Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 12.05.2018
Exécuté par gael (14-05-2018 21:04:38) Run:1
Exécuté depuis C:\Users\gael\Desktop
Profils chargés: gael (Profils disponibles: gael)
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-137484073-2298933724-79549711-1002\...\Run: [ExpressVPN4] => C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe [812672 2018-02-07] (ExpressVPN)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-137484073-2298933724-79549711-1002 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q=
SearchScopes: HKU\S-1-5-21-137484073-2298933724-79549711-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-137484073-2298933724-79549711-1002 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q=
CHR HKLM-x32\...\Chrome\Extension: [bhjhnafpiilpffhglajcaepjbnbjemci] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hcadgijmedbfgciegjomfpjcdchlhnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lhemechcanjmilllmccjbjldonmnnjjj] - hxxps://clients2.google.com/service/update2/crx
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://istart.webssearches.com/?type=
2018-05-12 12:02 - 2018-05-12 12:02 - 000000000 ____D C:\ProgramData\ExpressVPN
2018-05-13 09:54 - 2015-07-23 13:29 - 000000000 ____D C:\Program Files\KMSpico
2018-05-14 09:20 - 2015-09-03 07:12 - 000000000 ____D C:\Program Files\Microsoft Office
2017-09-29 15:42 - 2017-09-29 15:42 - 000174592 ____N (Microsoft Corporation) C:\Users\gael_2\eVoovIiAueNjE.exe
2017-09-29 15:42 - 2017-09-29 15:42 - 000059904 ____N (Microsoft Corporation) C:\Users\gael_2\AppData\Roaming\banEEuwk.exe
2018-03-04 18:05 - 2018-03-04 18:05 - 000001439 _____ () C:\Users\gael_2\AppData\Roaming\uni.txt
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
cmd: ipconfig /flushdns

*****************

Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
C:\Windows\System32\Drivers\etc\hosts => déplacé(es) avec succès
Hosts restauré(es) avec succès.

========= RemoveProxy: =========

"HKU\S-1-5-21-2527228221-3633179507-2278049615-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => supprimé(es) avec succès
"HKU\S-1-5-21-2527228221-3633179507-2278049615-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => supprimé(es) avec succès


========= Fin de RemoveProxy: =========

"C:\WINDOWS\system32\GroupPolicy\Machine" => non trouvé(e)
"C:\WINDOWS\system32\GroupPolicy\User" => non trouvé(e)
HKLM\SOFTWARE\Policies\Google => non trouvé(e)
"HKU\S-1-5-21-137484073-2298933724-79549711-1002\Software\Microsoft\Windows\CurrentVersion\Run\\ExpressVPN4" => non trouvé(e)
"HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxySettingsPerUser" => non trouvé(e)
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valeur restauré(es) avec succès
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => supprimé(es) avec succès
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => non trouvé(e)
"HKU\S-1-5-21-137484073-2298933724-79549711-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => non trouvé(e)
"HKU\S-1-5-21-137484073-2298933724-79549711-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => non trouvé(e)
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => non trouvé(e)
"HKU\S-1-5-21-137484073-2298933724-79549711-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}" => non trouvé(e)
HKLM\Software\Classes\CLSID\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => non trouvé(e)
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci" => non trouvé(e)
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccjleegmemocfpghkhpjmiccjcacackp" => non trouvé(e)
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj" => non trouvé(e)
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif" => non trouvé(e)
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lhemechcanjmilllmccjbjldonmnnjjj" => non trouvé(e)
"Chrome StartupUrls" => non trouvé(e)
"C:\ProgramData\ExpressVPN" => non trouvé(e)
"C:\Program Files\KMSpico" => non trouvé(e)
"C:\Program Files\Microsoft Office" => non trouvé(e)
"C:\Users\gael_2\eVoovIiAueNjE.exe" => non trouvé(e)
"C:\Users\gael_2\AppData\Roaming\banEEuwk.exe" => non trouvé(e)
"C:\Users\gael_2\AppData\Roaming\uni.txt" => non trouvé(e)
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => non trouvé(e)
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => non trouvé(e)

========= ipconfig /flushdns =========


Configuration IP de Windows

Cache de r‚solution DNS vid‚.

========= Fin de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9496104 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2339913 B
Edge => 20531031 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1976 B
gael => 26196108 B

RecycleBin => 0 B
EmptyTemp: => 61.6 MB données temporaires supprimées.

================================


Le système a dû redémarrer.

==== Fin de Fixlog 21:06:33 ====