Sujet Précédent Sujet Suivant

Pleins de pub

Fermé
Betbet91 Messages postés 6 Date d'inscription lundi 20 juillet 2015 Statut Membre Dernière intervention 20 juillet 2015 - 20 juil. 2015 à 00:46
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 20 juil. 2015 à 16:18
Bonjour,
Voila sur lorsque je fais des recherches sur chrome j'ai sans cesse différentes annonces et publicités ou "faux résultats". J'ai lancé CCleaner et Windows defender, aucun résultats. J'ai aussi supprimer toutes les extensions et j'ai aussi réinitialisé les paramètres de chrome. Je sais plus quoi faire pour les enlever, car c'est très gênant.
Merci de votre aide
A voir également:

4 réponses

Réponse 1 / 4
Utilisateur anonyme
20 juil. 2015 à 01:09
Bonjour,
Je te recommande de télécharger AdBlock pour commencer ;)

--
0
Réponse 2 / 4
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
20 juil. 2015 à 01:14
Bonjour,


1/

--> Télécharge et lance AdwCleaner (d'Xplode), choisis l'option "Scanner".

--> Une fois le scan terminé, choisis l'option "Nettoyer".

--> Redémarre le PC comme demandé, héberge le rapport sur pjjoint.malekal.com puis copie-colle le lien donné par le site dans ta réponse. Le rapport est enregistré dans C:\AdwCleaner sous le nom d'AdwCleaner[s?].


2/

--> Télécharge Farbar Recovery Scan Tool (de Farbar) sur ton Bureau.

Attention : tu dois prendre la version compatible avec ton système : 32 ou 64 bits.

--> Ferme toutes les applications en cours.
--> Lance FRST (Sous Windows Vista/7/8, clic droit sur FRST > Exécuter en tant qu'administrateur).
--> Coche la case Addition.txt.
--> Clique sur Scan.
--> Une fois le scan terminé, deux rapports FRST.txt et Addition.txt seront présents sur le Bureau.
--> Héberge les deux rapports sur pjjoint.malekal.com et copie-colle les liens fournis dans ta prochaine réponse.
0
Betbet91 Messages postés 6 Date d'inscription lundi 20 juillet 2015 Statut Membre Dernière intervention 20 juillet 2015
20 juil. 2015 à 12:32
Le rapport de Adwcleaner:
# AdwCleaner v4.208 - Rapport créé le 20/07/2015 à 12:12:56
# Mis à jour le 09/07/2015 par Xplode
# Base de données : 2015-07-15.1 [Serveur]
# Système d'exploitation : Windows 8.1 (x64)
# Nom d'utilisateur : Betty - PC-BETTY
# Exécuté depuis : C:\Users\Betty\Downloads\adwcleaner_4.208.exe
# Option : Nettoyer
          • [ Services ] *****
          • [ Fichiers / Dossiers ] *****


Dossier Supprimé : C:\Users\Betty\AppData\Roaming\cacaoweb
Fichier Supprimé : C:\Users\Betty\Desktop\cacaoweb.exe
          • [ Tâches planifiées ] *****
          • [ Raccourcis ] *****
          • [ Registre ] *****


Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Clé Supprimée : HKCU\Software\cacaoweb
          • [ Navigateurs ] *****


-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v43.0.2357.134


AdwCleaner[R0].txt - [4377 octets] - [09/11/2014 17:13:07]
AdwCleaner[R1].txt - [1451 octets] - [15/11/2014 22:49:25]
AdwCleaner[R2].txt - [15969 octets] - [20/06/2015 22:29:01]
AdwCleaner[R3].txt - [1273 octets] - [20/06/2015 22:41:25]
AdwCleaner[R4].txt - [1931 octets] - [06/07/2015 00:07:45]
AdwCleaner[R5].txt - [1653 octets] - [06/07/2015 12:54:06]
AdwCleaner[R6].txt - [1773 octets] - [12/07/2015 19:30:07]
AdwCleaner[R7].txt - [1829 octets] - [12/07/2015 19:55:01]
AdwCleaner[R8].txt - [1889 octets] - [20/07/2015 12:09:29]
AdwCleaner[S0].txt - [3279 octets] - [09/11/2014 17:21:01]
AdwCleaner[S1].txt - [1475 octets] - [15/11/2014 22:57:11]
AdwCleaner[S2].txt - [14723 octets] - [20/06/2015 22:36:30]
AdwCleaner[S3].txt - [1338 octets] - [20/06/2015 22:46:30]
AdwCleaner[S4].txt - [1965 octets] - [06/07/2015 00:14:22]
AdwCleaner[S5].txt - [1679 octets] - [06/07/2015 12:56:37]
AdwCleaner[S6].txt - [1774 octets] - [20/07/2015 12:12:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1834 octets] ##########
0
Betbet91 Messages postés 6 Date d'inscription lundi 20 juillet 2015 Statut Membre Dernière intervention 20 juillet 2015
20 juil. 2015 à 12:35
Le rapport addition de Farbar:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-07-2015 01
Ran by Betty at 2015-07-20 12:26:43
Running from C:\Users\Betty\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrateur (S-1-5-21-2245885502-2018626826-1842936618-500 - Administrator - Disabled)
Betty (S-1-5-21-2245885502-2018626826-1842936618-1002 - Administrator - Enabled) => C:\Users\Betty
HomeGroupUser$ (S-1-5-21-2245885502-2018626826-1842936618-1004 - Limited - Enabled)
Invité (S-1-5-21-2245885502-2018626826-1842936618-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector 11 (Version: 11.0.0.3215 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.2103 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.2103 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
EPSON XP-102 103 Series Printer Uninstall (HKLM\...\EPSON XP-102 103 Series) (Version: - SEIKO EPSON Corporation)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Ma-Config.com (64 bits) (HKLM\...\{9A3C5DC9-EEA9-4FB2-855A-26FE6DA733EA}) (Version: 7.1.3.1 - Cybelsoft)
Microsoft Office Famille et Etudiant 2013 - fr-fr (HKLM\...\HomeStudentRetail - fr-fr) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2245885502-2018626826-1842936618-1002\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0092 - Pegatron Corporation)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.780.780.102113 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0238 - REALTEK Semiconductor Corp.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.15.0 - Synaptics Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2245885502-2018626826-1842936618-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Betty\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

24-06-2015 15:03:03 Windows Update
06-07-2015 14:01:54 Point de contrôle planifié
09-07-2015 20:29:11 Windows Update
16-07-2015 16:39:31 Windows Update
20-07-2015 00:26:31 Software Removal Tool

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0ED9F13D-E6B2-43CA-976D-95532B23F5AE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-12-07] (Microsoft Corporation)
Task: {16BF23A2-E578-46A7-B5FB-1F01B1E9B19D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {20ED0069-1FA8-47CC-8238-6FA9B4749733} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2245885502-2018626826-1842936618-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {48E55E6E-2DDB-4FE4-9623-8BEE7CBDF443} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2245885502-2018626826-1842936618-1002
Task: {65F31F82-65DD-4180-8E7D-FD69ED09179D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20] (Google Inc.)
Task: {6AB004D1-88B0-4F64-85D4-1DF58699154D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {766C0655-F902-4F77-A9AA-F38A8C838CFA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {78CD74EF-AFAE-42B2-9F88-563D8804BBA5} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-12-07] (Microsoft Corporation)
Task: {79D8AB08-F49E-4B95-934F-79F1EB4AD831} - System32\Tasks\{BE5C2F2B-5FD7-46FE-8B5B-DC0F8192897A} => pcalua.exe -a C:\Users\Betty\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor
Task: {8686DD7C-9E91-4268-BA17-B2FBC0BFC48D} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-09-19] (Synaptics Incorporated)
Task: {A402653F-7997-4183-89FC-C2D8D2A7ACC9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PC-BETTY-Betty PC-Betty => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-08-16] (Microsoft Corporation)
Task: {ADF494BF-9509-4F17-B862-0B6D8FF058B6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {BC7F6E9B-A55D-47CB-9160-A6FF62538B65} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {C6193FA3-B617-4E39-A67D-B151A46A9627} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-20] (Google Inc.)
Task: {CC208FD7-E365-4B08-AF19-F8E7CBFDCAF3} - System32\Tasks\{EDB54D45-6D4C-43B8-A381-C3708A3789C0} => pcalua.exe -a C:\Users\Betty\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-12-01 03:20 - 2013-06-27 11:56 - 00160768 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2014-09-15 18:13 - 2014-09-15 18:13 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-11-30 17:06 - 2013-10-21 19:06 - 00069120 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-08-16 14:29 - 2012-11-10 10:28 - 00383568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2014-08-16 14:29 - 2012-12-07 07:04 - 00513616 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2014-08-16 14:29 - 2012-12-07 07:05 - 00607312 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-12-01 05:03 - 2013-03-06 16:42 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2013-12-01 03:20 - 2013-09-02 17:15 - 02216960 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2013-12-01 03:20 - 2010-12-17 16:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2013-12-01 03:20 - 2012-10-23 20:07 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2015-07-17 21:47 - 2015-07-17 21:47 - 00127488 _____ () C:\Users\Betty\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook.Ba70e54e13#\13ac6caecfabd9584897c8bc51c1e1c7\Facebook.BackgroundTasks.ni.dll
2015-03-17 18:50 - 2015-03-17 18:50 - 01782784 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\3f4dc590466037f015f65bc07d1ea923\Windows.ApplicationModel.ni.dll
2015-07-17 21:50 - 2015-07-17 21:50 - 01134592 _____ () C:\Users\Betty\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Win8-Base\8a9f4d141ea60649eb4ac5dc3eae33d2\Facebook-Win8-Base.ni.dll
2015-07-17 21:51 - 2015-07-17 21:51 - 00619520 _____ () C:\Users\Betty\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Base\a1e018847a9bbd02df0c31d4d2044695\Facebook-Base.ni.dll
2013-12-01 03:20 - 2013-07-18 17:41 - 08856576 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2015-06-20 22:18 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-06-20 22:18 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-06-20 22:18 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-06-20 22:18 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-06-20 22:18 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-12-01 03:20 - 2009-12-18 17:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2013-12-01 03:20 - 2009-12-18 17:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2014-08-16 14:29 - 2014-08-16 14:40 - 00312896 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-08-16 14:29 - 2014-08-16 14:40 - 00354368 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Betty\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2245885502-2018626826-1842936618-1002\...\ma-config.com -> hxxp://ma-config.com
IE trusted site: HKU\S-1-5-21-2245885502-2018626826-1842936618-1002\...\ma-config.com -> hxxps://ma-config.com
IE trusted site: HKU\S-1-5-21-2245885502-2018626826-1842936618-1002\...\touslesdrivers.com -> hxxp://touslesdrivers.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2245885502-2018626826-1842936618-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Betty\Downloads\09c7dca799243efe0885eba1726b1423.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "YouCam Service"
HKU\S-1-5-21-2245885502-2018626826-1842936618-1002\...\StartupApproved\Run: => "AppEx Accelerator UI"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A8FAF9C7-3CAF-4D7F-86DC-0A63548A1A02}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{07AD28C0-CC4A-4133-BFC6-B63ACBCAF7D5}] => (Allow) LPort=2869
FirewallRules: [{A8052163-96B9-467F-96F5-3E93B3E59F55}] => (Allow) LPort=1900
FirewallRules: [{5D434F2B-A63E-4160-B729-A26153B63A91}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{429EA623-0206-4E5C-8BAF-5389580040A7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{14B475B1-0E83-446F-8A93-02529D7CEB0F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{26530FE2-BBBA-4856-95D0-7AEB08DD60CC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [TCP Query User{2AB9B8AB-2051-4DA9-9D0A-B142D46E20F8}C:\users\betty\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\betty\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{9B268AC7-96D7-449C-9D8E-60D51CD5D8A1}C:\users\betty\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\betty\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [{DD482546-E0FB-4101-BEE0-82736C70EC83}] => (Allow) LPort=48113
FirewallRules: [{A81AF1FD-A222-4ACA-A01F-FCC82D5190A7}] => (Allow) LPort=48114
FirewallRules: [{EBAE6D84-64E3-443E-9296-8CB81956E512}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe
FirewallRules: [{217B8781-D203-4ACC-B284-80DC082FAAE1}] => (Allow) C:\Program Files\ma-config.com\MaConfigAgent.exe
FirewallRules: [TCP Query User{C6930647-E24D-4B05-A5D2-BCB046CFA78A}C:\users\betty\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\betty\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{8F03474C-14AA-4E38-9AD4-9F8871734323}C:\users\betty\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\betty\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [TCP Query User{60EE00A6-59D9-49FE-BA8E-98180E1AE2FD}C:\users\betty\desktop\cacaoweb.exe] => (Block) C:\users\betty\desktop\cacaoweb.exe
FirewallRules: [UDP Query User{97A00CD3-9EDD-4423-8D60-9C04C362423B}C:\users\betty\desktop\cacaoweb.exe] => (Block) C:\users\betty\desktop\cacaoweb.exe
FirewallRules: [{9BFF5F1C-4CBE-49C5-9303-BDF562598513}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/20/2015 12:13:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l'application défaillante backgroundTaskHost.exe, version : 6.3.9600.17415, horodatage : 0x545042b7
Nom du module défaillant : twinapi.appcore.dll, version : 6.3.9600.17415, horodatage : 0x54503c4d
Code d'exception : 0xc000027b
Décalage d'erreur : 0x0000000000063c1f
ID du processus défaillant : 0x1a18
Heure de début de l'application défaillante : 0xbackgroundTaskHost.exe0
Chemin d'accès de l'application défaillante : backgroundTaskHost.exe1
Chemin d'accès du module défaillant: backgroundTaskHost.exe2
ID de rapport : backgroundTaskHost.exe3
Nom complet du package défaillant : backgroundTaskHost.exe4
ID de l'application relative au package défaillant : backgroundTaskHost.exe5

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Impossible d'initialiser l'index.

Détails :
L'objet spécifié est introuvable. Spécifiez le nom d'un objet existant. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Impossible d'initialiser l'application.

Contexte : Application Windows

Détails :
L'objet spécifié est introuvable. Spécifiez le nom d'un objet existant. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Impossible d'initialiser l'objet rassembleur.

Contexte : Application Windows, Catalogue SystemIndex

Détails :
L'objet spécifié est introuvable. Spécifiez le nom d'un objet existant. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Impossible d'initialiser le plug-in dans <Search.TripoliIndexer>.

Contexte : Application Windows, Catalogue SystemIndex

Détails :
L'objet spécifié est introuvable. Spécifiez le nom d'un objet existant. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Impossible d'initialiser le gestionnaire plug-in <Search.TripoliIndexer>.

Contexte : Application Windows

Détails :
(HRESULT : 0x8e5e0210) (0x8e5e0210)

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Le service de recherche Windows a été arrêté à cause d'un problème avec l'indexeur : The catalog is corrupt.

Détails :
Le catalogue d'index des contenus est endommagé. 0xc0041801 (0xc0041801)

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Le service de recherche a détecté des fichiers de données endommagés dans l'index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)}. Le service tentera de corriger automatiquement ce problème en recréant l'index.

Détails :
0x8e5e0210 (0x8e5e0210)

Error: (07/20/2015 12:12:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer (296) Windows: L'Erreur -1811 (0xfffff8ed) s'est produite lors de l'ouverture du fichier journal C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb0005B.log.

Error: (07/19/2015 08:11:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-BETTY)
Description: Échec de l'activation de l'application 50348RomainBeuque.Messries_rv1s9989qta2y!App avec l'erreur : -2144927142 Pour plus d'informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.


System errors:
=============
Error: (07/20/2015 12:15:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service AppEx Networks Accelerator LWF n'a pas pu démarrer en raison de l'erreur :
%%2

Error: (07/20/2015 12:14:24 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT)
Description: Le module d'extensibilité WLAN s'est arrêté de façon inattendue.

Chemin d'accès du module : C:\Windows\system32\Rtlihvs.dll

Error: (07/20/2015 12:14:24 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT)
Description: Le module d'extensibilité WLAN s'est arrêté de façon inattendue.

Chemin d'accès du module : C:\Windows\system32\Rtlihvs.dll

Error: (07/20/2015 12:14:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT)
Description: Le module d'extensibilité WLAN s'est arrêté de façon inattendue.

Chemin d'accès du module : C:\Windows\system32\Rtlihvs.dll

Error: (07/20/2015 12:13:29 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Le Gestionnaire de services de contrôle a essayé d'entreprendre une action corrective (Redémarrer le service) après la fin inattendue du service Windows Search, mais cette action a échoué en raison de l'erreur suivante :
%%1056

Error: (07/20/2015 12:13:23 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Le Gestionnaire de services de contrôle a essayé d'entreprendre une action corrective (Redémarrer le service) après la fin inattendue du service Windows Search, mais cette action a échoué en raison de l'erreur suivante :
%%1056

Error: (07/20/2015 12:12:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Search s'est terminé de manière inattendue. Ceci s'est produit 2 fois. L'action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.

Error: (07/20/2015 12:12:58 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Le service Windows Search s'est arrêté avec l'erreur spécifique au service suivante :
%%2147749126

Error: (07/20/2015 12:12:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Ma-Config Agent s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service.

Error: (07/20/2015 12:12:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Spouleur d'impression s'est terminé de manière inattendue. Ceci s'est produit 2 fois. L'action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service.


Microsoft Office:
=========================
Error: (07/20/2015 12:13:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415545042b7twinapi.appcore.dll6.3.9600.1741554503c4dc000027b0000000000063c1f1a1801d0c2d4b2275356C:\Windows\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll0337bf45-2ec8-11e5-8328-54271ecf8c54RATP.RATP_1.2.2.0_x64__c6r3h8z4wvas6App

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Détails :
L'objet spécifié est introuvable. Spécifiez le nom d'un objet existant. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Contexte : Application Windows

Détails :
L'objet spécifié est introuvable. Spécifiez le nom d'un objet existant. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Contexte : Application Windows, Catalogue SystemIndex

Détails :
L'objet spécifié est introuvable. Spécifiez le nom d'un objet existant. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Contexte : Application Windows, Catalogue SystemIndex

Détails :
L'objet spécifié est introuvable. Spécifiez le nom d'un objet existant. (HRESULT : 0x80040d06) (0x80040d06)
Search.TripoliIndexer

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Contexte : Application Windows

Détails :
(HRESULT : 0x8e5e0210) (0x8e5e0210)
Search.TripoliIndexer

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Détails :
Le catalogue d'index des contenus est endommagé. 0xc0041801 (0xc0041801)
The catalog is corrupt

Error: (07/20/2015 12:12:58 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Détails :
0x8e5e0210 (0x8e5e0210)
4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)

Error: (07/20/2015 12:12:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer296Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb0005B.log-1811 (0xfffff8ed)

Error: (07/19/2015 08:11:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-BETTY)
Description: 50348RomainBeuque.Messries_rv1s9989qta2y!App-2144927142


==================== Memory info ===========================

Processor: AMD A4-1200 APU with Radeon(TM) HD Graphics
Percentage of memory in use: 37%
Total physical RAM: 3537.26 MB
Available physical RAM: 2194.57 MB
Total Virtual: 7121.26 MB
Available Virtual: 5653.23 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:404.05 GB) (Free:359.26 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:44.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B50E55F9)

Partition: GPT Partition Type.

==================== End of log ============================
0
Betbet91 Messages postés 6 Date d'inscription lundi 20 juillet 2015 Statut Membre Dernière intervention 20 juillet 2015
20 juil. 2015 à 12:37
Le rapport FRST de Farbar:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-07-2015 01
Ran by Betty (administrator) on PC-BETTY on 20-07-2015 12:23:06
Running from C:\Users\Betty\Downloads
Loaded Profiles: Betty (Available Profiles: Betty)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
Failed to access process -> chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process -> chrome.exe
Failed to access process -> chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-10-21] (Realtek Semiconductor Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780912 2013-09-19] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-08-01] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-2245885502-2018626826-1842936618-1002\Software\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-2245885502-2018626826-1842936618-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.yahoo.com/?fr=hp-avast&type=avastbcl
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-08-16] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-08-16] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-08-16] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-08-16] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-08-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{547BE8E9-59C3-4B6F-81C0-CEFD51DAD9EC}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6794DB4F-EBFA-457A-A8A8-D36157C35C0E}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{EA95E708-C53D-4378-AF23-6C6F79B48EF1}: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-20] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-23]
CHR Extension: (Google Drive) - C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-27]
CHR Extension: (YouTube) - C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-23]
CHR Extension: (Google Search) - C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-23]
CHR Extension: (iGraal) - C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2014-10-26]
CHR Extension: (Google Wallet) - C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-23]
CHR Extension: (Gmail) - C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-23]
CHR Profile: C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (No Name) - C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-15]
CHR Profile: C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (AdBlock) - C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-07-20]
CHR Extension: (iGraal) - C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2015-07-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-20]
CHR Extension: (Google Wallet) - C:\Users\Betty\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [69120 2013-10-21] () [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [160768 2013-06-27] () [File not signed]
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2820424 2014-06-24] (CybelSoft)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1854056 2012-12-07] (Microsoft Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ma-config_amd64; C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [17568 2014-02-24] (CybelSoft)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\Windows\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [554712 2013-10-09] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2982104 2013-12-26] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2013-09-19] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-09-19] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]
S3 TDEIO; \??\C:\Users\Administrator\Desktop\H90t\tdeio64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-20 12:23 - 2015-07-20 12:23 - 00015157 _____ C:\Users\Betty\Downloads\FRST.txt
2015-07-20 12:22 - 2015-07-20 12:23 - 00000000 ____D C:\FRST
2015-07-20 12:20 - 2015-07-20 12:21 - 02134528 _____ (Farbar) C:\Users\Betty\Downloads\FRST64.exe
2015-07-20 12:16 - 2015-07-20 12:16 - 00001915 _____ C:\Users\Betty\Desktop\AdwCleaner[S6].txt
2015-07-20 12:15 - 2015-07-20 12:15 - 00000116 _____ C:\Windows\setupact.log
2015-07-20 12:15 - 2015-07-20 12:15 - 00000000 _____ C:\Windows\setuperr.log
2015-07-20 12:08 - 2015-07-20 12:08 - 02248704 _____ C:\Users\Betty\Downloads\adwcleaner_4.208.exe
2015-07-20 00:28 - 2015-07-20 12:16 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-20 00:28 - 2015-07-20 00:33 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-20 00:28 - 2015-07-20 00:28 - 00004056 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-20 00:28 - 2015-07-20 00:28 - 00003820 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-20 00:25 - 2015-07-20 00:25 - 00000270 _____ C:\Users\Betty\Downloads\debug.log
2015-07-17 21:14 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-17 21:14 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-17 21:14 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-17 21:14 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-17 21:14 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-17 21:14 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-17 21:14 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-17 21:14 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 17:06 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 17:05 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 16:51 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 16:51 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 16:51 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 16:51 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 16:51 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 16:51 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 16:48 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-15 16:47 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-15 16:47 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-15 16:47 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-15 16:44 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 16:44 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 16:44 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-15 16:44 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-15 16:44 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-15 16:44 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-15 16:44 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-15 16:44 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-15 16:44 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-15 16:44 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-15 16:44 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-15 16:43 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-15 16:43 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-15 16:38 - 2015-07-15 16:38 - 00000000 ____D C:\Users\Betty\Documents\Fax
2015-07-15 16:38 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 16:38 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 16:38 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 16:38 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 16:38 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 16:38 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 16:38 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 16:38 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 16:38 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 16:38 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 16:38 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 16:38 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 16:38 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 16:38 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 16:38 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 16:38 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 16:38 - 2015-05-11 20:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-07-15 16:38 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 16:38 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-15 16:36 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 16:36 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 16:28 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 16:27 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 16:27 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 16:27 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 16:27 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 16:27 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 16:27 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 16:27 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 16:27 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 16:27 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 16:27 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 16:27 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 16:27 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 16:27 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 16:26 - 2015-07-03 15:52 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-15 16:26 - 2015-07-03 15:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-15 16:26 - 2015-07-03 15:50 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 16:26 - 2015-07-03 15:50 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-15 16:26 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 16:26 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 16:26 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 16:26 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 16:26 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 16:26 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 16:26 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 16:26 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 16:26 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 16:15 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 16:15 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 16:15 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 16:15 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 16:15 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 16:15 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 16:15 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 16:15 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 16:15 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 16:15 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 16:15 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 16:15 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 16:15 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 16:15 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 16:15 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 16:15 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 16:15 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 16:15 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 16:15 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 16:15 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 16:15 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 16:15 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 16:15 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 16:15 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 16:15 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 16:15 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 16:15 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 16:15 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 16:15 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 16:15 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 16:15 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 16:15 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 16:15 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 16:15 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 16:15 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 16:15 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 16:15 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 16:15 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-15 16:15 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-15 16:15 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-15 16:14 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 16:14 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-15 16:14 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 16:14 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 16:14 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 16:14 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-15 16:14 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-13 16:00 - 2015-07-20 12:21 - 01787062 _____ C:\Windows\WindowsUpdate.log
2015-07-12 19:51 - 2015-07-12 19:52 - 02248704 _____ C:\Users\Betty\Downloads\AdwCleaner-4.208.exe
2015-07-09 19:13 - 2015-07-09 19:13 - 00003469 _____ C:\Users\Betty\Downloads\EditionReinscriptionRecapitulatif (1).do
2015-07-09 19:12 - 2015-07-09 19:12 - 00003469 _____ C:\Users\Betty\Downloads\EditionReinscriptionRecapitulatif.do
2015-07-06 12:48 - 2015-07-06 12:48 - 00532784 _____ C:\Users\Betty\Downloads\cacaoweb.exe
2015-07-05 01:33 - 2015-07-05 01:33 - 00000000 _____ C:\autoexec.bat
2015-06-30 19:40 - 2015-06-30 19:40 - 00000000 ____D C:\Users\Betty\AppData\Local\PackageStaging
2015-06-29 00:13 - 2015-06-29 00:13 - 00000000 ____D C:\Users\Betty\Documents\Modèles Office personnalisés
2015-06-25 18:49 - 2015-06-29 11:36 - 00000000 ____D C:\Users\Betty\A Imprimer
2015-06-20 22:19 - 2015-06-20 22:19 - 00001411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-06-20 22:19 - 2015-06-20 22:19 - 00001399 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-06-20 22:19 - 2015-06-20 22:19 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-06-20 22:19 - 2015-06-20 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-06-20 22:18 - 2015-07-12 19:40 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-20 22:18 - 2015-06-21 13:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-06-20 22:18 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-20 12:20 - 2014-08-16 14:28 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2245885502-2018626826-1842936618-1002
2015-07-20 12:16 - 2014-08-18 16:07 - 00005072 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PC-BETTY-Betty PC-Betty
2015-07-20 12:16 - 2014-08-16 15:08 - 00000000 ___DO C:\Users\Betty\SkyDrive
2015-07-20 12:15 - 2014-08-16 14:22 - 02714443 _____ C:\Users\Betty\AppData\Local\BTServer.log
2015-07-20 12:15 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-20 12:14 - 2013-11-30 16:43 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-07-20 12:14 - 2013-08-22 15:25 - 01048576 ___SH C:\Windows\system32\config\BBI
2015-07-20 12:13 - 2014-11-09 17:13 - 00000000 ____D C:\AdwCleaner
2015-07-20 12:05 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-20 01:05 - 2014-08-16 14:53 - 00003936 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{05F05EC9-BDBA-4655-A681-C98078166590}
2015-07-20 00:40 - 2014-09-18 16:27 - 00828928 ___SH C:\Users\Betty\Desktop\Thumbs.db
2015-07-20 00:25 - 2014-08-23 19:26 - 00000000 ____D C:\Users\Betty\AppData\Local\Google
2015-07-20 00:17 - 2014-08-16 14:32 - 00000000 ____D C:\Windows\Minidump
2015-07-20 00:15 - 2013-11-30 08:50 - 00812350 _____ C:\Windows\system32\perfh00C.dat
2015-07-20 00:15 - 2013-11-30 08:50 - 00159412 _____ C:\Windows\system32\perfc00C.dat
2015-07-20 00:15 - 2013-11-30 04:29 - 01824010 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-19 23:52 - 2015-06-18 13:23 - 00000024 _____ C:\Users\Betty\AppData\Roaming\appdataFr25.bin
2015-07-19 20:16 - 2014-08-16 14:21 - 00000000 ____D C:\Users\Betty
2015-07-19 19:34 - 2014-10-02 11:07 - 00000000 ____D C:\Users\Betty\Documents\Autres
2015-07-19 19:31 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-19 19:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-19 15:16 - 2014-08-18 15:45 - 00000000 ____D C:\Windows\system32\MRT
2015-07-17 22:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-17 21:27 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-17 21:26 - 2014-12-10 22:54 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-17 21:26 - 2014-08-23 19:03 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-17 21:21 - 2015-04-11 13:12 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-17 21:21 - 2015-04-11 13:12 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-17 20:43 - 2013-08-22 16:44 - 00347728 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-16 22:43 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-15 18:37 - 2014-08-16 14:22 - 00000000 ____D C:\Users\Betty\AppData\Local\Packages
2015-07-15 16:51 - 2014-08-18 18:03 - 00000000 ____D C:\Users\Betty\Documents\Papier important
2015-07-15 16:36 - 2014-08-16 19:48 - 00791552 ___SH C:\Users\Betty\Downloads\Thumbs.db
2015-07-13 23:10 - 2014-11-13 16:28 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2014-11-13 16:28 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-12 19:42 - 2014-10-24 20:03 - 00000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-12 19:41 - 2014-08-23 19:36 - 00000000 ____D C:\Program Files\CCleaner
2015-07-05 21:59 - 2015-06-13 19:37 - 00000000 ____D C:\Program Files (x86)\Awesome File Opener
2015-07-05 12:08 - 2013-11-30 09:47 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 08:43 - 2013-11-30 09:48 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-30 19:29 - 2014-11-14 20:39 - 00000000 __SHD C:\Users\Betty\AppData\Local\EmieBrowserModeList
2015-06-30 19:29 - 2014-08-23 19:25 - 00000000 __SHD C:\Users\Betty\AppData\Local\EmieUserList
2015-06-30 19:29 - 2014-08-23 19:25 - 00000000 __SHD C:\Users\Betty\AppData\Local\EmieSiteList
2015-06-25 19:23 - 2014-08-16 14:22 - 00000000 ____D C:\Users\Betty\Documents\My Bluetooth
2015-06-20 22:08 - 2015-06-13 19:32 - 00000000 ____D C:\ProgramData\11729467606692748881

==================== Files in the root of some directories =======

2015-06-18 13:23 - 2015-07-19 23:52 - 0000024 _____ () C:\Users\Betty\AppData\Roaming\appdataFr25.bin
2014-08-16 14:22 - 2015-07-20 12:15 - 2714443 _____ () C:\Users\Betty\AppData\Local\BTServer.log
2015-06-02 15:21 - 2015-06-02 16:05 - 0009216 _____ () C:\Users\Betty\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-25 15:18 - 2015-04-25 15:18 - 0001772 _____ () C:\Users\Betty\AppData\Local\recently-used.xbel
2013-11-30 16:48 - 2013-11-30 16:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Betty\AppData\Local\Temp\Quarantine.exe
C:\Users\Betty\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-19 15:00

==================== End of log ============================
0
Betbet91 Messages postés 6 Date d'inscription lundi 20 juillet 2015 Statut Membre Dernière intervention 20 juillet 2015
20 juil. 2015 à 12:37
Merci pour votre aide
0
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 297
20 juil. 2015 à 16:18
L'extension iGraal sur Google Chrome est voulue ?

https://support.google.com/chrome_webstore/answer/2664769?hl=fr&rd=2
0
Réponse 3 / 4
Betbet91 Messages postés 6 Date d'inscription lundi 20 juillet 2015 Statut Membre Dernière intervention 20 juillet 2015
20 juil. 2015 à 01:16
Merci ça a fait disparaître toute les pubs, mais je suppose que j'ai toujours un virus sur mon ordinateur, non?
0
Rhajid
20 juil. 2015 à 01:46
Salut,

Là on parle d'adware(logiciel malveillant) donc piter de passer par ce type de logiciel(et se renseigner dessus avant) où parfois il est possible de décocher les "services" non désirés.
Donc
1)Attention à ce que vous installez
2)Même si ça y ressemble ce ne sont pas des virus mais des programmes légaux, ce qui n'est pas ce sont les difficultés pour les supprimer et ce qu'ils font mais là ça risque d'ere difficile de lutter contre des compagnies comme Google, Facebook qui collectent indûment et illégalement des données privées sur nous et nos recherches et actions sur le web. Pour google on aura du mal à faire quoique ce soit mais pour facebook et pas mal d'autres programmes aux politiques douteuses on peut choisir de ne pas les utiliser et s'orienter vers les initiaves légales et libres donc sans enjeu financier derrière.
3)Pour les virus utilisez un anti-virus performant(il y en a des gratuits) et maintenus à jour, n'hésitez pas à lancer des scans complet quand vous les jugez nécessaire.

Des logiciels comme adblock(plugin pour les navigateur firefox et chrome) ainsi que Spybot et CCleaner sont toujours un plus et doivent être maintenus constamment ainsi que prêter attention aux notifications et avertissements qui en émane(et vous aurez empêché d'installer de tels logiciels). Aucune des sécurités pourtant indispensable sur Windows ne peut remplacer votre propre vigilance, pour ça aussi il est nécessaire de se tenir informé.
0
Réponse 4 / 4
Utilisateur anonyme
20 juil. 2015 à 12:45
ça va bebeth la reprise d'image de profil ? :p

--
0

Discussions similaires

Bidru n'en peut plus
_Ritchi_ -
Titine -

4 réponses
Cherche chanteur et titre chanson pub kinder noel 2023
Herme80 -
Domaldan -

17 réponses
Ouvrir un fichier .pub sans Publisher
baissaoui -
baissaoui -

0 réponse
Recherche nom acteur Pub
Visu -
Lorenzo -

4 réponses
retrouver un spot publicitaire radio ?
solpauale -
Jennifer -

5 réponses