Fraud.Foxit.daws

Fermé
runisarosac - 2 juin 2015 à 17:21
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 4 juin 2015 à 22:01
Bonjour,
je voudrais me débarrasser de ce virus : Fraud.Foxit.daws, qui pourrais me dire comment faire. J'ai avast payant


2 réponses

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
2 juin 2015 à 17:32
Salut,

Commence par ceci :

Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= ( d'Xplode )
Télécharge le sur ton bureau ou dossier de téléchargement.
Lance AdwCleaner, clique sur [Scanner].
L'analyse peux durer plusieurs minutes, patiente.
Une fois le scan terminé, ne décoche rien, clique sur [Nettoyer]

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


puis :

Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
  • FRST.txt
  • Shortcut.txt
  • Additionnal.txt


Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
0
merci beaucoup, je vais faire tout ça
0
runisarosac > runisarosac
2 juin 2015 à 18:29
# AdwCleaner v4.206 - Rapport créé le 02/06/2015 à 18:06:50
# Mis à jour le 01/06/2015 par Xplode
# Base de données : 2015-06-01.1 [Serveur]
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Nom d'utilisateur : Christiane - PC-DE-BUREAU
# Exécuté depuis : C:\Users\Christiane\Downloads\adwcleaner_4.206.exe
# Option : Scanner
          • [ Services ] *****


Service Trouvé : Update Edu App
Service Trouvé : Util Edu App
Service Trouvé : innfd_1_10_0_14
          • [ Fichiers / Dossiers ] *****


Dossier Trouvé : C:\Program Files\DriverBoost
Dossier Trouvé : C:\Program Files\Edu App
Dossier Trouvé : C:\Program Files\Edu App
Dossier Trouvé : C:\Program Files\Flash Player Pro
Dossier Trouvé : C:\Program Files\Freeze.com
Dossier Trouvé : C:\Program Files\MapsGalaxy_39EI
Dossier Trouvé : C:\Program Files\MaxComputerCleaner
Dossier Trouvé : C:\Program Files\searchweb
Dossier Trouvé : C:\Program Files\Uniblue
Dossier Trouvé : C:\ProgramData\DeviceVM
Dossier Trouvé : C:\ProgramData\Driver Manager
Dossier Trouvé : C:\ProgramData\Driver Mender
Dossier Trouvé : C:\ProgramData\driver whiz
Dossier Trouvé : C:\ProgramData\DriverBoost
Dossier Trouvé : C:\ProgramData\IHProtectUpDate
Dossier Trouvé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Player Pro
Dossier Trouvé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Dossier Trouvé : C:\ProgramData\Uniblue
Dossier Trouvé : C:\Users\CHRIST~1\AppData\Local\Temp\Edu App
Dossier Trouvé : C:\Users\CHRIST~1\AppData\Local\Temp\Edu App
Dossier Trouvé : C:\Users\CHRIST~1\AppData\Local\Temp\mt_ffx
Dossier Trouvé : C:\Users\Christiane\AppData\Local\71D14820-1432752345-11D5-8276-F46D04DA54E2
Dossier Trouvé : C:\Users\Christiane\AppData\Local\Boxore
Dossier Trouvé : C:\Users\Christiane\AppData\Local\Crossbrowse
Dossier Trouvé : C:\Users\Christiane\AppData\Local\Max_Computer_Cleaner
Dossier Trouvé : C:\Users\Christiane\AppData\Local\PackageAware
Dossier Trouvé : C:\Users\Christiane\AppData\LocalLow\Delta
Dossier Trouvé : C:\Users\Christiane\AppData\LocalLow\Kiwee Toolbar
Dossier Trouvé : C:\Users\Christiane\AppData\LocalLow\MapsGalaxy_39EI
Dossier Trouvé : C:\Users\Christiane\AppData\Roaming\AnyProtectEx
Dossier Trouvé : C:\Users\Christiane\AppData\Roaming\DeviceVM
Dossier Trouvé : C:\Users\Christiane\AppData\Roaming\goforfiles
Dossier Trouvé : C:\Users\Christiane\AppData\Roaming\iWin
Dossier Trouvé : C:\Users\Christiane\AppData\Roaming\pdfforge
Dossier Trouvé : C:\Users\Christiane\AppData\Roaming\Uniblue
Dossier Trouvé : C:\Users\Christiane\Documents\Flash Player Pro
Dossier Trouvé : C:\Users\Christiane\Documents\MaxComputerCleaner
Dossier Trouvé : C:\Windows\system32\config\systemprofile\AppData\Local\SafeGuard
Dossier Trouvé : C:\Windows\system32\config\systemprofile\AppData\Local\StormWatch
Dossier Trouvé : C:\Windows\system32\config\systemprofile\AppData\Roaming\AGI
Fichier Trouvé : C:\Users\Christiane\AppData\Roaming\Bubble Dock.installation.log
Fichier Trouvé : C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\sbyqjpbr.default-1419096858175\user.js
Fichier Trouvé : C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\xk5cl1r5.default\invalidprefs.js
Fichier Trouvé : C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\xk5cl1r5.default\user.js
          • [ Tâches planifiées ] *****


Tâche Trouvée : APSnotifierPP1
Tâche Trouvée : APSnotifierPP2
Tâche Trouvée : APSnotifierPP3
Tâche Trouvée : driverscanner
Tâche Trouvée : GoforFilesUpdate
Tâche Trouvée : SpeedUpMyPC
Tâche Trouvée : MaxComputerCleaner_Start
          • [ Raccourcis ] *****
          • [ Registre ] *****


Clé Trouvée : HKCU\Software\AnyProtect
Clé Trouvée : HKCU\Software\AppDataLow\Software\MapsGalaxy_39EI
Clé Trouvée : HKCU\Software\Boost
Clé Trouvée : HKCU\Software\Boxore
Clé Trouvée : HKCU\Software\Crossbrowse
Clé Trouvée : HKCU\Software\dt soft\daemon tools toolbar
Clé Trouvée : HKCU\Software\GoforFiles
Clé Trouvée : HKCU\Software\MaxComputerCleanerLanguage
Clé Trouvée : HKCU\Software\MessengerSkinner
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Clé Trouvée : HKCU\Software\Mozilla\Extends
Clé Trouvée : HKCU\Software\SafeGuardApp
Clé Trouvée : HKCU\Software\StormWatchApp
Clé Trouvée : HKCU\Software\torch
Clé Trouvée : HKCU\Software\YahooPartnerToolbar
Clé Trouvée : HKLM\SOFTWARE\5955dfd1b239ee48
Clé Trouvée : HKLM\SOFTWARE\Boost
Clé Trouvée : HKLM\SOFTWARE\Boxore
Clé Trouvée : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Clé Trouvée : HKLM\SOFTWARE\Classes\AppID\{4D6A5312-AB4D-41AA-8BED-0E019B87CA11}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{C430996F-4AA8-4AA8-81DE-F54432CD5786}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Clé Trouvée : HKLM\SOFTWARE\Classes\MapsGalaxy_39Installer.Start
Clé Trouvée : HKLM\SOFTWARE\Classes\MapsGalaxy_39Installer.Start.1
Clé Trouvée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Trouvée : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Clé Trouvée : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Clé Trouvée : HKLM\SOFTWARE\Classes\speedupmypc
Clé Trouvée : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Clé Trouvée : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Clé Trouvée : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Clé Trouvée : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Clé Trouvée : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Clé Trouvée : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Clé Trouvée : HKLM\SOFTWARE\Classes\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}
Clé Trouvée : HKLM\SOFTWARE\Crossbrowse
Clé Trouvée : HKLM\SOFTWARE\Edu App
Clé Trouvée : HKLM\SOFTWARE\FFPluginHp
Clé Trouvée : HKLM\SOFTWARE\GoforFiles
Clé Trouvée : HKLM\SOFTWARE\IHProtect
Clé Trouvée : HKLM\SOFTWARE\istartsurfSoftware
Clé Trouvée : HKLM\SOFTWARE\MapsGalaxy_39EI
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{dec6d58c-0490-497d-970a-fca45aebe8e9}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Clé Trouvée : HKLM\SOFTWARE\SafeGuardApp
Clé Trouvée : HKLM\SOFTWARE\SearchCore for Browsers
Clé Trouvée : HKLM\SOFTWARE\StormWatchApp
Clé Trouvée : HKLM\SOFTWARE\SupDp
Clé Trouvée : HKLM\SOFTWARE\supWindowsMangerProtect
Clé Trouvée : HKLM\SOFTWARE\torch
Clé Trouvée : HKLM\SOFTWARE\Trymedia Systems
Clé Trouvée : HKLM\SOFTWARE\Uniblue
Clé Trouvée : HKLM\SOFTWARE\Uniblue\DriverScanner
Clé Trouvée : HKLM\SOFTWARE\Uniblue\SpeedUpMyPC
Clé Trouvée : HKLM\SOFTWARE\WebBar
Clé Trouvée : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Edu App
Clé Trouvée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Clé Trouvée : HKU\.DEFAULT\Software\Boxore
Donnée Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Valeur Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedUpMyPC]
Valeur Trouvée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [***@***]
          • [ Navigateurs ] *****


-\\ Internet Explorer v9.0.8112.16644

Paramètre Trouvé : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://www.istartsurf.com/web/?type=dspp&ts=1432744400&z=e09dd397f47d5310ff777d2gfz0c1o2m7zez4c4tem&from=tugs&uid=395049983_1052515_2C186529&q={searchTerms}
Paramètre Trouvé : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://www.istartsurf.com/web/?type=dspp&ts=1432744400&z=e09dd397f47d5310ff777d2gfz0c1o2m7zez4c4tem&from=tugs&uid=395049983_1052515_2C186529&q={searchTerms}

-\\ Mozilla Firefox v38.0.5 (x86 fr)

[sbyqjpbr.default-1419096858175] - Ligne Trouvée : user_pref("browser.search.searchengine.alias", "istartsurf");
[sbyqjpbr.default-1419096858175] - Ligne Trouvée : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/web/favicon.ico");
[sbyqjpbr.default-1419096858175] - Ligne Trouvée : user_pref("browser.search.searchengine.name", "istartsurf");
[sbyqjpbr.default-1419096858175] - Ligne Trouvée : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=dspp&ts=1432744400&z=e09dd397f47d5310ff777d2gfz0c1o2m7zez4c4tem&from=tugs&uid=395049983_1052515_2C186529&q={searchTerm[...]
[sbyqjpbr.default-1419096858175] - Ligne Trouvée : user_pref("extensions.quick_start.enable_search1", false);
[sbyqjpbr.default-1419096858175] - Ligne Trouvée : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[xk5cl1r5.default] - Ligne Trouvée : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[xk5cl1r5.default] - Ligne Trouvée : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[xk5cl1r5.default] - Ligne Trouvée : user_pref("smartbar.machineId", "+4ANFHPS9P9V2YIGNAKYGWYHXUXUY1X6BFMBHCSGPTA84M3DGKE9PYMEEHSWRAIA/MSR/IXIUCDNVYRYM9AJQW");

-\\ Google Chrome v


AdwCleaner[R0].txt - [13035 octets] - [02/06/2015 18:06:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13096 octets] ##########
Acceder au document : http://pjjoint.malekal.com/files.php?read=FRST_20150602_y7s10p7u5f7

Evaluer son rapport de scan OTL, HijackThis, ZHPDiag etc avec filtrage des lignes légitimes : http://pjjoint.malekal.com/files.php?read=FRST_20150602_y7s10p7u5f7&html=on&filtre=legitime

Evaluer son rapport de scan OTL, HijackThis, ZHPDiag etc : http://pjjoint.malekal.com/files.php?read=FRST_20150602_y7s10p7u5f7&html=on
0
Bonjour, je vais le refaire alors ce soir spres le boulot, bonne journee
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
2 juin 2015 à 23:22
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

R2 kigopepi; C:\Users\Christiane\AppData\Roaming\71D14820-1432744906-11D5-8276-F46D04DA54E2\nsgABB.tmp [353280 2015-05-27] () [File not signed]
R2 Update Edu App; C:\Program Files\Edu App\updateEduApp.exe [469224 2015-06-02] ()
S3 usprserv; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R4 Util Edu App; C:\Program Files\Edu App\bin\utilEduApp.exe [469224 2015-06-02] ()
R2 xubigomo; C:\Users\Christiane\AppData\Roaming\71D14820-1432744906-11D5-8276-F46D04DA54E2\hnsr6990.tmp [334848 2015-05-27] () [File not signed]
R2 zeminoxy; C:\Users\Christiane\AppData\Roaming\71D14820-1432744906-11D5-8276-F46D04DA54E2\jnsm5295.tmp [306176 2015-05-27] () [File not signed]
2015-06-02 16:20 - 2015-06-02 16:20 - 00613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nslF999.tmp
2015-06-02 16:15 - 2015-06-02 17:29 - 00000000 ____D () C:\Program Files\Edu App
2015-05-29 16:01 - 2015-05-29 16:01 - 00613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nsk74A8.tmp
2015-05-29 15:56 - 2015-05-29 15:56 - 00000000 _____ () C:\Windows\system32\Number of results
2015-05-28 20:06 - 2015-05-28 20:06 - 00613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nsb8C88.tmp
2015-05-28 19:57 - 2015-05-28 20:18 - 00000000 ____D () C:\Users\Christiane\Documents\MaxComputerCleaner
2015-05-28 19:57 - 2015-05-28 19:57 - 00000000 ____D () C:\Users\Christiane\AppData\Local\Max_Computer_Cleaner
2015-05-28 19:56 - 2015-05-28 19:56 - 00000000 ____D () C:\Program Files\MaxComputerCleaner_v17.569
2015-05-28 19:56 - 2015-05-28 19:56 - 00000000 ____D () C:\Program Files\MaxComputerCleaner
2015-05-28 10:05 - 2015-05-28 10:05 - 00613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nsyA356.tmp
2015-05-28 08:54 - 2015-05-28 08:54 - 00000000 ____D () C:\Users\Christiane\AppData\Local\Crossbrowse
2015-05-27 19:20 - 2015-06-02 16:44 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2015-05-27 19:20 - 2015-06-02 16:24 - 00000364 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2015-05-27 19:20 - 2015-06-02 16:24 - 00000364 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2015-05-27 19:15 - 2015-05-27 19:15 - 00613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nstC962.tmp
2015-05-27 19:15 - 2015-05-27 19:15 - 00000000 __SHD () C:\Users\Christiane\AppData\Roaming\AnyProtectEx
2015-05-27 18:45 - 2015-05-27 18:45 - 00000000 ____D () C:\Users\Christiane\AppData\Local\71D14820-1432752345-11D5-8276-F46D04DA54E2
2015-05-27 18:41 - 2015-06-01 09:26 - 00000000 ____D () C:\Users\Christiane\AppData\Roaming\71D14820-1432744906-11D5-8276-F46D04DA54E2
2015-05-27 18:34 - 2015-05-27 18:34 - 00000000 ____D () C:\Users\Christiane\AppData\Local\Boxore
2015-05-27 18:34 - 2015-05-27 18:34 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-05-27 18:31 - 2015-05-27 19:37 - 00000000 ____D () C:\Program Files\Software
2015-05-27 18:31 - 2015-05-27 18:31 - 00000000 ____D () C:\Users\Christiane\AppData\Local\Software
2015-06-02 15:37 - 2012-08-14 15:47 - 00000334 _____ () C:\Windows\Tasks\SpeedUpMyPC.job
2015-06-02 15:37 - 2012-05-08 11:13 - 00000338 _____ () C:\Windows\Tasks\DriverScanner.job
2008-09-21 12:29 - 2008-09-26 11:38 - 0000097 _____ () C:\Users\Christiane\AppData\Local\avbviuj.bat
2008-12-30 15:18 - 2009-01-01 10:56 - 0000096 _____ () C:\Users\Christiane\AppData\Local\beftwq.bat
2009-12-29 16:08 - 2010-01-04 08:43 - 0000095 _____ () C:\Users\Christiane\AppData\Local\bexbocm.bat
2009-12-29 16:08 - 2010-01-04 10:22 - 0003422 _____ () C:\Users\Christiane\AppData\Local\bexbocm.dat
2009-08-02 09:36 - 2014-08-12 11:03 - 0008296 _____ () C:\Users\Christiane\AppData\Local\d3d9caps.dat
2009-12-09 17:06 - 2009-12-11 10:50 - 0000095 _____ () C:\Users\Christiane\AppData\Local\etrigxg.bat
2015-05-28 20:06 - 2015-05-28 20:06 - 0613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nsb8C88.tmp
2015-05-29 16:01 - 2015-05-29 16:01 - 0613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nsk74A8.tmp
2015-06-02 16:20 - 2015-06-02 16:20 - 0613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nslF999.tmp
2015-05-27 19:15 - 2015-05-27 19:15 - 0613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nstC962.tmp
2015-05-28 10:05 - 2015-05-28 10:05 - 0613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nsyA356.tmp

Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur



puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :


0
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-05-2015
Ran by Christiane (administrator) on PC-DE-BUREAU on 02-06-2015 23:45:17
Running from C:\Users\Christiane\Downloads
Loaded Profiles: Christiane & UpdatusUser (Available Profiles: Christiane & UpdatusUser)
Platform: Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86) OS Language: Français (France)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\afwServ.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Malwarebytes Secure Backup) C:\Program Files\Malwarebytes Secure Backup\SAgent.Service.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Users\Christiane\AppData\Roaming\71D14820-1432744906-11D5-8276-F46D04DA54E2\hnsr6990.tmp
() C:\Users\Christiane\AppData\Roaming\71D14820-1432744906-11D5-8276-F46D04DA54E2\jnsm5295.tmp
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(PixArt Imaging Incorporation) C:\Windows\Philips\SPC220NC\Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Malwarebytes Secure Backup) C:\Program Files\Malwarebytes Secure Backup\SMessaging.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Monitor] => C:\Windows\Philips\SPC220NC\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [76304 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1683360 2010-05-24] (VIA)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-05-05] (DivX, LLC)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM\...\Run: [SOSUAUI] => C:\Program Files\Malwarebytes Secure Backup\sosuploadagent.exe [55704 2014-03-19] (Malwarebytes Secure Backup)
HKLM\...\Run: [SMessaging] => C:\Program Files\Malwarebytes Secure Backup\SMessaging.exe [65432 2014-03-19] (Malwarebytes Secure Backup)
HKLM\...\Run: [AccountCreatorRunner] => C:\Program Files\Malwarebytes Secure Backup\AccountCreatorRunner.exe [22424 2014-03-19] (Malwarebytes Secure Backup)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-843996202-2701723349-1085836052-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-843996202-2701723349-1085836052-1000\...\Run: [Facebook Update] => "C:\Users\Christiane\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-843996202-2701723349-1085836052-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-843996202-2701723349-1085836052-1000\...\Run: [orangeinside] => C:\Users\Christiane\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [1557064 2014-11-07] (Orange)
HKU\S-1-5-21-843996202-2701723349-1085836052-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-843996202-2701723349-1085836052-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\WLXPGSS.SCR [302448 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-18\...\MountPoints2: {437b3378-8039-11de-b034-001e903fb7c9} - E:\SETUP.EXE
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2010-11-14]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2015-04-26] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christiane\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christiane\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christiane\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-843996202-2701723349-1085836052-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.windows.fr/ie8/msn/bienvenue
HKU\S-1-5-21-843996202-2701723349-1085836052-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-843996202-2701723349-1085836052-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-843996202-2701723349-1085836052-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.yahoo.com/?fr=hp-avast&type=avastbcl
URLSearchHook: HKU\S-1-5-21-843996202-2701723349-1085836052-1000 - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-843996202-2701723349-1085836052-1000 -> {814C76CB-2623-43F4-AAD0-58A0E5190A20} URL = http://r.orange.fr/r/Omoteur_home?ref=O_OI_hook_openSearchIE&module=orange&bhv=web_fr&kw={searchTerms}
SearchScopes: HKU\S-1-5-21-843996202-2701723349-1085836052-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-843996202-2701723349-1085836052-1000 -> {dec6d58c-0490-497d-970a-fca45aebe8e9} URL =
SearchScopes: HKU\S-1-5-21-843996202-2701723349-1085836052-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-843996202-2701723349-1085836052-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-15] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-04-10] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: BHO Barre de Confiance -> {988B07F5-7392-455A-8A1F-64935CB8B6ED} -> C:\Program Files\Barre de Confiance\TAPBar.dll [2012-07-09] (Euro-Information)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-15] (Oracle Corporation)
Toolbar: HKLM - No Name - {D3028143-6145-4318-99D3-3EDCE54A95A9} - No File
Toolbar: HKLM - Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\Barre de Confiance\TAPBar.dll [2012-07-09] (Euro-Information)
Toolbar: HKLM - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Toolbar: HKU\S-1-5-21-843996202-2701723349-1085836052-1000 -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
Toolbar: HKU\S-1-5-21-843996202-2701723349-1085836052-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-843996202-2701723349-1085836052-1000 -> No Name - {D3028143-6145-4318-99D3-3EDCE54A95A9} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254

FireFox:
========
FF ProfilePath: C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\sbyqjpbr.default-1419096858175
FF DefaultSearchEngine: Google Default
FF DefaultSearchUrl: https://fr.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Homepage: hxxp://www.orange.fr/portail
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-22] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2015-05-14] (DivX, LLC)
FF Plugin: @ei.MapsGalaxy_39.com/Plugin -> C:\Program Files\MapsGalaxy_39EI\Installr\1.bin\NP39EISB.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @oberon-media.com/ONCAdapter -> C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll No File
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin: PDF Architect 2 -> C:\Program Files\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-843996202-2701723349-1085836052-1000: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Christiane\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File
FF Plugin HKU\S-1-5-21-843996202-2701723349-1085836052-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Christiane\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-03-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-03-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-03-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-03-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-03-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2013-03-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2013-03-26] (Apple Inc.)
FF SearchPlugin: C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\sbyqjpbr.default-1419096858175\searchplugins\google-default.xml [2015-05-27]
FF SearchPlugin: C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\sbyqjpbr.default-1419096858175\searchplugins\orange.xml [2014-10-08]
FF SearchPlugin: C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\sbyqjpbr.default-1419096858175\searchplugins\yahoo-avast.xml [2015-05-28]
FF Extension: Menu contextuel Orange - C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\sbyqjpbr.default-1419096858175\Extensions\***@*** [2015-03-05]
FF Extension: German Spelling Dictionary - C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\sbyqjpbr.default-1419096858175\Extensions\***@*** [2015-02-01]
FF Extension: Lightbeam - C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\sbyqjpbr.default-1419096858175\Extensions\***@*** [2015-01-26]
FF Extension: Deutsch (DE) Language Pack - C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\sbyqjpbr.default-1419096858175\Extensions\***@*** [2015-02-06]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-06-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-28]
FF HKLM\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2009-12-21]
FF HKLM\...\Firefox\Extensions: [***@***] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-04-01]
FF HKLM\...\Firefox\Extensions: [***@***] - C:\Program Files\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-03-11]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-04-10]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-04-26] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [107448 2015-04-26] (Avast Software s.r.o.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] ()
S2 gupdate1c9c415fb36170; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-12-12] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 kigopepi; C:\Users\Christiane\AppData\Roaming\71D14820-1432744906-11D5-8276-F46D04DA54E2\nsgABB.tmp [353280 2015-06-02] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
S3 npggsvc; C:\Windows\system32\GameMon.des [3453712 2009-12-16] (INCA Internet Co., Ltd.) [File not signed]
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] ()
S2 Orange update Core Service; C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe [728088 2015-02-02] (Orange SA)
S3 PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
R2 sagentservice; C:\Program Files\Malwarebytes Secure Backup\SAgent.Service.exe [41880 2014-03-19] (Malwarebytes Secure Backup)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 usprserv; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 xubigomo; C:\Users\Christiane\AppData\Roaming\71D14820-1432744906-11D5-8276-F46D04DA54E2\hnsr6990.tmp [334848 2015-05-27] () [File not signed]
R2 zeminoxy; C:\Users\Christiane\AppData\Roaming\71D14820-1432744906-11D5-8276-F46D04DA54E2\jnsm5295.tmp [306176 2015-05-27] () [File not signed]
S3 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]
S3 MozillaMaintenance; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-26] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26096 2015-04-26] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-26] (Avast Software s.r.o.)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2010-09-07] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [253600 2015-04-26] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-04-26] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-26] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-26] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [35144 2014-07-06] (The OpenVPN Project)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-04-26] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-26] ()
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [29832 2008-10-22] ()
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [8320 2007-03-08] (GARMIN Corp.)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] ()
R3 pmkbdfltr; C:\Windows\System32\DRIVERS\pmkbdfltr.sys [15248 2012-08-03] (PenMount)
S3 RT73; C:\Windows\System32\DRIVERS\Dr71WU.sys [329728 2007-05-11] (Ralink Technology Corp.)
S3 SilverLink; C:\Windows\System32\Drivers\SilvrLnk.sys [21456 2004-01-28] (Texas Instruments Incorporated)
S3 SPC220NC; C:\Windows\System32\DRIVERS\SPC220NC.SYS [507136 2007-01-09] (PixArt Imaging Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-04-21] () [File not signed]
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [24112 2008-06-13] (Symantec Corporation)
S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-12] (Microsoft Corporation)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1149552 2011-06-27] (VIA Technologies, Inc.)
U3 aeg4hxyo; C:\Windows\system32\Drivers\aeg4hxyo.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 BT; No ImagePath
S0 BtHidBus; No ImagePath
S3 catchme; No ImagePath
S3 cpuz132; No ImagePath
S3 IntcAzAudAddService; No ImagePath
S3 IpInIp; No ImagePath
S3 IvtBtBUs; No ImagePath
S3 MBAMSwissArmy; No ImagePath
S3 nmwcd; No ImagePath
S3 nmwcdc; No ImagePath
S3 nmwcdnsu; No ImagePath
S3 NwlnkFlt; No ImagePath
S3 NwlnkFwd; No ImagePath
S3 taphss6; No ImagePath
S2 VBoxAswDrv; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [X]
S3 VComm; No ImagePath
S3 VcommMgr; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-02 23:41 - 2015-06-02 23:41 - 00004525 _____ () C:\Users\Christiane\Desktop\fixlist.txt
2015-06-02 18:25 - 2015-06-02 18:25 - 00048861 _____ () C:\Users\Christiane\Desktop\FRST.txt
2015-06-02 18:17 - 2015-06-02 18:24 - 00000019 _____ () C:\Users\Christiane\Downloads\Addition.txt
2015-06-02 18:15 - 2015-06-02 23:45 - 00027935 _____ () C:\Users\Christiane\Downloads\FRST.txt
2015-06-02 18:14 - 2015-06-02 23:45 - 00000000 ____D () C:\FRST
2015-06-02 18:13 - 2015-06-02 18:14 - 01147392 _____ (Farbar) C:\Users\Christiane\Downloads\FRST.exe
2015-06-02 18:06 - 2015-06-02 18:37 - 00000000 ____D () C:\AdwCleaner
2015-06-02 18:05 - 2015-06-02 18:06 - 02231296 _____ () C:\Users\Christiane\Downloads\adwcleaner_4.206.exe
2015-06-02 17:13 - 2015-06-02 17:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-06-02 16:20 - 2015-06-02 16:20 - 00613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nslF999.tmp
2015-06-01 16:49 - 2015-04-15 11:45 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-06-01 16:49 - 2015-04-15 11:45 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-06-01 16:49 - 2015-04-15 11:44 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-06-01 16:48 - 2015-04-15 11:45 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-05-29 16:01 - 2015-05-29 16:01 - 00613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nsk74A8.tmp
2015-05-29 15:56 - 2015-05-29 15:56 - 00000000 _____ () C:\Windows\system32\Number of results
2015-05-28 20:31 - 2015-05-28 20:31 - 00000755 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-28 20:06 - 2015-05-28 20:06 - 00613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nsb8C88.tmp
2015-05-28 19:56 - 2015-05-28 19:56 - 00000000 ____D () C:\Program Files\MaxComputerCleaner_v17.569
2015-05-28 10:05 - 2015-05-28 10:05 - 00613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nsyA356.tmp
2015-05-27 19:19 - 2015-05-27 19:19 - 00000000 ____D () C:\Windows\system32\Flash
2015-05-27 19:15 - 2015-05-27 19:15 - 00613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nstC962.tmp
2015-05-27 18:41 - 2015-06-02 19:41 - 00000000 ____D () C:\Users\Christiane\AppData\Roaming\71D14820-1432744906-11D5-8276-F46D04DA54E2
2015-05-27 18:31 - 2015-05-27 19:37 - 00000000 ____D () C:\Program Files\Software
2015-05-27 18:31 - 2015-05-27 18:31 - 00000000 ____D () C:\Users\Christiane\AppData\Local\Software
2015-05-27 18:29 - 2015-05-27 18:29 - 00551928 _____ () C:\Users\Christiane\Downloads\Setup(3).exe
2015-05-27 18:28 - 2015-05-27 18:28 - 00551928 _____ () C:\Users\Christiane\Downloads\Setup(1).exe
2015-05-25 19:53 - 2015-05-25 19:53 - 00000000 ____D () C:\Program Files\avast software
2015-05-20 15:37 - 2015-05-20 15:37 - 03682308 _____ () C:\Users\Christiane\Desktop\Nouveau dossier.zip
2015-05-20 13:32 - 2015-05-20 13:33 - 00000000 ____D () C:\Users\Christiane\AppData\Local\{135D3484-E820-4AA6-8581-9409E6D771A9}
2015-05-15 13:41 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-15 13:37 - 2015-04-19 23:24 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-05-15 13:37 - 2015-04-19 23:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-05-15 13:37 - 2015-04-19 23:24 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-05-15 13:37 - 2015-04-19 23:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-05-15 13:37 - 2015-04-19 22:19 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-15 13:37 - 2015-04-19 22:18 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-05-15 13:37 - 2015-04-19 22:13 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-05-15 13:37 - 2015-04-19 22:12 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-15 13:37 - 2015-04-19 22:12 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-15 13:37 - 2015-04-19 06:59 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-15 13:34 - 2015-04-30 15:14 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 13:04 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-14 10:37 - 2015-04-10 17:30 - 12379136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-14 10:37 - 2015-04-10 17:25 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-14 10:37 - 2015-04-10 17:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-14 10:37 - 2015-04-10 17:24 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-14 10:37 - 2015-04-10 17:21 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-14 10:37 - 2015-04-10 17:20 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-14 10:37 - 2015-04-10 17:20 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-14 10:37 - 2015-04-10 17:19 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-14 10:37 - 2015-04-10 17:19 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-14 10:37 - 2015-04-10 17:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-14 10:37 - 2015-04-10 17:19 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-14 10:37 - 2015-04-10 17:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-14 10:37 - 2015-04-10 17:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-14 10:37 - 2015-04-10 17:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-14 10:37 - 2015-04-10 17:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-14 10:37 - 2015-04-10 17:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-14 10:37 - 2015-04-10 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-14 10:37 - 2015-04-10 17:18 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-14 10:37 - 2015-04-10 17:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-14 10:37 - 2015-04-10 17:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-14 10:37 - 2015-04-10 17:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-05-14 10:37 - 2015-04-10 17:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-06 19:54 - 2015-05-06 19:54 - 00000000 ____D () C:\Users\Christiane\AppData\Local\{257F992D-DF78-4545-A0A6-D2C4C81A3AFD}
2015-05-06 05:26 - 2015-05-06 05:26 - 00341512 _____ (DivX, LLC) C:\Windows\system32\DivXControlPanelApplet.cpl
2015-05-05 18:06 - 2015-05-05 18:06 - 00000000 ____D () C:\Users\Christiane\AppData\Local\{DE6B9910-1D4A-449F-8194-DF7A7C02B2B5}

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-02 23:16 - 2009-06-30 15:03 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-02 23:09 - 2015-02-01 18:21 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-02 22:53 - 2014-07-18 19:06 - 00000466 _____ () C:\Windows\Tasks\Online Backup Update Notifier.job
2015-06-02 22:50 - 2010-03-04 09:44 - 01133045 _____ () C:\Windows\WindowsUpdate.log
2015-06-02 22:49 - 2013-03-17 09:52 - 00002000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-02 22:49 - 2013-03-17 09:52 - 00002000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-02 22:44 - 2009-06-30 15:03 - 00001052 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-02 22:43 - 2014-07-21 13:23 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-06-02 22:42 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-02 18:59 - 2006-11-02 15:01 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-02 18:40 - 2011-06-09 21:53 - 01140050 _____ () C:\Windows\PFRO.log
2015-06-02 18:30 - 2008-09-17 19:41 - 00000350 _____ () C:\Windows\Tasks\Extension de garantie-Christiane.job
2015-06-02 17:29 - 2006-11-02 12:23 - 00000364 _____ () C:\Windows\win.ini
2015-06-02 16:11 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2015-06-02 16:10 - 2013-01-22 11:23 - 00000948 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-843996202-2701723349-1085836052-1000UA.job
2015-06-02 16:10 - 2013-01-22 11:23 - 00000926 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-843996202-2701723349-1085836052-1000Core.job
2015-06-02 16:08 - 2008-09-24 09:31 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-06-01 19:09 - 2014-07-18 19:10 - 00000504 _____ () C:\Windows\Tasks\Malwarebytes Secure Backup - ***@***
2015-06-01 16:51 - 2010-05-18 11:09 - 00000000 ____D () C:\ProgramData\DivX
2015-06-01 16:51 - 2009-11-10 13:07 - 00000000 ____D () C:\Program Files\DivX
2015-06-01 16:51 - 2008-10-26 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-06-01 16:50 - 2009-04-23 15:11 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2015-06-01 16:48 - 2013-09-26 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-01 08:46 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2015-06-01 08:21 - 2006-11-02 14:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-01 08:21 - 2006-11-02 13:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-29 00:42 - 2008-09-24 09:31 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2015-05-28 10:06 - 2012-07-01 11:52 - 00000000 ____D () C:\Users\Christiane\AppData\Local\DoNotTrackPlus
2015-05-27 22:36 - 2014-07-21 13:23 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-05-27 22:27 - 2015-01-11 18:50 - 00000000 ____D () C:\Program Files\OCAD 11.5.6
2015-05-27 18:44 - 2008-09-17 19:40 - 00000912 _____ () C:\Users\Christiane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-22 13:57 - 2014-06-19 21:52 - 00000000 ____D () C:\Users\Christiane\AppData\Local\Adobe
2015-05-22 13:56 - 2015-02-01 18:21 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-05-22 13:56 - 2015-02-01 18:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-05-18 21:00 - 2006-11-02 12:33 - 01572058 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-15 21:25 - 2013-12-12 19:20 - 00000000 ____D () C:\Users\Christiane\Desktop\Nouveau dossier (2)
2015-05-15 21:25 - 2013-07-28 21:43 - 00000000 ____D () C:\Users\Christiane\Downloads\messaging.php_fichiers
2015-05-15 21:25 - 2009-12-23 00:11 - 00000000 ____D () C:\Users\Christiane\Desktop\photos famille
2015-05-15 19:40 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-15 19:25 - 2006-11-02 14:47 - 00466528 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-15 19:23 - 2008-12-18 14:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-15 15:00 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2015-05-15 14:57 - 2011-11-27 11:25 - 00000000 ____D () C:\Users\Christiane\berawecka le bon_fichiers
2015-05-15 14:53 - 2008-09-17 21:47 - 00000000 ____D () C:\Users\Christiane\Documents\animaux
2015-05-15 14:01 - 2013-10-16 13:17 - 00000000 ____D () C:\Users\Christiane\photo
2015-05-15 13:57 - 2013-11-26 09:17 - 00000000 ____D () C:\Users\Christiane\Documents\doc caro
2015-05-15 13:55 - 2015-03-11 23:39 - 00000000 ____D () C:\Users\Christiane\Downloads\journal - Copie
2015-05-15 13:55 - 2011-08-02 23:08 - 00000000 ____D () C:\Users\Christiane\Desktop\OpenOffice.org 3.3 (fr) Installation Files
2015-05-15 13:43 - 2012-12-14 20:01 - 00000000 ____D () C:\Users\Christiane\Documents\vacances 2012
2015-05-15 13:41 - 2008-06-03 18:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-15 13:33 - 2014-12-18 20:36 - 00000000 ____D () C:\Users\Christiane\Desktop\(3) Espace Assistance_fichiers
2015-05-15 13:33 - 2013-08-14 18:44 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-15 13:28 - 2013-06-10 10:43 - 00000000 ____D () C:\Users\Christiane\Desktop\docs papa
2015-05-15 13:25 - 2008-09-17 19:37 - 00000000 ____D () C:\Users\Christiane
2015-05-15 13:22 - 2006-11-02 12:24 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-05-15 13:14 - 2010-10-21 09:33 - 00000000 ____D () C:\Users\Christiane\AppData\Local\Windows Live
2015-05-15 13:01 - 2010-06-05 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Files in the root of some directories =======

2009-05-16 23:31 - 2009-05-16 23:31 - 0000775 _____ () C:\Program Files\Mega Bloc Notes.lnk
2010-12-04 14:48 - 2010-12-04 14:48 - 0000760 _____ () C:\Users\Christiane\AppData\Roaming\setup_ldm.iss
2011-10-19 09:31 - 2011-10-19 09:31 - 0000043 _____ () C:\Users\Christiane\AppData\Roaming\stats.txt
2008-09-17 21:28 - 2008-05-01 01:06 - 0025572 _____ () C:\Users\Christiane\AppData\Roaming\UserTile.png
2008-09-20 21:31 - 2015-02-20 14:15 - 0016754 _____ () C:\Users\Christiane\AppData\Roaming\wklnhst.dat
2008-09-21 12:29 - 2008-09-26 11:38 - 0000097 _____ () C:\Users\Christiane\AppData\Local\avbviuj.bat
2008-12-30 15:18 - 2009-01-01 10:56 - 0000096 _____ () C:\Users\Christiane\AppData\Local\beftwq.bat
2009-12-29 16:08 - 2010-01-04 08:43 - 0000095 _____ () C:\Users\Christiane\AppData\Local\bexbocm.bat
2009-12-29 16:08 - 2010-01-04 10:22 - 0003422 _____ () C:\Users\Christiane\AppData\Local\bexbocm.dat
2009-08-02 09:36 - 2014-08-12 11:03 - 0008296 _____ () C:\Users\Christiane\AppData\Local\d3d9caps.dat
2008-09-19 14:30 - 2013-03-31 19:45 - 0214016 _____ () C:\Users\Christiane\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-12-09 17:06 - 2009-12-11 10:50 - 0000095 _____ () C:\Users\Christiane\AppData\Local\etrigxg.bat
2010-06-18 09:19 - 2010-06-18 09:19 - 0000036 _____ () C:\Users\Christiane\AppData\Local\housecall.guid.cache
2015-05-28 20:06 - 2015-05-28 20:06 - 0613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nsb8C88.tmp
2015-05-29 16:01 - 2015-05-29 16:01 - 0613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nsk74A8.tmp
2015-06-02 16:20 - 2015-06-02 16:20 - 0613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nslF999.tmp
2015-05-27 19:15 - 2015-05-27 19:15 - 0613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nstC962.tmp
2015-05-28 10:05 - 2015-05-28 10:05 - 0613255 _____ (CMI Limited) C:\Users\Christiane\AppData\Local\nsyA356.tmp
2015-03-11 23:37 - 2015-03-11 23:37 - 0001034 _____ () C:\Users\Christiane\AppData\Local\recently-used.xbel
2009-08-01 19:07 - 2011-08-11 19:49 - 0007285 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Users\Public\MyWebTattoo.exe


Some files in TEMP:
====================
C:\Users\Christiane\AppData\Local\temp\Quarantine.exe
C:\Users\Christiane\AppData\Local\temp\sqlite3.dll
C:\Users\Christiane\AppData\Local\temp\Widestream6-setup-1.exe
C:\Users\Christiane\AppData\Local\temp\Widestream6-setup-2.exe
C:\Users\Christiane\AppData\Local\temp\Widestream6-setup-3.exe
C:\Users\Christiane\AppData\Local\temp\Widestream6-setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-02 19:54

==================== End of log ============================
0
merci beaucoup
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
3 juin 2015 à 00:35
Tu as refait un scan, semble-t-il et pas une correction.
En tout cas le dernier rapport, c'est une analyse.
0
Runisarosac > Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020
3 juin 2015 à 19:53
J'ai un probleme de compréhension je pense, j'ai tout fait jusqu'a relancer FRSt et quand je clic sur fix j'ai ce message : no fislist.txt found. The fixlist txt should be in the same folder/directory the tool is located ???
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
3 juin 2015 à 20:01
C'est expliqué dans le tuto.
fixlist.txt n'est pas dans le même dossier que le programme FRST.
0