Sujet Précédent Sujet Suivant

Pollution pub tenace

Fermé
GilbertHauser Messages postés 5 Date d'inscription lundi 9 février 2015 Statut Membre Dernière intervention 26 février 2015 - 15 févr. 2015 à 12:52
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 26 févr. 2015 à 15:42

Bonjour, et mille merci de m'aider, et bien d'autres sans doute...

pb de pub intempestive extrêmemement tenace sur un nvl onglet tous navigateurs:

- chaque fois qu'on ouvre un nvl onglet avec un nouveau un site (quelconque),
et qu'ensuite on clique sur ce site la 1ère fois:
un nouvel onglet s'ouvre sur un site marchand (qui change souvent) ou une fausee enquête (image ci-dessous); l'ordi n'est pas ralenti

- à noter: quand on ferme l'onglet parasite, une pop propose "rester/quitter",
et si on "reste" on voit 1 seconde une redirection par track2/fumotrack

- tous les logiciels et le système sont à jour
tous anti malwares passés en mode profond: Awast, Spybot, Bitdefender, ccleaner ; tous les cookies, historiques, etc supprimés; cookies tiers, pop, etc bloqués ; Firefox réinitialisé et ses extensions suspects supprimées ; toutes les PJ des mels suspects supprimées (par MAJ-Supp), corbeille et temp vidés
=> tous les malwares sont supprimés sauf...

quelques éléments récents peut-être suspects ?
- à quoi sert, dans OS/ProgramData/, le répertoire QCqIOVl qui contient svNyli.exe ? (impossible à supprimer)
- après nettoyage des cookies, ccleaner v3.23 en montre encore d'autres qu'il est incapable de supprimer : ce sont par exemple : *metrix.net, *liverail.com, s.ytimg.com, etc (*: plusieurs formes) ; ils introuvables en recherche approfondie (yc les fi système) avec Explorer

merci à vous de m'aider, si vous êtes très pointu !!

A voir également:

4 réponses

Réponse 1 / 4
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
15 févr. 2015 à 12:52
Salut,

Tu as installé des adwares et programmes parasites sur ton PC.
Voici la procédure à suivre pour les supprimer :

Commence par ceci :

Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode )
Télécharge AdwCleaner sur ton bureau.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt



puis :


Suis ce tutorial : https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer deux rapports FRST.
Envoie comme expliqué, ces deux rapports sur le site http://pjjoint.malekal.com et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.



0
Réponse 2 / 4
GilbertHauser Messages postés 5 Date d'inscription lundi 9 février 2015 Statut Membre Dernière intervention 26 février 2015
15 févr. 2015 à 15:06
réponse de Gilbert à Malekal_morte :

merci bcp de ton aide aussi rapide ; voici les éléments :

note préalable : au redémarrage de Window, ce pop vient (evidemment je n'y ait pas répondu ok) ; qu''est-ce ?

___________________________
1/ RAPPORT DE ADWCLEANER :

# AdwCleaner v4.110 - Rapport créé le 15/02/2015 à 13:58:55
# Mis à jour le 05/02/2015 par Xplode
# Base de données : 2015-02-14.2 [Serveur]
# Système d'exploitation : Windows Vista (TM) Business Service Pack 2 (x86)
# Nom d'utilisateur : georges - QUAD
# Exécuté depuis : C:\Users\georges\Downloads\AdwCleaner-4.110.exe
# Option : Nettoyer
          • [ Services ] *****
          • [ Fichiers / Dossiers ] *****


Dossier Supprimé : C:\ProgramData\Browser
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter
Dossier Supprimé : C:\Program Files\Free Video Converter
Dossier Supprimé : C:\Users\georges\AppData\Local\TVWizard
          • [ Tâches planifiées ] *****
          • [ Raccourcis ] *****
          • [ Registre ] *****


Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\MenuExt\compare prices with &dealio
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Free Video Converter
          • [ Navigateurs ] *****


-\\ Internet Explorer v9.0.8112.16599


-\\ Mozilla Firefox v35.0.1 (x86 fr)


AdwCleaner[R0].txt - [14561 octets] - [09/02/2015 14:37:43]
AdwCleaner[R1].txt - [2279 octets] - [09/02/2015 19:57:01]
AdwCleaner[R2].txt - [2144 octets] - [15/02/2015 13:55:15]
AdwCleaner[S0].txt - [14978 octets] - [09/02/2015 14:49:21]
AdwCleaner[S1].txt - [2382 octets] - [09/02/2015 20:50:27]
AdwCleaner[S2].txt - [2089 octets] - [15/02/2015 13:58:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2149 octets] ##########

__________________________________
2/ 1ER RAPPORT DE FRST /

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-02-2015
Ran by georges (administrator) on QUAD on 15-02-2015 14:43:26
Running from C:\Users\georges\Downloads
Loaded Profiles: georges (Available profiles: georges & LogMeInRemoteUser)
Platform: Microsoft® Windows Vista(TM) Professionnel Service Pack 2 (X86) OS Language: Français (France)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS Partition Master 10.0\bin\EpmNews.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(SOFTWIN S.R.L) C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
() C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
(SOFTWIN S.R.L.) C:\Program Files\Softwin\BitDefender10\bdagent.exe
(SOFTWIN S.R.L.) C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
(SOFTWIN S.R.L.) C:\Program Files\Softwin\BitDefender10\bdmcon.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Small Island Development) C:\ProgramData\QCqIOVl\svNyIi.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(SOFTWIN S.R.L.) C:\Program Files\Softwin\BitDefender10\vsserv.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\ProgramData\Browser\prompt.exe
() C:\ProgramData\Browser\prompt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4706304 2008-02-01] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-11-16] (AVAST Software)
HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [524288 2008-08-08] ()
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [EaseUS EPM tray] => C:\Program Files\EaseUS Partition Master 10.0\bin\EpmNews.exe [2086568 2014-03-06] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-07-12] (RealNetworks, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [BDAgent] => C:\Program Files\Softwin\BitDefender10\bdagent.exe [69632 2007-03-26] (SOFTWIN S.R.L.)
HKLM\...\Run: [BDMCon] => C:\Program Files\Softwin\BitDefender10\bdmcon.exe [290816 2007-04-02] (SOFTWIN S.R.L.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2021178914-2128526067-710555462-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-2021178914-2128526067-710555462-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-2021178914-2128526067-710555462-1000\...\MountPoints2: {23fc310d-a396-11df-a331-001d09a12b07} - K:\iStudio.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk.disabled
ShortcutTarget: Adobe Gamma Loader.lnk.disabled -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk.disabled
ShortcutTarget: Microsoft Office.lnk.disabled -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2021178914-2128526067-710555462-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2021178914-2128526067-710555462-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2021178914-2128526067-710555462-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/webhp{searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\.DEFAULT -> {779B32E3-7D64-4EEA-A337-6400C42C868F} URL = http://www.dealio.com/{searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2021178914-2128526067-710555462-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
SearchScopes: HKU\S-1-5-21-2021178914-2128526067-710555462-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2021178914-2128526067-710555462-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/webhp{searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> No File
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: No Name -> {6A87B991-A31F-4130-AE72-6D0C294BF082} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: No Name -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> c:\program files\google\googletoolbar1.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> No File
Toolbar: HKLM - &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2021178914-2128526067-710555462-1000 -> &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2021178914-2128526067-710555462-1000 -> No Name - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
ShellExecuteHooks: Eudora's Shell Extension - {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Program Files\eudora_7.01_gmais\EuShlExt.dll [86016 2002-09-30] (Qualcomm Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\georges\AppData\Roaming\Mozilla\Firefox\Profiles\2fazraw0.default-1423917765575
FF Homepage: hxxp://www.almanart.org/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-02]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-07]
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-07-12]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-16]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-16] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2014-11-16] (Avast Software)
R2 bdss; C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe [81920 2006-12-20] () [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2008-09-13] (Macrovision Europe Ltd.) [File not signed]
R2 LIVESRV; C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe [278528 2008-07-11] (SOFTWIN S.R.L.) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [69632 2007-07-11] (MicroVision Development, Inc.) [File not signed]
R2 svNyIi; C:\ProgramData\QCqIOVl\svNyIi.exe [2733040 2015-02-01] (Small Island Development)
R2 VSSERV; C:\Program Files\Softwin\BitDefender10\vsserv.exe [466944 2007-10-23] (SOFTWIN S.R.L.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 XCOMM; C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe [86016 2006-11-09] (SOFTWIN S.R.L) [File not signed]
S2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [244040 2013-08-09] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [296200 2013-08-09] (SafeNet Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-16] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2014-11-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-20] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2014-11-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-16] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [608648 2013-08-09] (SafeNet Inc.)
R3 Irisp2ht; C:\Windows\System32\Drivers\IRISP2HT.sys [16516 2000-09-28] (Microsoft Corporation) [File not signed]
S3 Profos; C:\Program Files\Softwin\BitDefender10\profos.sys [13568 2006-08-19] () [File not signed]
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2008-03-07] (Windows (R) Codename Longhorn DDK provider)
S3 SIS163u; C:\Windows\System32\DRIVERS\sis163u.sys [215040 2005-06-20] (SiS Corporation)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2007-08-13] (Samsung Electronics) [File not signed]
S3 Trufos; C:\Program Files\Softwin\BitDefender10\trufos.sys [35328 2006-12-06] () [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2014-11-16] (Avast Software)
S3 bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys [X]
S3 BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys [X]
S3 BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 KMW_KBD; System32\DRIVERS\KMW_KBD.sys [X]
S4 LMIRfsClientNP; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 vNICdrv; system32\DRIVERS\vNICdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 14:43 - 2015-02-15 14:43 - 00019672 _____ () C:\Users\georges\Downloads\FRST.txt
2015-02-15 14:43 - 2015-02-15 14:43 - 00000000 ____D () C:\FRST
2015-02-15 14:28 - 2015-02-15 14:28 - 01125888 _____ (Farbar) C:\Users\georges\Downloads\FRST.exe
2015-02-15 14:06 - 2015-02-15 14:06 - 00000000 ____D () C:\ProgramData\Browser
2015-02-15 12:27 - 2015-02-15 12:27 - 00001623 _____ () C:\Users\georges\Desktop\Internet Explorer.lnk
2015-02-14 19:39 - 2015-02-14 19:42 - 00002005 ____H () C:\Windows\EPMBatch.ept
2015-02-10 12:23 - 2015-02-10 12:23 - 00000000 ____D () C:\Users\georges\AppData\Roaming\Bitdefender
2015-02-10 12:09 - 2015-02-15 14:41 - 00081984 _____ () C:\Windows\system32\bdod.bin
2015-02-10 12:04 - 2015-02-15 14:01 - 00000000 _____ () C:\Windows\system32\bdss.log
2015-02-10 12:04 - 2015-02-10 12:04 - 00001929 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BitDefender Free Edition v10.lnk
2015-02-10 12:04 - 2015-02-10 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDefender 10
2015-02-10 12:03 - 2015-02-10 12:04 - 00000000 ____D () C:\ProgramData\BitDefender
2015-02-10 12:03 - 2015-02-10 12:03 - 00000000 ____D () C:\Program Files\Softwin
2015-02-10 12:01 - 2015-02-10 12:04 - 00000000 ____D () C:\Program Files\Common Files\Softwin
2015-02-10 11:55 - 2015-02-10 11:55 - 43403608 _____ (Microsoft Corporation) C:\Users\georges\Downloads\bitdefender_free_v10.exe
2015-02-09 19:38 - 2015-02-09 19:38 - 06372800 _____ (Tim Kosse) C:\Users\georges\Downloads\FileZilla_3.10.1.1_win32-setup.exe
2015-02-09 14:37 - 2015-02-15 13:58 - 00000000 ____D () C:\AdwCleaner
2015-02-09 12:32 - 2015-02-09 12:32 - 02112512 _____ () C:\Users\georges\Downloads\AdwCleaner-4.110.exe
2015-02-09 12:17 - 2015-02-09 12:17 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-09 12:17 - 2015-02-09 12:17 - 00000000 _____ () C:\Windows\setupact.log
2015-02-08 19:45 - 2015-02-09 12:39 - 00000796 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-08 19:44 - 2015-02-08 19:45 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-02-08 09:44 - 2015-02-08 09:44 - 00316176 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-08 09:44 - 2015-02-08 09:44 - 00001332 _____ () C:\Windows\PFRO.log
2015-02-01 21:18 - 2015-02-08 19:45 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-01 21:15 - 2014-12-19 01:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-01 20:53 - 2014-12-06 04:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-01 20:53 - 2014-12-06 04:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-02-01 20:53 - 2014-12-06 04:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-02-01 20:52 - 2014-12-06 04:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-01 10:52 - 2015-02-07 16:27 - 00001344 _____ () C:\Windows\Tasks\CFKHH.job
2015-02-01 10:51 - 2015-02-07 16:27 - 00001346 _____ () C:\Windows\Tasks\ZBTFVX.job
2015-02-01 10:50 - 2015-02-13 20:03 - 00000000 ____D () C:\ProgramData\QCqIOVl
2015-02-01 10:33 - 2015-02-01 10:33 - 06374592 _____ (Tim Kosse) C:\Users\georges\Downloads\FileZilla_3.10.1_win32-setup.exe
2015-01-25 17:12 - 2015-02-10 15:04 - 00000365 _____ () C:\Users\georges\AppData\Roaming\ZBTFVX
2015-01-25 17:12 - 2015-02-10 15:03 - 00001171 _____ () C:\Users\georges\AppData\Roaming\CFKHH

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 14:09 - 2014-05-29 09:48 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-15 14:08 - 2008-09-20 18:00 - 00000612 _____ () C:\Windows\CLIP.INI
2015-02-15 14:08 - 2008-08-01 17:00 - 01312360 _____ () C:\Windows\WindowsUpdate.log
2015-02-15 14:00 - 2012-06-17 22:07 - 00001052 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-15 14:00 - 2008-12-26 14:46 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-02-15 14:00 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 14:00 - 2006-11-02 13:47 - 00004912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-15 14:00 - 2006-11-02 13:47 - 00004912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-15 13:59 - 2006-11-02 14:01 - 00032614 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-15 13:47 - 2012-06-17 22:07 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-15 12:24 - 2008-09-18 18:05 - 00000000 ___RD () C:\Users\georges\Desktop\utilitaires
2015-02-14 19:22 - 2008-11-16 23:07 - 00000000 ____D () C:\Program Files\eudora_7.01_gmais
2015-02-14 12:16 - 2008-11-19 20:56 - 00000000 ____D () C:\TEMP
2015-02-14 12:03 - 2008-11-16 20:27 - 00000000 ____D () C:\Program Files\eudora_7.01_almanart
2015-02-14 11:40 - 2008-09-20 17:54 - 00000331 _____ () C:\Windows\IRISPen.INI
2015-02-13 19:54 - 2009-12-16 11:01 - 00000000 ____D () C:\Users\georges\AppData\Roaming\FileZilla
2015-02-13 14:02 - 2008-01-21 08:42 - 01581924 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-13 11:02 - 2009-01-16 11:53 - 00002623 _____ () C:\Users\georges\Desktop\Word.lnk
2015-02-12 09:31 - 2013-08-06 18:12 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-12 09:31 - 2011-08-08 08:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-09 19:38 - 2011-09-14 11:29 - 00000000 ____D () C:\Program Files\FileZilla FTP Client
2015-02-09 19:38 - 2010-03-27 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-02-09 13:12 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2015-02-09 12:55 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\fr-FR
2015-02-07 16:25 - 2011-01-04 14:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-07 16:25 - 2008-08-09 18:36 - 00000000 ____D () C:\Users\georges
2015-02-07 16:25 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2015-02-07 16:25 - 2006-11-02 11:22 - 52166656 _____ () C:\Windows\system32\config\software_previous
2015-02-07 16:25 - 2006-11-02 11:22 - 42729472 _____ () C:\Windows\system32\config\components_previous
2015-02-07 16:25 - 2006-11-02 11:22 - 41156608 _____ () C:\Windows\system32\config\system_previous
2015-02-07 16:25 - 2006-11-02 11:22 - 04980736 _____ () C:\Windows\system32\config\default_previous
2015-02-07 16:25 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2015-02-07 16:25 - 2006-11-02 11:22 - 00061440 _____ () C:\Windows\system32\config\sam_previous
2015-02-02 16:55 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-02 10:48 - 2008-11-19 16:26 - 00000000 ____D () C:\Program Files\EPSON
2015-02-02 10:48 - 2008-08-01 16:09 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-02-02 10:08 - 2006-11-02 11:23 - 00450715 ____R () C:\Windows\system32\Drivers\etc\hosts_20150202.backup
2015-02-01 22:38 - 2011-01-17 17:08 - 00000000 ____D () C:\Users\georges\AppData\Roaming\FreeVideoConverter
2015-02-01 22:38 - 2006-11-02 11:23 - 00000436 _____ () C:\Windows\win.ini
2015-02-01 21:15 - 2013-08-02 16:50 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-01 21:10 - 2006-11-02 11:24 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-02-01 17:56 - 2008-08-01 16:17 - 00000000 ____D () C:\Program Files\Microsoft Works
2015-02-01 17:56 - 2006-11-02 12:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-31 17:13 - 2015-01-08 13:32 - 00000000 ____D () C:\Users\georges\AppData\Roaming\Samsung
2015-01-31 17:13 - 2015-01-08 13:03 - 00000000 ____D () C:\ProgramData\Samsung

==================== Files in the root of some directories =======

2007-08-31 06:36 - 2008-12-26 14:36 - 0072138 _____ () C:\Program Files\procexp.chm
2008-12-10 14:40 - 2008-12-26 14:36 - 3549552 _____ (Sysinternals - www.sysinternals.com) C:\Program Files\procexp.exe
2015-01-25 17:12 - 2015-02-10 15:03 - 0001171 _____ () C:\Users\georges\AppData\Roaming\CFKHH
2009-11-22 16:48 - 2009-11-22 17:46 - 0040960 _____ () C:\Users\georges\AppData\Roaming\TweetAdder
2009-01-15 11:11 - 2009-01-15 11:11 - 0027503 _____ () C:\Users\georges\AppData\Roaming\UserTile.png
2008-09-13 14:41 - 2014-04-14 15:31 - 0001974 _____ () C:\Users\georges\AppData\Roaming\wklnhst.dat
2015-01-25 17:12 - 2015-02-10 15:04 - 0000365 _____ () C:\Users\georges\AppData\Roaming\ZBTFVX
2008-08-09 19:06 - 2014-08-09 11:19 - 0007484 _____ () C:\Users\georges\AppData\Local\d3d9caps.dat
2008-08-12 20:34 - 2015-02-01 22:33 - 0015360 _____ () C:\Users\georges\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-09-21 10:09 - 2008-09-21 10:09 - 0009060 _____ () C:\Users\georges\AppData\Local\fr.ini
2012-06-02 10:39 - 2012-06-02 10:39 - 0000011 _____ () C:\ProgramData\.tv6
2009-02-16 15:51 - 2009-02-16 15:51 - 0005117 _____ () C:\ProgramData\xqkcebzs.dik

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-15 14:07

==================== End Of Log ===========


________________________________
3/ 2E RAPPORT ADDITION DE FRST :

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-02-2015
Ran by georges at 2015-02-15 14:44:00
Running from C:\Users\georges\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.57 (HKLM\...\7-Zip) (Version: - )
802.11 USB Wireless LAN Adapter (HKLM\...\SiS163u) (Version: - )
Adobe Dreamweaver CS3 (HKLM\...\Adobe_ad19d2ae8332572b119cf35fd0a30d8) (Version: 9.0 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (HKLM\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop 5.0 Limited Edition (HKLM\...\Adobe Photoshop 5.0 Limited Edition) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Photoshop 7.0.1 (HKLM\...\Adobe Photoshop 7.0.1) (Version: 7.0.1 - Adobe Systems, Inc.)
Adobe Reader X (10.1.4) - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.007.0914.2138 - )
Avast Free Antivirus (HKLM\...\avast) (Version: 10.0.2208 - AVAST Software)
BitDefender Free Edition v10 (HKLM\...\{CEFC581D-BEAE-4F75-989E-BD931970D8AD}) (Version: 10.2.10 - SOFTWIN)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
CamStudio 2.0 Fr (HKLM\...\CamStudio 2.0 Fr_is1) (Version: - )
Capturino V2 (HKU\S-1-5-21-2021178914-2128526067-710555462-1000\...\Capturino V2) (Version: - )
ccc-core-static (Version: 2007.0914.2139.36828 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform)
Codec 8.4f (HKLM\...\Codec_is1) (Version: - )
Cosmo Player 2.1 (38329) (HKLM\...\Cosmo Player 2.1) (Version: - )
DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version: - )
EaseUS Partition Master 10.0 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS)
E-Mails (HKLM\...\{B26EEFCF-C96A-45B7-AC20-1E0F52E0E86D}_is1) (Version: 2.34 - MPic@ud SoftWare)
EPSON Logiciel imprimante (HKLM\...\EPSON Printer and Utilities) (Version: - )
FileZilla Client 3.10.1.1 (HKLM\...\FileZilla Client) (Version: 3.10.1.1 - Tim Kosse)
Free Video Converter V 3.2 (HKLM\...\Free Video Converter_is1) (Version: 3.2.0.0 - Koyote Soft)
Gif Movie Gear 4 (HKLM\...\GMG 4) (Version: 4.02.0 - )
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
IRISPen II v4.01 (HKLM\...\IRISPen) (Version: - )
iTunes (HKLM\...\{C8EBB0DE-5655-4D32-99E1-9447E702A89F}) (Version: 11.1.2.32 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java(TM) 6 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) 6 Update 5 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)
LogMeIn (HKLM\...\{7F831576-6246-42C7-B523-55B3F96509CC}) (Version: 4.0.784 - LogMeIn, Inc.)
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM\...\{0001040C-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (French) (HKLM\...\{95120000-00AF-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Module de compatibilité pour Microsoft Office System 2007 (HKLM\...\{90120000-0020-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 fr) (HKLM\...\Mozilla Firefox 35.0.1 (x86 fr)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.0 - Dell)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
Realtek Ethernet Network Card Diagnostic tool for Windows Vista (HKLM\...\{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}) (Version: 1.00 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Activation Module (HKLM\...\{07159635-9DFE-4105-BFC0-2817DB540C68}) (Version: 1.0 - Roxio)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41C6-8752-958A45325C82}) (Version: 3.5.0 - Roxio)
Roxio Creator BDAV Plugin (HKLM\...\{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}) (Version: 3.5.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}) (Version: 3.5.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4C52-84D5-77E344289F87}) (Version: 3.5.0 - Roxio)
Roxio Creator DE (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.5.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ED8-B104-03393876DFDF}) (Version: 3.5.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 6.0.0 - Roxio)
Samsung CLP-310 Series (HKLM\...\Samsung CLP-310 Series) (Version: - Samsung Electronics CO.,LTD)
Shockwave 7.0.3 Player (HKLM\...\Shockwave 7.0.3 Player) (Version: - )
Skins (Version: 2007.0914.2139.36828 - ATI) Hidden
Sonic CinePlayer Decoder Pack (HKLM\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.2.0 - Sonic Solutions)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
TeraCopy 2.01 (HKLM\...\TeraCopy_is1) (Version: - Code Sector Inc.)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

08-01-2015 13:07:41 Installation du package de pilote logiciel : SAMSUNG Electronics Co.,Ltd. Contrôleurs de bus USB
08-01-2015 13:08:34 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Contrôleurs de bus USB
08-01-2015 13:10:14 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Ports (COM et LPT)
08-01-2015 13:10:46 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Modems
08-01-2015 13:11:55 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Contrôleurs de bus USB
08-01-2015 13:12:50 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Modems
08-01-2015 13:13:49 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Ports (COM et LPT)
08-01-2015 13:14:50 Installation du package de pilote logiciel : Samsung Electronic, Co. Ltd. Contrôleurs de bus USB
08-01-2015 13:16:01 Installation du package de pilote logiciel : Samsung Electronic, Co. Ltd. Modems
08-01-2015 13:17:01 Installation du package de pilote logiciel : Samsung Electronic, Co. Ltd. Ports (COM et LPT)
08-01-2015 13:17:59 Installation du package de pilote logiciel : Samsung Electronic, Co. Ltd. Ports (COM et LPT)
08-01-2015 13:18:56 Installation du package de pilote logiciel : Samsung Electronics Co., LTD Contrôleurs de bus USB
08-01-2015 13:19:54 Installation du package de pilote logiciel : Samsung Electronics Co., LTD Modems
08-01-2015 13:21:03 Installation du package de pilote logiciel : Samsung Electronics Co., LTD Contrôleurs de bus USB
08-01-2015 13:21:59 Installation du package de pilote logiciel : Samsung Electronics Co., LTD Modems
08-01-2015 13:23:03 Installation du package de pilote logiciel : Samsung Electronics Co., LTD Ports (COM et LPT)
08-01-2015 13:24:14 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Contrôleurs de bus USB
08-01-2015 13:25:17 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Modems
08-01-2015 13:26:17 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Cartes réseau
08-01-2015 13:28:05 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Ports (COM et LPT)
08-01-2015 13:28:39 Installed Samsung Kies
08-01-2015 13:29:34 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Ports (COM et LPT)
08-01-2015 13:30:28 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Contrôleurs de bus USB
08-01-2015 13:32:35 Installation du package de pilote logiciel : MobileTop Contrôleurs de bus USB
08-01-2015 13:37:23 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Contrôleurs de bus USB
08-01-2015 13:37:40 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd.
08-01-2015 13:38:29 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Modems
08-01-2015 13:39:18 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Cartes réseau
08-01-2015 13:40:11 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Ports (COM et LPT)
08-01-2015 13:41:03 Installation du package de pilote logiciel : Infineon Technologies Contrôleurs de bus USB
08-01-2015 13:42:02 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd.
08-01-2015 13:42:49 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Contrôleurs de bus USB
08-01-2015 13:43:41 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Ports (COM et LPT)
08-01-2015 13:44:33 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Modems
08-01-2015 13:45:26 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Appareils mobiles
08-01-2015 13:46:20 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Cartes réseau
08-01-2015 13:47:12 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Ports (COM et LPT)
08-01-2015 13:48:03 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Cartes réseau
08-01-2015 13:48:52 Installation du package de pilote logiciel : SAMSUNG Electronics Co., Ltd. Ports (COM et LPT)
09-01-2015 13:02:49 Point de contrôle planifié
10-01-2015 18:01:43 Point de contrôle planifié
11-01-2015 13:54:40 Point de contrôle planifié
12-01-2015 12:26:09 Point de contrôle planifié
13-01-2015 11:35:14 Point de contrôle planifié
14-01-2015 13:36:07 Point de contrôle planifié
30-01-2015 07:58:58 Windows Update
31-01-2015 11:32:58 Point de contrôle planifié
31-01-2015 17:11:36 Removed Samsung Kies
01-02-2015 11:06:06 Removed Pro PC Cleaner
01-02-2015 17:52:29 Supprimé Microsoft Works
01-02-2015 20:51:58 Windows Update
02-02-2015 09:17:08 Point de contrôle planifié
02-02-2015 10:47:59 Supprimé PIF DESIGNER
02-02-2015 16:06:23 Windows Update
03-02-2015 11:09:40 Point de contrôle planifié
07-02-2015 16:06:39 Windows Update
07-02-2015 16:23:37 Opération de restauration
08-02-2015 09:41:20 Windows Update
08-02-2015 20:17:28 Programme d'installation pour les modules Windows
09-02-2015 13:41:20 Point de contrôle planifié
10-02-2015 12:02:40 Installed BitDefender Free Edition v10
12-02-2015 10:01:01 Point de contrôle planifié
13-02-2015 10:54:34 Windows Update
15-02-2015 13:52:40 Point de contrôle planifié

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1E74C21A-A08F-402E-A392-9593DD686986} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2021178914-2128526067-710555462-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {23B20D55-746B-4486-85C4-C70289F35FB1} - System32\Tasks\OpenCandyHelperRunOnce5D6807636670448A92E6CC0F75C8669E => C:\Users\georges\AppData\Roaming\OpenCandy\B3700798EF5243929D133088DBBB4B6B\OCBrowserHelper_1.0.6.124.exe
Task: {2C2AF480-33B5-4A87-9A11-AAFB30D753E8} - System32\Tasks\{5AADA5C8-58DB-4BDA-90BA-299DBF707F64} => pcalua.exe -a C:\Users\georges\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs <==== ATTENTION
Task: {333BB577-C36D-4BCF-BBC9-C7C9E2FA8AF7} - System32\Tasks\{17974018-41FA-4B28-8E8F-B64FAD91F596} => pcalua.exe -a "C:\Program Files\utilitaires\TeraCopy\unins000.exe"
Task: {350349FF-51C7-4544-A220-570556E3F843} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2021178914-2128526067-710555462-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {4F9C47C9-42B1-43DD-AC52-4F373FAA1F76} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2021178914-2128526067-710555462-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.)
Task: {564F9238-D37B-419F-ABFF-A5CBC9EEAB90} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2021178914-2128526067-710555462-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {60FE50A2-E643-45C4-9C29-4FE440DAAD29} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2021178914-2128526067-710555462-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {71F555B6-F49B-4528-9D70-B687DCB7733E} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - georges => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {72CBAA9E-B1A9-47DA-843C-E96FEF641670} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-12] (Adobe Systems Incorporated)
Task: {7805BE31-96FC-4F07-A852-8DE11B42931B} - \ZBTFVX No Task File <==== ATTENTION
Task: {838A685A-563B-4BCC-8364-96B77AA616B8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {88B9F36E-2B83-4215-8E24-2A615CC00758} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {8A0BD8B7-743E-4673-AA14-C520C643AA84} - System32\Tasks\avastBCLRestartS-1-5-21-2021178914-2128526067-710555462-1000 => Firefox.exe
Task: {913C5F11-9185-4375-84D6-FC1CF47E586E} - \CFKHH No Task File <==== ATTENTION
Task: {9EA7C3EF-D584-4E2E-92BB-CF684A8FFFC6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-16] (AVAST Software)
Task: {A03A8B2B-FB79-494C-9DD8-0CBC53ACD458} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2021178914-2128526067-710555462-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {B04EB984-E78E-48CF-BCCB-54AB723413FE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-09-24] (Piriform Ltd)
Task: {BED1C86A-D261-4D60-8220-7E1E3CEEAE99} - System32\Tasks\{986BB1D5-FC96-4D43-A3DB-E227A902BACA} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {C3B6FD9C-D3C2-4164-BB0E-9B94EAC70CA2} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2021178914-2128526067-710555462-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {DAFBBF57-1E15-49B8-86E1-15F6972B48D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-17] (Google Inc.)
Task: {E2392320-2949-40EE-A48E-063377BCCE16} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {FC861E0E-DF16-46F3-80E8-862CD4BA8E69} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-17] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CFKHH.job => C:\Users\georges\AppData\Roaming\CFKHH.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ZBTFVX.job => C:\Users\georges\AppData\Roaming\ZBTFVX.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2015-02-15 12:23 - 2015-02-15 12:23 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15021500\algo.dll
2014-11-16 11:35 - 2014-11-16 11:35 - 02151544 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxVMM.dll
2014-11-16 11:35 - 2014-11-16 11:35 - 00021488 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxREM.dll
2014-11-16 11:35 - 2014-11-16 11:35 - 04474224 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2009-04-07 05:32 - 2009-04-07 05:32 - 00022723 _____ () C:\Windows\System32\cl31cl3.dll
2008-08-02 00:53 - 2007-10-24 09:50 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2015-02-01 12:17 - 2015-02-01 12:17 - 00039200 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
2006-05-15 17:02 - 2006-05-15 17:02 - 00058368 _____ () C:\Program Files\Softwin\BitDefender10\bdshelxt.dll
2009-12-23 10:35 - 2009-06-22 00:26 - 00305664 _____ () C:\Program Files\utilitaires\TeraCopy\TeraCopyExt.dll
2013-11-14 11:21 - 2014-11-16 11:36 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-01-26 17:30 - 2008-08-08 06:03 - 00524288 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2013-04-16 02:07 - 2013-04-16 02:07 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2006-12-20 16:33 - 2006-12-20 16:33 - 00081920 _____ () C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
2007-03-08 17:00 - 2007-03-08 17:00 - 00061440 _____ () C:\Program Files\Softwin\BitDefender10\bdutils.dll
2007-10-23 10:22 - 2007-10-23 10:22 - 00196608 _____ () C:\Program Files\Common Files\Softwin\BitDefender Update Service\zlib.dll
2007-03-23 16:50 - 2007-03-23 16:50 - 00005632 _____ () C:\Program Files\Softwin\BitDefender10\getfile.dll
2007-08-15 13:26 - 2007-08-15 13:26 - 00094208 _____ () C:\Program Files\Softwin\BitDefender10\WSLib.dll
2007-05-17 10:55 - 2007-05-17 10:55 - 00098304 _____ () C:\Program Files\Softwin\BitDefender10\bdfltlib.dll
2007-10-23 10:22 - 2007-10-23 10:22 - 00196608 _____ () C:\Program Files\Softwin\BitDefender10\zlib.dll
2003-12-10 15:08 - 2003-12-10 15:08 - 00049152 _____ () C:\Program Files\Softwin\BitDefender10\mimeinf.dll
2006-03-03 13:52 - 2006-03-03 13:52 - 00069632 _____ () C:\Program Files\Softwin\BitDefender10\bdfdll_x86.dll
2006-04-11 17:58 - 2006-04-11 17:58 - 00004608 _____ () C:\Program Files\Softwin\BitDefender10\PROFOS.dll
2006-08-16 11:11 - 2006-08-16 11:11 - 00008704 _____ () C:\Program Files\Softwin\BitDefender10\trufos.dll
2014-11-16 11:35 - 2014-11-16 11:35 - 00317632 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-02-15 14:06 - 2015-02-15 14:06 - 00080712 _____ () C:\ProgramData\Browser\prompt.exe
2015-02-08 19:44 - 2015-01-23 11:37 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2021178914-2128526067-710555462-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^georges^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Synchronizer => "C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS Partition Master 10.0\bin\EpmNews.exe
MSCONFIG\startupreg: ISUSPM => "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
MSCONFIG\startupreg: Software updater => "C:\Users\georges\AppData\Roaming\FreeSoftwareUpdater\updater.exe" -h http://neoupdater.com/
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe
MSCONFIG\startupreg: ydirector2 => C:\Windows\system32\regsvr32.exe C:\Windows\system32\Macromed\Flash\Swflash.ocx /s

==================== Accounts: =============================

Administrateur (S-1-5-21-2021178914-2128526067-710555462-500 - Administrator - Disabled)
georges (S-1-5-21-2021178914-2128526067-710555462-1000 - Administrator - Enabled) => C:\Users\georges
Invité (S-1-5-21-2021178914-2128526067-710555462-501 - Limited - Enabled)
LogMeInRemoteUser (S-1-5-21-2021178914-2128526067-710555462-1002 - Administrator - Enabled) => C:\Users\LogMeInRemoteUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/15/2015 02:01:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/14/2015 07:56:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3026

Error: (02/14/2015 07:56:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3026

Error: (02/14/2015 07:56:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/14/2015 07:56:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2028

Error: (02/14/2015 07:56:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2028

Error: (02/14/2015 07:56:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/14/2015 07:56:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (02/14/2015 07:56:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014

Error: (02/14/2015 07:56:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (02/15/2015 02:32:08 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Error: (02/15/2015 02:32:05 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Error: (02/15/2015 02:32:01 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Error: (02/15/2015 02:31:58 PM) (Source: disk) (EventID: 7) (User: )
Description: Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Error: (02/15/2015 02:01:45 PM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80040154

Error: (02/15/2015 02:01:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: BDRsDrv%%2

Error: (02/15/2015 02:01:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: BDFsDrv%%2

Error: (02/15/2015 02:01:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: bdfdll%%2

Error: (02/15/2015 02:01:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2

Error: (02/15/2015 02:01:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: DgiVecp%%2


Microsoft Office Sessions:
=========================
Error: (02/15/2015 02:01:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/14/2015 07:56:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3026

Error: (02/14/2015 07:56:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3026

Error: (02/14/2015 07:56:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/14/2015 07:56:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2028

Error: (02/14/2015 07:56:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2028

Error: (02/14/2015 07:56:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/14/2015 07:56:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (02/14/2015 07:56:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014

Error: (02/14/2015 07:56:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
Date: 2015-02-07 17:16:59.023
Description: Le module d'intégrité du code ne peut pas vérifier l'intégrité image du fichier \Device\HarddiskVolume6\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll car le jeu de hachages d'images par page n'a pas été trouvé sur le système.

Date: 2015-02-07 17:16:58.805
Description: Le module d'intégrité du code ne peut pas vérifier l'intégrité image du fichier \Device\HarddiskVolume6\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll car le jeu de hachages d'images par page n'a pas été trouvé sur le système.

Date: 2015-02-07 17:16:58.571
Description: Le module d'intégrité du code ne peut pas vérifier l'intégrité image du fichier \Device\HarddiskVolume6\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll car le jeu de hachages d'images par page n'a pas été trouvé sur le système.

Date: 2015-02-07 17:16:58.353
Description: Le module d'intégrité du code ne peut pas vérifier l'intégrité image du fichier \Device\HarddiskVolume6\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll car le jeu de hachages d'images par page n'a pas été trouvé sur le système.

Date: 2015-02-07 17:16:42.382
Description: Le module d'intégrité du code ne peut pas vérifier l'intégrité image du fichier \Device\HarddiskVolume6\Windows\System32\fveapi.dll car le jeu de hachages d'images par page n'a pas été trouvé sur le système.

Date: 2015-02-07 17:16:42.164
Description: Le module d'intégrité du code ne peut pas vérifier l'intégrité image du fichier \Device\HarddiskVolume6\Windows\System32\fveapi.dll car le jeu de hachages d'images par page n'a pas été trouvé sur le système.

Date: 2015-02-07 17:16:41.899
Description: Le module d'intégrité du code ne peut pas vérifier l'intégrité image du fichier \Device\Ha
0
GilbertHauser Messages postés 5 Date d'inscription lundi 9 février 2015 Statut Membre Dernière intervention 26 février 2015
15 févr. 2015 à 15:10
le 2è rapport de FRST parait tronqué, voici la suite :

Date: 2015-02-07 17:16:41.899
Description: Le module d'intégrité du code ne peut pas vérifier l'intégrité image du fichier \Device\HarddiskVolume6\Windows\System32\fveapi.dll car le jeu de hachages d'images par page n'a pas été trouvé sur le système.

Date: 2015-02-07 17:16:41.665
Description: Le module d'intégrité du code ne peut pas vérifier l'intégrité image du fichier \Device\HarddiskVolume6\Windows\System32\fveapi.dll car le jeu de hachages d'images par page n'a pas été trouvé sur le système.

Date: 2015-02-01 22:39:22.379
Description: Le module d'intégrité du code ne peut pas vérifier l'intégrité image du fichier \Device\HarddiskVolume5\Windows\System32\atiumdag.dll car le jeu de hachages d'images par page n'a pas été trouvé sur le système.

Date: 2015-02-01 22:39:22.140
Description: Le module d'intégrité du code ne peut pas vérifier l'intégrité image du fichier \Device\HarddiskVolume5\Windows\System32\atiumdag.dll car le jeu de hachages d'images par page n'a pas été trouvé sur le système.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 47%
Total physical RAM: 3325.27 MB
Available physical RAM: 1744.04 MB
Total Pagefile: 6871.5 MB
Available Pagefile: 5083.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.7 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:167.67 GB) (Free:53.72 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (RECOVERY) (Fixed) (Total:29.53 GB) (Free:19.12 GB) NTFS
Drive h: (Data_Histo) (Fixed) (Total:114.24 GB) (Free:66.64 GB) NTFS
Drive s: (Data) (Fixed) (Total:118.45 GB) (Free:61.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.8 GB) (Disk ID: 10000000)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=42)
Partition 3: (Active) - (Size=167.7 GB) - (Type=42)
Partition 4: (Not Active) - (Size=55.1 GB) - (Type=42)

========================================================
Disk: 1 (Size: 232.8 GB) (Disk ID: 22AAC6F2)

Partition: GPT Partition Type.

==================== End Of Log ============================
0
Réponse 3 / 4
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
15 févr. 2015 à 17:52
oui Software updater, tu peux les désinstaller.

Les rapprots FRST sont à donner via pjjoint.
Lire la procédure.
0
Réponse 4 / 4
GilbertHauser Messages postés 5 Date d'inscription lundi 9 février 2015 Statut Membre Dernière intervention 26 février 2015
15 févr. 2015 à 23:03
ok Malekal_morte, les 2 rapports FRST sont sur pjjoint (désolé)

deux points :
- FRST semble avoir éradiqué la saloperie (à confirmer dans quelques jours, je suis devenu méfiant...) ; je ne connaissais pas cet anti-malware ! mille merci !
- savez-vous peut-être à quoi sert dans OS/ProgramData/ le répertoire QCqIOVl qui contient svNyli.exe ? (peut-être pas important et hors sujet)

merci encore de votre aide efficace (j'espère !) bonne semaine !
0
GilbertHauser Messages postés 5 Date d'inscription lundi 9 février 2015 Statut Membre Dernière intervention 26 février 2015
26 févr. 2015 à 14:47
non, erreur : pb non résolu !!!
au bout de qq heures seulement , la pollution est revenue (la pop qui est en image en haut de cette page) ; j'ai de nouveau tout tenté...
> aucune solution apparemment sur les forums
> Malekal_morte : les 2 rapports FRST, toujours valables, sont sur pjjoint comme vous l'aviez demandé
Pouvez-vous m'indiquer une voie à suivre, je ne sais plus que faire contre cette saloperie
merci bcp ! Gilbert
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
26 févr. 2015 à 15:42
il faut donner les liesn ici
bref lire la procédure jusqu'au bout.
0

Discussions similaires

Musique pub Skoda IV
SkodaIV -
Duck -

16 réponses
Cherche chanteur et titre chanson pub kinder noel 2023
Herme80 -
trekipat -

16 réponses
Enlever la pub sur sa tv?
DrFake -
Stryte005 -

10 réponses
M6 Replay désactiver le bloqueur de publicité
katydel88 -
Mathieu -

14 réponses