Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Exécuté par Parents (21-01-2020 15:12:43) Run:1
Exécuté depuis C:\Users\Parents\Desktop
Profils chargés: Parents & leoca (Profils disponibles: Parents & leoca)
Mode d'amorçage: Normal
==============================================
fixlist contenu:
*****************
CloseProcesses:
CreateRestorePoint:
GroupPolicyUsers\S-1-5-21-4077225008-3986438837-1308720018-1004\User: Restriction <==== ATTENTION
Task: {25542BDC-00D1-442F-92BA-BAC60C864E0E} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Tcpip\..\Interfaces\{415be14e-61a0-43a4-bb90-74768fff3e0f}: [DhcpNameServer] 150.201.1.3
CHR DefaultSearchURL: Default -> hxxps://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&enableSearch=true&rdrct=no&redirect=CPC
CHR DefaultSearchKeyword: Default -> askweb
CHR DefaultSuggestURL: Default -> hxxps://ss.search.ask.com/ss?li=ff&sstype=prefix&limit=10&hl=en&q={searchTerms}&enableSearch=true&rdrct=no
VirusTotal: C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
VirusTotal: C:\Program Files\mcafee.com\agent\mcupdate.exe
Folder: C:\ProgramData\SystemAcCrux
Folder: C:\Users\leoca\AppData\Local\D3DSCache
DeleteKey: HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
DeleteKey: HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
DeleteKey: HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
DeleteKey: HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
CMD: ipconfig /flushdns
EmptyTemp:
*****************
Processus fermé avec succès.
Le Point de restauration a été créé avec succès.
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4077225008-3986438837-1308720018-1004\User => déplacé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25542BDC-00D1-442F-92BA-BAC60C864E0E}" => supprimé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25542BDC-00D1-442F-92BA-BAC60C864E0E}" => supprimé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => non trouvé(e)
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{415be14e-61a0-43a4-bb90-74768fff3e0f}\\DhcpNameServer" => supprimé(es) avec succès
"Chrome DefaultSearchURL" => non trouvé(e)
"Chrome DefaultSearchKeyword" => non trouvé(e)
"Chrome DefaultSuggestURL" => non trouvé(e)
VirusTotal: C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => https://www.virustotal.com/file/3bc9fd278cacc735ab16670c70767f33db69b6d3b0ef39250285a9ef4ca5de7e/analysis/1576219538/
VirusTotal: C:\Program Files\mcafee.com\agent\mcupdate.exe => https://www.virustotal.com/file/0503cfc9baabd8999e200878c8b26d120dc98df2c55370e3fe2f508741691ff2/analysis/1579594431/
========================= Folder: C:\ProgramData\SystemAcCrux ========================
2020-01-16 13:15 - 2020-01-16 13:15 - 000004176 ____A [FE39BA4CB0158B828E450AEAFA9132A2] () C:\ProgramData\SystemAcCrux\fefe7b8f3862ba4dac.bin
====== Fin de Folder: ======
========================= Folder: C:\Users\leoca\AppData\Local\D3DSCache ========================
2020-01-16 17:52 - 2020-01-16 17:52 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\leoca\AppData\Local\D3DSCache\d3fe7cdcb51a5ef5
2020-01-16 17:52 - 2020-01-16 17:52 - 000065552 ___AT [BDA6BC74A4C65986BCD49A34A4FBFFB2] () C:\Users\leoca\AppData\Local\D3DSCache\d3fe7cdcb51a5ef5\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
2020-01-16 17:52 - 2020-01-20 11:36 - 000000004 ___AT [F49655F856ACB8884CC0ACE29216F511] () C:\Users\leoca\AppData\Local\D3DSCache\d3fe7cdcb51a5ef5\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
2020-01-16 17:52 - 2020-01-16 17:52 - 000002960 __ACT [09A9AD02E82878F2386A87FDE1FC8BC9] () C:\Users\leoca\AppData\Local\D3DSCache\d3fe7cdcb51a5ef5\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
====== Fin de Folder: ======
HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com => supprimé(es) avec succès
HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com => supprimé(es) avec succès
HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com => supprimé(es) avec succès
HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com => supprimé(es) avec succès
========= ipconfig /flushdns =========
Configuration IP de Windows
Cache de r‚solution DNS vid‚.
========= Fin de CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 236652218 B
Java, Flash, Steam htmlcache => 844 B
Windows/system/drivers => 24139315 B
Edge => 44713593 B
Chrome => 1062745387 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 4107 B
systemprofile32 => 4107 B
LocalService => 100189 B
NetworkService => 404915 B
Parents => 187533818 B
leoca => 189458079 B
RecycleBin => 2666951 B
EmptyTemp: => 1.6 GB données temporaires supprimées.
================================
Le système a dû redémarrer.
==== Fin de Fixlog 15:16:53 ====
Exécuté par Parents (21-01-2020 15:12:43) Run:1
Exécuté depuis C:\Users\Parents\Desktop
Profils chargés: Parents & leoca (Profils disponibles: Parents & leoca)
Mode d'amorçage: Normal
==============================================
fixlist contenu:
*****************
CloseProcesses:
CreateRestorePoint:
GroupPolicyUsers\S-1-5-21-4077225008-3986438837-1308720018-1004\User: Restriction <==== ATTENTION
Task: {25542BDC-00D1-442F-92BA-BAC60C864E0E} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Tcpip\..\Interfaces\{415be14e-61a0-43a4-bb90-74768fff3e0f}: [DhcpNameServer] 150.201.1.3
CHR DefaultSearchURL: Default -> hxxps://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&enableSearch=true&rdrct=no&redirect=CPC
CHR DefaultSearchKeyword: Default -> askweb
CHR DefaultSuggestURL: Default -> hxxps://ss.search.ask.com/ss?li=ff&sstype=prefix&limit=10&hl=en&q={searchTerms}&enableSearch=true&rdrct=no
VirusTotal: C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
VirusTotal: C:\Program Files\mcafee.com\agent\mcupdate.exe
Folder: C:\ProgramData\SystemAcCrux
Folder: C:\Users\leoca\AppData\Local\D3DSCache
DeleteKey: HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
DeleteKey: HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
DeleteKey: HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
DeleteKey: HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
CMD: ipconfig /flushdns
EmptyTemp:
*****************
Processus fermé avec succès.
Le Point de restauration a été créé avec succès.
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4077225008-3986438837-1308720018-1004\User => déplacé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25542BDC-00D1-442F-92BA-BAC60C864E0E}" => supprimé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25542BDC-00D1-442F-92BA-BAC60C864E0E}" => supprimé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => non trouvé(e)
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{415be14e-61a0-43a4-bb90-74768fff3e0f}\\DhcpNameServer" => supprimé(es) avec succès
"Chrome DefaultSearchURL" => non trouvé(e)
"Chrome DefaultSearchKeyword" => non trouvé(e)
"Chrome DefaultSuggestURL" => non trouvé(e)
VirusTotal: C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => https://www.virustotal.com/file/3bc9fd278cacc735ab16670c70767f33db69b6d3b0ef39250285a9ef4ca5de7e/analysis/1576219538/
VirusTotal: C:\Program Files\mcafee.com\agent\mcupdate.exe => https://www.virustotal.com/file/0503cfc9baabd8999e200878c8b26d120dc98df2c55370e3fe2f508741691ff2/analysis/1579594431/
========================= Folder: C:\ProgramData\SystemAcCrux ========================
2020-01-16 13:15 - 2020-01-16 13:15 - 000004176 ____A [FE39BA4CB0158B828E450AEAFA9132A2] () C:\ProgramData\SystemAcCrux\fefe7b8f3862ba4dac.bin
====== Fin de Folder: ======
========================= Folder: C:\Users\leoca\AppData\Local\D3DSCache ========================
2020-01-16 17:52 - 2020-01-16 17:52 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\leoca\AppData\Local\D3DSCache\d3fe7cdcb51a5ef5
2020-01-16 17:52 - 2020-01-16 17:52 - 000065552 ___AT [BDA6BC74A4C65986BCD49A34A4FBFFB2] () C:\Users\leoca\AppData\Local\D3DSCache\d3fe7cdcb51a5ef5\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
2020-01-16 17:52 - 2020-01-20 11:36 - 000000004 ___AT [F49655F856ACB8884CC0ACE29216F511] () C:\Users\leoca\AppData\Local\D3DSCache\d3fe7cdcb51a5ef5\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
2020-01-16 17:52 - 2020-01-16 17:52 - 000002960 __ACT [09A9AD02E82878F2386A87FDE1FC8BC9] () C:\Users\leoca\AppData\Local\D3DSCache\d3fe7cdcb51a5ef5\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
====== Fin de Folder: ======
HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com => supprimé(es) avec succès
HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com => supprimé(es) avec succès
HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com => supprimé(es) avec succès
HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com => supprimé(es) avec succès
========= ipconfig /flushdns =========
Configuration IP de Windows
Cache de r‚solution DNS vid‚.
========= Fin de CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 236652218 B
Java, Flash, Steam htmlcache => 844 B
Windows/system/drivers => 24139315 B
Edge => 44713593 B
Chrome => 1062745387 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 4107 B
systemprofile32 => 4107 B
LocalService => 100189 B
NetworkService => 404915 B
Parents => 187533818 B
leoca => 189458079 B
RecycleBin => 2666951 B
EmptyTemp: => 1.6 GB données temporaires supprimées.
================================
Le système a dû redémarrer.
==== Fin de Fixlog 15:16:53 ====