Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 23-05-2023
Exécuté par romar (23-05-2023 21:16:59) Run:2
Exécuté depuis C:\Users\romar\OneDrive\Document\Bureau
Profils chargés: romar
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
Start::
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\Run: [Taskbarify] => C:\Users\romar\AppData\Local\Programs\Taskbarify\Taskbarify.exe (Pas de fichier)
HKU\S-1-5-21-993868400-1050244446-1395841530-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (Pas de fichier)
Task: {D40F617E-9435-49E1-9390-D21D30AA2069} - System32\Tasks\x32 => C:\ProgramData\Desk\Microsoft\Cotrl.vbs (Pas de fichier)
Task: {987D6012-05A7-4452-A567-5F779DCC2F8D} - System32\Tasks\chrome nav => C:\Windows\system32\cmd.exe [323584 2023-05-11] (Microsoft Windows -> Microsoft Corporation) -> /c powershell -WindowStyle Hidden -E "JABhAHMAYwBFAG4AYwBTAHQAcgA9AFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AEEAUwBDAEkASQA7AAoACgAKACQAbgBWAGEAcgA9ACQAbgB1AGwAbAA7AAoAJABsAG8AYwBWACAAPQAgACIAMQA3ACIAOwAKACQAcgBlAG0AXwBwACAAPQAgACIAVwB5AEkANABNAHoAWQB5AE0AegBnADUATQBqAE0ANABNAE (l'élément de données a 5119 caractères en plus).
R2 AltruisticsService; C:\Program Files (x86)\Altrst\Altruistic.exe [76380728 2023-05-23] () [Fichier non signé] [Fichier en cours d'utilisation]
R2 CanicsHakale; C:\Program Files (x86)\CanicsHakale\CanicsHakale.exe [34902568 2023-05-22] (FortuneSmileWorkTeam -> Slow Vikeca) [Fichier non signé] [Fichier en cours d'utilisation]
S2 rsVPNClientSvc; C:\Program Files\RAVVPN\rsVPNClientSvc.exe [X]
S2 rsVPNSvc; "C:\Program Files\RAVVPN\rsVPNSvc.exe" [X]
2023-05-23 08:24 - 2023-05-23 08:24 - 000000000 ____D C:\Users\romar\AppData\Roaming\RAVVPN
2023-05-23 08:23 - 2023-05-23 09:28 - 000000000 ____D C:\ProgramData\RAVVPNService
2023-05-23 08:23 - 2023-05-23 09:26 - 000000000 ____D C:\Users\romar\AppData\Roaming\rav-antivirus-client
2023-05-23 08:23 - 2023-05-23 09:26 - 000000000 ____D C:\ProgramData\RAVAntivirus
2023-05-23 08:23 - 2023-05-23 08:23 - 000016438 _____ C:\Users\romar\AppData\Local\partner.bmp
2023-05-23 08:23 - 2023-05-23 08:23 - 000005016 _____ C:\ProgramData\rsEngine.config.backup
2023-05-23 08:23 - 2023-05-23 08:23 - 000000000 ____D C:\ProgramData\RAVVPNBackup
2023-05-23 08:23 - 2023-05-23 08:23 - 000000000 ____D C:\ProgramData\RareLocationWaryAudience
2023-05-23 08:22 - 2023-05-23 08:22 - 000000000 ____D C:\Users\romar\AppData\Roaming\Microsoft\CLR Security Config
2023-05-23 08:21 - 2023-05-23 18:33 - 000000000 ____D C:\ProgramData\Altrst
2023-05-23 08:21 - 2023-05-23 09:29 - 000000000 ____D C:\Program Files (x86)\Altrst
2023-05-23 08:21 - 2023-05-23 08:21 - 000367096 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2023-05-23 08:21 - 2023-05-23 08:21 - 000000000 ____D C:\Users\romar\AppData\Local\AltruisticApp
2023-05-23 08:21 - 2023-05-23 08:21 - 000000000 ____D C:\Users\romar\AppData\Local\Altrst
2023-05-23 08:20 - 2023-05-23 17:54 - 000000000 ____D C:\Program Files (x86)\CanicsHakale
C:\Users\romar\AppData\Local\Programs\Taskbarify
C:\Program Files (x86)\Lavasoft
C:\ProgramData\Desk\Microsoft\Cotrl.vbs
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [4306]
EmptyTemp:
End::
*****************

Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
"HKU\S-1-5-21-993868400-1050244446-1395841530-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Taskbarify" => non trouvé(e)
"HKU\S-1-5-21-993868400-1050244446-1395841530-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D40F617E-9435-49E1-9390-D21D30AA2069}" => non trouvé(e)
"C:\WINDOWS\System32\Tasks\x32" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\x32" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{987D6012-05A7-4452-A567-5F779DCC2F8D}" => non trouvé(e)
"C:\WINDOWS\System32\Tasks\chrome nav" => non trouvé(e)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\chrome nav" => non trouvé(e)
AltruisticsService => service non trouvé(e).
CanicsHakale => service non trouvé(e).
rsVPNClientSvc => service non trouvé(e).
rsVPNSvc => service non trouvé(e).
"C:\Users\romar\AppData\Roaming\RAVVPN" => non trouvé(e)
"C:\ProgramData\RAVVPNService" => non trouvé(e)
"C:\Users\romar\AppData\Roaming\rav-antivirus-client" => non trouvé(e)
"C:\ProgramData\RAVAntivirus" => non trouvé(e)
"C:\Users\romar\AppData\Local\partner.bmp" => non trouvé(e)
"C:\ProgramData\rsEngine.config.backup" => non trouvé(e)
"C:\ProgramData\RAVVPNBackup" => non trouvé(e)
"C:\ProgramData\RareLocationWaryAudience" => non trouvé(e)
"C:\Users\romar\AppData\Roaming\Microsoft\CLR Security Config" => non trouvé(e)
C:\ProgramData\Altrst => déplacé(es) avec succès
"C:\Program Files (x86)\Altrst" => non trouvé(e)
"C:\WINDOWS\system32\Drivers\bddci.sys" => non trouvé(e)
"C:\Users\romar\AppData\Local\AltruisticApp" => non trouvé(e)
"C:\Users\romar\AppData\Local\Altrst" => non trouvé(e)
"C:\Program Files (x86)\CanicsHakale" => non trouvé(e)
"C:\Users\romar\AppData\Local\Programs\Taskbarify" => non trouvé(e)
"C:\Program Files (x86)\Lavasoft" => non trouvé(e)
"C:\ProgramData\Desk\Microsoft\Cotrl.vbs" => non trouvé(e)
"C:\ProgramData\mntemp" => ":8EAD8B3507" ADS non trouvé(e).

=========== EmptyTemp: ==========

FlushDNS => terminé(e)
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8451538 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 96926 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
romar => 84416 B

RecycleBin => 218 B
EmptyTemp: => 8.2 MB données temporaires supprimées.

================================


Le système a dû redémarrer.

==== Fin de Fixlog 21:17:17 ====