Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 18-01-2020 Exécuté par Parents (21-01-2020 15:12:43) Run:1 Exécuté depuis C:\Users\Parents\Desktop Profils chargés: Parents & leoca (Profils disponibles: Parents & leoca) Mode d'amorçage: Normal ============================================== fixlist contenu: ***************** CloseProcesses: CreateRestorePoint: GroupPolicyUsers\S-1-5-21-4077225008-3986438837-1308720018-1004\User: Restriction <==== ATTENTION Task: {25542BDC-00D1-442F-92BA-BAC60C864E0E} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Tcpip\..\Interfaces\{415be14e-61a0-43a4-bb90-74768fff3e0f}: [DhcpNameServer] 150.201.1.3 CHR DefaultSearchURL: Default -> hxxps://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&enableSearch=true&rdrct=no&redirect=CPC CHR DefaultSearchKeyword: Default -> askweb CHR DefaultSuggestURL: Default -> hxxps://ss.search.ask.com/ss?li=ff&sstype=prefix&limit=10&hl=en&q={searchTerms}&enableSearch=true&rdrct=no VirusTotal: C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat VirusTotal: C:\Program Files\mcafee.com\agent\mcupdate.exe Folder: C:\ProgramData\SystemAcCrux Folder: C:\Users\leoca\AppData\Local\D3DSCache DeleteKey: HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com DeleteKey: HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com DeleteKey: HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com DeleteKey: HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com CMD: ipconfig /flushdns EmptyTemp: ***************** Processus fermé avec succès. Le Point de restauration a été créé avec succès. C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-4077225008-3986438837-1308720018-1004\User => déplacé(es) avec succès "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25542BDC-00D1-442F-92BA-BAC60C864E0E}" => supprimé(es) avec succès "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25542BDC-00D1-442F-92BA-BAC60C864E0E}" => supprimé(es) avec succès "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => non trouvé(e) "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{415be14e-61a0-43a4-bb90-74768fff3e0f}\\DhcpNameServer" => supprimé(es) avec succès "Chrome DefaultSearchURL" => non trouvé(e) "Chrome DefaultSearchKeyword" => non trouvé(e) "Chrome DefaultSuggestURL" => non trouvé(e) VirusTotal: C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => https://www.virustotal.com/file/3bc9fd278cacc735ab16670c70767f33db69b6d3b0ef39250285a9ef4ca5de7e/analysis/1576219538/ VirusTotal: C:\Program Files\mcafee.com\agent\mcupdate.exe => https://www.virustotal.com/file/0503cfc9baabd8999e200878c8b26d120dc98df2c55370e3fe2f508741691ff2/analysis/1579594431/ ========================= Folder: C:\ProgramData\SystemAcCrux ======================== 2020-01-16 13:15 - 2020-01-16 13:15 - 000004176 ____A [FE39BA4CB0158B828E450AEAFA9132A2] () C:\ProgramData\SystemAcCrux\fefe7b8f3862ba4dac.bin ====== Fin de Folder: ====== ========================= Folder: C:\Users\leoca\AppData\Local\D3DSCache ======================== 2020-01-16 17:52 - 2020-01-16 17:52 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\leoca\AppData\Local\D3DSCache\d3fe7cdcb51a5ef5 2020-01-16 17:52 - 2020-01-16 17:52 - 000065552 ___AT [BDA6BC74A4C65986BCD49A34A4FBFFB2] () C:\Users\leoca\AppData\Local\D3DSCache\d3fe7cdcb51a5ef5\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx 2020-01-16 17:52 - 2020-01-20 11:36 - 000000004 ___AT [F49655F856ACB8884CC0ACE29216F511] () C:\Users\leoca\AppData\Local\D3DSCache\d3fe7cdcb51a5ef5\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock 2020-01-16 17:52 - 2020-01-16 17:52 - 000002960 __ACT [09A9AD02E82878F2386A87FDE1FC8BC9] () C:\Users\leoca\AppData\Local\D3DSCache\d3fe7cdcb51a5ef5\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val ====== Fin de Folder: ====== HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com => supprimé(es) avec succès HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com => supprimé(es) avec succès HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com => supprimé(es) avec succès HKU\S-1-5-21-4077225008-3986438837-1308720018-1004\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com => supprimé(es) avec succès ========= ipconfig /flushdns ========= Configuration IP de Windows Cache de r‚solution DNS vid‚. ========= Fin de CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 236652218 B Java, Flash, Steam htmlcache => 844 B Windows/system/drivers => 24139315 B Edge => 44713593 B Chrome => 1062745387 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 4107 B systemprofile32 => 4107 B LocalService => 100189 B NetworkService => 404915 B Parents => 187533818 B leoca => 189458079 B RecycleBin => 2666951 B EmptyTemp: => 1.6 GB données temporaires supprimées. ================================ Le système a dû redémarrer. ==== Fin de Fixlog 15:16:53 ====