Fix result of Farbar Recovery Scan Tool (x64) Version: 29-11-2017 Ran by florian (29-11-2017 18:25:49) Run:2 Running from E:\Utilisateurs\florian\Bureau Loaded Profiles: florian (Available Profiles: florian) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: Hosts: RemoveProxy: EmptyTemp: ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> No File ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File FirewallRules: [UDP Query User{D3531D56-E61C-439C-8DF2-20BD94E233B7}C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [TCP Query User{16D59B3F-7EE1-4AF4-AB6B-81DBBB6F5CB4}C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe C:\users\florian\appdata\roaming\cacaoweb GroupPolicy: Restriction - Chrome <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION CHR HKU\S-1-5-21-3324755336-1503801912-126315808-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [kadalpbldokjhijcgndnldpheokmaeje] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [paoponfhfdfnjgddpnpjkambkcgdaaib] - C:\Users\florian\AppData\Local\Temp\ccex.crx cmd: ipconfig /flushdns end ***************** Restore point was successfully created. Processes closed successfully. C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully HKU\S-1-5-21-3324755336-1503801912-126315808-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\S-1-5-21-3324755336-1503801912-126315808-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully ========= End of RemoveProxy: ========= HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\0TheftProtectionDll => key removed successfully HKLM\Software\Classes\CLSID\{3B5B973C-92A4-4855-9D3F-0F3D23332208} => key not found HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => key removed successfully HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D3531D56-E61C-439C-8DF2-20BD94E233B7}C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe => value not found. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{16D59B3F-7EE1-4AF4-AB6B-81DBBB6F5CB4}C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe => value not found. "C:\users\florian\appdata\roaming\cacaoweb" => not found. "C:\Windows\system32\GroupPolicy\Machine" => not found. HKLM\SOFTWARE\Policies\Google => key not found HKU\S-1-5-21-3324755336-1503801912-126315808-1000\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp => key removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf => key removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gannpgaobkkhmpomoijebaigcapoeebl => key removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kadalpbldokjhijcgndnldpheokmaeje => key removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib => key removed successfully ========= ipconfig /flushdns ========= Configuration IP de Windows Cache de r‚solution DNS vid‚. ========= End of CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18389955 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 15461225 B Edge => 0 B Chrome => 662049132 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 43316466 B systemprofile32 => 0 B LocalService => 132244 B NetworkService => 692 B florian => 5963701 B