Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 28.09.2018 Exécuté par Sylvain (01-10-2018 20:07:42) Run:3 Exécuté depuis C:\Users\Sylvain\Desktop Profils chargés: Sylvain (Profils disponibles: Sylvain) Mode d'amorçage: Normal ============================================== fixlist contenu: ***************** CreateRestorePoint: StartRegEdit: Windows Registry Editor Version 5.00 [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}] "URL"="" [HKLM\Software\Wo6432Node\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}] "URL"="" [HKLM\Software\Wo6432Node\Microsoft\Internet Explorer\SearchScopes\{C2F7C8A3-D4A6-452E-B677-D148D2A36A44}] "URL"="" EndRegEdit: DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A6F9ACCC-5D48-4DF5-88DE-010E084FF544} DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{066AC33A-AC67-4CCC-9081-DDB8628C4AF6} DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{43B3D5A1-1ADA-495C-AE85-12994A6BAAD6} DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{44FEF1F6-BB62-43E8-8201-23400D896818} C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\File System\010 DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLVirtualDrive DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl10 DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{88B10E3E-8911-4FAC-8663-CCF6E33C58B3} DeleteKey: HKLM\Software\Classes\Installer\Products\E3E01B881198CAF46836CC6F3EC3853B DeleteKey: HKLM\Software\Classes\Installer\Features\E3E01B881198CAF46836CC6F3EC3853B DeleteKey: HKCU\Software\Microsoft\Installer\Products\E3E01B881198CAF46836CC6F3EC3853B DeleteKey: HKCU\Software\Microsoft\Installer\Features\E3E01B881198CAF46836CC6F3EC3853B C:\WINDOWS\Installer\{88B10E3E-8911-4FAC-8663-CCF6E33C58B3}\ARPPRODUCTICON.exe DeleteKey: HKLM\SOFTWARE\JavaSoft DeleteKey: HKLM\SOFTWARE\WOW6432Node\JavaSoft DeleteKey: HKCU\SOFTWARE\JavaSoft DeleteKey: HKCU\SOFTWARE\AppDataLow\Software\JavaSoft DeleteKey: HKU\.DEFAULT\SOFTWARE\JavaSoft DeleteKey: HKU\S-1-5-21-1568993093-1613427294-323948901-1002\SOFTWARE\JavaSoft C:\Program Files (x86)\Java DeleteKey: HKLM\SOFTWARE\McAfee.com DeleteKey: HKLM\SOFTWARE\WOW6432Node\McAfee.com C:\ProgramData\McAfee DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent hp Master Uninstall DeleteKey: HKLM\SOFTWARE\WildTangent DeleteKey: HKLM\SOFTWARE\WOW6432Node\WildTangent C:\ProgramData\WildTangent C:\Users\Sylvain\AppData\Roaming\WildTangent DeleteKey: HKCU\SOFTWARE\Dropbox DeleteKey: HKCU\SOFTWARE\DropboxUpdate DeleteKey: HKU\.DEFAULT\SOFTWARE\Dropbox DeleteKey: HKU\S-1-5-21-1568993093-1613427294-323948901-1002\SOFTWARE\Dropbox DeleteKey: HKU\S-1-5-21-1568993093-1613427294-323948901-1002\SOFTWARE\DropboxUpdate C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Dropbox C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Dropbox DeleteKey: HKLM\SOFTWARE\TeamViewer DeleteKey: HKLM\SOFTWARE\WOW6432Node\TeamViewer DeleteKey: HKCU\SOFTWARE\TeamViewer DeleteKey: HKU\S-1-5-21-1568993093-1613427294-323948901-1002\SOFTWARE\TeamViewer C:\Users\Sylvain\AppData\Roaming\TeamViewer DeleteValue: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK|YahooMusicEngine.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1568993093-1613427294-323948901-1002.job => C:\Users\Sylvain\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe Task: {4A8DB574-E2E6-4CD5-A20C-401FDCDC64A5} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Pas de fichier <==== ATTENTION Task: {5024AAF4-3B12-42BA-AC4A-2B4E05F13BD5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {50427C64-9D4B-433C-85BA-8FA8DC5BE73F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {520B8E32-36F3-470B-B4E5-3BC89C0F340A} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION Task: {53BD9DEA-BC64-4BCD-8EAE-43AB134C1AFD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION Task: {717625E1-EF9A-4944-8971-208E11B1D68F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {77A37956-3D72-4824-8AFA-35E9404A0264} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION Task: {7C3EF369-1001-48D7-B7C2-2DA38BDB153F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {8040FFD7-526E-46EE-ACF8-D90242BA9C1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {8A5ABEA4-D67E-449F-8D8E-4C712D875152} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {8C84D0AA-49B7-474A-8F49-B0B34A81A8C6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {9C0483F1-1E4B-4C32-96A4-9365CC592FAD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {B057BD87-3A7A-4495-9B50-788E5BBC9569} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION Task: {B1E87EEA-26A4-48B2-AF0A-1CD258A1453C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {C3EE0694-27DF-4B50-BCFE-E3917CC75CB9} - \WPD\SqmUpload_S-1-5-21-1568993093-1613427294-323948901-1002 -> Pas de fichier <==== ATTENTION Task: {C4ACCA4D-04B0-458A-98AA-F83BA4C95617} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {DC4FCC91-2676-438C-AB09-6C2F81460194} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 6.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\CyberLink Power2Go.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Desktop Burning Gadget.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\ISO Viewer.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Virtual Drive.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink Media Suite.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PowerDVD.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk C:\Users\Sylvain\Pictures\2018-09-10 - Raccourci.lnk C:\Users\Sylvain\Desktop\filmora_setup_full1084(1).exe.lnk C:\Users\Sylvain\Desktop\ZHPDiag.lnk C:\Users\Sylvain\AppData\Roaming\ZHP\Quarantine\ZHPFix\Folder\Folder21___Wondershare\Filmora\Wondershare Filmora.lnk C:\Users\Sylvain\AppData\Roaming\ZHP\Quarantine\ZHPFix\File\File103___Driver Booster 2.lnk C:\Users\Sylvain\AppData\Roaming\ZHP\Quarantine\ZHPFix\File\File105___Wondershare Filmora.lnk C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2017-08-01.lnk C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner64.lnk C:\Users\Sylvain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Avast Secure Browser.lnk C:\Users\Sylvain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk HKLM-x32\...\Run: [] => [X] HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION GroupPolicy: Restriction ? <==== ATTENTION SearchScopes: HKLM -> {C2F7C8A3-D4A6-452E-B677-D148D2A36A44} URL = hxxp://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UT ... earchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1568993093-1613427294-323948901-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/706-156705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Pas de fichier FF Plugin HKU\S-1-5-21-1568993093-1613427294-323948901-1002: @hola.org/vlc,version=1.8.328 -> C:\Users\Sylvain\AppData\Local\Hola\firefox\app\vlc [Pas de fichier] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X] S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X] U3 aspnet_state; pas de ImagePath 2018-09-28 10:39 - 2018-09-28 10:39 - 000000000 _____ () C:\Users\Sylvain\AppData\Local\oobelibMkey.log cmd: dism.exe /online /cleanup-image /restorehealth cmd: sfc /scannow Reboot: Hosts: CloseProcesses: EmptyTemp: RemoveProxy: cmd: ipconfig /flushdns cmd: netsh winsock reset Cmd: netsh advfirewall reset Cmd: Netsh advfirewall set allprofiles state on ***************** Le Point de restauration a été créé avec succès. ====> Registre "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A6F9ACCC-5D48-4DF5-88DE-010E084FF544}" => non trouvé(e) "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{066AC33A-AC67-4CCC-9081-DDB8628C4AF6}" => non trouvé(e) "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{43B3D5A1-1ADA-495C-AE85-12994A6BAAD6}" => non trouvé(e) "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{44FEF1F6-BB62-43E8-8201-23400D896818}" => non trouvé(e) "C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\File System\010" => non trouvé(e) HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLVirtualDrive => non trouvé(e) HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl10 => non trouvé(e) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{88B10E3E-8911-4FAC-8663-CCF6E33C58B3} => non trouvé(e) HKLM\Software\Classes\Installer\Products\E3E01B881198CAF46836CC6F3EC3853B => non trouvé(e) HKLM\Software\Classes\Installer\Features\E3E01B881198CAF46836CC6F3EC3853B => non trouvé(e) HKCU\Software\Microsoft\Installer\Products\E3E01B881198CAF46836CC6F3EC3853B => non trouvé(e) HKCU\Software\Microsoft\Installer\Features\E3E01B881198CAF46836CC6F3EC3853B => non trouvé(e) "C:\WINDOWS\Installer\{88B10E3E-8911-4FAC-8663-CCF6E33C58B3}\ARPPRODUCTICON.exe" => non trouvé(e) HKLM\SOFTWARE\JavaSoft => non trouvé(e) HKLM\SOFTWARE\WOW6432Node\JavaSoft => non trouvé(e) HKCU\SOFTWARE\JavaSoft => non trouvé(e) HKCU\SOFTWARE\AppDataLow\Software\JavaSoft => non trouvé(e) HKU\.DEFAULT\SOFTWARE\JavaSoft => non trouvé(e) HKU\S-1-5-21-1568993093-1613427294-323948901-1002\SOFTWARE\JavaSoft => non trouvé(e) "C:\Program Files (x86)\Java" => non trouvé(e) HKLM\SOFTWARE\McAfee.com => non trouvé(e) HKLM\SOFTWARE\WOW6432Node\McAfee.com => non trouvé(e) "C:\ProgramData\McAfee" => non trouvé(e) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent hp Master Uninstall => non trouvé(e) HKLM\SOFTWARE\WildTangent => non trouvé(e) HKLM\SOFTWARE\WOW6432Node\WildTangent => non trouvé(e) "C:\ProgramData\WildTangent" => non trouvé(e) "C:\Users\Sylvain\AppData\Roaming\WildTangent" => non trouvé(e) HKCU\SOFTWARE\Dropbox => non trouvé(e) HKCU\SOFTWARE\DropboxUpdate => non trouvé(e)