PC infecté par ClickCaption et omiga-plus
Résolu/Fermé
fred.deschodt
Messages postés
8
Date d'inscription
samedi 27 décembre 2014
Statut
Membre
Dernière intervention
27 décembre 2014
-
27 déc. 2014 à 11:36
Utilisateur anonyme - 28 déc. 2014 à 13:56
Utilisateur anonyme - 28 déc. 2014 à 13:56
A voir également:
- PC infecté par ClickCaption et omiga-plus
- Test performance pc - Guide
- Reinitialiser pc - Guide
- Pc lent - Guide
- Plus de son sur mon pc - Guide
- Whatsapp pc - Télécharger - Messagerie
14 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 656
27 déc. 2014 à 11:38
27 déc. 2014 à 11:38
Salut,
Tu as installé des adwares et programmes parasites sur ton PC.
Voici la procédure à suivre pour les supprimer :
Commence par ceci :
Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode )
Télécharge AdwCleaner sur ton bureau.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
Tu as installé des adwares et programmes parasites sur ton PC.
Voici la procédure à suivre pour les supprimer :
Commence par ceci :
Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode )
Télécharge AdwCleaner sur ton bureau.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
fred.deschodt
Messages postés
8
Date d'inscription
samedi 27 décembre 2014
Statut
Membre
Dernière intervention
27 décembre 2014
27 déc. 2014 à 11:49
27 déc. 2014 à 11:49
Bonjour, et merci pour la réponse rapide !
voici mon rapport :
# AdwCleaner v4.106 - Rapport créé le 27/12/2014 à 11:43:29
# Mis à jour le 21/12/2014 par Xplode
# Database : 2014-12-21.4 [Live]
# Système d'exploitation : Windows 8.1 (64 bits)
# Nom d'utilisateur : Thérèse - TOSHIBA
# Exécuté depuis : C:\Users\Thérèse\Downloads\adwcleaner_4.106.exe
# Option : Nettoyer
***** [ Services ] *****
[#] Service Supprimé : BackupStack
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\Program Files (x86)\MyPC Backup
Dossier Supprimé : C:\Users\Thérèse\AppData\Roaming\omiga-plus
Dossier Supprimé : C:\Users\Thérèse\AppData\Roaming\VOPackage
Dossier Supprimé : C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Dossier Supprimé : C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Fichier Supprimé : C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Fichier Supprimé : C:\Users\Thérèse\Desktop\MyPC Backup.lnk
Fichier Supprimé : C:\Users\Thérèse\Desktop\Sync Folder.lnk
Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omiga-plus.xml
***** [ Tâches planifiées ] *****
Tâche Supprimée : LaunchSignup
***** [ Raccourcis ] *****
Raccourci Désinfecté : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Raccourci Désinfecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Raccourci Désinfecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Raccourci Désinfecté : C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Lanceur d'applications Google Chrome.lnk
Raccourci Désinfecté : C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\SWOOOP.lnk
Raccourci Désinfecté : C:\Users\Thérèse\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Raccourci Désinfecté : C:\Users\Thérèse\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\Thérèse\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Clé Supprimée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée Restaurée : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Clé Supprimée : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKLM\SOFTWARE\omiga-plusSoftware
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\omiga-plus uninstall
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17416
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v34.0.5 (x86 fr)
[49zdxc5k.default-1419415227451\prefs.js] - Ligne Supprimée : user_pref("browser.newtab.url", "hxxp://isearch.omiga-plus.com/newtab/?type=nt&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET");
[49zdxc5k.default-1419415227451\prefs.js] - Ligne Supprimée : user_pref("browser.search.selectedEngine", "omiga-plus");
[49zdxc5k.default-1419415227451\prefs.js] - Ligne Supprimée : user_pref("browser.startup.homepage", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET");
-\\ Google Chrome v38.0.2125.111
[C:\Users\Thérèse\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET&q={searchTerms}
[C:\Users\Thérèse\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET&q={searchTerms}
[C:\Users\Thérèse\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Homepage] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET
[C:\Users\Thérèse\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Startup_URLs] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET
[C:\Users\Thérèse\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Homepage] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET
[C:\Users\Thérèse\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Startup_URLs] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET
*************************
AdwCleaner[R0].txt - [8192 octets] - [27/12/2014 11:08:54]
AdwCleaner[R1].txt - [6633 octets] - [27/12/2014 11:41:23]
AdwCleaner[S0].txt - [6982 octets] - [27/12/2014 11:12:28]
AdwCleaner[S1].txt - [6129 octets] - [27/12/2014 11:43:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6189 octets] ##########
voici mon rapport :
# AdwCleaner v4.106 - Rapport créé le 27/12/2014 à 11:43:29
# Mis à jour le 21/12/2014 par Xplode
# Database : 2014-12-21.4 [Live]
# Système d'exploitation : Windows 8.1 (64 bits)
# Nom d'utilisateur : Thérèse - TOSHIBA
# Exécuté depuis : C:\Users\Thérèse\Downloads\adwcleaner_4.106.exe
# Option : Nettoyer
***** [ Services ] *****
[#] Service Supprimé : BackupStack
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\Program Files (x86)\MyPC Backup
Dossier Supprimé : C:\Users\Thérèse\AppData\Roaming\omiga-plus
Dossier Supprimé : C:\Users\Thérèse\AppData\Roaming\VOPackage
Dossier Supprimé : C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Dossier Supprimé : C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Fichier Supprimé : C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Fichier Supprimé : C:\Users\Thérèse\Desktop\MyPC Backup.lnk
Fichier Supprimé : C:\Users\Thérèse\Desktop\Sync Folder.lnk
Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omiga-plus.xml
***** [ Tâches planifiées ] *****
Tâche Supprimée : LaunchSignup
***** [ Raccourcis ] *****
Raccourci Désinfecté : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Raccourci Désinfecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Raccourci Désinfecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Raccourci Désinfecté : C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Lanceur d'applications Google Chrome.lnk
Raccourci Désinfecté : C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\SWOOOP.lnk
Raccourci Désinfecté : C:\Users\Thérèse\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Raccourci Désinfecté : C:\Users\Thérèse\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\Thérèse\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Clé Supprimée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée Restaurée : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Clé Supprimée : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKLM\SOFTWARE\omiga-plusSoftware
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\omiga-plus uninstall
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17416
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v34.0.5 (x86 fr)
[49zdxc5k.default-1419415227451\prefs.js] - Ligne Supprimée : user_pref("browser.newtab.url", "hxxp://isearch.omiga-plus.com/newtab/?type=nt&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET");
[49zdxc5k.default-1419415227451\prefs.js] - Ligne Supprimée : user_pref("browser.search.selectedEngine", "omiga-plus");
[49zdxc5k.default-1419415227451\prefs.js] - Ligne Supprimée : user_pref("browser.startup.homepage", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET");
-\\ Google Chrome v38.0.2125.111
[C:\Users\Thérèse\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET&q={searchTerms}
[C:\Users\Thérèse\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET&q={searchTerms}
[C:\Users\Thérèse\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Homepage] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET
[C:\Users\Thérèse\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Startup_URLs] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET
[C:\Users\Thérèse\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Homepage] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET
[C:\Users\Thérèse\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Startup_URLs] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1419676240&from=ill&uid=TOSHIBAXMQ01ABF050_337EW3KETXX337EW3KET
*************************
AdwCleaner[R0].txt - [8192 octets] - [27/12/2014 11:08:54]
AdwCleaner[R1].txt - [6633 octets] - [27/12/2014 11:41:23]
AdwCleaner[S0].txt - [6982 octets] - [27/12/2014 11:12:28]
AdwCleaner[S1].txt - [6129 octets] - [27/12/2014 11:43:29]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6189 octets] ##########
fred.deschodt
Messages postés
8
Date d'inscription
samedi 27 décembre 2014
Statut
Membre
Dernière intervention
27 décembre 2014
27 déc. 2014 à 12:06
27 déc. 2014 à 12:06
Et voici le lien pour pjjoint:
https://pjjoint.malekal.com/files.php?id=20141227_z9g11w9b14f10
https://pjjoint.malekal.com/files.php?id=20141227_z9g11w9b14f10
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 656
27 déc. 2014 à 12:32
27 déc. 2014 à 12:32
Suis ce tutorial : https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer deux rapports FRST.
Envoie comme expliqué, ces deux rapports sur le site http://pjjoint.malekal.com et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
Cela va générer deux rapports FRST.
Envoie comme expliqué, ces deux rapports sur le site http://pjjoint.malekal.com et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
fred.deschodt
Messages postés
8
Date d'inscription
samedi 27 décembre 2014
Statut
Membre
Dernière intervention
27 décembre 2014
27 déc. 2014 à 13:41
27 déc. 2014 à 13:41
voici les rapports :
FRST:
https://pjjoint.malekal.com/files.php?id=20141227_z5i12l10c14f7
addition:
https://pjjoint.malekal.com/files.php?id=20141227_g119v13r15x9
FRST:
https://pjjoint.malekal.com/files.php?id=20141227_z5i12l10c14f7
addition:
https://pjjoint.malekal.com/files.php?id=20141227_g119v13r15x9
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 656
27 déc. 2014 à 13:55
27 déc. 2014 à 13:55
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
Startup: C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:62237;https=127.0.0.1:62237
S2 9b784ed1; c:\Program Files (x86)\Optimizer Pro 3.16\OptProMon.dll [5079632 2014-12-26] ()
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53832 2014-11-25] (Just Develop It) <==== ATTENTION
R2 ccsvc_1.10.0.5; C:\Program Files (x86)\ClickCaption_1.10.0.5\Service\ccsvc.exe [277584 2014-12-12] (ClickCaption)
S2 serverca; C:\Users\Thérèse\AppData\Local\ConvertAd\CASrv.exe [X]
S2 Update Lampy Lighty; C:\Program Files (x86)\Lampy Lighty\updateLampyLighty.exe [X]
R1 ccnfd_1_10_0_5; C:\Windows\System32\drivers\ccnfd_1_10_0_5.sys [58232 2014-12-12] (ClickCaption)
2014-12-27 12:01 - 2014-12-27 12:01 - 00001996 _____ () C:\Users\Thérèse\Desktop\Sync Folder.lnk
2014-12-27 12:01 - 2014-12-27 12:01 - 00001096 _____ () C:\Users\Thérèse\Desktop\MyPC Backup.lnk
2014-12-27 12:01 - 2014-12-27 12:01 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-12-27 12:01 - 2014-12-27 12:01 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-12-27 12:00 - 2014-12-27 12:00 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\VOPackage
2014-12-27 12:00 - 2014-12-27 12:00 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-12-27 11:49 - 2014-12-27 11:49 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\ZLIgN6t
2014-12-27 11:18 - 2014-12-27 11:18 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\ovJQ9b4
2014-12-25 19:38 - 2014-12-25 19:38 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Ynwzg8K
2014-12-24 19:04 - 2014-12-24 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\KNYZCtU
2014-12-24 12:53 - 2014-12-24 12:53 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\etQiynb
2014-12-24 11:38 - 2014-12-24 11:38 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\OHQ6RFt
2014-12-24 11:03 - 2014-12-24 11:03 - 00003262 _____ () C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-2482896826-2113130193-1025699599-1001
2014-12-24 11:03 - 2014-12-24 11:03 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\wGUmDqn
2014-12-24 10:41 - 2014-12-24 10:42 - 00000000 ____D () C:\Program Files (x86)\ClickCaption_1.10.0.5
2014-12-24 10:41 - 2014-12-24 10:41 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\b2z8fRo
2014-12-23 22:59 - 2014-12-23 22:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\sLIK1oB
2014-12-23 19:04 - 2014-12-23 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\uZM1Kes
2014-12-22 19:04 - 2014-12-22 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\WLw7XCk
2014-12-21 19:04 - 2014-12-21 19:04 - 00003284 _____ () C:\WINDOWS\System32\Tasks\FErugMNu6bSCW0R
2014-12-21 19:04 - 2014-12-21 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\CeDDAab
2014-12-21 15:48 - 2014-12-21 15:48 - 00000149 _____ () C:\Users\Thérèse\Desktop\fb2.log
2014-12-20 21:51 - 2014-12-20 21:51 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\rlrYPvU
2014-12-20 08:50 - 2014-12-24 11:21 - 00000000 ____D () C:\Program Files (x86)\576fef5f-5cf7-4c3a-b47f-7e8164951046
2014-12-20 08:49 - 2014-12-20 08:49 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\cfpc79N
2014-12-18 19:04 - 2014-12-18 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\J4WdKxf
2014-12-17 20:57 - 2014-12-24 11:21 - 00000000 ____D () C:\Program Files (x86)\42015bb0-a5f2-4c74-8102-454904452235
2014-12-17 20:55 - 2014-12-17 20:55 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\j4J03Tc
2014-12-16 21:12 - 2014-12-16 21:12 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\KDIuQg7
2014-12-16 21:12 - 2014-12-16 21:12 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jpGcf0Z
2014-12-15 20:55 - 2014-12-23 22:49 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\GTSknrv
2014-12-15 20:55 - 2014-12-15 20:57 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\50tNFEh
2014-12-15 10:16 - 2014-12-15 10:16 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vW3fWFI
2014-12-15 10:16 - 2014-12-15 10:16 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\oJ7v9Dz
2014-12-14 19:04 - 2014-12-14 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\UV5hYBF
2014-12-14 19:04 - 2014-12-14 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\IhetmAx
2014-12-14 18:27 - 2014-12-14 18:27 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\RTE9fra
2014-12-14 18:27 - 2014-12-14 18:27 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\qjizXCv
2014-12-13 19:04 - 2014-12-13 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\iAlvPcE
2014-12-13 19:04 - 2014-12-13 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\EpLuuMT
2014-12-13 17:50 - 2014-12-13 17:50 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\VYsn7xo
2014-12-13 17:50 - 2014-12-13 17:50 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\avrIGlx
2014-12-12 20:56 - 2014-12-12 20:56 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Z1a3Rzb
2014-12-12 20:56 - 2014-12-12 20:56 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\3vScTYv
2014-12-12 00:53 - 2014-12-12 00:53 - 00058232 _____ (ClickCaption) C:\WINDOWS\system32\Drivers\ccnfd_1_10_0_5.sys
2014-12-11 19:04 - 2014-12-11 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\rMa8NUS
2014-12-11 19:04 - 2014-12-11 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\CBTyDHY
2014-12-11 15:28 - 2014-12-11 15:28 - 00000000 ____D () C:\ProgramData\LizardSales
2014-12-10 19:04 - 2014-12-10 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\wEGVG2b
2014-12-10 19:04 - 2014-12-10 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\EnUAc9I
2014-12-09 19:04 - 2014-12-09 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Nms5nU8
2014-12-09 19:04 - 2014-12-09 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jj1OHhB
2014-12-08 20:58 - 2014-12-08 20:58 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\XakbOyq
2014-12-08 20:58 - 2014-12-08 20:58 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\eIq2ati
2014-12-07 19:04 - 2014-12-07 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\SbtkQtr
2014-12-07 19:04 - 2014-12-07 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\qHBuqHc
2014-12-06 20:59 - 2014-12-06 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\BvOYBDQ
2014-12-06 20:59 - 2014-12-06 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\2eW26Mx
2014-12-05 19:04 - 2014-12-05 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\WAlnAhx
2014-12-05 19:04 - 2014-12-05 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\hZLxWDb
2014-12-04 21:07 - 2014-12-04 21:07 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vpTPdqw
2014-12-04 21:07 - 2014-12-04 21:07 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jf6nBE9
2014-12-03 21:10 - 2014-12-03 21:10 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\r7fOICs
2014-12-03 21:10 - 2014-12-03 21:10 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\acZ6Tjg
2014-12-02 20:02 - 2014-12-02 20:03 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\nGil7Qz
2014-12-02 20:02 - 2014-12-02 20:02 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\x4u2Cx7
2014-12-01 20:59 - 2014-12-01 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\U9sYjnV
2014-12-01 20:58 - 2014-12-01 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jYRJBjI
2014-11-30 19:04 - 2014-11-30 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vORipL6
2014-11-30 19:04 - 2014-11-30 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\sqgnQhi
2014-11-29 21:04 - 2014-11-29 21:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\QrP79AD
2014-11-29 21:03 - 2014-11-29 21:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\DpWhBrb
2014-11-28 21:20 - 2014-11-28 21:20 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vtqfOCF
2014-11-28 21:20 - 2014-11-28 21:20 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\hgHALle
2014-11-27 19:04 - 2014-11-27 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\fc0n4Lj
2014-11-27 19:04 - 2014-11-27 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\1jlYN2r
2014-12-21 19:04 - 2014-11-22 19:34 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\X5sUvyv
Task: {AD3D586D-0226-4B4D-8A1D-CE32BD6535CF} - System32\Tasks\o5KpgzIrjgyMN2N => C:\Users\Thérèse\AppData\Roaming\X5sUvyv\KVjmiKV.exe [2014-11-22] ( )
Task: {AF685CCC-2494-4436-BF85-D13675D8B0BE} - System32\Tasks\FErugMNu6bSCW0R => C:\Users\Thérèse\AppData\Roaming\CeDDAab\dYGfQvj.exe [2014-12-21] ( )
Task: C:\WINDOWS\Tasks\FSVZPT.job => C:\Users\Thýÿrýÿse\AppData\Roaming\FSVZPT.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\MVVDSGW.job => C:\Users\Thýÿrýÿse\AppData\Roaming\MVVDSGW.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RSA.job => C:\Users\Thýÿrýÿse\AppData\Roaming\RSA.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\XOVKJW.job => C:\Users\Thýÿrýÿse\AppData\Roaming\XOVKJW.exe <==== ATTENTION
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
Startup: C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:62237;https=127.0.0.1:62237
S2 9b784ed1; c:\Program Files (x86)\Optimizer Pro 3.16\OptProMon.dll [5079632 2014-12-26] ()
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53832 2014-11-25] (Just Develop It) <==== ATTENTION
R2 ccsvc_1.10.0.5; C:\Program Files (x86)\ClickCaption_1.10.0.5\Service\ccsvc.exe [277584 2014-12-12] (ClickCaption)
S2 serverca; C:\Users\Thérèse\AppData\Local\ConvertAd\CASrv.exe [X]
S2 Update Lampy Lighty; C:\Program Files (x86)\Lampy Lighty\updateLampyLighty.exe [X]
R1 ccnfd_1_10_0_5; C:\Windows\System32\drivers\ccnfd_1_10_0_5.sys [58232 2014-12-12] (ClickCaption)
2014-12-27 12:01 - 2014-12-27 12:01 - 00001996 _____ () C:\Users\Thérèse\Desktop\Sync Folder.lnk
2014-12-27 12:01 - 2014-12-27 12:01 - 00001096 _____ () C:\Users\Thérèse\Desktop\MyPC Backup.lnk
2014-12-27 12:01 - 2014-12-27 12:01 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-12-27 12:01 - 2014-12-27 12:01 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-12-27 12:00 - 2014-12-27 12:00 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\VOPackage
2014-12-27 12:00 - 2014-12-27 12:00 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-12-27 11:49 - 2014-12-27 11:49 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\ZLIgN6t
2014-12-27 11:18 - 2014-12-27 11:18 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\ovJQ9b4
2014-12-25 19:38 - 2014-12-25 19:38 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Ynwzg8K
2014-12-24 19:04 - 2014-12-24 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\KNYZCtU
2014-12-24 12:53 - 2014-12-24 12:53 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\etQiynb
2014-12-24 11:38 - 2014-12-24 11:38 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\OHQ6RFt
2014-12-24 11:03 - 2014-12-24 11:03 - 00003262 _____ () C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-2482896826-2113130193-1025699599-1001
2014-12-24 11:03 - 2014-12-24 11:03 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\wGUmDqn
2014-12-24 10:41 - 2014-12-24 10:42 - 00000000 ____D () C:\Program Files (x86)\ClickCaption_1.10.0.5
2014-12-24 10:41 - 2014-12-24 10:41 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\b2z8fRo
2014-12-23 22:59 - 2014-12-23 22:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\sLIK1oB
2014-12-23 19:04 - 2014-12-23 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\uZM1Kes
2014-12-22 19:04 - 2014-12-22 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\WLw7XCk
2014-12-21 19:04 - 2014-12-21 19:04 - 00003284 _____ () C:\WINDOWS\System32\Tasks\FErugMNu6bSCW0R
2014-12-21 19:04 - 2014-12-21 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\CeDDAab
2014-12-21 15:48 - 2014-12-21 15:48 - 00000149 _____ () C:\Users\Thérèse\Desktop\fb2.log
2014-12-20 21:51 - 2014-12-20 21:51 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\rlrYPvU
2014-12-20 08:50 - 2014-12-24 11:21 - 00000000 ____D () C:\Program Files (x86)\576fef5f-5cf7-4c3a-b47f-7e8164951046
2014-12-20 08:49 - 2014-12-20 08:49 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\cfpc79N
2014-12-18 19:04 - 2014-12-18 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\J4WdKxf
2014-12-17 20:57 - 2014-12-24 11:21 - 00000000 ____D () C:\Program Files (x86)\42015bb0-a5f2-4c74-8102-454904452235
2014-12-17 20:55 - 2014-12-17 20:55 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\j4J03Tc
2014-12-16 21:12 - 2014-12-16 21:12 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\KDIuQg7
2014-12-16 21:12 - 2014-12-16 21:12 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jpGcf0Z
2014-12-15 20:55 - 2014-12-23 22:49 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\GTSknrv
2014-12-15 20:55 - 2014-12-15 20:57 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\50tNFEh
2014-12-15 10:16 - 2014-12-15 10:16 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vW3fWFI
2014-12-15 10:16 - 2014-12-15 10:16 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\oJ7v9Dz
2014-12-14 19:04 - 2014-12-14 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\UV5hYBF
2014-12-14 19:04 - 2014-12-14 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\IhetmAx
2014-12-14 18:27 - 2014-12-14 18:27 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\RTE9fra
2014-12-14 18:27 - 2014-12-14 18:27 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\qjizXCv
2014-12-13 19:04 - 2014-12-13 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\iAlvPcE
2014-12-13 19:04 - 2014-12-13 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\EpLuuMT
2014-12-13 17:50 - 2014-12-13 17:50 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\VYsn7xo
2014-12-13 17:50 - 2014-12-13 17:50 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\avrIGlx
2014-12-12 20:56 - 2014-12-12 20:56 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Z1a3Rzb
2014-12-12 20:56 - 2014-12-12 20:56 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\3vScTYv
2014-12-12 00:53 - 2014-12-12 00:53 - 00058232 _____ (ClickCaption) C:\WINDOWS\system32\Drivers\ccnfd_1_10_0_5.sys
2014-12-11 19:04 - 2014-12-11 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\rMa8NUS
2014-12-11 19:04 - 2014-12-11 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\CBTyDHY
2014-12-11 15:28 - 2014-12-11 15:28 - 00000000 ____D () C:\ProgramData\LizardSales
2014-12-10 19:04 - 2014-12-10 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\wEGVG2b
2014-12-10 19:04 - 2014-12-10 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\EnUAc9I
2014-12-09 19:04 - 2014-12-09 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Nms5nU8
2014-12-09 19:04 - 2014-12-09 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jj1OHhB
2014-12-08 20:58 - 2014-12-08 20:58 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\XakbOyq
2014-12-08 20:58 - 2014-12-08 20:58 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\eIq2ati
2014-12-07 19:04 - 2014-12-07 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\SbtkQtr
2014-12-07 19:04 - 2014-12-07 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\qHBuqHc
2014-12-06 20:59 - 2014-12-06 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\BvOYBDQ
2014-12-06 20:59 - 2014-12-06 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\2eW26Mx
2014-12-05 19:04 - 2014-12-05 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\WAlnAhx
2014-12-05 19:04 - 2014-12-05 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\hZLxWDb
2014-12-04 21:07 - 2014-12-04 21:07 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vpTPdqw
2014-12-04 21:07 - 2014-12-04 21:07 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jf6nBE9
2014-12-03 21:10 - 2014-12-03 21:10 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\r7fOICs
2014-12-03 21:10 - 2014-12-03 21:10 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\acZ6Tjg
2014-12-02 20:02 - 2014-12-02 20:03 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\nGil7Qz
2014-12-02 20:02 - 2014-12-02 20:02 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\x4u2Cx7
2014-12-01 20:59 - 2014-12-01 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\U9sYjnV
2014-12-01 20:58 - 2014-12-01 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jYRJBjI
2014-11-30 19:04 - 2014-11-30 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vORipL6
2014-11-30 19:04 - 2014-11-30 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\sqgnQhi
2014-11-29 21:04 - 2014-11-29 21:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\QrP79AD
2014-11-29 21:03 - 2014-11-29 21:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\DpWhBrb
2014-11-28 21:20 - 2014-11-28 21:20 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vtqfOCF
2014-11-28 21:20 - 2014-11-28 21:20 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\hgHALle
2014-11-27 19:04 - 2014-11-27 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\fc0n4Lj
2014-11-27 19:04 - 2014-11-27 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\1jlYN2r
2014-12-21 19:04 - 2014-11-22 19:34 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\X5sUvyv
Task: {AD3D586D-0226-4B4D-8A1D-CE32BD6535CF} - System32\Tasks\o5KpgzIrjgyMN2N => C:\Users\Thérèse\AppData\Roaming\X5sUvyv\KVjmiKV.exe [2014-11-22] ( )
Task: {AF685CCC-2494-4436-BF85-D13675D8B0BE} - System32\Tasks\FErugMNu6bSCW0R => C:\Users\Thérèse\AppData\Roaming\CeDDAab\dYGfQvj.exe [2014-12-21] ( )
Task: C:\WINDOWS\Tasks\FSVZPT.job => C:\Users\Thýÿrýÿse\AppData\Roaming\FSVZPT.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\MVVDSGW.job => C:\Users\Thýÿrýÿse\AppData\Roaming\MVVDSGW.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RSA.job => C:\Users\Thýÿrýÿse\AppData\Roaming\RSA.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\XOVKJW.job => C:\Users\Thýÿrýÿse\AppData\Roaming\XOVKJW.exe <==== ATTENTION
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
fred.deschodt
Messages postés
8
Date d'inscription
samedi 27 décembre 2014
Statut
Membre
Dernière intervention
27 décembre 2014
27 déc. 2014 à 14:08
27 déc. 2014 à 14:08
parfait, voici le nouveau rapport:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-12-2014
Ran by Thérèse at 2014-12-27 14:04:14 Run:1
Running from C:\Users\Thérèse\Desktop
Loaded Profile: Thérèse (Available profiles: Thérèse)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Startup: C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:62237;https=127.0.0.1:62237
S2 9b784ed1; c:\Program Files (x86)\Optimizer Pro 3.16\OptProMon.dll [5079632 2014-12-26] ()
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53832 2014-11-25] (Just Develop It) <==== ATTENTION
R2 ccsvc_1.10.0.5; C:\Program Files (x86)\ClickCaption_1.10.0.5\Service\ccsvc.exe [277584 2014-12-12] (ClickCaption)
S2 serverca; C:\Users\Thérèse\AppData\Local\ConvertAd\CASrv.exe [X]
S2 Update Lampy Lighty; C:\Program Files (x86)\Lampy Lighty\updateLampyLighty.exe [X]
R1 ccnfd_1_10_0_5; C:\Windows\System32\drivers\ccnfd_1_10_0_5.sys [58232 2014-12-12] (ClickCaption)
2014-12-27 12:01 - 2014-12-27 12:01 - 00001996 _____ () C:\Users\Thérèse\Desktop\Sync Folder.lnk
2014-12-27 12:01 - 2014-12-27 12:01 - 00001096 _____ () C:\Users\Thérèse\Desktop\MyPC Backup.lnk
2014-12-27 12:01 - 2014-12-27 12:01 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-12-27 12:01 - 2014-12-27 12:01 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-12-27 12:00 - 2014-12-27 12:00 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\VOPackage
2014-12-27 12:00 - 2014-12-27 12:00 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-12-27 11:49 - 2014-12-27 11:49 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\ZLIgN6t
2014-12-27 11:18 - 2014-12-27 11:18 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\ovJQ9b4
2014-12-25 19:38 - 2014-12-25 19:38 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Ynwzg8K
2014-12-24 19:04 - 2014-12-24 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\KNYZCtU
2014-12-24 12:53 - 2014-12-24 12:53 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\etQiynb
2014-12-24 11:38 - 2014-12-24 11:38 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\OHQ6RFt
2014-12-24 11:03 - 2014-12-24 11:03 - 00003262 _____ () C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-2482896826-2113130193-1025699599-1001
2014-12-24 11:03 - 2014-12-24 11:03 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\wGUmDqn
2014-12-24 10:41 - 2014-12-24 10:42 - 00000000 ____D () C:\Program Files (x86)\ClickCaption_1.10.0.5
2014-12-24 10:41 - 2014-12-24 10:41 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\b2z8fRo
2014-12-23 22:59 - 2014-12-23 22:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\sLIK1oB
2014-12-23 19:04 - 2014-12-23 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\uZM1Kes
2014-12-22 19:04 - 2014-12-22 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\WLw7XCk
2014-12-21 19:04 - 2014-12-21 19:04 - 00003284 _____ () C:\WINDOWS\System32\Tasks\FErugMNu6bSCW0R
2014-12-21 19:04 - 2014-12-21 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\CeDDAab
2014-12-21 15:48 - 2014-12-21 15:48 - 00000149 _____ () C:\Users\Thérèse\Desktop\fb2.log
2014-12-20 21:51 - 2014-12-20 21:51 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\rlrYPvU
2014-12-20 08:50 - 2014-12-24 11:21 - 00000000 ____D () C:\Program Files (x86)\576fef5f-5cf7-4c3a-b47f-7e8164951046
2014-12-20 08:49 - 2014-12-20 08:49 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\cfpc79N
2014-12-18 19:04 - 2014-12-18 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\J4WdKxf
2014-12-17 20:57 - 2014-12-24 11:21 - 00000000 ____D () C:\Program Files (x86)\42015bb0-a5f2-4c74-8102-454904452235
2014-12-17 20:55 - 2014-12-17 20:55 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\j4J03Tc
2014-12-16 21:12 - 2014-12-16 21:12 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\KDIuQg7
2014-12-16 21:12 - 2014-12-16 21:12 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jpGcf0Z
2014-12-15 20:55 - 2014-12-23 22:49 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\GTSknrv
2014-12-15 20:55 - 2014-12-15 20:57 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\50tNFEh
2014-12-15 10:16 - 2014-12-15 10:16 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vW3fWFI
2014-12-15 10:16 - 2014-12-15 10:16 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\oJ7v9Dz
2014-12-14 19:04 - 2014-12-14 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\UV5hYBF
2014-12-14 19:04 - 2014-12-14 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\IhetmAx
2014-12-14 18:27 - 2014-12-14 18:27 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\RTE9fra
2014-12-14 18:27 - 2014-12-14 18:27 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\qjizXCv
2014-12-13 19:04 - 2014-12-13 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\iAlvPcE
2014-12-13 19:04 - 2014-12-13 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\EpLuuMT
2014-12-13 17:50 - 2014-12-13 17:50 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\VYsn7xo
2014-12-13 17:50 - 2014-12-13 17:50 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\avrIGlx
2014-12-12 20:56 - 2014-12-12 20:56 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Z1a3Rzb
2014-12-12 20:56 - 2014-12-12 20:56 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\3vScTYv
2014-12-12 00:53 - 2014-12-12 00:53 - 00058232 _____ (ClickCaption) C:\WINDOWS\system32\Drivers\ccnfd_1_10_0_5.sys
2014-12-11 19:04 - 2014-12-11 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\rMa8NUS
2014-12-11 19:04 - 2014-12-11 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\CBTyDHY
2014-12-11 15:28 - 2014-12-11 15:28 - 00000000 ____D () C:\ProgramData\LizardSales
2014-12-10 19:04 - 2014-12-10 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\wEGVG2b
2014-12-10 19:04 - 2014-12-10 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\EnUAc9I
2014-12-09 19:04 - 2014-12-09 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Nms5nU8
2014-12-09 19:04 - 2014-12-09 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jj1OHhB
2014-12-08 20:58 - 2014-12-08 20:58 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\XakbOyq
2014-12-08 20:58 - 2014-12-08 20:58 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\eIq2ati
2014-12-07 19:04 - 2014-12-07 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\SbtkQtr
2014-12-07 19:04 - 2014-12-07 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\qHBuqHc
2014-12-06 20:59 - 2014-12-06 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\BvOYBDQ
2014-12-06 20:59 - 2014-12-06 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\2eW26Mx
2014-12-05 19:04 - 2014-12-05 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\WAlnAhx
2014-12-05 19:04 - 2014-12-05 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\hZLxWDb
2014-12-04 21:07 - 2014-12-04 21:07 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vpTPdqw
2014-12-04 21:07 - 2014-12-04 21:07 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jf6nBE9
2014-12-03 21:10 - 2014-12-03 21:10 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\r7fOICs
2014-12-03 21:10 - 2014-12-03 21:10 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\acZ6Tjg
2014-12-02 20:02 - 2014-12-02 20:03 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\nGil7Qz
2014-12-02 20:02 - 2014-12-02 20:02 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\x4u2Cx7
2014-12-01 20:59 - 2014-12-01 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\U9sYjnV
2014-12-01 20:58 - 2014-12-01 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jYRJBjI
2014-11-30 19:04 - 2014-11-30 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vORipL6
2014-11-30 19:04 - 2014-11-30 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\sqgnQhi
2014-11-29 21:04 - 2014-11-29 21:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\QrP79AD
2014-11-29 21:03 - 2014-11-29 21:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\DpWhBrb
2014-11-28 21:20 - 2014-11-28 21:20 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vtqfOCF
2014-11-28 21:20 - 2014-11-28 21:20 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\hgHALle
2014-11-27 19:04 - 2014-11-27 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\fc0n4Lj
2014-11-27 19:04 - 2014-11-27 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\1jlYN2r
2014-12-21 19:04 - 2014-11-22 19:34 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\X5sUvyv
Task: {AD3D586D-0226-4B4D-8A1D-CE32BD6535CF} - System32\Tasks\o5KpgzIrjgyMN2N => C:\Users\Thérèse\AppData\Roaming\X5sUvyv\KVjmiKV.exe [2014-11-22] ( )
Task: {AF685CCC-2494-4436-BF85-D13675D8B0BE} - System32\Tasks\FErugMNu6bSCW0R => C:\Users\Thérèse\AppData\Roaming\CeDDAab\dYGfQvj.exe [2014-12-21] ( )
Task: C:\WINDOWS\Tasks\FSVZPT.job => C:\Users\Thýÿrýÿse\AppData\Roaming\FSVZPT.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\MVVDSGW.job => C:\Users\Thýÿrýÿse\AppData\Roaming\MVVDSGW.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RSA.job => C:\Users\Thýÿrýÿse\AppData\Roaming\RSA.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\XOVKJW.job => C:\Users\Thýÿrýÿse\AppData\Roaming\XOVKJW.exe <==== ATTENTION
*****************
C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk => Moved successfully.
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe => Moved successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
9b784ed1 => Service deleted successfully.
BackupStack => Service deleted successfully.
ccsvc_1.10.0.5 => Unable to stop service
ccsvc_1.10.0.5 => Service deleted successfully.
serverca => Service deleted successfully.
Update Lampy Lighty => Service deleted successfully.
ccnfd_1_10_0_5 => Unable to stop service
ccnfd_1_10_0_5 => Service deleted successfully.
C:\Users\Thérèse\Desktop\Sync Folder.lnk => Moved successfully.
C:\Users\Thérèse\Desktop\MyPC Backup.lnk => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup => Moved successfully.
"C:\Program Files (x86)\MyPC Backup" directory move:
C:\Program Files (x86)\MyPC Backup\aff.conf => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaFS.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaVSS.51.x86.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x64.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x86.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x64.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x86.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaVSS.Common.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\BackupStack.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\BackupStackUI.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\BplusDotNet.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Configuration Updater.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\de_DE.mo => Moved successfully.
C:\Program Files (x86)\MyPC Backup\es_ES.mo => Moved successfully.
C:\Program Files (x86)\MyPC Backup\fr_FR.mo => Moved successfully.
C:\Program Files (x86)\MyPC Backup\GetText.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\InstMgr.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Ionic.Zip.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\it_IT.mo => Moved successfully.
C:\Program Files (x86)\MyPC Backup\LogicNP.EZShellExtensions.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Microsoft.Win32.TaskScheduler.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\MPCBClient.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\MPCBContextMenu.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\mypcbackup.ico => Moved successfully.
C:\Program Files (x86)\MyPC Backup\NativeHashWrapper.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Newtonsoft.Json.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\ObjectListView.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\PipeDiff.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\pt_PT.mo => Moved successfully.
C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x64.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x86.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet40_x64.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet40_x86.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Service Start.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Shared Stack.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\SignupWizard.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\syncicon.ico => Moved successfully.
C:\Program Files (x86)\MyPC Backup\System.Data.SQLite.DLL => Moved successfully.
C:\Program Files (x86)\MyPC Backup\uninst.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\UnRegisterExtensions.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Updater.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Updater_.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\websocket-sharp.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\x86\SQLite.Interop.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\x64\SQLite.Interop.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\log\APPLICATION.log => Moved successfully.
C:\Program Files (x86)\MyPC Backup\log\WAIT_HANDLES.log => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Database\mpcb_settings.db => Moved successfully.
Could not move "C:\Program Files (x86)\MyPC Backup" directory. => Scheduled to move on reboot.
C:\Users\Thérèse\AppData\Roaming\VOPackage => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\ZLIgN6t => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\ovJQ9b4 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\Ynwzg8K => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\KNYZCtU => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\etQiynb => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\OHQ6RFt => Moved successfully.
C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-2482896826-2113130193-1025699599-1001 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\wGUmDqn => Moved successfully.
C:\Program Files (x86)\ClickCaption_1.10.0.5 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\b2z8fRo => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\sLIK1oB => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\uZM1Kes => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\WLw7XCk => Moved successfully.
C:\WINDOWS\System32\Tasks\FErugMNu6bSCW0R => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\CeDDAab => Moved successfully.
C:\Users\Thérèse\Desktop\fb2.log => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\rlrYPvU => Moved successfully.
C:\Program Files (x86)\576fef5f-5cf7-4c3a-b47f-7e8164951046 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\cfpc79N => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\J4WdKxf => Moved successfully.
C:\Program Files (x86)\42015bb0-a5f2-4c74-8102-454904452235 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\j4J03Tc => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\KDIuQg7 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\jpGcf0Z => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\GTSknrv => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\50tNFEh => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\vW3fWFI => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\oJ7v9Dz => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\UV5hYBF => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\IhetmAx => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\RTE9fra => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\qjizXCv => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\iAlvPcE => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\EpLuuMT => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\VYsn7xo => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\avrIGlx => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\Z1a3Rzb => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\3vScTYv => Moved successfully.
C:\WINDOWS\system32\Drivers\ccnfd_1_10_0_5.sys => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\rMa8NUS => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\CBTyDHY => Moved successfully.
C:\ProgramData\LizardSales => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\wEGVG2b => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\EnUAc9I => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\Nms5nU8 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\jj1OHhB => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\XakbOyq => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\eIq2ati => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\SbtkQtr => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\qHBuqHc => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\BvOYBDQ => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\2eW26Mx => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\WAlnAhx => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\hZLxWDb => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\vpTPdqw => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\jf6nBE9 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\r7fOICs => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\acZ6Tjg => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\nGil7Qz => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\x4u2Cx7 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\U9sYjnV => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\jYRJBjI => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\vORipL6 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\sqgnQhi => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\QrP79AD => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\DpWhBrb => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\vtqfOCF => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\hgHALle => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\fc0n4Lj => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\1jlYN2r => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\X5sUvyv => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD3D586D-0226-4B4D-8A1D-CE32BD6535CF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD3D586D-0226-4B4D-8A1D-CE32BD6535CF}" => Key deleted successfully.
C:\Windows\System32\Tasks\o5KpgzIrjgyMN2N => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\o5KpgzIrjgyMN2N" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AF685CCC-2494-4436-BF85-D13675D8B0BE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF685CCC-2494-4436-BF85-D13675D8B0BE}" => Key deleted successfully.
C:\Windows\System32\Tasks\FErugMNu6bSCW0R not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FErugMNu6bSCW0R" => Key deleted successfully.
C:\WINDOWS\Tasks\FSVZPT.job => Moved successfully.
C:\WINDOWS\Tasks\MVVDSGW.job => Moved successfully.
C:\WINDOWS\Tasks\RSA.job => Moved successfully.
C:\WINDOWS\Tasks\XOVKJW.job => Moved successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-12-27 14:06:11)<=
C:\Program Files (x86)\MyPC Backup => Is moved successfully.
==== End of Fixlog 14:06:11 ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-12-2014
Ran by Thérèse at 2014-12-27 14:04:14 Run:1
Running from C:\Users\Thérèse\Desktop
Loaded Profile: Thérèse (Available profiles: Thérèse)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Startup: C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:62237;https=127.0.0.1:62237
S2 9b784ed1; c:\Program Files (x86)\Optimizer Pro 3.16\OptProMon.dll [5079632 2014-12-26] ()
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53832 2014-11-25] (Just Develop It) <==== ATTENTION
R2 ccsvc_1.10.0.5; C:\Program Files (x86)\ClickCaption_1.10.0.5\Service\ccsvc.exe [277584 2014-12-12] (ClickCaption)
S2 serverca; C:\Users\Thérèse\AppData\Local\ConvertAd\CASrv.exe [X]
S2 Update Lampy Lighty; C:\Program Files (x86)\Lampy Lighty\updateLampyLighty.exe [X]
R1 ccnfd_1_10_0_5; C:\Windows\System32\drivers\ccnfd_1_10_0_5.sys [58232 2014-12-12] (ClickCaption)
2014-12-27 12:01 - 2014-12-27 12:01 - 00001996 _____ () C:\Users\Thérèse\Desktop\Sync Folder.lnk
2014-12-27 12:01 - 2014-12-27 12:01 - 00001096 _____ () C:\Users\Thérèse\Desktop\MyPC Backup.lnk
2014-12-27 12:01 - 2014-12-27 12:01 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-12-27 12:01 - 2014-12-27 12:01 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-12-27 12:00 - 2014-12-27 12:00 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\VOPackage
2014-12-27 12:00 - 2014-12-27 12:00 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-12-27 11:49 - 2014-12-27 11:49 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\ZLIgN6t
2014-12-27 11:18 - 2014-12-27 11:18 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\ovJQ9b4
2014-12-25 19:38 - 2014-12-25 19:38 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Ynwzg8K
2014-12-24 19:04 - 2014-12-24 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\KNYZCtU
2014-12-24 12:53 - 2014-12-24 12:53 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\etQiynb
2014-12-24 11:38 - 2014-12-24 11:38 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\OHQ6RFt
2014-12-24 11:03 - 2014-12-24 11:03 - 00003262 _____ () C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-2482896826-2113130193-1025699599-1001
2014-12-24 11:03 - 2014-12-24 11:03 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\wGUmDqn
2014-12-24 10:41 - 2014-12-24 10:42 - 00000000 ____D () C:\Program Files (x86)\ClickCaption_1.10.0.5
2014-12-24 10:41 - 2014-12-24 10:41 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\b2z8fRo
2014-12-23 22:59 - 2014-12-23 22:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\sLIK1oB
2014-12-23 19:04 - 2014-12-23 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\uZM1Kes
2014-12-22 19:04 - 2014-12-22 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\WLw7XCk
2014-12-21 19:04 - 2014-12-21 19:04 - 00003284 _____ () C:\WINDOWS\System32\Tasks\FErugMNu6bSCW0R
2014-12-21 19:04 - 2014-12-21 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\CeDDAab
2014-12-21 15:48 - 2014-12-21 15:48 - 00000149 _____ () C:\Users\Thérèse\Desktop\fb2.log
2014-12-20 21:51 - 2014-12-20 21:51 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\rlrYPvU
2014-12-20 08:50 - 2014-12-24 11:21 - 00000000 ____D () C:\Program Files (x86)\576fef5f-5cf7-4c3a-b47f-7e8164951046
2014-12-20 08:49 - 2014-12-20 08:49 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\cfpc79N
2014-12-18 19:04 - 2014-12-18 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\J4WdKxf
2014-12-17 20:57 - 2014-12-24 11:21 - 00000000 ____D () C:\Program Files (x86)\42015bb0-a5f2-4c74-8102-454904452235
2014-12-17 20:55 - 2014-12-17 20:55 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\j4J03Tc
2014-12-16 21:12 - 2014-12-16 21:12 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\KDIuQg7
2014-12-16 21:12 - 2014-12-16 21:12 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jpGcf0Z
2014-12-15 20:55 - 2014-12-23 22:49 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\GTSknrv
2014-12-15 20:55 - 2014-12-15 20:57 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\50tNFEh
2014-12-15 10:16 - 2014-12-15 10:16 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vW3fWFI
2014-12-15 10:16 - 2014-12-15 10:16 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\oJ7v9Dz
2014-12-14 19:04 - 2014-12-14 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\UV5hYBF
2014-12-14 19:04 - 2014-12-14 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\IhetmAx
2014-12-14 18:27 - 2014-12-14 18:27 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\RTE9fra
2014-12-14 18:27 - 2014-12-14 18:27 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\qjizXCv
2014-12-13 19:04 - 2014-12-13 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\iAlvPcE
2014-12-13 19:04 - 2014-12-13 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\EpLuuMT
2014-12-13 17:50 - 2014-12-13 17:50 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\VYsn7xo
2014-12-13 17:50 - 2014-12-13 17:50 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\avrIGlx
2014-12-12 20:56 - 2014-12-12 20:56 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Z1a3Rzb
2014-12-12 20:56 - 2014-12-12 20:56 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\3vScTYv
2014-12-12 00:53 - 2014-12-12 00:53 - 00058232 _____ (ClickCaption) C:\WINDOWS\system32\Drivers\ccnfd_1_10_0_5.sys
2014-12-11 19:04 - 2014-12-11 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\rMa8NUS
2014-12-11 19:04 - 2014-12-11 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\CBTyDHY
2014-12-11 15:28 - 2014-12-11 15:28 - 00000000 ____D () C:\ProgramData\LizardSales
2014-12-10 19:04 - 2014-12-10 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\wEGVG2b
2014-12-10 19:04 - 2014-12-10 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\EnUAc9I
2014-12-09 19:04 - 2014-12-09 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\Nms5nU8
2014-12-09 19:04 - 2014-12-09 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jj1OHhB
2014-12-08 20:58 - 2014-12-08 20:58 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\XakbOyq
2014-12-08 20:58 - 2014-12-08 20:58 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\eIq2ati
2014-12-07 19:04 - 2014-12-07 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\SbtkQtr
2014-12-07 19:04 - 2014-12-07 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\qHBuqHc
2014-12-06 20:59 - 2014-12-06 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\BvOYBDQ
2014-12-06 20:59 - 2014-12-06 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\2eW26Mx
2014-12-05 19:04 - 2014-12-05 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\WAlnAhx
2014-12-05 19:04 - 2014-12-05 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\hZLxWDb
2014-12-04 21:07 - 2014-12-04 21:07 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vpTPdqw
2014-12-04 21:07 - 2014-12-04 21:07 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jf6nBE9
2014-12-03 21:10 - 2014-12-03 21:10 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\r7fOICs
2014-12-03 21:10 - 2014-12-03 21:10 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\acZ6Tjg
2014-12-02 20:02 - 2014-12-02 20:03 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\nGil7Qz
2014-12-02 20:02 - 2014-12-02 20:02 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\x4u2Cx7
2014-12-01 20:59 - 2014-12-01 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\U9sYjnV
2014-12-01 20:58 - 2014-12-01 20:59 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\jYRJBjI
2014-11-30 19:04 - 2014-11-30 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vORipL6
2014-11-30 19:04 - 2014-11-30 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\sqgnQhi
2014-11-29 21:04 - 2014-11-29 21:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\QrP79AD
2014-11-29 21:03 - 2014-11-29 21:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\DpWhBrb
2014-11-28 21:20 - 2014-11-28 21:20 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\vtqfOCF
2014-11-28 21:20 - 2014-11-28 21:20 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\hgHALle
2014-11-27 19:04 - 2014-11-27 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\fc0n4Lj
2014-11-27 19:04 - 2014-11-27 19:04 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\1jlYN2r
2014-12-21 19:04 - 2014-11-22 19:34 - 00000000 ____D () C:\Users\Thérèse\AppData\Roaming\X5sUvyv
Task: {AD3D586D-0226-4B4D-8A1D-CE32BD6535CF} - System32\Tasks\o5KpgzIrjgyMN2N => C:\Users\Thérèse\AppData\Roaming\X5sUvyv\KVjmiKV.exe [2014-11-22] ( )
Task: {AF685CCC-2494-4436-BF85-D13675D8B0BE} - System32\Tasks\FErugMNu6bSCW0R => C:\Users\Thérèse\AppData\Roaming\CeDDAab\dYGfQvj.exe [2014-12-21] ( )
Task: C:\WINDOWS\Tasks\FSVZPT.job => C:\Users\Thýÿrýÿse\AppData\Roaming\FSVZPT.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\MVVDSGW.job => C:\Users\Thýÿrýÿse\AppData\Roaming\MVVDSGW.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RSA.job => C:\Users\Thýÿrýÿse\AppData\Roaming\RSA.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\XOVKJW.job => C:\Users\Thýÿrýÿse\AppData\Roaming\XOVKJW.exe <==== ATTENTION
*****************
C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk => Moved successfully.
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe => Moved successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
9b784ed1 => Service deleted successfully.
BackupStack => Service deleted successfully.
ccsvc_1.10.0.5 => Unable to stop service
ccsvc_1.10.0.5 => Service deleted successfully.
serverca => Service deleted successfully.
Update Lampy Lighty => Service deleted successfully.
ccnfd_1_10_0_5 => Unable to stop service
ccnfd_1_10_0_5 => Service deleted successfully.
C:\Users\Thérèse\Desktop\Sync Folder.lnk => Moved successfully.
C:\Users\Thérèse\Desktop\MyPC Backup.lnk => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup => Moved successfully.
"C:\Program Files (x86)\MyPC Backup" directory move:
C:\Program Files (x86)\MyPC Backup\aff.conf => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaFS.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaVSS.51.x86.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x64.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x86.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x64.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x86.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\AlphaVSS.Common.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\BackupStack.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\BackupStackUI.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\BplusDotNet.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Configuration Updater.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\de_DE.mo => Moved successfully.
C:\Program Files (x86)\MyPC Backup\es_ES.mo => Moved successfully.
C:\Program Files (x86)\MyPC Backup\fr_FR.mo => Moved successfully.
C:\Program Files (x86)\MyPC Backup\GetText.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\InstMgr.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Ionic.Zip.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\it_IT.mo => Moved successfully.
C:\Program Files (x86)\MyPC Backup\LogicNP.EZShellExtensions.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Microsoft.Win32.TaskScheduler.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\MPCBClient.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\MPCBContextMenu.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\mypcbackup.ico => Moved successfully.
C:\Program Files (x86)\MyPC Backup\NativeHashWrapper.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Newtonsoft.Json.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\ObjectListView.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\PipeDiff.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\pt_PT.mo => Moved successfully.
C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x64.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x86.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet40_x64.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet40_x86.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Service Start.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Shared Stack.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\SignupWizard.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\syncicon.ico => Moved successfully.
C:\Program Files (x86)\MyPC Backup\System.Data.SQLite.DLL => Moved successfully.
C:\Program Files (x86)\MyPC Backup\uninst.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\UnRegisterExtensions.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Updater.exe => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Updater_.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\websocket-sharp.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\x86\SQLite.Interop.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\x64\SQLite.Interop.dll => Moved successfully.
C:\Program Files (x86)\MyPC Backup\log\APPLICATION.log => Moved successfully.
C:\Program Files (x86)\MyPC Backup\log\WAIT_HANDLES.log => Moved successfully.
C:\Program Files (x86)\MyPC Backup\Database\mpcb_settings.db => Moved successfully.
Could not move "C:\Program Files (x86)\MyPC Backup" directory. => Scheduled to move on reboot.
C:\Users\Thérèse\AppData\Roaming\VOPackage => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\ZLIgN6t => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\ovJQ9b4 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\Ynwzg8K => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\KNYZCtU => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\etQiynb => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\OHQ6RFt => Moved successfully.
C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-2482896826-2113130193-1025699599-1001 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\wGUmDqn => Moved successfully.
C:\Program Files (x86)\ClickCaption_1.10.0.5 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\b2z8fRo => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\sLIK1oB => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\uZM1Kes => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\WLw7XCk => Moved successfully.
C:\WINDOWS\System32\Tasks\FErugMNu6bSCW0R => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\CeDDAab => Moved successfully.
C:\Users\Thérèse\Desktop\fb2.log => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\rlrYPvU => Moved successfully.
C:\Program Files (x86)\576fef5f-5cf7-4c3a-b47f-7e8164951046 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\cfpc79N => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\J4WdKxf => Moved successfully.
C:\Program Files (x86)\42015bb0-a5f2-4c74-8102-454904452235 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\j4J03Tc => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\KDIuQg7 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\jpGcf0Z => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\GTSknrv => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\50tNFEh => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\vW3fWFI => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\oJ7v9Dz => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\UV5hYBF => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\IhetmAx => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\RTE9fra => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\qjizXCv => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\iAlvPcE => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\EpLuuMT => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\VYsn7xo => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\avrIGlx => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\Z1a3Rzb => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\3vScTYv => Moved successfully.
C:\WINDOWS\system32\Drivers\ccnfd_1_10_0_5.sys => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\rMa8NUS => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\CBTyDHY => Moved successfully.
C:\ProgramData\LizardSales => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\wEGVG2b => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\EnUAc9I => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\Nms5nU8 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\jj1OHhB => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\XakbOyq => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\eIq2ati => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\SbtkQtr => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\qHBuqHc => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\BvOYBDQ => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\2eW26Mx => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\WAlnAhx => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\hZLxWDb => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\vpTPdqw => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\jf6nBE9 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\r7fOICs => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\acZ6Tjg => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\nGil7Qz => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\x4u2Cx7 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\U9sYjnV => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\jYRJBjI => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\vORipL6 => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\sqgnQhi => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\QrP79AD => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\DpWhBrb => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\vtqfOCF => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\hgHALle => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\fc0n4Lj => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\1jlYN2r => Moved successfully.
C:\Users\Thérèse\AppData\Roaming\X5sUvyv => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD3D586D-0226-4B4D-8A1D-CE32BD6535CF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD3D586D-0226-4B4D-8A1D-CE32BD6535CF}" => Key deleted successfully.
C:\Windows\System32\Tasks\o5KpgzIrjgyMN2N => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\o5KpgzIrjgyMN2N" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AF685CCC-2494-4436-BF85-D13675D8B0BE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF685CCC-2494-4436-BF85-D13675D8B0BE}" => Key deleted successfully.
C:\Windows\System32\Tasks\FErugMNu6bSCW0R not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FErugMNu6bSCW0R" => Key deleted successfully.
C:\WINDOWS\Tasks\FSVZPT.job => Moved successfully.
C:\WINDOWS\Tasks\MVVDSGW.job => Moved successfully.
C:\WINDOWS\Tasks\RSA.job => Moved successfully.
C:\WINDOWS\Tasks\XOVKJW.job => Moved successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-12-27 14:06:11)<=
C:\Program Files (x86)\MyPC Backup => Is moved successfully.
==== End of Fixlog 14:06:11 ====
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 656
27 déc. 2014 à 14:14
27 déc. 2014 à 14:14
il reste encore des publicités intempestives?
fred.deschodt
Messages postés
8
Date d'inscription
samedi 27 décembre 2014
Statut
Membre
Dernière intervention
27 décembre 2014
27 déc. 2014 à 14:15
27 déc. 2014 à 14:15
Absolument plus !
La procédure est terminée ?
La procédure est terminée ?
fred.deschodt
Messages postés
8
Date d'inscription
samedi 27 décembre 2014
Statut
Membre
Dernière intervention
27 décembre 2014
27 déc. 2014 à 14:36
27 déc. 2014 à 14:36
Alors un grand merci pour ton aide, et bonnes fêtes !
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 656
27 déc. 2014 à 15:05
27 déc. 2014 à 15:05
oui :)
Quelques conseils :
Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
Quelques conseils :
Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
Utilisateur anonyme
27 déc. 2014 à 15:44
27 déc. 2014 à 15:44
Question:
quel logiciel a résolu le problème:
adwcleaner ou frst?
quel logiciel a résolu le problème:
adwcleaner ou frst?
fred.deschodt
Messages postés
8
Date d'inscription
samedi 27 décembre 2014
Statut
Membre
Dernière intervention
27 décembre 2014
27 déc. 2014 à 17:30
27 déc. 2014 à 17:30
Merci!
Milkhcos, j'ai résolu le problème avec frst, mais surtout grace au script que m'a envoyé Malekal_morte, et qui n'est peut être pas adapté pour toi ?
Milkhcos, j'ai résolu le problème avec frst, mais surtout grace au script que m'a envoyé Malekal_morte, et qui n'est peut être pas adapté pour toi ?