Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 09-11-2021
Exécuté par molle (11-11-2021 12:20:05) Run:1
Exécuté depuis C:\Users\molle\Desktop
Profils chargés: molle
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3373227840-202954090-1753757146-1005\...\Run: [Advanced System Repair Pro] => C:\Program Files (x86)\Advanced System Repair Pro 1.9.0.6.0\AdvancedSystemRepairPro.exe [17018296 2019-11-14] (Advanced System Repair, Inc. ->  Advanced System Repair Inc.)
R1 asrdmon; C:\WINDOWS\system32\drivers\asrdmon.sys [19608 2019-11-14] (Advanced System Repair, Inc. -> Advanced System Repair Inc.)
R2 tscmon; C:\Program Files (x86)\Advanced System Repair Pro 1.9.0.6.0\tscmon.exe [1388856 2019-11-14] (Advanced System Repair, Inc. -> Advanced System Repair Inc.)
Task: {3A3A6BB6-71E4-4D21-9B77-F1FC0415D2B2} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe (Pas de fichier)
C:\Program Files (x86)\Advanced System Repair Pro 1.9.0.6.0
FF NewTab: Mozilla\Firefox\Profiles\4gbembvw.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2020-11-24 01:16:36&bName=&bitmask=0600&iid=e492435d-7e12-446b-ba6b-e38b0787bd4e
CHR Notifications: Default -> hxxps://drive.google.com; hxxps://euw.op.gg; hxxps://mail.google.com; hxxps://travian-team.bestoof.com; hxxps://www.fmscout.com; hxxps://www.netflix.com; hxxps://www.restaurants.mcdonalds.fr; hxxps://www.winamax.fr; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://start.mysearchdial.com/?f=1&a=tele0202ch&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0EtCyE0DtAyCtC0DzytN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2StCtDtCyDyE0DzyyCtG0EtByEyBtGtByDzyyCtGzztCyEtCtGtCzzzytByEzy0FyE0CtCyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtAtA0FtCyE0EyBtG0FyEyB0CtGyE0Bzz0DtGtC0CtCtCtGtBtA0DtA0C0DyB0DzztBtDyC2Q&cr=1551772747&ir=
CHR StartupUrls: Default -> "hxxp://start.mysearchdial.com/?f=1&a=tele0202ch&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0EtCyE0DtAyCtC0DzytN0D0Tzu0SyBzyyDtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2StCtDtCyDyE0DzyyCtG0EtByEyBtGtByDzyyCtGzztCyEtCtGtCzzzytByEzy0FyE0CtCyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtAtA0FtCyE0EyBtG0FyEyB0CtGyE0Bzz0DtGtC0CtCtCtGtBtA0DtA0C0DyB0DzztBtDyC2Q&cr=1551772747&ir=","hxxp://start.mysearchdial.com/?f=1&a=tele_14_10_CH&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0EtCyE0DtAyCtC0DzytN0D0Tzu0SyBzyyDtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StC0ByC0EtAtCtAyEtGtCzzyD0CtGyC0E0CtDtGtDyB0ByEtGtDyDtByEyD0E0BtB0DtDyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtAtA0FtCyE0EyBtG0FyEyB0CtGyE0Bzz0DtGtC0CtCtCtGtBtA0DtA0C0DyB0DzztBtDyC2Q&cr=1548203663&ir=","hxxp://astromenda.com/?f=7&a=ast_tele_14_33_ch&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0EtCyE0DtAtB0ByBzztN0D0Tzu0SzyyDzytN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCyEyD0EtBtDyC0BtG0C0B0EyEtGyDyCtBzytG0FzztBzztGyD0FyB0F0F0DtAtC0BtAyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtCyEtB0Bzy0C0CtG0EtD0F0DtGzytDyB0DtGtD0B0F0FtGtD0FzyzzyBtDzytBtDtCtAtA2Q&cr=1226994629&ir=","hxxp://www.sweet-page.com/?type=hp&ts=1409181984&from=cor&uid=ST750LM022XHN-M750MBB_S2RRJ9ACA01654","hxxp://Lasaoren.com/?f=7&a=lrn_ir_14_45_ff&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0F0EtCyE0DtAtB0ByBzztN0D0Tzu0StCtDtAzytN1L2XzutAtFyCtFtDtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDtAzzyD0EtD0BtCtGyD0EtCtCtG0A0A0DzytGyEzztCtBtGyD0FtD0AyD0E0D0FyDyCtA0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtA0E0FzzyC0CzytG0BtD0E0EtGyE0A0EyDtGzyyDzz0AtGyC0DtByDzytAzy0E0C0E0A0E2Q&cr=1820252201&ir=","hxxp://fr.msn.com/?pc=UP97&ocid=UP97DHP","hxxp://astromenda.com/?f=7&a=&cd=&cr=&ir=","hxxp://www.delta-homes.com/?type=hp&ts=1418806081&from=wpm12173&uid=ST750LM022XHN-M750MBB_S2RRJ9ACA01654","hxxp://www.trovi.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=M09588FBF-8FEF-4C8B-879D-DEC8BCE101C1&SearchSource=55&CUI=&UM=2&UP=SPF9195DF2-C1BA-4841-A132-EA35A4412187&SSPV=","hxxp://search.gboxapp.com/"
CHR HKLM\...\Chrome\Extension: [jdanfkhnfpagoijgfmklhgakdicpnfil]
CHR HKU\S-1-5-21-3373227840-202954090-1753757146-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jdanfkhnfpagoijgfmklhgakdicpnfil]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [jdanfkhnfpagoijgfmklhgakdicpnfil]
SearchScopes: HKU\S-1-5-21-3373227840-202954090-1753757146-1005 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dpyqptgki1320egikmoq9ay_20_48_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDzy0CtBtAtD0EyCtByEzyyE0AzztBtN0D0Tzu0StAtByEzytN1L2XzuyDtFtBtFtDtFtCyBtAtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyCzztD0Ezy0AtD0DtGtAtBzytBtGzytByEtBtGtCzyyEtDtGtByCyDtAyCtDzy0F0C0D0AtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1PzzyBzztDtA1RzytGtByBtB1OtGyEyDtB1PtG1SzyyDtAtGzy1Q1PyBtD1S1OtC1RtDtB1T2QtN0A0LzutBtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyCtDyCtCzztDyEyByB%26cr%3D2108081573%26a%3Dwbf_dpyqptgki1320egikmoq9ay_20_48_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3373227840-202954090-1753757146-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D112420-N0700A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3373227840-202954090-1753757146-1005 -> {0EEA3A6D-EB9A-44DF-AB12-95165BF31554} URL = 
SearchScopes: HKU\S-1-5-21-3373227840-202954090-1753757146-1005 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dpyqptgki1320egikmoq9ay_20_48_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDzy0CtBtAtD0EyCtByEzyyE0AzztBtN0D0Tzu0StAtByEzytN1L2XzuyDtFtBtFtDtFtCyBtAtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyCzztD0Ezy0AtD0DtGtAtBzytBtGzytByEtBtGtCzyyEtDtGtByCyDtAyCtDzy0F0C0D0AtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1PzzyBzztDtA1RzytGtByBtB1OtGyEyDtB1PtG1SzyyDtAtGzy1Q1PyBtD1S1OtC1RtDtB1T2QtN0A0LzutBtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyCtDyCtCzztDyEyByB%26cr%3D2108081573%26a%3Dwbf_dpyqptgki1320egikmoq9ay_20_48_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
cmd: netsh advfirewall reset
EmptyTemp:

*****************

Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
"HKU\S-1-5-21-3373227840-202954090-1753757146-1005\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced System Repair Pro" => non trouvé(e)
asrdmon => Service arrêté avec succès.
HKLM\System\CurrentControlSet\Services\asrdmon => supprimé(es) avec succès
asrdmon => service supprimé(es) avec succès
HKLM\System\CurrentControlSet\Services\tscmon => supprimé(es) avec succès
tscmon => service supprimé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A3A6BB6-71E4-4D21-9B77-F1FC0415D2B2}" => supprimé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A3A6BB6-71E4-4D21-9B77-F1FC0415D2B2}" => supprimé(es) avec succès
C:\WINDOWS\System32\Tasks\Microsoft\Windows\rempl\shell => déplacé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\rempl\shell" => supprimé(es) avec succès
"C:\Program Files (x86)\Advanced System Repair Pro 1.9.0.6.0" => non trouvé(e)
"Firefox newtab" => supprimé(es) avec succès
"Chrome Notifications:" => non trouvé(e)
"Chrome HomePage" => supprimé(es) avec succès
"Chrome StartupUrls" => supprimé(es) avec succès
HKLM\SOFTWARE\Google\Chrome\Extensions\jdanfkhnfpagoijgfmklhgakdicpnfil => supprimé(es) avec succès
HKU\S-1-5-21-3373227840-202954090-1753757146-1005\SOFTWARE\Google\Chrome\Extensions\jdanfkhnfpagoijgfmklhgakdicpnfil => supprimé(es) avec succès
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb => supprimé(es) avec succès
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => supprimé(es) avec succès
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jdanfkhnfpagoijgfmklhgakdicpnfil => supprimé(es) avec succès
"HKU\S-1-5-21-3373227840-202954090-1753757146-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => supprimé(es) avec succès
HKU\S-1-5-21-3373227840-202954090-1753757146-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => supprimé(es) avec succès
HKU\S-1-5-21-3373227840-202954090-1753757146-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0EEA3A6D-EB9A-44DF-AB12-95165BF31554} => supprimé(es) avec succès
HKU\S-1-5-21-3373227840-202954090-1753757146-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => supprimé(es) avec succès

========= netsh advfirewall reset =========

Ok.


========= Fin de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 50802250 B
Java, Flash, Steam htmlcache => 320382314 B
Windows/system/drivers => 28500256 B
Edge => 135674 B
Chrome => 397964623 B
Brave => 140841 B
Firefox => 95883432 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 855444 B
molle => 383033133 B

RecycleBin => 365808 B
EmptyTemp: => 1.2 GB données temporaires supprimées.

================================


Le système a dû redémarrer.

==== Fin de Fixlog 12:20:49 ====