Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-05-2014
Ran by user at 2014-05-19 22:45:13 Run:1
Running from C:\Users\user\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start

Task: {3A1A0FC8-A0D6-4518-8603-033253CD0EF8} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION

Task: {74017660-561A-4C76-B331-5309CA07FC1A} - System32\Tasks\Digital Sites => C:\Users\user\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: {C647AC47-628D-427A-AD79-60D4D29E018F} - System32\Tasks\{DEEABB59-684E-4C92-8BF3-07E8CB01E8C5} => C:\Users\user\Downloads\Keygen.exe

Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\user\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

AlternateDataStreams: C:\ProgramData\Temp:52DBE86F

AlternateDataStreams: C:\Users\user\AppData\Local\Temp:CoB7IUj2Nuw9tykGn

AlternateDataStreams: C:\Users\user\AppData\Local\Temporary Internet Files:Cz6Xnio2otxjW703eo2Md7NInnP

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.extremrallye.com/

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com/?f=1&a=spd_dsites05_14_20_ie&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyEtAtDyByBtA0CtB0DyCyDtN0D0Tzu0CzzyCzytN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0A0BzztDzz0AtG0BtC0EzytGtBzz0F0BtGzztD0AzztGtByDzy0EtDyCyBtD0D0D0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtD0AtAyEtDtC0EtGyB0AyBzztGzytD0C0FtGyB0EtCyCtGtCtA0ByC0DtCtAyD0BzztA0A2Q&cr=1270577100&ir=

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com/?f=1&a=spd_dsites05_14_20_ie&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyEtAtDyByBtA0CtB0DyCyDtN0D0Tzu0CzzyCzytN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0A0BzztDzz0AtG0BtC0EzytGtBzz0F0BtGzztD0AzztGtByDzy0EtDyCyBtD0D0D0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtD0AtAyEtDtC0EtGyB0AyBzztGzytD0C0FtGyB0EtCyCtGtCtA0ByC0DtCtAyD0BzztA0A2Q&cr=1270577100&ir=

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_tele_14_20_ie&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyEtAtDyByBtA0CtB0DyCyDtN0D0Tzu0SzzyCzztN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEyBtCyD0Ezz0AzytGzytCyBtBtG0B0Dzz0DtGzz0D0F0DtGyDzytBtDtA0Czz0Fzz0A0B0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtD0AtAyEtDtC0EtGyB0AyBzztGzytD0C0FtGyB0EtCyCtGtCtA0ByC0DtCtAyD0BzztA0A2Q&cr=1582744666&ir=

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_tele_14_20_ie&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyEtAtDyByBtA0CtB0DyCyDtN0D0Tzu0SzzyCzztN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEyBtCyD0Ezz0AzytGzytCyBtBtG0B0Dzz0DtGzz0D0F0DtGyDzytBtDtA0Czz0Fzz0A0B0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtD0AtAyEtDtC0EtGyB0AyBzztGzytD0C0FtGyB0EtCyCtGtCtA0ByC0DtCtAyD0BzztA0A2Q&cr=1582744666&ir=

SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dsites05_14_20_ie&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyEtAtDyByBtA0CtB0DyCyDtN0D0Tzu0CzzyCzytN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtA0A0BzztDzz0AtG0BtC0EzytGtBzz0F0BtGzztD0AzztGtByDzy0EtDyCyBtD0D0D0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtD0AtAyEtDtC0EtGyB0AyBzztGzytD0C0FtGyB0EtCyCtGtCtA0ByC0DtCtAyD0BzztA0A2Q&cr=1270577100&ir=

earchScopes: HKCU - DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL =

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKCU - {31090377-0740-419E-BEFC-A56E50500D5B} URL =

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =

Toolbar: HKCU - No Name - {56444A2D-5637-006A-76A7-7A786E7484D7} - No File

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

2014-05-19 14:38 - 2014-05-19 14:38 - 00000000 ____D () C:\Users\user\AppData\Local\{49D3F8F7-C2E5-4038-A23B-4A75945F62E5}

2014-05-18 23:25 - 2014-05-18 23:25 - 00003314 _____ () C:\Windows\System32\Tasks\Advanced System Protector

2014-05-17 19:11 - 2014-05-17 20:53 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP

2014-05-17 18:35 - 2014-05-17 18:35 - 00003130 _____ () C:\Windows\System32\Tasks\{5B0A111E-CE4A-4E08-83D6-77D415AE8A3A}

2014-05-17 18:34 - 2014-05-17 18:34 - 00000000 ____D () C:\Windows\SysWOW64\C2MP

2014-05-17 18:33 - 2014-05-17 19:09 - 00026139 _____ () C:\Users\user\AppData\Roaming\Bubble Dock.installation.log

C:\Users\user\AppData\Local\Temp\avgnt.exe

C:\Users\user\AppData\Local\Temp\bitdefender_isecurity_[quickscan].exe

C:\Users\user\AppData\Local\Temp\ICReinstall_ImageEditorSetup.exe

C:\Users\user\AppData\Local\Temp\PCSpeedMaximizer_AQFR_SOMOTO_PPI_new.exe

C:\Users\user\AppData\Local\Temp\PCSpeedMaximizer_new.exe

C:\Users\user\AppData\Local\Temp\Quarantine.exe

C:\Users\user\AppData\Local\Temp\SHSetup.exe

C:\Users\user\AppData\Local\Temp\smtnew_qone8.exe

end


•Enregistre le fichier sur ton Bureau (au même endroit que FRST) sous le nom fixlist.txt

•Ferme toutes les

*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3A1A0FC8-A0D6-4518-8603-033253CD0EF8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A1A0FC8-A0D6-4518-8603-033253CD0EF8} => Key deleted successfully.
C:\Windows\System32\Tasks\Advanced System Protector => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System Protector => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74017660-561A-4C76-B331-5309CA07FC1A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74017660-561A-4C76-B331-5309CA07FC1A} => Key deleted successfully.
C:\Windows\System32\Tasks\Digital Sites => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Digital Sites => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C647AC47-628D-427A-AD79-60D4D29E018F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C647AC47-628D-427A-AD79-60D4D29E018F} => Key deleted successfully.
C:\Windows\System32\Tasks\{DEEABB59-684E-4C92-8BF3-07E8CB01E8C5} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DEEABB59-684E-4C92-8BF3-07E8CB01E8C5} => Key deleted successfully.
C:\Windows\Tasks\Digital Sites.job => Moved successfully.
C:\ProgramData\Temp => ":52DBE86F" ADS removed successfully.
C:\Users\user\AppData\Local\Temp => ":CoB7IUj2Nuw9tykGn" ADS removed successfully.
"C:\Users\user\AppData\Local\Temporary Internet Files" => ":Cz6Xnio2otxjW703eo2Md7NInnP" ADS not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B} => Key deleted successfully.
HKCR\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{56444A2D-5637-006A-76A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{56444A2D-5637-006A-76A7-7A786E7484D7} => Key not found.
esgiguard => Service deleted successfully.
C:\Users\user\AppData\Local\{49D3F8F7-C2E5-4038-A23B-4A75945F62E5} => Moved successfully.
"C:\Windows\System32\Tasks\Advanced System Protector" => File/Directory not found.
C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP => Moved successfully.
C:\Windows\System32\Tasks\{5B0A111E-CE4A-4E08-83D6-77D415AE8A3A} => Moved successfully.
C:\Windows\SysWOW64\C2MP => Moved successfully.
C:\Users\user\AppData\Roaming\Bubble Dock.installation.log => Moved successfully.
C:\Users\user\AppData\Local\Temp\avgnt.exe => Moved successfully.
C:\Users\user\AppData\Local\Temp\bitdefender_isecurity_[quickscan].exe => Moved successfully.
C:\Users\user\AppData\Local\Temp\ICReinstall_ImageEditorSetup.exe => Moved successfully.
C:\Users\user\AppData\Local\Temp\PCSpeedMaximizer_AQFR_SOMOTO_PPI_new.exe => Moved successfully.
C:\Users\user\AppData\Local\Temp\PCSpeedMaximizer_new.exe => Moved successfully.
C:\Users\user\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\user\AppData\Local\Temp\SHSetup.exe => Moved successfully.
C:\Users\user\AppData\Local\Temp\smtnew_qone8.exe => Moved successfully.

==== End of Fixlog ====