Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 12-11-2022
Exécuté par benji (12-11-2022 20:12:05) Run:2
Exécuté depuis B:\Benjamin\Téléchargement
Profils chargés: benji
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
start::
closeprocesses:
createrestorepoint:
virustotal: C:\WINDOWS\system32\eQgfe8CP.exe
2022-11-12 17:44 - 2019-05-13 19:55 - 000000000 ____D C:\Users\benji\AppData\Local\AVAST Software
2022-11-12 17:44 - 2019-05-13 19:53 - 000000000 ____D C:\ProgramData\AVAST Software
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
AlternateDataStreams: C:\AMD:err [1638]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\benji\Desktop\a.jpeg:3or4kl4x13tuuug3Byamue2s4b [81]
AlternateDataStreams: C:\Users\benji\Desktop\a.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\benji\Desktop\b.jpeg:3or4kl4x13tuuug3Byamue2s4b [81]
AlternateDataStreams: C:\Users\benji\Desktop\b.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\benji\Desktop\cess.jpeg:3or4kl4x13tuuug3Byamue2s4b [81]
AlternateDataStreams: C:\Users\benji\Desktop\cess.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
DefaultPrefix-x32: => <==== ATTENTION
Prefixes-x32: [home]=> <==== ATTENTION
Prefixes-x32: [www]=> <==== ATTENTION
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-07-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3252580798-3812781471-3762038546-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_7B01837EF606D3C61B5E764BB78C705E"
HKU\S-1-5-21-3252580798-3812781471-3762038546-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited)
HKU\S-1-5-21-3252580798-3812781471-3762038546-1001\...\Run: [utweb] => C:\Users\benji\AppData\Roaming\uTorrent Web\utweb.exe [5327576 2019-07-30] (Jenkins Win Client Build SPC -> BitTorrent Inc.) [Fichier non signé] HKU\S-1-5-21-3252580798-3812781471-3762038546-1001\...\Run: [Surfshark] => C:\Program Files (x86)\Surfshark\Surfshark.exe [11066440 2022-09-20] (Surfshark B.V. -> Surfshark)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {87FF23DF-FF31-4629-BCAC-07A2E55ADA18} - System32\Tasks\fcktplink => ping [Argument = -t 192.168.0.1]
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
CHR HKU\S-1-5-21-3252580798-3812781471-3762038546-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
2022-10-25 12:55 - 2022-10-25 12:55 - 006553088 _____ C:\WINDOWS\system32\eQgfe8CP.exe
2022-10-25 11:48 - 2022-10-25 11:48 - 006553088 _____ C:\WINDOWS\system32\aRAnvnTk.exe
2022-10-25 10:48 - 2022-10-25 10:48 - 006553088 _____ C:\WINDOWS\system32\ZxliRMZ6.exe
cmd: netsh advfirewall reset
emptytemp:
end::
*****************

Processus fermé avec succès.
Erreur: (0) Impossible de créer un point de restauration.
"VirusTotal: C:\WINDOWS\system32\eQgfe8CP.exe" => non trouvé(e)
"C:\Users\benji\AppData\Local\AVAST Software" => non trouvé(e)
"C:\ProgramData\AVAST Software" => non trouvé(e)
"AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}" => non trouvé(e)
"C:\AMD" => ":err" ADS non trouvé(e).
"C:\WINDOWS\SysWOW64\zlib.dll" => ":DocumentSummaryInformation" ADS non trouvé(e).
"C:\WINDOWS\SysWOW64\zlib.dll" => ":SummaryInformation" ADS non trouvé(e).
"C:\WINDOWS\SysWOW64\zlib.dll" => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS non trouvé(e).
"C:\Users\benji\Desktop\a.jpeg" => ":3or4kl4x13tuuug3Byamue2s4b" ADS non trouvé(e).
"C:\Users\benji\Desktop\a.jpeg" => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS non trouvé(e).
"C:\Users\benji\Desktop\b.jpeg" => ":3or4kl4x13tuuug3Byamue2s4b" ADS non trouvé(e).
"C:\Users\benji\Desktop\b.jpeg" => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS non trouvé(e).
C:\Users\benji\Desktop\cess.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS impossible à supprimer.
C:\Users\benji\Desktop\cess.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS impossible à supprimer.
"C:\Users\Public\Shared Files" => ":VersionCache" ADS non trouvé(e).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix\\"Default"="http://" => valeur restauré(es) avec succès
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes\\"home"="http://" => valeur restauré(es) avec succès
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes\\"www"="http://" => valeur restauré(es) avec succès
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => non trouvé(e)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => non trouvé(e)
"HKU\S-1-5-21-3252580798-3812781471-3762038546-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AvastBrowserAutoLaunch_7B01837EF606D3C61B5E764BB78C705E" => non trouvé(e)
"HKU\S-1-5-21-3252580798-3812781471-3762038546-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AvastBrowserAutoLaunch_7B01837EF606D3C61B5E764BB78C705E" => non trouvé(e)
"HKU\S-1-5-21-3252580798-3812781471-3762038546-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Windscribe" => non trouvé(e)
"HKU\S-1-5-21-3252580798-3812781471-3762038546-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Surfshark" => non trouvé(e)
"C:\WINDOWS\system32\GroupPolicy\Machine" => non trouvé(e)
C:\ProgramData\NTUSER.pol => déplacé(es) avec succès
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87FF23DF-FF31-4629-BCAC-07A2E55ADA18}" => non trouvé(e)
"C:\WINDOWS\System32\Tasks\fcktplink" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fcktplink" => non trouvé(e)
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => non trouvé(e)
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => non trouvé(e)
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => non trouvé(e)
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => non trouvé(e)
HKU\S-1-5-21-3252580798-3812781471-3762038546-1001\SOFTWARE\Google\Chrome\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo => non trouvé(e)
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => non trouvé(e)
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => non trouvé(e)
EAAntiCheat => service non trouvé(e).
"C:\WINDOWS\system32\eQgfe8CP.exe" => non trouvé(e)
"C:\WINDOWS\system32\aRAnvnTk.exe" => non trouvé(e)
"C:\WINDOWS\system32\ZxliRMZ6.exe" => non trouvé(e)

========= netsh advfirewall reset =========

Ok.


========= Fin de CMD: =========


=========== EmptyTemp: ==========

FlushDNS => terminé(e)
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11686246 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 233574 B
Edge => 0 B
Chrome => 7863515 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7716 B
NetworkService => 7716 B
benji => 40488 B

RecycleBin => 0 B
EmptyTemp: => 18.9 MB données temporaires supprimées.

================================


Le système a dû redémarrer.

==== Fin de Fixlog 20:12:09 ====