275%26a%3Dwbf_dmontlsfs_18_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
S3 Tosrfcom; pas de ImagePath
Task: {271AE9BE-08E5-4A7E-A162-C781AEAD00BC} - System32\Tasks\Yahoo! Powered foril => "wscript.exe" "C:\ProgramData\{A5316052-2F73-EA94-A9B5-74D633F7FF18}\mofa.txt" "68747470733a2f2f7275647564756c752e636f6d" "//B" "//E:jscript" "--IsErIk"
Hosts::
EmptyTemp:

*****************

Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
"C:\Users\zaza\AppData\Local\Google\Chrome\User Data\Default\pilplloabdedfmialnfchjomjmpjcoej" => non trouvé(e)
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{275833E1-BAF0-48D6-9A60-18F0A5E0619D}" => supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASAPI32" => supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Tracing\ByteFenceService_RASMANCS" => supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32" => supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS" => supprimé(es) avec succès
"C:\Users\zaza\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pilplloabdedfmialnfchjomjmpjcoej" => non trouvé(e)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASAPI32 => clé non trouvé(e)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFenceService_RASMANCS => clé non trouvé(e)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASAPI32 => clé non trouvé(e)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ByteFence_RASMANCS => clé non trouvé(e)
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => valeur restauré(es) avec succès
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => valeur restauré(es) avec succès
HKU\S-1-5-21-2356002060-726762920-1090022413-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => valeur restauré(es) avec succès
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valeur restauré(es) avec succès
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => supprimé(es) avec succès
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => clé non trouvé(e)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valeur restauré(es) avec succès
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => supprimé(es) avec succès
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => clé non trouvé(e)
"HKU\S-1-5-21-2356002060-726762920-1090022413-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => supprimé(es) avec succès
"HKU\S-1-5-21-2356002060-726762920-1090022413-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => supprimé(es) avec succès
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => clé non trouvé(e)
"HKLM\System\CurrentControlSet\Services\Tosrfcom" => supprimé(es) avec succès
Tosrfcom => service supprimé(es) avec succès
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{271AE9BE-08E5-4A7E-A162-C781AEAD00BC} => impossible à supprimer clé. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{271AE9BE-08E5-4A7E-A162-C781AEAD00BC} => impossible à supprimer clé. ErrorCode1: 0x00000002
C:\Windows\System32\Tasks\Yahoo! Powered foril => déplacé(es) avec succès
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Powered foril => impossible à supprimer clé. ErrorCode1: 0x00000002
C:\Windows\System32\Drivers\etc\hosts => déplacé(es) avec succès
Hosts restauré(es) avec succès.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16334168 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 39404743 B
Edge => 0 B
Chrome => 437950336 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 66228 B
LocalService => 0 B
NetworkService => 16508 B
zaza => 26288113 B

RecycleBin => 41256066 B
EmptyTemp: => 543.3 MB données temporaires supprimées.

================================


Le système a dû redémarrer.

==== Fin de Fixlog 14:34:06 ====

Publicité


Signaler le contenu de ce document

Publicité