Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 23.09.2018 Exécuté par valerie eguchi (25-09-2018 07:58:43) Run:1 Exécuté depuis C:\Users\valerie eguchi\Desktop Profils chargés: valerie eguchi (Profils disponibles: valerie eguchi) Mode d'amorçage: Normal ============================================== fixlist contenu: ***************** CloseProcesses: CreateRestorePoint: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe HKU\S-1-5-18\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7379744 2018-09-23] (Lavasoft) Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" SearchScopes: HKU\S-1-5-21-3865933146-1068065594-3471209395-1001 -> DefaultScope {6A1806CD-94D4-4689 URL = R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25888 2018-09-23] () 2018-09-23 16:23 - 2018-07-08 16:50 - 000002886 _____ C:\WINDOWS\System32\Tasks\DriverToolkit Autorun 2018-09-23 16:23 - 2018-07-08 16:49 - 000000408 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job StartRegEdit: Windows Registry Editor Version 5.00 [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com\*.update] "http"=dword:00000002 "https"=dword:00000002 EndRegEdit: DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion DeleteValue: HKEY_USERS\S-1-5-21-3865933146-1068065594-3471209395-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} DeleteKey: HKU\S-1-5-21-3865933146-1068065594-3471209395-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com DeleteKey: HKCU\Software\Lavasoft\Web Companion DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com DeleteKey: HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion DeleteKey: HKLM\SOFTWARE\Lavasoft\Web Companion C:\Program Files (x86)\QuickTime C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime DeleteKey: HKLM\Software\Classes\Installer\Products\57DB95FFA664A5D4DA32AA8DC7F54DC4 DeleteKey: HKLM\Software\Classes\Installer\Features\57DB95FFA664A5D4DA32AA8DC7F54DC4 DeleteKey: HKCU\Software\Microsoft\Installer\Products\57DB95FFA664A5D4DA32AA8DC7F54DC4 DeleteKey: HKCU\Software\Microsoft\Installer\Features\57DB95FFA664A5D4DA32AA8DC7F54DC4 C:\WINDOWS\Installer\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}\Installer.ico DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C140D8A-F0A2-4632-962B-FD28F6C23BC9 DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3C140D8A-F0A2-4632-962B-FD28F6C23BC9 DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C140D8A-F0A2-4632-962B-FD28F6C23BC9 DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Maintenance\{3C140D8A-F0A2-4632-962B-FD28F6C23BC9 DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3C140D8A-F0A2-4632-962B-FD28F6C23BC9 DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3C140D8A-F0A2-4632-962B-FD28F6C23BC9 C:\Windows\System32\Tasks\DriverToolkit Autorun C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe C:\Users\Public\Desktop\DriverToolkit.lnk DeleteKey: HKCU\SOFTWARE\DriverToolkit DeleteKey: HKU\S-1-5-21-3865933146-1068065594-3471209395-1001\SOFTWARE\DriverToolkit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit C:\ProgramData\TSRProSettings C:\Users\valerie eguchi\AppData\Local\DriverToolkit C:\WINDOWS\Prefetch\DRIVERTOOLKITINSTALLER.TMP-2CA38D46.pf C:\WINDOWS\Prefetch\DRIVERTOOLKITINSTALLER.TMP-EA06496C.pf DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE DeleteKey: HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE EmptyTemp: ***************** Processus fermé avec succès. Le Point de restauration a été créé avec succès. C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe => déplacé(es) avec succès "HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion" => supprimé(es) avec succès HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => valeur restauré(es) avec succès "HKU\S-1-5-21-3865933146-1068065594-3471209395-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => supprimé(es) avec succès "HKLM\System\CurrentControlSet\Services\WCAssistantService" => supprimé(es) avec succès WCAssistantService => service supprimé(es) avec succès C:\WINDOWS\System32\Tasks\DriverToolkit Autorun => déplacé(es) avec succès C:\WINDOWS\Tasks\DriverToolkit Autorun.job => déplacé(es) avec succès ====> Registre "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Web Companion" => supprimé(es) avec succès "HKEY_USERS\S-1-5-21-3865933146-1068065594-3471209395-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Web Companion" => non trouvé(e) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} => non trouvé(e) HKU\S-1-5-21-3865933146-1068065594-3471209395-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => non trouvé(e) "HKCU\Software\Lavasoft\Web Companion" => supprimé(es) avec succès HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => non trouvé(e) "HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion" => supprimé(es) avec succès "HKLM\SOFTWARE\Lavasoft\Web Companion" => non trouvé(e) "C:\Program Files (x86)\QuickTime" => non trouvé(e) "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime" => non trouvé(e) HKLM\Software\Classes\Installer\Products\57DB95FFA664A5D4DA32AA8DC7F54DC4 => non trouvé(e) HKLM\Software\Classes\Installer\Features\57DB95FFA664A5D4DA32AA8DC7F54DC4 => non trouvé(e) "HKCU\Software\Microsoft\Installer\Products\57DB95FFA664A5D4DA32AA8DC7F54DC4" => non trouvé(e) "HKCU\Software\Microsoft\Installer\Features\57DB95FFA664A5D4DA32AA8DC7F54DC4" => non trouvé(e) "C:\WINDOWS\Installer\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}\Installer.ico" => non trouvé(e) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} => non trouvé(e) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C140D8A-F0A2-4632-962B-FD28F6C23BC9 => non trouvé(e) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3C140D8A-F0A2-4632-962B-FD28F6C23BC9 => non trouvé(e) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C140D8A-F0A2-4632-962B-FD28F6C23BC9 => non trouvé(e) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Maintenance\{3C140D8A-F0A2-4632-962B-FD28F6C23BC9 => non trouvé(e) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3C140D8A-F0A2-4632-962B-FD28F6C23BC9 => non trouvé(e) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3C140D8A-F0A2-4632-962B-FD28F6C23BC9 => non trouvé(e) "C:\Windows\System32\Tasks\DriverToolkit Autorun" => non trouvé(e) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe => déplacé(es) avec succès C:\Users\Public\Desktop\DriverToolkit.lnk => déplacé(es) avec succès "HKCU\SOFTWARE\DriverToolkit" => supprimé(es) avec succès HKU\S-1-5-21-3865933146-1068065594-3471209395-1001\SOFTWARE\DriverToolkit => non trouvé(e) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit => déplacé(es) avec succès C:\ProgramData\TSRProSettings => déplacé(es) avec succès C:\Users\valerie eguchi\AppData\Local\DriverToolkit => déplacé(es) avec succès C:\WINDOWS\Prefetch\DRIVERTOOLKITINSTALLER.TMP-2CA38D46.pf => déplacé(es) avec succès C:\WINDOWS\Prefetch\DRIVERTOOLKITINSTALLER.TMP-EA06496C.pf => déplacé(es) avec succès "HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE" => supprimé(es) avec succès HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} => non trouvé(e) HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => non trouvé(e) =========== EmptyTemp: ========== BITS transfer queue => 7888896 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 35935344 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 52475618 B Edge => 74326399 B Chrome => 11287526 B Firefox => 1082891591 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 18628 B LocalService => 0 B NetworkService => 259128554 B NetworkService => 0 B valerie eguchi => 1032041269 B RecycleBin => 496051091 B EmptyTemp: => 2.8 GB données temporaires supprimées. ================================ Le système a dû redémarrer. ==== Fin de Fixlog 08:15:15 ====