Page non desiré [Fermé]

Signaler
Messages postés
179
Date d'inscription
samedi 6 octobre 2007
Statut
Membre
Dernière intervention
18 février 2017
-
sharkytiburon
Messages postés
179
Date d'inscription
samedi 6 octobre 2007
Statut
Membre
Dernière intervention
18 février 2017
-
bonjours a vous
je ne sait pas si je pose la question a la bonne place
j'ai un probleme quand je clic sur le lien d'une page ou meme sur google drive un doc que j'ai créé sa me re dirige sur une page non voulu
avez vous une idee

6 réponses

Messages postés
1556
Date d'inscription
mardi 4 octobre 2011
Statut
Membre
Dernière intervention
23 octobre 2015
187
Hello ,

Tu as installé des adwares et des logiciels indésirables sur ton PC (Certainement à ton insu).
Pour comprendre, je t'invite à lire ce sujet : http://www.sosvirus.net/topic82172.html

# Télécharge ZHPCleaner de Nicolas Coolman sur ton bureau.
(Désactive ton antivirus le temps du téléchargement et de l'utilisation.
Aide : http://www.sosvirus.net/tutoriel-desactiver-protection-residentiel-t586.html )

# Ferme ton navigateur
# Fais un double clique sur l'icône pour le lancer
-> Note: Clique droit sur l'icône puis Exécuter en tant qu'administrateur sous Windows Vista, Seven et Windows 8
# Accepte "les conditions d'utilisation"
# Clique sur Réparer

->Note: Durant le scan, si l'outil te demande "Avez-vous installé ce proxy ?" et que tu n'en as pas installé, clique sur "Non" ou "Voulez-vous remplacer la page d'accueil ?, clique sur "Non"



# Copie le contenu du rapport ZHPCleaner.txt présent sur ton bureau sur Paste And Furious puis transmet le lien généré dans ta prochaine réponse.
-> Tuto Paste And Furious : http://www.sosvirus.net/tutoriel-paste-and-furious-t104985.html

#######

Ensuite nous allons faire un diagnostique

# Télécharge FRST (de Farbar) sur ton bureau !

# Ferme toutes les applications en cours !

# Lance FRST, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
# Coche la case Addition.txt
# Clique sur Scan



# Une fois le scan terminé rends toi sur le bureau, deux rapports FRST.txt et Addition.txt ont été créés.
# Héberge les rapports FRST.txt et Addition.txt sur SosUpload, puis copie/colle les liens générés dans ta prochaine réponse



sharkytiburon
Messages postés
179
Date d'inscription
samedi 6 octobre 2007
Statut
Membre
Dernière intervention
18 février 2017

~ ZHPCleaner v2015.3.2.103 by Nicolas Coolman (02/03/2015)
~ Run by theviny (Administrator) (02/03/2015 15:31:16)
~ Forum : https://www.nicolascoolman.com/forum/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\theviny\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\theviny\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 81, 64-bit (Build 9600)


---\\ Services (0)
~ No malicious items found.


---\\ Browser internet (0)
~ No malicious items found.


---\\ Hosts file (1)
~ The hosts file is legitimate (21)


---\\ Scheduled automatic tasks. (0)
~ No malicious items found.


---\\ Explorer ( File, Folder) (15)
MOVED folder: C:\Users\theviny\AppData\Local\Temp\APN-Stub\Unknown (Toolbar.Ask)
MOVED folder: C:\Users\theviny\AppData\Local\Temp\APN-Stub (Toolbar.Ask)
MOVED file: C:\WINDOWS\Prefetch\SOFTONICDOWNLOADER_FOR_MP3-TO-E8E97AFD.pf [ - ] (PUP.Softonic)
MOVED file: C:\WINDOWS\Prefetch\SPIGOTANDROIDOFFER.EXE-7F1617B4.pf [ - ] (PUP.Dealio)
MOVED file: C:\Users\theviny\Downloads\dffsetup-physx3common_x86.exe [Dll-Files.com - Dll-Files Fixer] (PUP.DllFilesFixer)
MOVED file: C:\Users\theviny\AppData\Local\Temp\uninstall445552656.exe - ExpressFiles Application (Adware.ExpressFiles)
MOVED file*: C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage [ - ] (PUP.ReMarkIt)
MOVED file*: C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage-journal [ - ] (PUP.ReMarkIt)
MOVED file*: C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_internethobbies.commerce-search.net_0.localstorage [ - ] (Hijacker.u-Search)
MOVED file*: C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_internethobbies.commerce-search.net_0.localstorage-journal [ - ] (Hijacker.u-Search)
MOVED file*: C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markit00.re-markit.co_0.localstorage [ - ] (PUP.ReMarkIt)
MOVED file*: C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markit00.re-markit.co_0.localstorage-journal [ - ] (PUP.ReMarkIt)
MOVED file*: C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedtest.net_0.localstorage [ - ] (Adware.ScriptHost)
MOVED file*: C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedtest.net_0.localstorage-journal [ - ] (Adware.ScriptHost)
MOVED file: C:\Users\theviny\AppData\Roaming\appdataFr3.bin [ - ] (PUP.Optional)


---\\ Registry ( Key, Value, Data) (3)
DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_4460DFE56A4DA220503DD885D501433D ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window] (PUP.Vosteran)
DELETED key*: HKLM\SOFTWARE\Wow6432Node\75016f83-3ab3-2806-c921-78802eef3e10 [] (PUP.CrossRider)
DELETED key*: HKEY_USERS\S-1-5-21-3319739762-1908143936-2268935211-1001\Software\Smartbar [] (PUP.QuickShare)



---\\ Result of repair
~ Repair carried out successfully
sharkytiburon
Messages postés
179
Date d'inscription
samedi 6 octobre 2007
Statut
Membre
Dernière intervention
18 février 2017

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015 ([color=red]ATTENTION: ====> FRST version is 29 days old and could be outdated[/color])
Ran by theviny (administrator) on LABRECQUE on 02-03-2015 16:28:29
Running from C:\Users\theviny\Desktop
Loaded Profiles: theviny (Available profiles: theviny & Guest)
Platform: Windows 8.1 (X64) OS Language: Anglais (États-Unis)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
() C:\ProgramData\{b006fcde-a0e7-178b-b006-6fcdea0ef37a}\ac00897559.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files (x86)\Google\Drive\nativeproxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6843024 2012-10-28] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickFinder Scheduler] => C:\Program Files (x86)\WordPerfect Office X3\Programs\QFSCHD130.EXE [77892 2005-11-30] (Corel Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [736768 2014-05-14] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Run: [SkyDrive] => C:\Users\theviny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-07] (Apple Inc.)
HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Run: [Animated Wallpaper] => C:\Users\theviny\Desktop\tct-plage-palmiers.exe
HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5127304 2014-11-20] (Plex, Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\theviny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ac00897559.lnk
ShortcutTarget: ac00897559.lnk -> C:\ProgramData\{b006fcde-a0e7-178b-b006-6fcdea0ef37a}\ac00897559.exe ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/toolbar/ie8/sidebar.html
HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3319739762-1908143936-2268935211-1001 -> {11F630E7-691A-4F73-86EF-0E7D193F7F99} URL = https://www.bing.com/?scope=web&mkt=fr-FR&FORM=WLETDF&pc=WLEM{searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3319739762-1908143936-2268935211-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/webhp?gws_rd=ssl{sear
SearchScopes: HKU\S-1-5-21-3319739762-1908143936-2268935211-1001 -> {F17881B4-2144-4E77-8EED-ADDC80092D5F} URL = https://ca.search.yahoo.com/web?fr=mcafee{SearchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: intu-ir2013 - {B275FD97-299B-40A2-BC39-B96DFA40E50D} - C:\Program Files (x86)\ImpotRapide 2013\ic2013pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-08-21]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-09-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-08-21]
FF HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-09-28]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://ca.my.msn.com/?lang=fr-ca
CHR StartupUrls: Default -> "hxxp://ca.my.msn.com/?lang=fr-ca"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-23]
CHR Extension: (Google Drive) - C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-22]
CHR Extension: (Recherche Google) - C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-23]
CHR Extension: (SiteAdvisor) - C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-04-16]
CHR Extension: (MSN Homepage) - C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim [2014-11-27]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08]
CHR Extension: (Google Wallet) - C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Marc Ecko) - C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2014-03-09]
CHR Extension: (Gmail) - C:\Users\theviny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-23]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-24]
CHR HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - No Path
CHR HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155368 2015-02-19] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-10-06] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-12-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-08-21] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
S2 156c2b3d; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\RelayDefender\RelayDefender.dll",serv

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-02] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-08-21] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [204568 2013-10-28] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-02 16:28 - 2015-03-02 16:29 - 00024014 _____ () C:\Users\theviny\Desktop\FRST.txt
2015-03-02 16:27 - 2015-03-02 16:28 - 00000000 ____D () C:\FRST
2015-03-02 16:18 - 2015-03-02 16:18 - 02131456 _____ (Farbar) C:\Users\theviny\Desktop\FRST64.exe
2015-03-02 15:44 - 2015-03-02 15:44 - 00003608 _____ () C:\Users\theviny\Desktop\ZHPCleaner.txt
2015-03-02 15:31 - 2015-03-02 15:44 - 00000000 ____D () C:\Users\theviny\AppData\Roaming\ZHP
2015-03-02 15:31 - 2015-03-02 15:31 - 00000879 _____ () C:\Users\theviny\Desktop\ZHPCleaner.lnk
2015-03-02 15:30 - 2015-03-02 15:30 - 01735680 _____ () C:\Users\theviny\Desktop\ZHPCleaner.exe
2015-03-02 15:04 - 2015-03-02 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-03-02 14:13 - 2015-03-02 14:13 - 02126848 _____ () C:\Users\theviny\Desktop\adwcleaner_4.111.exe
2015-02-26 05:10 - 2014-12-13 16:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-26 05:10 - 2014-12-13 16:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-26 05:10 - 2014-10-28 20:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-02-26 05:10 - 2014-10-28 20:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-02-26 05:10 - 2014-10-28 20:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-02-26 05:10 - 2014-10-28 20:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-02-24 12:49 - 2015-02-24 12:50 - 00173291 _____ () C:\Users\theviny\Desktop\Triche.rar
2015-02-12 11:23 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-12 11:23 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-11 12:19 - 2015-01-15 17:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-11 12:19 - 2015-01-15 17:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-11 12:19 - 2015-01-13 23:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-11 12:19 - 2015-01-13 22:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-11 12:19 - 2015-01-13 17:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-11 12:19 - 2015-01-13 17:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-11 12:19 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-11 12:19 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-11 12:19 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-11 12:19 - 2015-01-11 21:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-11 12:19 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-11 12:19 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-11 12:19 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-11 12:19 - 2015-01-11 20:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-11 12:19 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-11 12:19 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-11 12:19 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-11 12:19 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-11 12:19 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-11 12:19 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-11 12:19 - 2015-01-10 04:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-11 12:19 - 2015-01-10 04:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-11 12:19 - 2015-01-10 03:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-11 12:19 - 2015-01-10 02:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-11 12:19 - 2015-01-10 01:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-11 12:19 - 2014-12-19 03:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-11 12:19 - 2014-12-19 03:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-11 12:19 - 2014-12-08 22:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-11 12:19 - 2014-12-08 20:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-11 12:19 - 2014-12-08 18:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-11 12:19 - 2014-10-28 21:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-02-11 12:19 - 2014-10-28 21:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-02-11 12:19 - 2014-10-28 21:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-02-11 12:19 - 2014-10-28 21:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-02-11 12:19 - 2014-10-28 21:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-11 12:19 - 2014-10-28 21:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-11 12:19 - 2014-10-28 20:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-11 12:19 - 2014-10-28 20:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-02-11 12:19 - 2014-10-28 20:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-11 12:19 - 2014-10-28 20:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-11 12:19 - 2014-10-28 20:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-11 12:19 - 2014-10-28 20:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-11 12:19 - 2014-10-28 20:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-11 12:18 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-11 12:18 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-11 12:18 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-11 12:18 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-11 12:18 - 2015-01-11 20:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-11 12:18 - 2015-01-11 20:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-11 12:18 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-11 12:18 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-11 12:18 - 2015-01-11 20:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-11 12:18 - 2015-01-11 20:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-11 12:18 - 2015-01-11 20:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-11 12:18 - 2015-01-11 20:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-11 12:18 - 2015-01-11 20:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-11 12:18 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-11 12:18 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-11 12:18 - 2015-01-11 20:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-11 12:18 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-11 12:18 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-11 12:18 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-11 12:18 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-11 12:17 - 2015-01-19 13:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-11 12:16 - 2015-01-10 03:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-02 16:27 - 2013-11-17 15:28 - 01204938 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-02 16:16 - 2014-02-17 14:24 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-02 16:09 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-02 16:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-02 15:53 - 2013-08-21 15:30 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3319739762-1908143936-2268935211-1001
2015-03-02 15:31 - 2014-11-13 14:26 - 00001096 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cfff77ad36f622.job
2015-03-02 15:31 - 2013-08-21 15:45 - 00001096 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-02 15:01 - 2014-04-06 09:30 - 00000000 ___RD () C:\Users\theviny\Google Drive
2015-03-02 15:01 - 2013-12-11 08:26 - 00000000 ___DO () C:\Users\theviny\SkyDrive
2015-03-02 14:59 - 2013-08-21 15:45 - 00001092 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-02 14:55 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-02 14:54 - 2013-08-22 09:46 - 00337413 _____ () C:\WINDOWS\setupact.log
2015-03-02 14:54 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-02 14:52 - 2013-10-23 16:13 - 00000000 ____D () C:\AdwCleaner
2015-03-02 13:51 - 2015-01-30 10:27 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-02 13:26 - 2013-12-10 15:22 - 00003948 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{59B090BE-BDF5-4991-B9F9-9F619CC19A67}
2015-03-02 13:21 - 2013-11-17 15:15 - 00000000 ____D () C:\Users\theviny
2015-02-28 10:04 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-27 12:57 - 2014-08-09 08:59 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-02-27 12:56 - 2013-09-07 07:25 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-26 16:07 - 2013-08-21 19:29 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-02-26 16:06 - 2013-09-29 22:55 - 00074510 _____ () C:\WINDOWS\PFRO.log
2015-02-26 13:42 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-26 13:03 - 2015-01-28 08:59 - 00000000 ____D () C:\ProgramData\{b006fcde-a0e7-178b-b006-6fcdea0ef37a}
2015-02-20 11:35 - 2013-10-12 17:10 - 00000000 ____D () C:\Users\theviny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-20 11:35 - 2013-10-12 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-20 11:35 - 2013-10-12 17:08 - 00000000 ____D () C:\Program Files\WinRAR
2015-02-19 05:40 - 2014-05-10 16:47 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-19 05:40 - 2014-05-10 16:47 - 00000000 ____D () C:\ProgramData\Garmin
2015-02-19 05:39 - 2014-05-10 16:47 - 00003556 _____ () C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2015-02-19 05:39 - 2014-05-10 16:47 - 00001904 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2015-02-19 05:39 - 2014-05-10 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-02-19 05:39 - 2014-05-10 16:47 - 00000000 ____D () C:\Program Files (x86)\Garmin
2015-02-14 10:02 - 2013-08-31 07:18 - 00000000 ____D () C:\Users\theviny\AppData\Roaming\Azureus
2015-02-13 10:51 - 2013-12-28 20:57 - 00004608 _____ () C:\Users\theviny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-12 12:20 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-12 08:53 - 2013-08-22 09:44 - 00356688 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-11 12:51 - 2013-08-22 15:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-11 12:46 - 2013-08-22 15:37 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-11 12:19 - 2013-08-21 15:24 - 00000000 ____D () C:\Users\theviny\AppData\Local\Packages
2015-02-05 09:57 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-05 03:16 - 2014-02-17 14:24 - 00003890 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-03 14:31 - 2013-08-22 10:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 14:31 - 2013-08-22 10:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-01 15:39 - 2013-09-29 23:04 - 02017320 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-01 15:39 - 2013-08-21 15:37 - 00962062 _____ () C:\WINDOWS\system32\perfh00C.dat
2015-02-01 15:39 - 2013-08-21 15:37 - 00195600 _____ () C:\WINDOWS\system32\perfc00C.dat
2015-01-31 19:14 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

==================== Files in the root of some directories =======

2014-12-27 20:09 - 2014-12-27 20:09 - 0000000 ____H () C:\Users\theviny\AppData\Local\BIT6DE4.tmp
2013-12-28 20:57 - 2015-02-13 10:51 - 0004608 _____ () C:\Users\theviny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-11 20:17 - 2014-02-11 20:17 - 0000000 ___SH () C:\Users\theviny\AppData\Local\LumaEmu
2014-09-20 07:58 - 2014-09-20 07:58 - 0000017 _____ () C:\Users\theviny\AppData\Local\resmon.resmoncfg
2014-12-27 19:58 - 2014-12-27 20:19 - 0000000 _____ () C:\Users\theviny\AppData\Local\{C26A1E2F-1B38-4E8A-A9DF-6D1CA647A15E}

Some content of TEMP:
====================
C:\Users\theviny\AppData\Local\Temp\1_flashplayer.exe
C:\Users\theviny\AppData\Local\Temp\4556220864352242396.exe
C:\Users\theviny\AppData\Local\Temp\htmlayout.dll
C:\Users\theviny\AppData\Local\Temp\i4jdel0.exe
C:\Users\theviny\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\theviny\AppData\Local\Temp\Quarantine.exe
C:\Users\theviny\AppData\Local\Temp\spp_setpointp.exe
C:\Users\theviny\AppData\Local\Temp\sqlite3.dll
C:\Users\theviny\AppData\Local\Temp\SRLDetectionLibrary2672178763366979285.dll
C:\Users\theviny\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\theviny\AppData\Local\Temp\System.Data.SQLitec5966c9f-60b1-4d71-9562-4ad676f320f9.dll
C:\Users\theviny\AppData\Local\Temp\t5x0tpzl.dll
C:\Users\theviny\AppData\Local\Temp\tmd_34012903.exe
C:\Users\theviny\AppData\Local\Temp\tmd_34016227.exe
C:\Users\theviny\AppData\Local\Temp\uninstall445552671.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-02 16:13

==================== End Of Log ============================
Messages postés
1556
Date d'inscription
mardi 4 octobre 2011
Statut
Membre
Dernière intervention
23 octobre 2015
187
Il manque addition.txt :(
sharkytiburon
Messages postés
179
Date d'inscription
samedi 6 octobre 2007
Statut
Membre
Dernière intervention
18 février 2017

il me dit que jai dejas poster le addition
Messages postés
1556
Date d'inscription
mardi 4 octobre 2011
Statut
Membre
Dernière intervention
23 octobre 2015
187
Alors on va le croire ..

# Appuies simultanément sur les touches Windows et R
# Une fenêtre va s'ouvrir, tape ceci : notepad
# Clic sur OK

# Note : Le bloc note va s'ouvrir




# Copie les lignes suivantes :

start
Startup: C:\Users\theviny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ac00897559.lnk
ShortcutTarget: ac00897559.lnk -> C:\ProgramData\{b006fcde-a0e7-178b-b006-6fcdea0ef37a}\ac00897559.exe ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\ProgramData\{b006fcde-a0e7-178b-b006-6fcdea0ef37a}
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - No Path
CHR HKU\S-1-5-21-3319739762-1908143936-2268935211-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
C:\Users\theviny\AppData\Local\Temp\1_flashplayer.exe
C:\Users\theviny\AppData\Local\Temp\4556220864352242396.exe
C:\Users\theviny\AppData\Local\Temp\htmlayout.dll
C:\Users\theviny\AppData\Local\Temp\i4jdel0.exe
C:\Users\theviny\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\theviny\AppData\Local\Temp\spp_setpointp.exe
C:\Users\theviny\AppData\Local\Temp\SRLDetectionLibrary2672178763366979285.dll
C:\Users\theviny\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\theviny\AppData\Local\Temp\System.Data.SQLitec5966c9f-60b1-4d71-9562-4ad676f320f9.dll
C:\Users\theviny\AppData\Local\Temp\t5x0tpzl.dll
C:\Users\theviny\AppData\Local\Temp\tmd_34012903.exe
C:\Users\theviny\AppData\Local\Temp\tmd_34016227.exe
C:\Users\theviny\AppData\Local\Temp\uninstall445552671.exe

end


# Retourne dans le bloc note puis colle les lignes copiées.

# Clic sur Fichier, puis Enregistrer sous ... , nomme le fixlist.txt et enregistre le sur ton bureau

# Rends toi sur le bureau, Lance FRST, [u]exécuter en tant qu'administrateur/u sous Windows : 7/8 et Vista
# Clic sur Fix

# Note : Patiente le temps de la suppression




# Une fois le scan terminé rends toi sur le bureau, un rapport Fixlog.txt a été créé.
# Héberge les rapports Fixlog.txt sur SosUpload, puis copie/colle le lien généré dans ta prochaine réponse

########

# Télécharge MalwareBytes
# Procède à l'installation de celui çi (Décocher "Activer l'essai gratuit de Malwarebytes Anti-Malware Premium")

# Clic sur Mettre à jour (à droite, au centre)
# Clic sur Examen (en haut)
# Sélectionne Examen "Menaces"
# Clic sur Examiner maintenant


# A la fin du scan clic sur Tout mettre en quarantaine !
# Clic sur Copier dans le Presse-papiers
# Un rapport va s'ouvrir. Copie/Colle son contenue dans ta prochaine réponse.

Messages postés
179
Date d'inscription
samedi 6 octobre 2007
Statut
Membre
Dernière intervention
18 février 2017

http://upload.sosvirus.net/download/w1uu9ahrjdtwmj7q5plqu7ytcfjg0zbsr2q3oyki
sharkytiburon
Messages postés
179
Date d'inscription
samedi 6 octobre 2007
Statut
Membre
Dernière intervention
18 février 2017

je croit avoir trouver il y avait une extention qui c'etais installer ds mon chrome ,"adbloker manegement" je les d'insinstaller et sa semble regler
Messages postés
1556
Date d'inscription
mardi 4 octobre 2011
Statut
Membre
Dernière intervention
23 octobre 2015
187
Good news :)

Pour supprimer les outils de désinfections utilisés :

Télécharges DelFix par Xplode sur ton Bureau.

Lance DelFix, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
Coche les cases suivantes :

Supprimer les outils de désinfection
Purger la restauration système



Passe en résolue alors, Bonne semaine :)

Développeur : UsbFix ## Webmaster : SosVirus

Merci pour ton temps
Messages postés
179
Date d'inscription
samedi 6 octobre 2007
Statut
Membre
Dernière intervention
18 février 2017

je doit redemander de l'aide ,le probleme est revenus
sharkytiburon
Messages postés
179
Date d'inscription
samedi 6 octobre 2007
Statut
Membre
Dernière intervention
18 février 2017

quand je clic sur un onglet de mon drive je suis diriger sur une page unitspybookset