Publicité
Publicité
Format du document : text/plain
Prévisualisation
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-09-2017
Ran by BenDognon (21-09-2017 21:32:29) Run:1
Running from C:\Users\BenDognon\Desktop
Loaded Profiles: BenDognon (Available Profiles: BenDognon)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-961018817-3598195997-1945277440-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF NewTab: Mozilla\Firefox\Profiles\9e6yngam.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\9e6yngam.default -> Cassiopesa
CHR HomePage: Default -> hxxp://www.cassiopessa.com/?f=1&a=csp_tgsam3_15_43&cd=2XzuyEtN2Y1L1Qzu0EyE0Fzzzy0CyCzztC0DtBtC0CtDtCyEtN0D0Tzu0StCtAzytCtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StB0AyCtCzy0AtAzztGyDzyyDtCtGyBtCtB0CtGyDyE0E0FtGtBtBtCzyyD0BtCyDyDyEzzyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtD0AtDyB0F0DtDtG0B0D0FyCtGyE0FtA0EtG0A0B0AyEtG0E0FyB0A0AtAyE0EtC0CyE0E2QtN0A0LzuyE&cr=1611967065&ir=
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
S4 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [X]
2015-10-23 20:41 - 2016-08-31 21:41 - 000000242 _____ () C:\Users\BenDognon\AppData\Roaming\WB.CFG
File: C:\Users\BenDognon\AppData\Roaming\sb46.dat
FirewallRules: [{C1556269-CF5F-46F7-9398-A17A1D00A5B9}] => (Allow) C:\Users\BenDognon\AppData\Local\Chromium\Application\chrome.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}
C:\Windows\Prefetch\REIMAGE.EXE-BEE43FC1.pf
C:\Windows\Prefetch\REIMAGEPACKAGE.EXE-41288F97.pf
C:\Windows\Prefetch\REIMAGEREMINDER.EXE-238A7C2F.pf
C:\Windows\Prefetch\REIMAGEREPAIR (1).EXE-C144016B.pf
C:\Windows\Prefetch\REIMAGEREPAIR (3).EXE-8C28E3E5.pf
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
DeleteKey: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
DeleteKey: HKLM\Software\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}
DeleteKey: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}
DeleteKey: HKLM\Software\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} EmptyTemp:
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-961018817-3598195997-1945277440-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
Firefox "newtab" removed successfully
Firefox DefaultSearchEngine removed successfully
Chrome HomePage => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh => key removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kofkpgiaknijknhajbhnghkodiccblkg => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => key removed successfully
SecureLine => service not found.
C:\Users\BenDognon\AppData\Roaming\WB.CFG => moved successfully
========================= File: C:\Users\BenDognon\AppData\Roaming\sb46.dat ========================
File not signed
MD5: C55A675098FE99C6DC35D1F4A00867A0
Creation and modification date: 2016-07-03 14:59 - 2016-07-03 14:59
Size: 002410515
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1556269-CF5F-46F7-9398-A17A1D00A5B9} => value removed successfully
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => Error: No automatic fix found for this entry.
"C:\Windows\Prefetch\REIMAGE.EXE-BEE43FC1.pf" => not found.
"C:\Windows\Prefetch\REIMAGEPACKAGE.EXE-41288F97.pf" => not found.
"C:\Windows\Prefetch\REIMAGEREMINDER.EXE-238A7C2F.pf" => not found.
"C:\Windows\Prefetch\REIMAGEREPAIR (1).EXE-C144016B.pf" => not found.
C:\Windows\Prefetch\REIMAGEREPAIR (3).EXE-8C28E3E5.pf => moved successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => key removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => key not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => key not found.
HKLM\Software\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => key removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => key not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => key removed successfully
HKLM\Software\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} EmptyTemp: => key not found.
The system needed a reboot.
==== End of Fixlog 21:33:31 ====
Ran by BenDognon (21-09-2017 21:32:29) Run:1
Running from C:\Users\BenDognon\Desktop
Loaded Profiles: BenDognon (Available Profiles: BenDognon)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-961018817-3598195997-1945277440-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF NewTab: Mozilla\Firefox\Profiles\9e6yngam.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\9e6yngam.default -> Cassiopesa
CHR HomePage: Default -> hxxp://www.cassiopessa.com/?f=1&a=csp_tgsam3_15_43&cd=2XzuyEtN2Y1L1Qzu0EyE0Fzzzy0CyCzztC0DtBtC0CtDtCyEtN0D0Tzu0StCtAzytCtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StB0AyCtCzy0AtAzztGyDzyyDtCtGyBtCtB0CtGyDyE0E0FtGtBtBtCzyyD0BtCyDyDyEzzyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtD0AtDyB0F0DtDtG0B0D0FyCtGyE0FtA0EtG0A0B0AyEtG0E0FyB0A0AtAyE0EtC0CyE0E2QtN0A0LzuyE&cr=1611967065&ir=
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
S4 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [X]
2015-10-23 20:41 - 2016-08-31 21:41 - 000000242 _____ () C:\Users\BenDognon\AppData\Roaming\WB.CFG
File: C:\Users\BenDognon\AppData\Roaming\sb46.dat
FirewallRules: [{C1556269-CF5F-46F7-9398-A17A1D00A5B9}] => (Allow) C:\Users\BenDognon\AppData\Local\Chromium\Application\chrome.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}
C:\Windows\Prefetch\REIMAGE.EXE-BEE43FC1.pf
C:\Windows\Prefetch\REIMAGEPACKAGE.EXE-41288F97.pf
C:\Windows\Prefetch\REIMAGEREMINDER.EXE-238A7C2F.pf
C:\Windows\Prefetch\REIMAGEREPAIR (1).EXE-C144016B.pf
C:\Windows\Prefetch\REIMAGEREPAIR (3).EXE-8C28E3E5.pf
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
DeleteKey: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
DeleteKey: HKLM\Software\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}
DeleteKey: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}
DeleteKey: HKLM\Software\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} EmptyTemp:
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-961018817-3598195997-1945277440-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
Firefox "newtab" removed successfully
Firefox DefaultSearchEngine removed successfully
Chrome HomePage => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh => key removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kofkpgiaknijknhajbhnghkodiccblkg => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => key removed successfully
SecureLine => service not found.
C:\Users\BenDognon\AppData\Roaming\WB.CFG => moved successfully
========================= File: C:\Users\BenDognon\AppData\Roaming\sb46.dat ========================
File not signed
MD5: C55A675098FE99C6DC35D1F4A00867A0
Creation and modification date: 2016-07-03 14:59 - 2016-07-03 14:59
Size: 002410515
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0
====== End of File: ======
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1556269-CF5F-46F7-9398-A17A1D00A5B9} => value removed successfully
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => Error: No automatic fix found for this entry.
"C:\Windows\Prefetch\REIMAGE.EXE-BEE43FC1.pf" => not found.
"C:\Windows\Prefetch\REIMAGEPACKAGE.EXE-41288F97.pf" => not found.
"C:\Windows\Prefetch\REIMAGEREMINDER.EXE-238A7C2F.pf" => not found.
"C:\Windows\Prefetch\REIMAGEREPAIR (1).EXE-C144016B.pf" => not found.
C:\Windows\Prefetch\REIMAGEREPAIR (3).EXE-8C28E3E5.pf => moved successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => key removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => key not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => key not found.
HKLM\Software\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => key removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => key not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => key removed successfully
HKLM\Software\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} EmptyTemp: => key not found.
The system needed a reboot.
==== End of Fixlog 21:33:31 ====