Web Protect / PCProtect : Analyse rapport FRST

[jeezzz1]

Bonjour,

Une amie a un ordi pas mal infecté.
J'ai fais des nettoyages avec Malwarebyte, AdwCleaner, RogueKiller.
Mais il doit rester des traces.

Voici les rapports FRST :

http://pjjoint.malekal.com/files.php?id ... 9m13x15s13

http://pjjoint.malekal.com/files.php?id ... 5r6t15u7g6


Si vous pouvez l'analyser, merci beaucoup !

[angelique]

• Ouvre le bloc-notes : Menu Démarrer / Tous les programmes / Accessoires et Bloc-Notes. (ou executer---> notepad)
  Copie/colle dedans ce qui suit :
  
  

  Task: {2E720931-DA7B-4DCD-9743-660C228DCB25} - \Feven Pro-codedownloader No Task File <==== ATTENTION
  Task: {30D74DED-1FA7-44CA-A07A-1E56AFFFB795} - \Feven Pro-enabler No Task File <==== ATTENTION
  Task: {3FB4033D-77F6-4786-97BC-6EC04C44BCA1} - System32\Tasks\Easy Deals-updater => C:\Program Files\Easy Deals\Easy Deals-updater.exe <==== ATTENTION
  Task: {879D010D-FFC4-4734-AB86-F8DD6D3443C2} - \Feven Pro-firefoxinstaller No Task File <==== ATTENTION
  Task: {D6A58731-16AE-464C-812E-5C151138B22E} - System32\Tasks\Easy Deals-codedownloader => C:\Program Files\Easy Deals\Easy Deals-codedownloader.exe <==== ATTENTION
  Task: {DA8BCF93-CA38-4989-AE91-C12E3F2B416B} - \bench-S-1-5-21-3727093697-1412596496-3780420522-1000 No Task File <==== ATTENTION
  Task: {DF5204A2-E25C-4631-826E-09191D0415C1} - \Feven Pro-chromeinstaller No Task File <==== ATTENTION
  Task: {F94A3066-740C-4F97-967D-72F9592665B4} - \Feven Pro-updater No Task File <==== ATTENTION
  HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pcwatch.sys => ""="Driver" <==== ATTENTION
  HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCProtect => ""="service" <==== ATTENTION
  HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\pcwatch.sys => ""="Driver" <==== ATTENTION
  Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrowserSafeguard" /f
  Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrowserSafeguard Update Task" /f
  C:\Users\Dominique\AppData\Local\BrowserSafeguard
  R3 PCProtect; C:\Program Files\Web Protect\PCProtect.exe [1265608 2014-01-08] (Objectify Media Inc) [File not signed] <==== ATTENTION
  C:\Program Files\Web Protect
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
  GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  CHR HKU\S-1-5-21-3727093697-1412596496-3780420522-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  HKU\S-1-5-21-3727093697-1412596496-3780420522-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  BHO: greatssavingi -> {53ECBDDD-4463-8F28-D761-A34AFD67CD06} -> No File
  BHO: PoPTChEckkeer -> {62D7D2CA-7BCF-9AC2-DE81-87361D5DB7B9} -> No File
  BHO: CoOlaSaleCooupon -> {64EF0934-E756-473D-6CB4-A8B12376350F} -> No File
  BHO: SaverrAddon -> {889DADDE-1F63-FB3A-B36C-03897C44A0E8} -> No File
  Toolbar: HKU\S-1-5-21-3727093697-1412596496-3780420522-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
  Winsock: Catalog9 01 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
  Winsock: Catalog9 02 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
  Winsock: Catalog9 03 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
  Winsock: Catalog9 04 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
  Winsock: Catalog9 15 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
  FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} [Not Found]
  FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]126239776.com [Not Found]
  FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected] [Not Found]
  FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]093fce600.com [Not Found]
  FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]7be52663e.com [Not Found]
  FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]2143e425f.com [Not Found]
  FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]01c922b68.com [Not Found]
  FF Extension: No Name - C:\Program Files\McAfee\SiteAdvisor [Not Found]
  CHR HKLM\...\Chrome\Extension: [bfcpnihmbfoaeoakalclfalkdepgiaje] - C:\Users\Dominique\AppData\Roaming\SpecialSavings\SpecialSavings.crx []
  R1 pcwatch; C:\Windows\system32\Drivers\pcwatch.sys [20480 2014-01-08] () [File not signed] <==== ATTENTION
  C:\Users\Public\AlexaNSISPlugin.15448.dll
  EmptyTemp:

• Menu Fichier / Enregistrer-sous
  Place toi sur le bureau.
  Dans le champs en bas, nom du fichier mets : fixlist.txt
  Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
• Ferme toutes les applications, y compris ton navigateur
• Double-clique sur FRST.exe
  /!\ Sous Vista, Windows 7 et 8, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
  Sur le menu principal, clique une seule fois sur Fix et patiente le temps de la correction
  
  
  Un redémarrage peut être nécessaire (pas obligatoire).
• L'outil va créer un rapport de correction Fixlog.txt. Poste ce rapport dans ta réponse.

[Malekal_morte]

Il faudrait aussi désinstaller tous les programmes McAfee.
Cela fait doubon.

[jeezzz1]

Quel autre antivirus il y a en plus de MacAfee ? je vois pas.

Le rapport Fix =

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-11-2014 01
Ran by Dominique at 2014-11-29 14:45:51 Run:1
Running from C:\Users\Dominique\Desktop
Loaded Profile: Dominique (Available profiles: Dominique)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Task: {2E720931-DA7B-4DCD-9743-660C228DCB25} - \Feven Pro-codedownloader No Task File <==== ATTENTION
Task: {30D74DED-1FA7-44CA-A07A-1E56AFFFB795} - \Feven Pro-enabler No Task File <==== ATTENTION
Task: {3FB4033D-77F6-4786-97BC-6EC04C44BCA1} - System32\Tasks\Easy Deals-updater => C:\Program Files\Easy Deals\Easy Deals-updater.exe <==== ATTENTION
Task: {879D010D-FFC4-4734-AB86-F8DD6D3443C2} - \Feven Pro-firefoxinstaller No Task File <==== ATTENTION
Task: {D6A58731-16AE-464C-812E-5C151138B22E} - System32\Tasks\Easy Deals-codedownloader => C:\Program Files\Easy Deals\Easy Deals-codedownloader.exe <==== ATTENTION
Task: {DA8BCF93-CA38-4989-AE91-C12E3F2B416B} - \bench-S-1-5-21-3727093697-1412596496-3780420522-1000 No Task File <==== ATTENTION
Task: {DF5204A2-E25C-4631-826E-09191D0415C1} - \Feven Pro-chromeinstaller No Task File <==== ATTENTION
Task: {F94A3066-740C-4F97-967D-72F9592665B4} - \Feven Pro-updater No Task File <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pcwatch.sys => ""="Driver" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCProtect => ""="service" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\pcwatch.sys => ""="Driver" <==== ATTENTION
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrowserSafeguard" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrowserSafeguard Update Task" /f
C:\Users\Dominique\AppData\Local\BrowserSafeguard
R3 PCProtect; C:\Program Files\Web Protect\PCProtect.exe [1265608 2014-01-08] (Objectify Media Inc) [File not signed] <==== ATTENTION
C:\Program Files\Web Protect
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3727093697-1412596496-3780420522-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3727093697-1412596496-3780420522-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: greatssavingi -> {53ECBDDD-4463-8F28-D761-A34AFD67CD06} -> No File
BHO: PoPTChEckkeer -> {62D7D2CA-7BCF-9AC2-DE81-87361D5DB7B9} -> No File
BHO: CoOlaSaleCooupon -> {64EF0934-E756-473D-6CB4-A8B12376350F} -> No File
BHO: SaverrAddon -> {889DADDE-1F63-FB3A-B36C-03897C44A0E8} -> No File
Toolbar: HKU\S-1-5-21-3727093697-1412596496-3780420522-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Winsock: Catalog9 01 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 02 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 03 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 04 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
Winsock: Catalog9 15 C:\Windows\system32\PCProtect.dll [293984] (Objectify Media Inc)
FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} [Not Found]
FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]126239776.com [Not Found]
FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]093fce600.com [Not Found]
FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]7be52663e.com [Not Found]
FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]2143e425f.com [Not Found]
FF Extension: No Name - C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]01c922b68.com [Not Found]
FF Extension: No Name - C:\Program Files\McAfee\SiteAdvisor [Not Found]
CHR HKLM\...\Chrome\Extension: [bfcpnihmbfoaeoakalclfalkdepgiaje] - C:\Users\Dominique\AppData\Roaming\SpecialSavings\SpecialSavings.crx []
R1 pcwatch; C:\Windows\system32\Drivers\pcwatch.sys [20480 2014-01-08] () [File not signed] <==== ATTENTION
C:\Users\Public\AlexaNSISPlugin.15448.dll
EmptyTemp:
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2E720931-DA7B-4DCD-9743-660C228DCB25}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E720931-DA7B-4DCD-9743-660C228DCB25}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven Pro-codedownloader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{30D74DED-1FA7-44CA-A07A-1E56AFFFB795}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30D74DED-1FA7-44CA-A07A-1E56AFFFB795}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven Pro-enabler" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3FB4033D-77F6-4786-97BC-6EC04C44BCA1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FB4033D-77F6-4786-97BC-6EC04C44BCA1}" => Key deleted successfully.
C:\Windows\System32\Tasks\Easy Deals-updater not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Easy Deals-updater" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{879D010D-FFC4-4734-AB86-F8DD6D3443C2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{879D010D-FFC4-4734-AB86-F8DD6D3443C2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven Pro-firefoxinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D6A58731-16AE-464C-812E-5C151138B22E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6A58731-16AE-464C-812E-5C151138B22E}" => Key deleted successfully.
C:\Windows\System32\Tasks\Easy Deals-codedownloader not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Easy Deals-codedownloader" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA8BCF93-CA38-4989-AE91-C12E3F2B416B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA8BCF93-CA38-4989-AE91-C12E3F2B416B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bench-S-1-5-21-3727093697-1412596496-3780420522-1000" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF5204A2-E25C-4631-826E-09191D0415C1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF5204A2-E25C-4631-826E-09191D0415C1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven Pro-chromeinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F94A3066-740C-4F97-967D-72F9592665B4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F94A3066-740C-4F97-967D-72F9592665B4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven Pro-updater" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\pcwatch.sys" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\PCProtect" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\pcwatch.sys" => Key deleted successfully.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrowserSafeguard" /f =========

L'op‚ration a r‚ussi.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrowserSafeguard Update Task" /f =========

L'op‚ration a r‚ussi.



========= End of Reg: =========

"C:\Users\Dominique\AppData\Local\BrowserSafeguard" => File/Directory not found.
PCProtect => Service stopped successfully.
PCProtect => Error deleting Service
C:\Program Files\Web Protect => Moved successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-3727093697-1412596496-3780420522-1000\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-3727093697-1412596496-3780420522-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53ECBDDD-4463-8F28-D761-A34AFD67CD06}" => Key deleted successfully.
"HKCR\CLSID\{53ECBDDD-4463-8F28-D761-A34AFD67CD06}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62D7D2CA-7BCF-9AC2-DE81-87361D5DB7B9}" => Key deleted successfully.
"HKCR\CLSID\{62D7D2CA-7BCF-9AC2-DE81-87361D5DB7B9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64EF0934-E756-473D-6CB4-A8B12376350F}" => Key deleted successfully.
"HKCR\CLSID\{64EF0934-E756-473D-6CB4-A8B12376350F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{889DADDE-1F63-FB3A-B36C-03897C44A0E8}" => Key deleted successfully.
"HKCR\CLSID\{889DADDE-1F63-FB3A-B36C-03897C44A0E8}" => Key deleted successfully.
HKU\S-1-5-21-3727093697-1412596496-3780420522-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001" => Error deleting key. The key could be protected.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002" => Error deleting key. The key could be protected.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003" => Error deleting key. The key could be protected.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004" => Error deleting key. The key could be protected.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015" => Error deleting key. The key could be protected.
C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} => not found.
C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]126239776.com => not found.
C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected] => not found.
C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]093fce600.com => not found.
C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]7be52663e.com => not found.
C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]2143e425f.com => not found.
C:\Users\Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bmytxrce.default\extensions\[email protected]01c922b68.com => not found.
C:\Program Files\McAfee\SiteAdvisor => not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje" => Key deleted successfully.
"C:\Users\Dominique\AppData\Roaming\SpecialSavings\SpecialSavings.crx" => File/Directory not found.
pcwatch => Unable to stop service
pcwatch => Error deleting Service
C:\Users\Public\AlexaNSISPlugin.15448.dll => Moved successfully.
EmptyTemp: => Removed 141 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

[Malekal_morte]

Quel autre antivirus il y a en plus de MacAfee ? je vois pas.

ESET NOD32.

[jeezzz1]

Je vais plutôt desinstaller NOD32 qui est une version non activée.
MacAfee est quand a lui une version complète.

[jeezzz1]

Il n'y avait pas NOD32 dans ajout/suppression de programmes, ni de fichier de désinstallation.
J'ai utilisé un utilitaire de désinstallation Eset.

Merci pour l'analyse en tout cas et bon weekend !

[angelique]

ça parait bien.

lance une invite de commande , cmd < clic droit executer en tant qu'administrateur et tape et valide :

netsh winsock reset